Вы находитесь на странице: 1из 326

:

. .

, 2003

511+519.719.2
32.816
19

19


( 03-01-14110).

. .
-
, 2003. 328 .

. .:

ISBN 5-94057-103-4

, .

, , .

32.816

ISBN 5-94057-103-4

. . , 2003.
, 2003.


. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

10

1.
1.1.
1.2.
1.3.
1.4.
1.5.
1.6.
1.7.
1.8.
1.9.
2.


. . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . .
. . . . .
(N 1)-
. . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . .
. . . . . .
.
. . . . . . . . . . . . . . . . .

12
12
12
15
22
28
32
37
43
48


. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . .
(P 1)- . . . . . . . . . . . . . . . . . . . . . . . . . . .
- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . .
(P + 1)- . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . .

57
57
60
62
65
67
73
74
75
76

3.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3.2. . . . . . . . . . .
3.3. . . . . . . . . . . . . . . . .
3.4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

77
77
78
83
87

2.1.
2.2.
2.3.
2.4.
2.5.
2.6.
2.7.
2.8.
2.9.

3.5.
3.6.
3.7.

. . 92
. . . . . . . . . . . . . . . . . 93
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

4.


. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108

4.1.
4.2.
4.3.
4.4.
4.5.
5.
5.1.
5.2.
5.3.
5.4.
5.5.
5.6.

. . . . . . .

. . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

108
110
115
124
129

. . . . . . 130
. . . . . . . . . . . . . . . 130
- 132

5.7.

. . . . . 134
. . . . . . . . 138
141
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161

6.

163

6.1.
6.2.
6.3.
6.4.
6.5.
6.6.
6.7.

. . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

163
167
171
176
179
182
185

7.

. . 187

7.1.
7.2.

. . . . . . . . . . . . . . . . . . . . . . . 187
LLL- . . . . . . . . . . . . . 189

7.3.
7.4.
7.5.
7.6.
7.7.
8.
8.1.
8.2.
8.3.
8.4.
8.5.
8.6.
8.7.
8.8.
9.
9.1.
9.2.
9.3.
9.4.
9.5.
9.6.

LLL- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
LLL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
LLL- . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

191
195
199
204
217

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
LLL- :
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
LLL- :
LLL- : . . . .
LLL- : . . . . . . .
. . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

218
220
221
226
229
231
233
239

. . . . . . . . . . . . . . 240
.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

240
242
243
249
252
254

10. 255
10.1.
10.2.
10.3.
10.4.

. . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . .

255
256
260
271

11. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
11.1.
11.2.
11.3.
11.4.
11.5.
11.6.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
.
. .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . .

275
276
281
282
288
292

. . . . . . . . . . . . . . . . . . . . 293
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323



, .
70- XX RSA.
, ,
- .
( ,
) :
;
(. . );
,
;
;

;
;

;
.
,
. (,
, ) , . ( )

. , [60; 101] , -
www.cryptography.ru; www.math.uga.edu/~ntheory.

, - . . . 1993 2001 . , - , -
( . . ). , ,
. . . .
.
, ,
- .
,
. . ( ).

() , ., , [41; 29] . .
, , , [31] ,
, ., , [9] .

; . [3] .


. , ., , [25; 89; 60] . , .
, , , (, , , ) ( ).
.

- , . . N, .
N, ,
( ); 
1
LN [; c] = e (c+o(1)) (log N) (log log N) , 0 <  < 1, c = const,
c > 0, ; ecN , c = const,
. , ,
n N n .
N = [log2 n] + 1 = O(log n).
O((log n) c), 
1
e (c+o(1)) (log n) (log log n) , O(nc).
B-,
B ( B , ). B-, ( )
B.
log x
x.
. . , . . . .
, .
. . .


