Arithmetic operations

All basic arithmetic operations are polynomial: addition, subtraction, multiplication and division of integers with remainder. (Recall that the length of an integer n as input is the number of its bits, i.e., log2n+O(1)). We learn polynomial time algorithms for all

these operations in elementary school (linear time algorithms in the case of addition and subtraction, quadratic time algorithms in the case of multiplication and division). We also count the comparison of two numbers as a trivial but basic arithmetic operation, and this can also be done in polynomial (linear) time.

A less trivial polynomial time arithmetic algorithm theEuclidean algorithm, computing the greatest common divisor of two numbers.

Euclidean Algorithm. We are given two natural numbers,aandb. Select one that is not larger than the other, let this be a (say). If a = 0 then the greatest common divisor of a

and b is gcd(a, b) =b. Ifa >0 then let us divide b bya, with remainder, and let r be the remainder. Then gcd(a, b) = gcd(a, r), and it is enough therefore to determine the greatest common divisor of aandr. Since r < a, tis recurrence will terminate in a finite number of iterations and we get the greatest common divisor ofaandb.

Notice that strictly speaking, the algorithm given above is not a program for the Random Access Machine. It is a recursive program, and even as such it is given somewhat informally. But we know that such an informal program can be translated into a formal one, and a recursive program can be translated into a machine-language program (most compilers can do that).

Lemma 4.3.1 The Euclidean algorithm takes polynomial time. More exactly, it carries out of O(loga+ logb)arithmetical operations carried out on input (a, b).

4.3. POLYNOMIAL TIME I: ALGORITHMS IN ARITHMETIC 61 Proof. Since 0≤r < a≤b, the Euclidean algorithm will terminate sooner or later. Let us see that it terminates in polynomial time. Notice that b≥a+r >2r and thusr < b/2. Hence ar < ab/2. Therefore after dlog(ab)eiterations, the product of the two numbers will be smaller than 1, hence one of them will be 0, i.e. the algorithm terminates. Each iteration consist of elementary arithmetic operations, and can be carried out in polynomial time. ¤ It is an important feature of the Euclidean algorithm not only gives the value of the greatest common divisor, but also delivers integers p, q such that gcd(a, b) = pa+qb. For this, we simply maintain such a form for all numbers computed during the algorithm. If

a0 _=p

1a+q1b andb0 =p2a+q2b and we divide, say,b0 bya0 with remainder: b0=ha0+r0

then

r0 _{= (p}

2−hp1)a+ (q2−hp2)b,

and thus we obtain the representation of the new numberr0 _{in the formp}0_a+q0_b.

Remark 4.3.1 The Euclidean algorithm is sometimes given by the following iteration: if

a = 0 then we are done. If a > b then let us switch the numbers. If 0 < a ≤ b then let

b:=b−a. Mathematically, essentially the same thing happens (Euclid’s original algorithm was closer to this), this algorithm is not polynomial: even the computation of gcd(1, b) requires b iterations, which is exponentially large in terms of the number logb+O(1) of digits of the input.

The operations of addition, subtraction, multiplication can be carried out in polynomial times also in the ring of remainder classes modulo an integerm. We represent the remainder classes by the smallest nonnegative remainder. We carry out the operation on these as on integers; at the end, another division bym, with remainder, is necessary.

Ifmis a prime number then we can also carry out thedivision in the field of the residue classes modulo m, in polynomial time. This is different from division with remainder! It means that given integersa, bandm, where 0≤a, b≤m−1 and b6= 0, we can compute an integer xwith 0≤x < msuch that

bx≡a (mod m).

(Such anxis sometimes denoted bya/b (modm).)

The solution is to apply the Euclidean algorithm to compute the greatest common divisor of the numbers b, m. Of course, we know in advance that the result is 1. But as remarked, we also obtain integers pand q such that bp+mq = 1. In other words, bp ≡1 (modm), and thusb(ap)≡a (mod m). So the quotientxwe are looking for is the remainder of the productap after dividing bym.

We mention yet another application of the Euclidean algorithm. Suppose that a certain integerxis unknown to us but we know its remaindersx1, . . . , xk with respect to the moduli

m1, . . . , mk which are all relatively prime to each other. The Chinese Remainder Theorem

says that these remainders uniquely determine the remainder ofxmodulo the product m=

m1· · ·mk. But how can we compute this remainder?

It suffices to deal with the casek= 2 since for generalk, the algorithm follows from this by mathematical induction. We are looking for an integerxsuch thatx≡x1 (modm1) and

x≡x2 (mod m2) (we also want that 0≤x≤m1m2−1, but this we can achieve by dividing

with remainder at the end).

In other words, we are looking for integers x, q1 and q2 such that x =x1+q1m1 and

x=x2+q2m2. Subtracting, we getx2−x1=q1m1−q2m2. This equation does not determine

the numbersq1andq2uniquely, but this is not important. We can find, using the Euclidean

algorithm, numbersq1 andq2such that

x2−x1=q1m1−q2m2,

and computex=x1+q1m1 =x2+q2m2. Then x≡x1 (modm1) and x≡x2 (mod m2),

as desired.

Next, we discuss the operation of exponentiation. Since even to write down the number 2n_{, we need an exponential number of digits (in terms of the length of the input as the}

number of binary digits of n), so of course, this number is not computable in polynomial time. The situation changes, however, if we want to carry out the exponentiation modulom: then ab _{is also a residue class modulo m, and hence it can be represented by logm+O(1)}

bits. We will show that it can be not only represented polynomially but also computed in polynomial time.

Lemma 4.3.2 Leta, bandmbe three natural numbers. Thenab _{(modm)can be computed}

in polynomial time, or more exactly, with O(logb) arithmetical operations, carried out on natural numbers withO(logm+ loga)digits.

Proof. Let us writebin binary:

b= 2r1_{+· · ·+ 2}rk_,

where 0≤ r1 < · · · < rk. It is obvious that rk ≤logb and therefore k ≤logb. Now, the

numbers a2t

(modm) for 0≤t≤logb are easily obtained by repeated squaring, and then we multiply thosektogether that make upab_{. Of course, we carry out all operations modulo}

4.3. POLYNOMIAL TIME I: ALGORITHMS IN ARITHMETIC 63 Remark 4.3.2 It is not known whether a! modmor ¡a

b

¢

modmcan be computed in poly- nomial time.