Misplaced Pages

Cantor–Zassenhaus algorithm

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.

In computational algebra , the Cantor–Zassenhaus algorithm is a method for factoring polynomials over finite fields (also called Galois fields).

#357642

70-551: The algorithm consists mainly of exponentiation and polynomial GCD computations. It was invented by David G. Cantor and Hans Zassenhaus in 1981. It is arguably the dominant algorithm for solving the problem, having replaced the earlier Berlekamp's algorithm of 1967. It is currently implemented in many computer algebra systems . The Cantor–Zassenhaus algorithm takes as input a square-free polynomial f ( x ) {\displaystyle f(x)} (i.e. one with no repeated factors) of degree n with coefficients in

140-811: A ) = a + I {\displaystyle p(a)=a+I} is a surjective ring homomorphism , sometimes called the natural quotient map or the canonical homomorphism . The quotients R [ X ] / ( X ) {\displaystyle \mathbb {R} [X]/(X)} , R [ X ] / ( X + 1 ) {\displaystyle \mathbb {R} [X]/(X+1)} , and R [ X ] / ( X − 1 ) {\displaystyle \mathbb {R} [X]/(X-1)} are all isomorphic to R {\displaystyle \mathbb {R} } and gain little interest at first. But note that R [ X ] / ( X 2 ) {\displaystyle \mathbb {R} [X]/(X^{2})}

210-573: A and b are both nonzero, the greatest common divisor of a and b can be computed by using least common multiple (LCM) of a and  b : but more commonly the LCM is computed from the GCD. Using Thomae's function f , which generalizes to a and b rational numbers or commensurable real numbers. Keith Slavin has shown that for odd a ≥ 1 : which is a function that can be evaluated for complex b . Wolfgang Schramm has shown that

280-426: A = b = 3 . The binary GCD algorithm is particularly easy to implement and particularly efficient on binary computers. Its computational complexity is The square in this complexity comes from the fact that division by 2 and subtraction take a time that is proportional to the number of bits of the input. The computational complexity is usually given in terms of the length n of the input. Here, this length

350-484: A and b ; that is, there are integers e and f such that a = de and b = df , and d is the largest such integer. The GCD of a and b is generally denoted gcd( a , b ) . When one of a and b is zero, the GCD is the absolute value of the nonzero integer: gcd( a , 0) = gcd(0, a ) = | a | . This case is important as the terminating step of the Euclidean algorithm . The above definition

420-430: A commutative ring R {\displaystyle R} is a ring itself. If I {\displaystyle I} is an ideal in A {\displaystyle A} (closed under R {\displaystyle R} -multiplication), then A / I {\displaystyle A/I} inherits the structure of an algebra over R {\displaystyle R} and

490-568: A fraction slash "/".) Quotient rings are distinct from the so-called "quotient field", or field of fractions , of an integral domain as well as from the more general "rings of quotients" obtained by localization . Given a ring R {\displaystyle R} and a two-sided ideal I {\displaystyle I} in R {\displaystyle R} , we may define an equivalence relation ∼ {\displaystyle \sim } on R {\displaystyle R} as follows: Using

560-441: A , b } . This convention is followed by many computer algebra systems . Nonetheless, some authors leave gcd(0, 0) undefined. The GCD of a and b is their greatest positive common divisor in the preorder relation of divisibility . This means that the common divisors of a and b are exactly the divisors of their GCD. This is commonly proved by using either Euclid's lemma , the fundamental theorem of arithmetic , or

630-422: A 24-by-60 rectangular area can be divided into a grid of: 1-by-1 squares, 2-by-2 squares, 3-by-3 squares, 4-by-4 squares, 6-by-6 squares or 12-by-12 squares. Therefore, 12 is the greatest common divisor of 24 and 60. A 24-by-60 rectangular area can thus be divided into a grid of 12-by-12 squares, with two squares along one edge ( 24/12 = 2 ) and five squares along the other ( 60/12 = 5 ). The greatest common divisor