N
Z
Za
R
Ra

;
;
, a;
;
, a;
C
;
P
;
|S|, #S
S;
Re 
;
;
Im 
a|b
a b;
ab
a b;
k
p a
pk a, pk+1 a;
..
b.a
b a ();
a (b)
k Z0 , ak | b;
(a, b), (a, b) a b, a b
;
[a, b] , (a, b) a b;
[a]
a;
a
, . . n Z, n  a;
{a}
a;
const
- ;
k
n  10
n k
;
a b (mod c)
a b c ( );
a  b (mod c)
a b c;

Z/pZ, GF (p), Zp
GF (q)
Z/nZ
(Z/nZ)
R
g n
ord a
char K
 (n)
   
a
a
,
p

 (x)

log x
i
j

Lx [; c]
MT
rank M
L (b1 , . .. , bn)
L
K [x1 , .. . , xn ]
deg f(x)
Res(f(x), g(x))
y := x

11

p , p ;
q , q
;
n;

Z/nZ;
R;
n g;
a ;
K;
n;
;
, , x;
x;
, i
j;

1
e (c+o(1)) (log x) (log log x) , o(1) 0 x+, c 
;
( ) M;
M;
b1 , ... , bn ;
L ;
x1 , .. . , xn
K;
f(x);
f(x) g(x);
y x.

1.

1.1.
p, , ,
1 . , n, ,
,
. n
n = p1 1 .. . pkk ,
p1 < p2 < .. . < pk , 1 , ... , k N.

.
.

1.2.

n N. , n ?

n ,
n = ab, 1 < a  b, a  n. d = 2, 3, ... , [ n] , n d?
n , n . n, . .
n . O(n1/2)
.
. , , n 2 3, ,
d 1 + 6j 5 + 6j, j = 1, 2, . ..
O() (. [40]).

1.2.

13



2, 3, .. ., N, , 2,
2. 3 ,
3. (. . 5)
, .
.
,
.
[101, . 3] ,

.

n 1030 1040
.
: n , a Z
an a (mod n);
(a, n) = 1,
an1 1 (mod n).
n - a Z
O(log n) (
Z/nZ). , n .
, n, .
. ,
100- n
n = 1099 + ,

 = 1, 3, 5, 7, .. . ,

13n1 1 (mod n),


, , ( ,
).
n,
, a Z an a (mod n).

14

. 1.

n 561 = 3 11 17. , 561 . a561 a (mod 561) ,


a561 a (mod 3), a561 a (mod 11), a561 a (mod 17). 3 | a,
a561 a 0 (mod 3). 3  a, a2 1 (mod 3),
a560 1 (mod 3), a561 a (mod 3).
11 17. [51] ,
.
,
.
1.1. n > 1 ,
n 1 = 2s d, d . n a, a N, (a, n) = 1 ad 1 (mod n),
r
ad2 1 (mod n) r, 0  r < s.
s
. n , Z/nZ , an1 1 (mod n), . . a2 d
s1
s1
1 (mod n). a2 d 1 (mod n). a2 d 1 (mod n),
s1
, a2 d 1 (mod n),
, ad
1.
[228] n, 7 < n < 25 109 .
1 . n 2, 3, 5, 7. n , .
2 . n = 3215031751, n , .
, , ,
n. [12] ,
n < (67107840) 2 .
.
[52] . , , n,  (n) N, ,
n  (n),

 (n) > (log n)

1
3 log log log n

. [40; 10] [77] .

1.3.

15

1.3.

n n = 2m + 1, m N. m
p > 2, . . m = pm1 , m1  1, n = (2m1) p + 1 2m1 + 1, . . . n
m = 2k .
k
1.2. Fk = 22 + 1, k = 0, 1, 2, . .. ,
.
, F0 , F1 , F2 , F3 , F4 , ,
, .
, , F23471 ( 1984 . [161]), F31
(. [101]), .
.
1.3. n = Fk k > 0
,
3

n1
2

1 (mod n).

. . n 1 =
k
= 2 2, 3 (mod n) n 1 = 22 . ,
(Z/nZ) n 1 ,
Z/nZ , . . n .
k
k1
. , 22 = 42 1 (mod 3).
n > 3, n 2 (mod 3), n 1 (mod 4).
3 n
n 2
n1 31
=
(1) 2 2 =
=
= 1;

n
3
3
3
 
n1
3

3 2 (mod n). 
2k

O(log n)
n, ,
.
n n = 2m 1. m ,
m = ab, 1 < a  b, n = 2ab 1 2a 1.
n m.
1.4. p , Mp = 2p 1
. Mp .
; 2p1 Mp . ;

16

. 1.

2001 .
M13466917 . . [36, 5.1, 5.2] .

.
1.5. q , q > 2, n = 2q 1. L0 , L1 , L2 , ... ,
Lj+1 L2j 2 (mod n).
L0 = 4;
n , Lq2 0 (mod n).
.
[12] . , .
1.6. p , p 3 (mod 4), Mp =
= 2p 1 . Fp
,
(F 1) /2

Mp p

1 (mod Fp).

