Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

A number-theoretic conjecture implying faster algorithms for polynomial factorization and integer factorization

Chris Umans, Siki Wang

TL;DR

The paper reframes polynomial factorization over finite fields as a problem tied to a number-theoretic conjecture about structured difference-sets $S-T$ and their divisors. By replacing the standard $X^{q^i}-X$ GCD checks with $X^{q^A}-X$ for carefully chosen $A$ drawn from $S-T$, the authors propose a framework that could dramatically reduce the exponent in polynomial factoring from $3/2$ toward $4/3$ (and potentially to $1/2$ for special cases), contingent on the conjecture holding with favorable parameters. They also extend these ideas to integer factoring, yielding potential deterministic improvements to the current best exponents under the same conjectural assumptions. A variant based on arithmetic progressions strengthens the connection and highlights both the promise and the challenges of grounding these algorithmic gains in solid number-theoretic foundations. The work opens multiple avenues for future research, including derandomization, AP-variant analyses, and practical implementations of nearly-linear time factoring via structured difference-sets.

Abstract

The fastest known algorithm for factoring a degree $n$ univariate polynomial over a finite field $\mathbb{F}_q$ runs in time $O(n^{3/2 + o(1)}\text{polylog } q)$, and there is a reason to believe that the $3/2$ exponent represents a ''barrier'' inherent in algorithms that employ a so-called baby-steps-giant-steps strategy. In this paper, we propose a new strategy with the potential to overcome the $3/2$ barrier. In doing so we are led to a number-theoretic conjecture, one form of which is that there are sets $S, T$ of cardinality $n^β$, consisting of positive integers of magnitude at most $\exp(n^α)$, such that every integer $i \in [n]$ divides $s-t$ for some $s \in S, t \in T$. Achieving $α+ β\le 1 + o(1)$ is trivial; we show that achieving $α, β< 1/2$ (together with an assumption that $S, T$ are structured) implies an improvement to the exponent 3/2 for univariate polynomial factorization. Achieving $α= β= 1/3$ is best-possible and would imply an exponent 4/3 algorithm for univariate polynomial factorization. Interestingly, a second consequence would be a reduction of the current-best exponent for deterministic (exponential) algorithms for factoring integers, from $1/5$ to $1/6$.

A number-theoretic conjecture implying faster algorithms for polynomial factorization and integer factorization

TL;DR

The paper reframes polynomial factorization over finite fields as a problem tied to a number-theoretic conjecture about structured difference-sets and their divisors. By replacing the standard GCD checks with for carefully chosen drawn from , the authors propose a framework that could dramatically reduce the exponent in polynomial factoring from toward (and potentially to for special cases), contingent on the conjecture holding with favorable parameters. They also extend these ideas to integer factoring, yielding potential deterministic improvements to the current best exponents under the same conjectural assumptions. A variant based on arithmetic progressions strengthens the connection and highlights both the promise and the challenges of grounding these algorithmic gains in solid number-theoretic foundations. The work opens multiple avenues for future research, including derandomization, AP-variant analyses, and practical implementations of nearly-linear time factoring via structured difference-sets.

Abstract

The fastest known algorithm for factoring a degree univariate polynomial over a finite field runs in time , and there is a reason to believe that the exponent represents a ''barrier'' inherent in algorithms that employ a so-called baby-steps-giant-steps strategy. In this paper, we propose a new strategy with the potential to overcome the barrier. In doing so we are led to a number-theoretic conjecture, one form of which is that there are sets of cardinality , consisting of positive integers of magnitude at most , such that every integer divides for some . Achieving is trivial; we show that achieving (together with an assumption that are structured) implies an improvement to the exponent 3/2 for univariate polynomial factorization. Achieving is best-possible and would imply an exponent 4/3 algorithm for univariate polynomial factorization. Interestingly, a second consequence would be a reduction of the current-best exponent for deterministic (exponential) algorithms for factoring integers, from to .

Paper Structure

This paper contains 16 sections, 20 theorems, 50 equations, 1 algorithm.

Table of Contents

  1. Introduction
  2. Outline.
  3. Preliminaries
  4. The framework
  5. A number-theoretic conjecture
  6. Using the conjecture to factor polynomials in $\mathbb{F}_q[X]$
  7. Computing the interval polynomials
  8. Distinct-degree factorization of $\gcd(h, g_i)$
  9. Using the conjecture to factor integers
  10. The framework
  11. Computing $\prod_{i = a}^b A_i \bmod d$ fast
  12. The arithmetic progression version of the conjecture
  13. Conclusions and open problems
  14. Deferred proofs
  15. Proof of Lemma \ref{['lem:int-preprocessing']}
  16. ...and 1 more sections

Key Result

Proposition 1.2

Given $h(X) \in \mathbb{F}_q[X]$ of degree $n$, and an integer $a \ge 0$, the polynomial $X^{q^a} \bmod h(X)$ can be computed in time $\widetilde{O}(n)(\log q + \log a)$.

Theorems & Definitions (41)

  • Proposition 1.2
  • proof
  • Lemma 1.3
  • proof
  • Theorem 2.1
  • proof : Proof of Theorem \ref{['recur-split']}
  • Definition 3.1
  • Conjecture 3.2
  • Conjecture 3.3
  • Proposition 3.4
  • ...and 31 more