700-627: A consequence of the above, one obtains the fundamental statement: every ring homomorphism f : R → S {\displaystyle f:R\to S} induces a ring isomorphism between the quotient ring R / ker ⁡ ( f ) {\displaystyle R/\ker(f)} and the image i m ( f ) {\displaystyle \mathrm {im} (f)} . (See also: Fundamental theorem on homomorphisms .) The ideals of R {\displaystyle R} and R / I {\displaystyle R/I} are closely related:

770-454: A finite field F q {\displaystyle \mathbb {F} _{q}} whose irreducible polynomial factors are all of equal degree (algorithms exist for efficiently factoring arbitrary polynomials into a product of polynomials satisfying these conditions, for instance, f ( x ) / gcd ( f ( x ) , f ′ ( x ) ) {\displaystyle f(x)/\gcd(f(x),f'(x))}

SECTION 10

#1732890785358

840-414: A new ring, the quotient ring R / I {\displaystyle R/I} , is constructed, whose elements are the cosets of I {\displaystyle I} in R {\displaystyle R} subject to special + {\displaystyle +} and ⋅ {\displaystyle \cdot } operations. (Quotient ring notation always uses

910-776: A polynomial g ( x ) ∈ R {\displaystyle g(x)\in R} to the s -tuple of its reductions modulo each of the p i ( x ) {\displaystyle p_{i}(x)} , i.e. if: then ϕ ( g ( x ) + ⟨ f ( x ) ⟩ ) = ( g 1 ( x ) + ⟨ p 1 ( x ) ⟩ , … , g s ( x ) + ⟨ p s ( x ) ⟩ ) {\displaystyle \phi (g(x)+\langle f(x)\rangle )=(g_{1}(x)+\langle p_{1}(x)\rangle ,\ldots ,g_{s}(x)+\langle p_{s}(x)\rangle )} . It

980-517: A related problem (EUGCD, determining the remainder sequence arising during the Euclidean algorithm) is NC-equivalent to the problem of integer linear programming with two variables; if either problem is in NC or is P-complete , the other is as well. Since NC contains NL , it is also unknown whether a space-efficient algorithm for computing the GCD exists, even for nondeterministic Turing machines. Although

1050-424: A time of T ( n ) , then the fastest known algorithm for greatest common divisor has a complexity O ( T ( n ) log n ) . This implies that the fastest known algorithm has a complexity of O ( n (log n ) ) . Previous complexities are valid for the usual models of computation , specifically multitape Turing machines and random-access machines . The computation of the greatest common divisors belongs thus to

1120-542: A two-sided ideal I {\displaystyle I} in R {\displaystyle R} and a ring homomorphism f : R → S {\displaystyle f:R\to S} whose kernel contains I {\displaystyle I} , there exists precisely one ring homomorphism g : R / I → S {\displaystyle g:R/I\to S} with g p = f {\displaystyle gp=f} (where p {\displaystyle p}

1190-484: Is 0 ¯ = ( 0 + I ) = I {\displaystyle {\bar {0}}=(0+I)=I} , and the multiplicative identity is 1 ¯ = ( 1 + I ) {\displaystyle {\bar {1}}=(1+I)} . The map p {\displaystyle p} from R {\displaystyle R} to R / I {\displaystyle R/I} defined by p (

1260-436: Is O ( n ) . This means that the computation of greatest common divisor has, up to a constant factor, the same complexity as the multiplication. However, if a fast multiplication algorithm is used, one may modify the Euclidean algorithm for improving the complexity, but the computation of a greatest common divisor becomes slower than the multiplication. More precisely, if the multiplication of two integers of n bits takes

1330-439: Is n = log a + log b , and the complexity is thus Lehmer's algorithm is based on the observation that the initial quotients produced by Euclid's algorithm can be determined based on only the first few digits; this is useful for numbers that are larger than a computer word . In essence, one extracts initial digits, typically forming one or two computer words, and runs Euclid's algorithms on these smaller numbers, as long as it