. p
1.3. . 22 1
p
2 (mod Mp), Fp = 2 22 1 + 1 5 (mod Mp). ,
(Fp , Mp) = 1. ,
Fp 1
2

Mp

M 
p

Fp

F 
p

Mp

 5 
Mp

M 
p

(mod Fp)

(
). , Mp = 24k+3 1 23
M   
2
p
=
= 1. 
1 (mod 5) 2 (mod 5),
5
5
1.5,
.
(N + 1)-
(. ).
1.7. u0 , u1 , u2 , .. . v0 , v1 ,
v2 , . .. , u0 = 0, u1 = 1, v0 = 2, v1 = 4, xj+1 = 4xj xj1 ,
.

, u2 = 4, u3 = 15, v2 = 14.
.
1.8. vj = uj+1 uj1 j  1.

1.3.

17

. j = 1, 2 .
, j. j  2
vj+1 = 4vj vj1 = 4(uj+1 uj1) (uj uj2) =
= 4uj+1 uj (4uj1 uj2) = uj+2 uj .
. 
1.9. uj =

(2 +

3) j (2

2 3

3) j

j = 0, 1, 2, ...

. j = 0, 1 . ,

2 4 + 1 = 0; 2 3. . 

1.10. vj = (2 + 3) j + (2 3) j j = 0, 1, 2, .. .
.
1.11. uj+k = uj uk+1 uj1 uk , j 1  0,
k  0.
. j + k = N. N = 1,
j = 1, k = 0. u1 = u1 u1 u0 u0 , , .
j + k  N. N + 1.
N + 1 N + 1 = j + (k + 1). N = j + k, N 1 =
= j + (k 1),
uN+1 = 4uN uN1 = 4(uj uk+1 uj1 uk) (uj uk uj1 uk1) =
= uj (4uk+1 uk) uj1 (4uk uk1) = uj uk+2 uj1 uk+1 ,
. N + 1 = (j + 1) + k
. 
1.12. u2n = un vn .
1.9 1.10.
1.13. v2n = v2n 2.
. ,

v2n = (2 + 3) 2n + (2 3) 2n , v2n = ((2 + 3) n + (2 3) n) 2 = v2n + 2. 


1.14. p , e N. uj
0 (mod pe), upj 0 (mod pe+1).
. a b , uj = pe b, uj+1 = a.

uj (2uj+1 4uj) = uj (2(4uj uj1) 4uj) = uj (4uj 2uj1) =


= uj (uj+1 + uj1 2uj1) = uj uj+1 uj1 uj = u2j
2 . .

18

. 1.

1.11.
u2j = b pe (2a 4bpe) 2auj (mod pe+1).
, 1.11
u2j+1 = u (j+1)+j = u2j+1 u2j a2 (mod pe+1).
, :
) u (k1)j (k 1)ak2 uj (mod pe+1),
) u (k1)j+1 ak1 (mod pe+1).
1.11 kj = j + (k 1)j
ukj = u (k1)j+1 uj u (k1)j uj1
ak1 uj (k 1)ak2 uj uj1 (mod pe+1)
ak1 uj (k 1)ak2 uj (4uj uj+1) (mod pe+1)
kak1 uj (mod pe+1).
kj + 1 = j + 1 + (k 1)j
ukj+1 = u (k1)j+1 uj+1 u (k1)j uj ak (mod pe+1).
, ) ) k 1
k.
k 1 = p.
upj pap1 uj (mod pe+1) 0 (mod pe+1),
. 
1.15. :
  j 
  j 
uj =
2j2k1 3k ,
vj =
2j2k+1 3k .
0k

j1
2

2k + 1

0k

j
2

2k

. 1.9
1

uj =

2 3

j  


j
(( 3) l 2jl ( 3) l 2jl) =
l=0


0l=2k+1j

vj 1.10. 

j  j(2k+1) k
2
3 .
2k + 1

1.3.

19

1.16. p ,
up 3

p1
2

(mod p),

vp 2p+1 (mod p) 4 (mod p).

