On the Multidimensional Distribution of Numbers Generated by Dickson - - PowerPoint PPT Presentation

On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Domingo Gomez

University of Cantabria

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Notation

Let p be a prime number, ep(x) = exp(2πIx/p) and Fp the finite field with p elements,{0, . . . , p − 1}. X1, . . . , Xk will denote indeterminates and Fp[X1, . . . , Xk] will denote the ring of polynomials with coefficients in Fp over X1, . . . , Xk.

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Problem

Generate sequences (un) un ∈ Fk

p, with good pseudorandom

properties.

◮ Good distribution properties; ◮ Difficult to predict; ◮ Easy to generate.

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Pseudorandom Number Generators

Each element, un = (un,1, . . . , un,k) is defined by the following recurrence, un+1,i = Fi(un,1, . . . , un,k), i = 1, . . . , k, n = 0, 1, . . . For short, we will write, un = F(un−1)

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Pseudorandom Number Generators

Also, we introduce the following notation, F (n+1)

i

(X1, . . . , Xk) = Fi(F (n)

1

(X1, . . . , Xk), . . . , F (n)

k

(X1, . . . , Xk)), F(n) = {F (n)

1

, . . . , F (n)

k

}. Another way of defining the sequence (un) is, un = F(n)(u0).

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Results in the Multivariate Case

◮ NonLinear PRNG of Higher orders (Ostafe, Pelican,

Shparlinski);

◮ Recursive PRNG based on Rational Functions (Ostafe,

Shparlinski) generalizes Inversive Generator (Niederreiter,Rivat);

◮ Multivariate generalisation of the Power Generator (Ostafe,

Shparlinski).

◮ Multivariate version of the Dickson Generator?

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Dickson Polynomials

Denoted by De(X, α) De+2(X, α) = XDe+1(X, α) − αDe(X, α) with D0(X, α) = 2, D1(X, α) = X.

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Properties of Dickson Polynomials

◮ De(X + αX −1, α) = X e + αeX −e. ◮ Df (De(X + αX −1, α), αe) = X ef + αef X −ef . ◮ De(x1, x2 1α) = xe 1De(1, α). ◮ If gcd(e, p2 − 1) = 1, then De(X, α) is a permutational

polynomial.

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Construction for k = 2

Take gcd(e, p2 − 1) = 1, define F = {F1(X1, X2), F2(X2))} where F1(X1, X2) = De(X1, X2), F2(X2) = X e

2 .

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Construction for k = 2

Now, we notice that F (n)

1

(X1, X2) = Den(X1, X2), F (n)

2

(X2) = X en

2 .

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Exponential Sums with This Generator

We start defining, Sa1,a2(N) =

N−1

• n=0

ep(a1un,1 + a2un,2) and notice that

• Sa1,a2(N) −

N−1

• n=0

ep(a1un+k,1 + a2un+k,2)

• ≤ 2k.

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Exponential Sums with This Generator

For any set of integers K whose maximum is K ≥ 1, (#K)|Sa1,a2(N)| ≤ W + (#K)K, where W =

N−1

• n=0
• k∈K

ep (a1un+k,1 + a2un+k,2)

• .

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Exponential Sums with This Generator

We use the Cauchy inequality to obtain W 2 ≤ N

N−1

• n=0
• k∈K

ep (a1un+k,1 + a2un+k,2)

• 2

≤ N

• k,ℓ∈K
• x1,x2∈Fp

ep

• a1(Dek(x1, x2) − Deℓ(x1, x2)) − a2(xek

2 − xeℓ 2 )

• Domingo Gomez

University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Exponential Sums with This Generator

To bound this sum

• x1,x2∈Fp

ep

• a1(Dek(x1, x2) − Deℓ(x1, x2)) − a2(xek

2 − xeℓ 2 )

• .

we notice that the following application, x2 → x2

1x2,

is invertible if x1 = 0. Making that substitution, we also notice that Dek(x1, x2x2

1) = xek 1 Dek(1, x2),

Deℓ(x1, x2x2

1) = xeℓ 1 Deℓ(1, x2).

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

A Technical Lemma

Lemma (Friedlander,Hansen,Shparlinski)

For any set K ⊂ Zt, containing only units of Zt of cardinality K, any fixed δ > 0 and any integer h ≥ tδ there exists an integer r gcd(r, t) = 1, such that the number of solutions of the congruence Lr(h), rk ≡ y (mod t), k ∈ K, 0 ≤ y ≤ h − 1, satisfies that is greater than certain constant times Kh/t.

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Exponential Sums with This Generator

So, we apply last lemma with t = p−1, K′ = {ek (mod p−1) | k = 0, 1, . . .}, h = p3/4T −1/2 where T is the multiplicative order of e modulo p − 1. Now, apply the transformation x1 → xr

1 here

• x1,x2∈Fp

ep(a1(xrek

1 Drek(1, x2) − xreℓ 1 Dreℓ(1, x2))

− a2((x2r

1 x2)ek − (x2r 1 x2)eℓ))

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Exponential Sums with This Generator

So, we apply last lemma with t = p−1, K′ = {ek (mod p−1) | k = 0, 1, . . .}, h = p3/4T −1/2 where T is the multiplicative order of e modulo p − 1. Now, apply the transformation x1 → xr

1 here

• x1,x2∈Fp

ep(a1(xh1

1 Drek(1, x2) − xh2 1 Dreℓ(1, x2))

− a2(x2h1

1

(x2)ek − x2h2

1

(x2)eℓ))

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Exponential Sums with This Generator

If k = ℓ then we use the trivial bound, otherwise, we use the Weil bound and this gives (#K)2hp3/2 + #Kp2. Substituting, |Sa1,a2(N)| = O(N1/2T −1/4p9/8).

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Remarks

◮ The previous bound is not trivial when N ≥ p; ◮ The multiplicative order of e modulo p − 1 must be large as

well;

◮ A bound for the exponential sum gives a bound for the

discrepancy using standard techniques. In this case, O(N−1/2T −1/4p9/8 log2(N)).

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Further Remarks

The multivariate power generator admits a more general form that simple monomials, with multipliers and shifts. Also the bounds for exponential sums are better than in this case.

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Even Further Remarks

The generalisation for k ≥ 3 should be done using multivariate Dickson polynomials. The construction is very similar but unfortunately there are some technical difficulties in the proof of bounds for the corresponding exponential sums.

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials

Open Problems

These are the open problems

◮ Is there a way to improve the bound of the exponential sum? ◮ Is there a generalisation for pseudorandom number generators

with Dickson polynomials for k > 2?

◮ Is it possible to add multipliers and still get a good lower

bound?

Domingo Gomez University of Cantabria On the Multidimensional Distribution of Numbers Generated by Dickson Polynomials