1400-770: Is superpolynomial ). ∑ k = 1 n gcd ( k , n ) = ∑ d | n d ϕ ( n d ) = n ∑ d | n φ ( d ) d = n ∏ p | n ( 1 + ν p ( n ) ( 1 − 1 p ) ) {\displaystyle \sum _{k=1}^{n}\gcd(k,n)=\sum _{d|n}d\phi \left({\frac {n}{d}}\right)=n\sum _{d|n}{\frac {\varphi (d)}{d}}=n\prod _{p|n}\left(1+\nu _{p}(n)\left(1-{\frac {1}{p}}\right)\right)} where ν p ( n ) {\displaystyle \nu _{p}(n)}

1470-400: Is a commutative ring , then so is R / I {\displaystyle R/I} ; the converse, however, is not true in general. The natural quotient map p {\displaystyle p} has I {\displaystyle I} as its kernel ; since the kernel of every ring homomorphism is a two-sided ideal, we can state that two-sided ideals are precisely

SECTION 20

#1732890785358

1540-524: Is a field if and only if I {\displaystyle I} is a maximal ideal , while R / I {\displaystyle R/I} is an integral domain if and only if I {\displaystyle I} is a prime ideal . A number of similar statements relate properties of the ideal I {\displaystyle I} to properties of the quotient ring R / I {\displaystyle R/I} . The Chinese remainder theorem states that, if

1610-414: Is a construction quite similar to the quotient group in group theory and to the quotient space in linear algebra . It is a specific example of a quotient , as viewed from the general setting of universal algebra . Starting with a ring R {\displaystyle R} and a two-sided ideal I {\displaystyle I} in R {\displaystyle R} ,

1680-419: Is a polynomial of the same type as a ( x ) {\displaystyle a(x)} above. Further, since b ( x ) ≠ 0 , ± 1 {\displaystyle b(x)\neq 0,\pm 1} , at least two of the sets A , B {\displaystyle A,B} and C are non-empty and by computing the above GCDs we may obtain non-trivial factors. Since

1750-637: Is a squarefree polynomial with the same factors as f ( x ) {\displaystyle f(x)} , so that the Cantor–Zassenhaus algorithm can be used to factor arbitrary polynomials). It gives as output a polynomial g ( x ) {\displaystyle g(x)} with coefficients in the same field such that g ( x ) {\displaystyle g(x)} divides f ( x ) {\displaystyle f(x)} . The algorithm may then be applied recursively to these and subsequent divisors, until we find

1820-399: Is a variant of Euclid's algorithm that is specially adapted to the binary representation of the numbers, which is used in most computers . The binary GCD algorithm differs from Euclid's algorithm essentially by dividing by two every even number that is encountered during the computation. Its efficiency results from the fact that, in binary representation, testing parity consists of testing

1890-713: Is also sometimes written as a mod I {\displaystyle a{\bmod {I}}} and called the "residue class of a {\displaystyle a} modulo I {\displaystyle I} ". The set of all such equivalence classes is denoted by R / I {\displaystyle R/I} ; it becomes a ring, the factor ring or quotient ring of R {\displaystyle R} modulo I {\displaystyle I} , if one defines (Here one has to check that these definitions are well-defined . Compare coset and quotient group .) The zero-element of R / I {\displaystyle R/I}

1960-409: Is an entire function in the variable b for all positive integers a where c d ( k ) is Ramanujan's sum . The computational complexity of the computation of greatest common divisors has been widely studied. If one uses the Euclidean algorithm and the elementary algorithms for multiplication and division, the computation of the greatest common divisor of two integers of at most n bits

2030-547: Is an element of the ideal 2 Z {\displaystyle 2\mathbb {Z} } , the even integers ). The equivalence class of the element a {\displaystyle a} in R {\displaystyle R} is given by: [ a ] = a + I := { a + r : r ∈ I } {\displaystyle \left[a\right]=a+I:=\left\lbrace a+r:r\in I\right\rbrace } This equivalence class