.
 p 
0 (mod p) 0 < l < p, l

1.15.
1.17. u2 0 (mod 2), u3 0 (mod 3),
p, p > 3,
(p) {1} ,
up+ (p) 0 (mod p).
. 1.16 p > 3
up 3

p1
2

1 (mod p). up 1 (mod p), 1.8

up1 = 4up up+1 4 vp up1 (mod p) up1 (mod p),



(p) = 1.
up 1 (mod p),
up+1 = 4up up1 4 + vp up+1 (mod p) up+1 (mod p),

(p) = +1. 
1.18.
  N N. m(N) N uj
m(N) = min {m  1 | um 0 (mod N)} .
m , m(N) .
1.19. m(N) , uj 0 (mod N)
, j 0 (mod m(N)).
. m = m(N), a um+1 (mod N). , (uj , uj+1) = 1 j .
(a, um) = 1. 1.11 j  1
um+j = uj um+1 uj1 um uj um+1 (mod N) auj (mod N).
, um , um+1 , um+2 , .. .
N au0 , au1 , au2 , .. .
, um+j N , auj
N, N uj . . 
2*

20

. 1.

1.20. Lj 1.5
Lj v2j (mod n).
. , L0 = v1 .
j, , 1.13,
Lj+1 (L2j 2) (mod n) v22j 2 (mod n) v2j+1 (mod n),
. 
1.21. j  0 :
1) (uj , uj+1) = 1;
2) (uj , vj)  2.
. 1.19. 2uj+1 = 4uj + vj , 1.8. 
1.5.
. Lq2 0 (mod n).
v2q2 0 (mod 2q 1) 1.20. ,
u2q1 = u2q2 v2q2 0 (mod 2q 1)
1.12. ,
u2q2  0 (mod 2q 1),
1.21 uj vj
.
m = m(2q 1) n = 2q 1 {uj }. m , 1.19, m 2q1 ,
n+1

2q2 . , m = 2q1 =
.
2
, n , .
n = pe11 .. . per r n , r > 1,
e1 > 1. pj > 3, n (1) q 1 2 (mod 3).

t = (pe11 1 (p1 +
1), .. . , per r 1 (pr +
r)),

j =
(pj) {1} 1.17,
j {1}.
ut 0 (mod 2q 1) 1.14, 1.17, 1.19. , 1.19 t m =

n+1
.
2

1.3.

21

n0 =

r


e 1

pj j

(pj +
j).

j=1

, pj  5,
n0 

r


e 1

pj j

pj +

j=1

 r
pj 
6
.
=n
5
5

pj +
j , n0
, t  r1
.
2

mt

 r
6
5

n = 2m 1 < 2m,
m<4

n/2r1 = 2
 r
3
5

 r
3
5

n.

m < 3m

 r
3
3
4
 4 < 3. , r  3
5
5
 r
3
27
4
4
< 1. , r = 1 r = 2.
5

125

t m m  t < 3m, t = m = 2q1


t = 2m = 2q . t 2. ,
t , e1 = 1 = er . , p1 +
1
pr +
r 2, . . p1 +
1 = 2k , p2 +
2 = 2l . n ,
r = 2,
n = 2q 1 = (2k 1) (2l 1)
(
1 =
2 , n 1 (mod 4)). 2q = 2k+l 2l 2k . 2max(k,l) , , k = l.
n = 2q 1 = (2k + 1) (2k 1), q. .
. n = 2q 1 . , v2q2 0 (mod n), 1.20
Lq2 0 (mod n), .
1.13 v2q1 = (v2q2) 2 2, ,
v2q1 2 (mod n).
 2 6  2

2 3=
.
2

22

. 1.

1.10 :




2 + 6 n+1
2 6 n+1
v2q1 =
+
=
2
2
 n + 1

= 2n
( 2) n+12k ( 6) 2k =
2k

0k n+1
2

=2

n+1 n
2

n + 1
2k

0k n+1
2

3k = 2

1n
2

0k n+1
2

n + 1
2k

3k .

n + 1

(n + 1)!
=
2k
(2k)!(n + 1 2k)!
n+1
n k, k = 0 k =
. ,
2

n ,

n1
2

n1
2

 
3
n

v2q1 1 + 3
(1)

n+1
2

(mod n).

31 n1  
n
2
2
1

(mod n).

n1
2 v

2q1

1 + 3 (1) 2 (mod n).

, n = 2q 1 1 (mod 8),
2
n1
1 (mod n).
2 2
n

v2q1 2 (mod n), .


