An analysis of the Rayleigh-Ritz method for approximating eigenspaces

This paper concerns the Rayleigh-Ritz method for computing an approximation to an eigenspace of a general matrix from a subspace that contains an approximation to . The method produces a pair that purports to approximate a pair , where is a basis for and . In this paper we consider the convergence of as the sine of the angle between and approaches zero. It is shown that under a natural hypothesis--called the uniform separation condition--the Ritz pairs converge to the eigenpair . When one is concerned with eigenvalues and eigenvectors, one can compute certain refined Ritz vectors whose convergence is guaranteed, even when the uniform separation condition is not satisfied. An attractive feature of the analysis is that it does not assume that has distinct eigenvalues or is diagonalizable.

     

Finding strong pseudoprimes to several bases

Define to be the smallest strong pseudoprime to all the first prime bases. If we know the exact value of , we will have, for integers , a deterministic primality testing algorithm which is not only easier to implement but also faster than either the Jacobi sum test or the elliptic curve test. Thanks to Pomerance et al. and Jaeschke, are known for . Upper bounds for were given by Jaeschke.

In this paper we tabulate all strong pseudoprimes (spsp's) to the first ten prime bases which have the form with odd primes and There are in total 44 such numbers, six of which are also spsp(31), and three numbers are spsp's to both bases 31 and 37. As a result the upper bounds for and are lowered from 28- and 29-decimal-digit numbers to 22-decimal-digit numbers, and a 24-decimal-digit upper bound for is obtained. The main tools used in our methods are the biquadratic residue characters and cubic residue characters. We propose necessary conditions for to be a strong pseudoprime to one or to several prime bases. Comparisons of effectiveness with both Jaeschke's and Arnault's methods are given.

     

On the uniformity of distribution of the RSA pairs

Let be a product of two distinct primes and . We show that for almost all exponents with the RSA pairs are uniformly distributed modulo when runs through

the group of units modulo (that is, as in the classical RSA scheme);

the set of -products , , where are selected at random (that is, as in the recently introduced RSA scheme with precomputation).

These results are based on some new bounds of exponential sums.

     

The -approximation order of surface spline interpolation

We show that if the open, bounded domain has a sufficiently smooth boundary and if the data function is sufficiently smooth, then the -norm of the error between and its surface spline interpolant is ( ), where and is an integer parameter specifying the surface spline. In case , this lower bound on the approximation order agrees with a previously obtained upper bound, and so we conclude that the -approximation order of surface spline interpolation is .

     

Upper bounds for the prime divisors of Wendt's determinant

Let be an even integer, . The resultant of the polynomials and is known as Wendt's determinant of order . We prove that among the prime divisors of only those which divide or can be larger than , where and is the th Lucas number, except when and . Using this estimate we derive criteria for the nonsolvability of Fermat's congruence.

     

Using the theory of cyclotomy to factor cyclotomic polynomials over finite fields

We examine the problem of factoring the th cyclotomic polynomial, over , and distinct primes. Given the traces of the roots of we construct the coefficients of in time . We demonstrate a deterministic algorithm for factoring in time when has precisely two irreducible factors. Finally, we present a deterministic algorithm for computing the sum of the irreducible factors of in time .

     

Computing the tame kernel of quadratic imaginary fields

J. Tate has determined the group (called the tame kernel) for six quadratic imaginary number fields where Modifying the method of Tate, H. Qin has done the same for and and M. Skaba for and

In the present paper we discuss the methods of Qin and Skaba, and we apply our results to the field

In the Appendix at the end of the paper K. Belabas and H. Gangl present the results of their computation of for some other values of The results agree with the conjectural structure of given in the paper by Browkin and Gangl.

     

Explicit primality criteria for

Deterministic polynomial time primality criteria for have been known since the work of Lucas in 1876-1878. Little is known, however, about the existence of deterministic polynomial time primality tests for numbers of the more general form , where is any fixed prime. When (p-1)/2$"> we show that it is always possible to produce a Lucas-like deterministic test for the primality of which requires that only modular multiplications be performed modulo , as long as we can find a prime of the form such that is not divisible by . We also show that for all with such a can be found very readily, and that the most difficult case in which to find a appears, somewhat surprisingly, to be that for . Some explanation is provided as to why this case is so difficult.

     

Continued fractions in local fields, II

The present paper is a continuation of an earlier work by the author. We propose some new definitions of -adic continued fractions. At the end of the paper we give numerical examples illustrating these definitions. It turns out that for every if then has a periodic continued fraction expansion. The same is not true in for some larger values of

     

Special prime numbers and discrete logs in finite prime fields

A set of primes involving numbers such as , where and , is defined. An algorithm for computing discrete logs in the finite field of order with is suggested. Its heuristic expected running time is for , where as , , and . At present, the most efficient algorithm for computing discrete logs in the finite field of order for general is Schirokauer's adaptation of the Number Field Sieve. Its heuristic expected running time is for . Using rather than general does not enhance the performance of Schirokauer's algorithm. The definition of the set and the algorithm suggested in this paper are based on a more general congruence than that of the Number Field Sieve. The congruence is related to the resultant of integer polynomials. We also give a number of useful identities for resultants that allow us to specify this congruence for some .