2100-1230: Is an isomorphism, we have (using our now-established notation): Now, each b i ( x ) + ⟨ p i ( x ) ⟩ {\displaystyle b_{i}(x)+\langle p_{i}(x)\rangle } is an element of a field of order q d {\displaystyle q^{d}} , as noted earlier. The multiplicative subgroup of this field has order q d − 1 {\displaystyle q^{d}-1} and so, unless b i ( x ) = 0 {\displaystyle b_{i}(x)=0} , we have b i ( x ) q d − 1 = 1 {\displaystyle b_{i}(x)^{q^{d}-1}=1} for each i and hence b i ( x ) m = ± 1 {\displaystyle b_{i}(x)^{m}=\pm 1} for each i . If b i ( x ) = 0 {\displaystyle b_{i}(x)=0} , then of course b i ( x ) m = 0 {\displaystyle b_{i}(x)^{m}=0} . Hence b ( x ) m {\displaystyle b(x)^{m}}

2170-409: Is based on the fact that, given two positive integers a and b such that a > b , the common divisors of a and b are the same as the common divisors of a – b and b . So, Euclid's method for computing the greatest common divisor of two positive integers consists of replacing the larger number with the difference of the numbers, and repeating this until the two numbers are equal: that

Cantor–Zassenhaus algorithm - Misplaced Pages Continue

2240-421: Is called the dual number plane in geometric algebra. It consists only of linear binomials as "remainders" after reducing an element of R [ X ] {\displaystyle \mathbb {R} [X]} by X 2 {\displaystyle X^{2}} . This variation of a complex plane arises as a subalgebra whenever the algebra contains a real line and a nilpotent . Furthermore,

2310-401: Is denoted gcd ( x , y ) {\displaystyle \gcd(x,y)} . For example, the GCD of 8 and 12 is 4, that is, gcd(8, 12) = 4 . In the name "greatest common divisor", the adjective "greatest" may be replaced by "highest", and the word "divisor" may be replaced by "factor", so that other names include highest common factor , etc. Historically, other names for

2380-408: Is guaranteed that the quotients are the same with those that would be obtained with the original numbers. The quotients are collected into a small 2-by-2 transformation matrix (a matrix of single-word integers) to reduce the original numbers. This process is repeated until numbers are small enough that the binary algorithm (see below) is more efficient. This algorithm improves speed, because it reduces

2450-413: Is important to note the following at this point, as it shall be of critical importance later in the algorithm: Since the p i ( x ) {\displaystyle p_{i}(x)} are each irreducible, each of the factor rings in this direct sum is in fact a field. These fields each have degree q d {\displaystyle q^{d}} . The core result underlying

2520-436: Is isomorphic to the direct product of factor rings S = ∏ i = 1 s F q [ x ] ⟨ p i ( x ) ⟩ {\displaystyle S=\prod _{i=1}^{s}{\frac {\mathbb {F} _{q}[x]}{\langle p_{i}(x)\rangle }}} . The isomorphism from R to S , say ϕ {\displaystyle \phi } , maps

2590-636: Is often viewed as the direct sum R ⊕ R {\displaystyle \mathbb {R} \oplus \mathbb {R} } . Nevertheless, a variation on complex numbers z = x + y j {\displaystyle z=x+yj} is suggested by j {\displaystyle j} as a root of X 2 − 1 = 0 {\displaystyle X^{2}-1=0} , compared to i {\displaystyle i} as root of X 2 + 1 = 0 {\displaystyle X^{2}+1=0} . This plane of split-complex numbers normalizes

2660-730: Is substituted for Y 2 + 1 {\displaystyle Y^{2}+1} , then one obtains the ring of split-quaternions . The anti-commutative property Y X = − X Y {\displaystyle YX=-XY} implies that X Y {\displaystyle XY} has as its square: ( X Y ) ( X Y ) = X ( Y X ) Y = − X ( X Y ) Y = − ( X X ) ( Y Y ) = − ( − 1 ) ( + 1 ) = + 1 {\displaystyle (XY)(XY)=X(YX)Y=-X(XY)Y=-(XX)(YY)=-(-1)(+1)=+1} Substituting minus for plus in both

2730-463: Is the p -adic valuation. (sequence A018804 in the OEIS ) Factor ring Ring homomorphisms Algebraic structures Related structures Algebraic number theory Noncommutative algebraic geometry Free algebra Clifford algebra In ring theory , a branch of abstract algebra , a quotient ring , also known as factor ring , difference ring or residue class ring ,