1.5 .
1.22. [231; 232] , , ,
( p p + 2) .

1.4. (N 1)-

,
N,
N 1 N + 1 . -

1.4. (N 1)-

23

[40] ,
[60] .
,
. [214; 99; 259; 186] .
, (N 1)- .
k

1.23. n N, n > 1, n , n 1 =
pi i
i=1

n 1 .
i = 1, ... , k ai N,
1 (mod n),
an1
i

n1
pi

ai

 1 (mod n),

n .
. mi ai (mod n) Z/nZ. , mi | n 1, mi  (n 1) /pi ,
i

pi i | mi i = 1, .. . , k. , bi ai i i (mod n)
pi i (Z/nZ) , b b1 . .. bk (mod n)
p1 1 ... pkk = n 1 (Z/nZ) . Z/nZ , n
. 
1.23 ? n 1
, a = 2, 3, . .. , a ai , .
a, 1 < a < n, , an1  1 (mod n),
n . a1 , . .. , ak , ,
n .
, 1.23 (. 1.3 1.3).
ai , , a = 3.
,
n + 1 .
1.24. P, Q Z, D = P2 4Q =
/ 0. u0 , u1 , . .. D : u0 = 0, u1 = 1, uj+2 = Puj+1 Quj j  0.
k

n , n > 1, n + 1 =
qi i
i=1
 
D
= 1. ,
m /p

i = 1, .. . , k Pi , Qi Z, D = Pi2 4Qi ,

24

. 1.
(i)

(i)

u0 , u1 , ...
(i)

n | un+1 ,

(i)

n  u (n+1) /qi ,

n . {uj } D, n  un+1 , n .
(N + 1)- . ,
, (N + 1)-,
. , , , 1.5 1.3.
(N 1)- , .
1.25. n N, n > 1, n , n 1 = F1 R1 ,
k


(F1 , R1) = 1. F1 =
qj j j=1

. j = 1, . .. , k
aj N,
1 (mod n),
an1
j
, ,

F1 

(n1) /qj

(aj

1, n) = 1,

n,

n .
. p n. , p > n, n.
an1
1 (mod n) , an1
1 (mod p), (aj , p) = 1
j
j
ej aj (mod p) Z/pZ n 1. , ej | p 1. , ,
n1/qj


 1 (mod p), qj j | ej . , qj j | p 1,
aj
k



F1 =
qj j | p 1. , p 1  F1 , p > F1  n. 
j=1

, 1.25 .
p1 < p2 < p3 < .. . , . p1 , ,
p1 = 3. pi1 . r,
1  r  pi1 1. r = 2s t, t . pi n = 2rpi1 + 1 = 2s+1 pi1 t + 1.

1.4. (N 1)-

25

F1 = 2s+1 pi1 , R1 = t. , (F1 , R1) = 1. ,

F1 > n, n = 2s+1 pi1 t + 1 < 2s+2 pi1 t < 2s+2 p2i1  F12 . , n ()
a1 a2 ,
 n1
 n1

pi1
n1
n1
2
a1 a2 1 (mod n),
a1
1, n = a2
1, n = 1.
a, an1  1 (mod n),
n
n, n ; r
( n). n, pi = n.
1.25 .
, pi1 > 3.
r, 1  r  pi1 3, n = pi1 r + 1.
F1 = pi1 , R1 = r, (F1 , R1) = 1. 
a , an1 1 (mod n), (ar 1, n) = 1


n1
= r . , F1 = pi1 > n ,
pi1


n = pi1 r + 1  pi1 (pi1 3) + 1 = p2i1 3pi1 + 1 
 p2i1 3 5 + 1 < p2i1 .
a , .

, .
1.26. n = 2rq + 1, q , r  2q + 1. a N,
an1 1 (mod n),

a2r  1 (mod n),

n .
. n , n = pN, p ,
N > 1. n  a2r 1, n, n , a2r 1.
p. p (n) > p (a2r 1), s = p (a2r 1) + 1  1
ps | n, ps  a2r 1.
d a (mod ps) Z/ps Z. d
d | n 1 = 2rq, an1 1 (mod n). , d |  (ps) =
= ps1 (p 1). a2r  1 (mod ps) , d  2r.

26

. 1.