     

Computing automorphisms of abelian number fields

Let be an abelian number field of degree . Most algorithms for computing the lattice of subfields of require the computation of all the conjugates of . This is usually achieved by factoring the minimal polynomial of over . In practice, the existing algorithms for factoring polynomials over algebraic number fields can handle only problems of moderate size. In this paper we describe a fast probabilistic algorithm for computing the conjugates of , which is based on -adic techniques. Given and a rational prime which does not divide the discriminant of , the algorithm computes the Frobenius automorphism of in time polynomial in the size of and in the size of . By repeatedly applying the algorithm to randomly chosen primes it is possible to compute all the conjugates of .

     

On a conjecture of Erdos and Stewart

For any , let be the th prime number. In this paper, we confirm a conjecture of Erdos and Stewart concerning all the solutions of the diophantine equation , when .

     

Computer verification of the Ankeny-Artin-Chowla Conjecture for all primes less than

Let be a prime congruent to 1 modulo 4, and let be rational integers such that is the fundamental unit of the real quadratic field . The Ankeny-Artin-Chowla conjecture (AAC conjecture) asserts that will not divide . This is equivalent to the assertion that will not divide , where denotes the th Bernoulli number. Although first published in 1952, this conjecture still remains unproved today. Indeed, it appears to be most difficult to prove. Even testing the conjecture can be quite challenging because of the size of the numbers ; for example, when , then both and exceed . In 1988 the AAC conjecture was verified by computer for all . In this paper we describe a new technique for testing the AAC conjecture and we provide some results of a computer run of the method for all primes up to .

     

Rudin-Shapiro-like polynomials in

We examine sequences of polynomials with coefficients constructed using the iterations , where is the degree of and is the reciprocal polynomial of . If these generate the Rudin-Shapiro polynomials. We show that the norm of these polynomials is explicitly computable. We are particularly interested in the case where the iteration produces sequences with smallest possible asymptotic norm (or, equivalently, with largest possible asymptotic merit factor). The Rudin-Shapiro polynomials form one such sequence.

We determine all of degree less than 40 that generate sequences under the iteration with this property. These sequences have asymptotic merit factor 3. The first really distinct example has a of degree 19.

     

On quadratic fields with large 3-rank

Davenport and Heilbronn defined a bijection between classes of binary cubic forms and classes of cubic fields, which has been used to tabulate the latter. We give a simpler proof of their theorem then analyze and improve the table-building algorithm. It computes the multiplicities of the general cubic discriminants (real or imaginary) up to in time and space , or more generally in time and space for a freely chosen positive . A variant computes the -ranks of all quadratic fields of discriminant up to with the same time complexity, but using only units of storage. As an application we obtain the first real quadratic fields with , and prove that is the smallest imaginary quadratic field with -rank equal to .

     

Nontrivial Galois module structure of cyclotomic fields

We say a tame Galois field extension with Galois group has trivial Galois module structure if the rings of integers have the property that is a free -module. The work of Greither, Replogle, Rubin, and Srivastav shows that for each algebraic number field other than the rational numbers there will exist infinitely many primes so that for each there is a tame Galois field extension of degree so that has nontrivial Galois module structure. However, the proof does not directly yield specific primes for a given algebraic number field For any cyclotomic field we find an explicit so that there is a tame degree extension with nontrivial Galois module structure.

     

Class numbers of some abelian extensions of rational function fields

Let be a monic irreducible polynomial. In this paper we generalize the determinant formula for of Bae and Kang and the formula for of Jung and Ahn to any subfields of the cyclotomic function field By using these formulas, we calculate the class numbers of all subfields of when and are small.

     

Efficient CM-constructions of elliptic curves over finite fields

We present an algorithm that, on input of an integer together with its prime factorization, constructs a finite field and an elliptic curve over for which has order . Although it is unproved that this can be done for all , a heuristic analysis shows that the algorithm has an expected run time that is polynomial in , where is the number of distinct prime factors of . In the cryptographically relevant case where is prime, an expected run time can be achieved. We illustrate the efficiency of the algorithm by constructing elliptic curves with point groups of order and nextprime.

     

On iterates of Möbius transformations on fields

Let be a quadratic polynomial over a splitting field , and be the set of zeros of . We define an associative and commutative binary relation on so that every Möbius transformation with fixed point set is of the form ``plus' for some . This permits an easy proof of Aitken acceleration as well as generalizations of known results concerning Newton's method, the secant method, Halley's method, and higher order methods. If is equipped with a norm, then we give necessary and sufficient conditions for the iterates of a Möbius transformation to converge (necessarily to one of its fixed points) in the norm topology. Finally, we show that if the fixed points of are distinct and the iterates of converge, then Newton's method converges with order 2, and higher order generalizations converge accordingly.

     

Period of the power generator and small values of Carmichael's function

Consider the pseudorandom number generator where we are given the modulus , the initial value and the exponent . One case of particular interest is when the modulus is of the form , where are different primes of the same magnitude. It is known from work of the first and third authors that for moduli , if the period of the sequence exceeds , then the sequence is uniformly distributed. We show rigorously that for almost all choices of it is the case that for almost all choices of , the period of the power generator exceeds . And so, in this case, the power generator is uniformly distributed.

We also give some other cryptographic applications, namely, to ruling-out the cycling attack on the RSA cryptosystem and to so-called time-release crypto.

The principal tool is an estimate related to the Carmichael function , the size of the largest cyclic subgroup of the multiplicative group of residues modulo . In particular, we show that for any , we have for all integers with , apart from at most exceptions.