2800-415: Is the index calculus method , which involves the factorisation of field elements. If we represent the prime-power order field in the usual way – that is, as polynomials over the prime order base field, reduced modulo an irreducible polynomial of appropriate degree – then this is simply polynomial factorisation, as provided by the Cantor–Zassenhaus algorithm. The Cantor–Zassenhaus algorithm is implemented in

2870-443: Is the natural quotient map). The map g {\displaystyle g} here is given by the well-defined rule g ( [ a ] ) = f ( a ) {\displaystyle g([a])=f(a)} for all a {\displaystyle a} in R {\displaystyle R} . Indeed, this universal property can be used to define quotient rings and their natural quotient maps. As

Cantor–Zassenhaus algorithm - Misplaced Pages Continue

2940-406: Is their greatest common divisor. For example, to compute gcd(48,18) , one proceeds as follows: So gcd(48, 18) = 6 . This method can be very slow if one number is much larger than the other. So, the variant that follows is generally preferred. A more efficient method is the Euclidean algorithm , a variant in which the difference of the two numbers a and b is replaced by the remainder of

3010-410: Is unsuitable for defining gcd(0, 0) , since there is no greatest integer n such that 0 × n = 0 . However, zero is its own greatest divisor if greatest is understood in the context of the divisibility relation, so gcd(0, 0) is commonly defined as 0 . This preserves the usual identities for GCD, and in particular Bézout's identity , namely that gcd( a , b ) generates the same ideal as {

3080-418: Is useful for reducing fractions to the lowest terms . For example, gcd(42, 56) = 14 , therefore, The least common multiple of two integers that are not both zero can be computed from their greatest common divisor, by using the relation Greatest common divisors can be computed by determining the prime factorizations of the two numbers and comparing factors. For example, to compute gcd(48, 180) , we find

3150-455: The Euclidean algorithm . This is the meaning of "greatest" that is used for the generalizations of the concept of GCD. The number 54 can be expressed as a product of two integers in several different ways: Thus the complete list of divisors of 54 is 1, 2, 3, 6, 9, 18, 27, 54. Similarly, the divisors of 24 are 1, 2, 3, 4, 6, 8, 12, 24. The numbers that these two lists have in common are the common divisors of 54 and 24, that is, Of these,

3220-402: The Euclidean division (also called division with remainder ) of a by b . Denoting this remainder as a mod b , the algorithm replaces ( a , b ) with ( b , a mod b ) repeatedly until the pair is ( d , 0) , where d is the greatest common divisor. For example, to compute gcd(48,18), the computation is as follows: This again gives gcd(48, 18) = 6 . The binary GCD algorithm

3290-458: The PARI/GP computer algebra system as the factorcantor() function. Greatest common divisor In mathematics , the greatest common divisor ( GCD ), also known as greatest common factor (GCF) , of two or more integers , which are not all zero, is the largest positive integer that divides each of the integers. For two integers x , y , the greatest common divisor of x and y

3360-537: The free algebra R ⟨ X , Y ⟩ {\displaystyle \mathbb {R} \langle X,Y\rangle } . Then Hamilton's quaternions of 1843 can be cast as: R ⟨ X , Y ⟩ / ( X 2 + 1 , Y 2 + 1 , X Y + Y X ) {\displaystyle \mathbb {R} \langle X,Y\rangle /(X^{2}+1,\,Y^{2}+1,\,XY+YX)} If Y 2 − 1 {\displaystyle Y^{2}-1}

3430-458: The Cantor–Zassenhaus algorithm is the following: If a ( x ) ∈ R {\displaystyle a(x)\in R} is a polynomial satisfying: where a i ( x ) {\displaystyle a_{i}(x)} is the reduction of a ( x ) {\displaystyle a(x)} modulo p i ( x ) {\displaystyle p_{i}(x)} as before, and if any two of

3500-429: The algorithm stops, the result is correct. The algorithm stops eventually, since each steps divides at least one of the operands by at least 2 . Moreover, the number of divisions by 2 and thus the number of subtractions is at most the total number of digits. Example: ( a , b , d ) = (48, 18, 0) → (24, 9, 1) → (12, 9, 1) → (6, 9, 1) → (3, 9, 1) → (3, 3, 1) ; the original GCD is thus the product 6 of 2 = 2 and

