Constructing Small Generating Sets for the Multiplicative Groups of Algebras over Finite Fields Ming-Deh Huang, Lian Liu University of Southern California ISSAC’16, July 19-22
Motivation Expander graphs are sparse graphs that are well connected. Intuitively, every small subset of vertices have a relatively large neighborhood. (a) Petersen graph (b) Barbell graph
Motivation Properties of expander graphs: Applications of expander graphs: ◮ Large edge/vertex expansion; ◮ Pseudorandom generators & extractors; ◮ Small diameter; ◮ Derandomization; ◮ Fast mixing; ◮ Error-correcting codes; ◮ Non-blocking; ◮ Communication networks; ◮ ... ◮ ...
How do we measure the “expansion” of a graph? Let M be the adjacency matrix of an d -regular graph Γ (either directed or undirected), the spectrum of Γ is the sorted sequence of the eigenvalues of M : d = | λ 1 | ≥ | λ 2 | ≥ . . . ≥ | λ n | . Definition (expander) The eigenvalue of Γ is defined as λ (Γ) := | λ 2 | . We call a d -regular graph Γ an ( n , d , λ )-expander, or simply a λ -expander, if it has n vertices and λ (Γ) ≤ λ . Intuitively, for regular graphs with n and d fixed, smaller eigenvalue implies larger expansion.
How to construct expander graphs? Two major types of approaches: ◮ Probabilistic constructions; ◮ Explicit constructions. Most known explicit constructions are based on Cayley graphs. Definition (Cayley graph) Let G be a finite abelian group and S ⊆ G be a subset of elements, the Cayley graph Γ( G , S ) is a directed graph where ◮ g ∈ V (Γ) iff g ∈ G ; ◮ ( g , h ) ∈ E (Γ) iff sg = h for some s ∈ S . For simplicity, we say Γ( G , S ) is a Cayley graph over G .
Related work Theorem (Chung) Given F q ≃ F p [ x ] / f a finite field of q = p d elements. Let S = x + F p := { x + a | a ∈ F p } . If √ p > n − 1 , then Γ( F × q , S ) is an ( n − 1) √ p-expander. Corollary x + F p is a generating set for F × q .
Our results Part I: Expander construction We present algorithms for constructing expander graphs over B × , where B is a finite algebra of the form B := F p [ x ] / F , and F ∈ F p [ x ] is not necessarily irreducible. These expander constructions naturally gives different types of generating sets for B × . Part II: Basis construction & decomposition We study the structure of B × and present algorithms for constructing a basis for B × and decomposing elements w.r.t. the basis.
Expander graphs over finite commutative algebras
Notation For simplicity of the presentation, we will focus on algebras of the form A := F p [ x ] / f e , where f ∈ F p [ x ] is an irreducible polynomial and e > 1 is an integer. It’s not hard to generalize all results to the general case via the Chinese Remainder isomorphism: m � ( F p [ x ] / f e i ∼ i ) × → ( F p [ x ] / F ) × , ψ : − i =1 i f e i where F = � i .
Eigenvalues of Cayley graphs Eigenvalues of Cayley graphs are character sums: Lemma Let M be the adjacency matrix of Γ( G , S ) , then the eigenvalues of M are → C ∗ is a character of G. ∼ of the form � s ∈ S χ ( s ) , where χ : G −
Upper bounds for character sums Theorem (Katz, Lenstra, Weil) Let B be an arbitrary finite n-dimensional commutative F q -algebra and x be an element of B. If χ is a character of the multiplicative group B × (extended by zero to all of B) which is non-trivial on F q [ x ] , then � � � � ≤ ( n − 1) √ q � � � χ ( t − x ) � � � � t ∈ F q � �
The first small generating set Since A = F p [ x ] / f can be naturally regarded as an F p -algebra of dimension de , the following theorem is a quick consequence: Theorem If √ p > de − 1 , then Γ( A × , F p − x ) is an ( ne − 1) p 1 / 2 -expander. Corollary If √ p > de − 1 , then F p − x is a generating set of A × . Question What if p is small but d , e are large?
Embed F q into A For the case √ p ≤ de − 1, we present an embedding π : F q ≃ F p [ x ] / f A such that π ( F q ) ≃ F q as fields. π A F q
How to compute the embedding? The embedding π : F p [ x ] / f → F p / f e is computed based on Lemma q , there exists a unique a ∈ A × such that For each a 0 ∈ F × � a = a 0 (mod f ) , a q − 1 = a 0 (mod f e ) . Given a 0 , we assume π ( a 0 ) = a = � d − 1 i =1 a i f i , where deg a i < d for all i . We show that each a i is uniquely determined, and can be computed efficiently.
Expander graphs over A × and generating sets The embedding gives us a way to “enlarge” the ground field of A . A Theorem If K is a subfield of F q of size p c where c | d and dim de p d p c / 2 > de / c − 1 , then Γ( A × , π ( K ) − x ) is an F q c ( de / c − 1) p c / 2 -expander. p c K Corollary If p c / 2 > de / c − 1 , then π ( K ) − x is a generating set for A × . p F p
Basis construction and decomposition
The structure of A × Consider the map φ : A × → F p [ x ] / f s.t. φ ( a ) = a mod f . It’s easy to see that ker φ = { 1 + af | deg a < d ( e − 1) } . When p ≥ e , it holds that (1 + af ) p = 1 + a p f p = 1 (mod p e ). Thereby, we have Lemma If p ≥ e, then A × = π ( F × q ) × ker φ ≃ Z / ( p d − 1) Z ⊕ � . Z / p Z d ( e − 1)
Basis construction A × = π ( F × q ) × ker φ . ◮ For the first component, the problem reduces to finding a primitive element for F q ; ◮ For the second component, we prove that Lemma The set { 1 + x k f j | 0 ≤ k ≤ d − 1 , 1 ≤ j ≤ e − 1 } forms a basis for ker φ .
Decomposition i =0 a i f i ∈ A × , we first write a = π ( a 0 ) · k , Given an element a = � d − 1 where k ∈ ker φ . ◮ Clearly, finding the coordinate of a in Z / ( p d − 1) Z is equivalent to finding the discrete-log of a 0 ; ◮ The decomposition of k in � d ( e − 1) Z / p Z can be computed efficiently via the filteration K 1 � K 2 � . . . � K e , where each K j := { 1 + af j mod f e } . We omit the details here.
Experiments and future work Figure: p = 5 , e = 4 Figure: p = 11 , e = 4 10 10 c c b b 8 8 fit(c) fit(c) fit(b) fit(b) 6 6 4 4 2 2 0 0 1 2 3 4 5 6 7 1 2 3 4 5 6 7 log 2 (d) log 2 (d)
Experiments and future work Figure: p = 7 , e = 3 Figure: p = 7 , e = 5 10 10 c c b b 8 8 fit(c) fit(c) fit(b) fit(b) 6 6 4 4 2 2 0 0 1 2 3 4 5 6 7 1 2 3 4 5 6 7 log 2 (d) log 2 (d)
Thanks! Questions?
Recommend
More recommend