, q | d. q | ps1 (p 1). q p ,
p | n, q | n 1. , q | p 1. p 1 (mod q),
p q , p 1 (mod 2q). ,
n 1 (mod 2q). , n = pN, N 1 (mod 2q).
p > 1 N > 1, p  1 + 2q, N  1 + 2q. , n = pN  (1 + 2q) 2 .
n = 2rq + 1  2q(2q + 1) + 1 < (1 + 2q) 2 . . 
1.27. 1.26
, .
1.28. r  2q + 1 r  2q + 2, 1.26 n
. a n,
, n .
, r.
1.29. n = 2rq + 1, q , r 
 4q + 2. a N,
an1 1 (mod n),

a2r  1 (mod n).

n , n = p2 , p = 2q + 1 ap1 1 (mod p2).


. n , n = pN, p N ,
1.26. ,
n p N 1 (mod 2q).
p N 1 + 2q,
1 + 4q, n = pN  (1 + 2q) (1 + 4q) = 8q2 + 6q + 1.
n  2q(4q + 2) + 1 = 8q2 + 4q + 1. ,
p = N = 1 + 2q, n = p2 . , ap1 1 (mod p2).
2
, ap 1 1 (mod p2),
2
ap p 1 (mod p2), . 
1.30. q , n =
= (2q + 1) 2 . , a, , n
. 1.29
,
r,
.

1.251.29
n 1 n.
n1/3 (. [99]).

1.4. (N 1)-

27

1.31. n , n > 1, n 1 = F1 R1 ,
(F1 , R1) = 1, F1 , F1
. q F1 aq N,
an1
1 (mod n),
q

(aq(n1) /q 1, n) = 1.

m N l = 1, 2, . .. , m 1 , lF1 + 1  n.

n < (mF1 + 1) (2F12 + (L m)F1 + 1),


R1 = 2F1 L1 + L, 1  L < 2F1 , n
, R1 = L, L2 8L1
.
, (N 1)- , . [40; 10] .
, N 1- ,
[11] . , .
1.32. n N, n > 1, (30, n) = 1 i .
:
 
(n1) /2 n
(n1) /2
1) 3
(1)
(mod n);
3

2)
1
3)
4)

n 1 (mod 8), a N , a (n1) /2


(mod n);
n 3, 5 (mod 8), 2 (n1) /2 1 (mod n);
n 1 (mod 4), i = (1) 1/2 C
(2i + 1) (n1) /2 5 (n1) /4 (mod nZ[i]),

n 3 (mod 4),
(2i + 1) (n+1) /2 5 (n3) /4 (mod nZ[i]),
4 = 1;
5) n 7 (mod 8),
5 (n1) /2 1 (mod n)

(2i + 1) (n+1) /2 5 (n3) /4 (mod n)Z[i]),


= i = i.
s N, n,
s = nj (mod 240) j, 0  j  3.

28

. 1.


. , pj1 ,
n = rpj1 + 1, r
, (r, pj1) = 1,
r < 57600pj1 .
,
r 1.29, 1.31.
, ,
N 1 N + 1, N2 + 1 . .
[40; 10] .

.
1.33. n {p1 , . .. , pk , a},
pi n 1
a,
an1 1 (mod n),

a (n1) /pj  1 (mod n),

j = 1, ... , k.

n , , n
. , n O(log2 n)
.
; , .
, 4.

1.5.
n N n 1 , ,
, n .

[148] :
k


1.34. n N, n > 1, n , n 1 =
qj j
j=1

n 1 . -

1.5.

29

 (log n) 17/7 
n O
log log n
.
1.35. n N, n > 1, n , n 1 = F1 R1 ,
(F1 , R1) = 1, F1 1 +

. F1  n 4n ,
, n O((log n) c() ) ( c(
) ,
).
, 1.34 , n , O((log n) 5)
. ,
. , n>5.
1.36. a, m N, am 1 (mod n),
q, m, (am/q 1, n) = 1. , p
p | n, p 1 (mod m).
. , m a (mod n) Z/nZ.
p , n, k a (mod p).
k = m. , k | m, am 1 (mod n) ,
am 1 (mod p). k < m, q, q | m,
k | m/q. am/q 1 (mod p), . . p | (am/q 1, n),
.
, ap1 1 (mod p). ,
m | p 1, . 
.
1 . , [log2 n] + 1. F (1) := 1. a = 2, 3, ...
.. . , [log2 n] + 1 2- , , n n .
2 .
1 . a (. 1 ), F (a) := F (a 1)
6 . a , aF (a1) 1 (mod n),
F (a) := F (a 1) 6 . , :
an1 1 (mod n).
, n .
2 . n 1 , a (mod n), . . E(a),
, aE(a) 1 (mod n).