3570-439: The class of problems solvable in quasilinear time . A fortiori , the corresponding decision problem belongs to the class P of problems solvable in polynomial time. The GCD problem is not known to be in NC , and so there is no known way to parallelize it efficiently; nor is it known to be P-complete , which would imply that it is unlikely to be possible to efficiently parallelize GCD computation. Shallcross et al. showed that

SECTION 50

#1732890785358

3640-481: The corresponding quotient rings: if M {\displaystyle M} is a two-sided ideal in R {\displaystyle R} that contains I {\displaystyle I} , and we write M / I {\displaystyle M/I} for the corresponding ideal in R / I {\displaystyle R/I} (i.e. M / I = p ( M ) {\displaystyle M/I=p(M)} ),

3710-899: The decomposition of f ( x ) {\displaystyle f(x)} into powers of irreducible polynomials (recalling that the ring of polynomials over any field is a unique factorisation domain ). All possible factors of f ( x ) {\displaystyle f(x)} are contained within the factor ring R = F q [ x ] ⟨ f ( x ) ⟩ {\displaystyle R={\frac {\mathbb {F} _{q}[x]}{\langle f(x)\rangle }}} . If we suppose that f ( x ) {\displaystyle f(x)} has irreducible factors p 1 ( x ) , p 2 ( x ) , … , p s ( x ) {\displaystyle p_{1}(x),p_{2}(x),\ldots ,p_{s}(x)} , all of degree d , then this factor ring

3780-580: The direct sum R ⊕ R {\displaystyle \mathbb {R} \oplus \mathbb {R} } by providing a basis { 1 , j } {\displaystyle \left\lbrace 1,j\right\rbrace } for 2-space where the identity of the algebra is at unit distance from the zero. With this basis a unit hyperbola may be compared to the unit circle of the ordinary complex plane . Suppose X {\displaystyle X} and Y {\displaystyle Y} are two non-commuting indeterminates and form

3850-726: The field F q {\displaystyle \mathbb {F} _{q}} is of odd-characteristic (the process can be generalised to characteristic 2 fields in a fairly straightforward way. Select a random polynomial b ( x ) ∈ R {\displaystyle b(x)\in R} such that b ( x ) ≠ 0 , ± 1 {\displaystyle b(x)\neq 0,\pm 1} . Set m = ( q d − 1 ) / 2 {\displaystyle m=(q^{d}-1)/2} and compute b ( x ) m {\displaystyle b(x)^{m}} . Since ϕ {\displaystyle \phi }

3920-459: The following three sets is non-empty: then there exist the following non-trivial factors of f ( x ) {\displaystyle f(x)} : The Cantor–Zassenhaus algorithm computes polynomials of the same type as a ( x ) {\displaystyle a(x)} above using the isomorphism discussed in the Background section. It proceeds as follows, in the case where

3990-416: The greatest is 6, so it is the greatest common divisor : Computing all divisors of the two numbers in this way is usually not efficient, especially for large numbers that have many divisors. Much more efficient methods are described in § Calculation . Two numbers are called relatively prime, or coprime , if their greatest common divisor equals 1 . For example, 9 and 28 are coprime. For example,

4060-616: The ideal I {\displaystyle I} is the intersection (or equivalently, the product) of pairwise coprime ideals I 1 , … , I k {\displaystyle I_{1},\ldots ,I_{k}} , then the quotient ring R / I {\displaystyle R/I} is isomorphic to the product of the quotient rings R / I n , n = 1 , … , k {\displaystyle R/I_{n},\;n=1,\ldots ,k} . An associative algebra A {\displaystyle A} over

4130-596: The ideal properties, it is not difficult to check that ∼ {\displaystyle \sim } is a congruence relation . In case a ∼ b {\displaystyle a\sim b} , we say that a {\displaystyle a} and b {\displaystyle b} are congruent modulo I {\displaystyle I} (for example, 1 {\displaystyle 1} and 3 {\displaystyle 3} are congruent modulo 2 {\displaystyle 2} as their difference

