This preview has intentionally blurred sections. Sign up to view the full version.
View Full Document
Unformatted text preview: For (v), one proves the statement for the t i by induction, but with the stronger hypothesis that t i t i +1 ≤ 0 (i.e., the sign alternates) and  t i  ≤  t i +1  for 0 ≤ i ≤ ‘ (exercise). One argues similarly for the statement for the s i . (vi) follows immediately from (iv) and (v). 2 Example 3.2 We continue with Example 3.1. The numbers s i and t i are easily computed from the q i : i 1 2 3 4 r i 100 35 30 5 q i 2 1 6 s i 1 11 7 t i 12 320 2 We can easily turn the scheme described in Theorem 3.5 into a simple algorithm, as follows: s ← 1 , t ← s ← , t ← 1 while b 6 = 0 do Compute q,r such that a = bq + r , with 0 ≤ r < b ( s,t,s ,t ) ← ( s ,t ,s s q,t t q ) ( a,b ) ← ( b,r ) output a,s,t 16 This algorithm, known as the extended Euclidean algorithm , computes the greatest common divisor d of a and b , together with s and t such that as + bt = d . Theorem 3.6 The extended Euclidean algorithm runs in time O ( L ( a ) L ( b )) . Proof. It suffices to analyze the cost of computing the sequences { s i } and { t i } . Consider first the cost of computing all of the t i , which is O ( τ ), where τ = ∑ ‘ i =1 L ( t i ) L ( q i ). By Theorem 3.5 part (vi), and arguing as in the proof of Theorem 3.4, we have τ = L ( q 1 ) + ‘ X i =2 L ( t i ) L ( q i ) ≤ L ( q 1 ) + L ( a )( ‘ 1 + log 2 ( ‘ Y i =2 q i )) = O ( L ( a ) L ( b )) , using the fact that Q ‘ i =2 q i ≤ b . An analogous argument shows that one can compute all of the s i also in time O ( L ( a ) L ( b )), and in fact, in time O ( L ( b ) 2 ). 2 We should point out that the Euclidean algorithm is not the fastest known algorithm for com puting greatest common divisors. The asymptotically fastest known algorithm for computing the greatest common divisor of two numbers of bit length at most k runs in time O ( k (log k ) 2 log log k ). One can also compute the corresponding values s and t within this time bound as well. Fast algo rithms for greatest common divisors are not of much practical value, unless the integers involved are very large — at least several tens of thousands of bits in length. 3.4 Computing in Z n Let n > 1. For computational purposes, we may represent elements of Z n as elements of the set { ,...,n 1 } . Addition and subtraction in Z n can be performed in time O ( L ( n )). Multiplication can be performed in time O ( L ( n ) 2 ) with an ordinary integer multiplication, followed by a division with remainder. Given a ∈ { ,...,n 1 } , we can determine if [ a mod n ] has a multiplicative inverse in Z n , and if so, determine this inverse, in time O ( L ( n ) 2 ) by applying the extended Euclidean algorithm. More precisely, we run the extended Euclidean algorithm to determine integers d , s , and t , such that d = gcd( n,a ) and ns + at = d . If d 6 = 1, then [ a mod n ] is not invertible; otherwise, [ a mod n ] is invertible, and [ t mod n ] is its inverse. In the latter case, by part (vi) of Theorem 3.5, we know that  t  ≤...
View
Full Document
 Spring '13
 MRR
 Math, Algebra, Number Theory

Click to edit the document details