4200-451: The kernels of ring homomorphisms. The intimate relationship between ring homomorphisms, kernels and quotient rings can be summarized as follows: the ring homomorphisms defined on R / I {\displaystyle R/I} are essentially the same as the ring homomorphisms defined on R {\displaystyle R} that vanish (i.e. are zero) on I {\displaystyle I} . More precisely, given

4270-400: The natural quotient map provides a bijection between the two-sided ideals of R {\displaystyle R} that contain I {\displaystyle I} and the two-sided ideals of R / I {\displaystyle R/I} (the same is true for left and for right ideals). This relationship between two-sided ideal extends to a relationship between

SECTION 60

#1732890785358

4340-436: The number of operations on very large numbers, and can use hardware arithmetic for most operations. In fact, most of the quotients are very small, so a fair number of steps of the Euclidean algorithm can be collected in a 2-by-2 matrix of single-word integers. When Lehmer's algorithm encounters a quotient that is too large, it must fall back to one iteration of Euclidean algorithm, with a Euclidean division of large numbers. If

4410-505: The prime factorizations 48 = 2  · 3 and 180 = 2  · 3  · 5 ; the GCD is then 2  · 3  · 5 = 2  · 3  · 5 = 12 The corresponding LCM is then 2  · 3  · 5 = 2  · 3  · 5 = 720. In practice, this method is only feasible for small numbers, as computing prime factorizations takes too long. The method introduced by Euclid for computing greatest common divisors

4480-627: The problem is not known to be in NC , parallel algorithms asymptotically faster than the Euclidean algorithm exist; the fastest known deterministic algorithm is by Chor and Goldreich , which (in the CRCW-PRAM model) can solve the problem in O ( n /log n ) time with n processors. Randomized algorithms can solve the problem in O ((log n ) ) time on exp ⁡ ( O ( n log ⁡ n ) ) {\displaystyle \exp \left(O\left({\sqrt {n\log n}}\right)\right)} processors (this

4550-403: The quadratic binomials also results in split-quaternions. The three types of biquaternions can also be written as quotients by use of the free algebra with three indeterminates R ⟨ X , Y , Z ⟩ {\displaystyle \mathbb {R} \langle X,Y,Z\rangle } and constructing appropriate ideals. Clearly, if R {\displaystyle R}

4620-649: The quotient rings R / M {\displaystyle R/M} and ( R / I ) / ( M / I ) {\displaystyle (R/I)/(M/I)} are naturally isomorphic via the (well-defined) mapping a + M ↦ ( a + I ) + M / I {\displaystyle a+M\mapsto (a+I)+M/I} . The following facts prove useful in commutative algebra and algebraic geometry : for R ≠ { 0 } {\displaystyle R\neq \lbrace 0\rbrace } commutative, R / I {\displaystyle R/I}

4690-423: The right-most digit, and dividing by two consists of removing the right-most digit. The method is as follows, starting with a and b that are the two positive integers whose GCD is sought. Step 1 determines d as the highest power of 2 that divides a and b , and thus their greatest common divisor. None of the steps changes the set of the odd common divisors of a and b . This shows that when

4760-407: The ring of polynomials over a field is a Euclidean domain , we may compute these GCDs using the Euclidean algorithm . One important application of the Cantor–Zassenhaus algorithm is in computing discrete logarithms over finite fields of prime-power order. Computing discrete logarithms is an important problem in public key cryptography . For a field of prime-power order, the fastest known method

4830-441: The ring quotient R [ X ] / ( X 2 − 1 ) {\displaystyle \mathbb {R} [X]/(X^{2}-1)} does split into R [ X ] / ( X + 1 ) {\displaystyle \mathbb {R} [X]/(X+1)} and R [ X ] / ( X − 1 ) {\displaystyle \mathbb {R} [X]/(X-1)} , so this ring

4900-398: The same concept have included greatest common measure . This notion can be extended to polynomials (see Polynomial greatest common divisor ) and other commutative rings (see § In commutative rings below). The greatest common divisor (GCD) of integers a and b , at least one of which is nonzero, is the greatest positive integer d such that d is a divisor of both

#357642