30

. 1.

3 . , :
 

(aE(a) /q 1), n = 1.
q|E(a)
q

, n .
4 . F (a) := (F
(a 1), E(a)).
5 . F (a)  n, n .
6 . a  [log2 n] ,
2 a. a = [log2 n] + 1, n
.
.
.
1
O(log4 n) .
F (a) n 1, 1
2 O(log n) (
).
2 2 O(log3 n) (. [89, . 1]).
.
a, n N, n 1 =

N

j=1

pj j

n 1 ; a (mod n)
Z/nZ.
1 . M := n 1, j := 0.

2 . j := j + 1, M := M/pj j , A := aM .
3 (). l = 0, 1, ... , j , :
A 1 (mod n).
, 4 .
M := Mpj ,

A := Apj ;

l .
4 . j < N, 2 ; M.
.

1.5.

31

. ,
n1

N


pj  2N ,

j=1

N = O(log n), pj = O(log n); j = O(log n). O(log n) ,


O(log n) .
O(log3 n) .
. 3
2 1, n . , E(a)
aE(a) /q 1 n. , 1,
aE(a) /q 1 n d,
1 < d < n. 3 2 O(log2 n) .
4 : b,
2  b  a,
bF (a) 1 (mod n).
5 . aF (a)1  1 (mod n), aE(a)
1 (mod n), q, q | E(a),
(aE(a) /q 1, n) = 1.
aF (a) 1 (mod n). ,
p,
p | n, p 1 (mod F (a)), p  1 + F (a)  1 + n,
n. p 1 (mod F (a)) a. , p 1 (mod F (a 1)).
p 1 (mod E(a)),
p 1 (mod (F (a 1), E(a))) 1 (mod F (a)),
.
6 2 .
, n

, a > [log2 n] , F = F (a) < n, . F (a) | n 1, E(a) | n 1.


H = {b {1, ... , n 1} | bF (a) 1 (mod n)}.
n , |H| = F. , xn1 1 (mod n)
x Z/nZ; n 1 = F M,
xn1 1 = xFM 1 = (xF 1) (xF (M1) + .. . + 1),

32

. 1.

. . F Z/nZ xF 1. H
a- , n 1, . .
H H1 = {b | 1  b  n, b a}.
, r , r  a, rF (a) 1 (mod n).
n H1 , . . n > a. |H|  |H1 |.

(. [148]): (n, a) = |H1 |,
n  5, 2  a  n
1

(n, a) > n

F  (n, a)  n

log log n
log a

log log n
log a

n

log log n
2 log log n

n,

a > log2 n log a > 2 log log n. .

1.6.
[187] , n O(n1/7) . , O(log4 n) ;
. ,
(a) m, L-


 (k)
L( , s) =
s
k=1

0 < Re s < 1 Re s = 1/2.


f : N R>0
, f(n) < n.
Af .
n, n > 1.
1 . , n = ms
s, m N, s  2. , n ,
.
2 . (i) (iii) a  f(n).
(i) a | n.
(ii) an1  1 (mod n).

1.6.

33

(iii) , , k, 1  k  2 (n 1),
 n1

k
1 < a 2 1 (mod n), n < n.
(i) (iii) , n ,
.
3 . , n .
.
1.37. f(n) = c n0,133 ( c ), n O(n1/7) .
f(n) = c log2 n, n O(log4 n)
.
1.38. [64] , 1 (log n) 1+o(1) .
, [187] .
, f(n) = c log2 n
c, n , . . n = ms ,
m, s N, s > 1. c = 2 ,
. [60, . 9; 101] .
n , n > 1, n = pv11 .. . pvuu n . . u  2.
1.39.
(n) = (pvi i 1 (pi 1));
i

(n)  (n) = (pi 1).


i

1.40. n N
an a (mod n) a N, (a, n) = 1,
, (n) | n 1.
. an a (mod n) (a, n) = 1 ,
v

an1 1 (mod pj j),

j = 1, .. . , k.
v

aj N , aj (mod pj j) v 1
(. . pj j (pj 1)),
vl
aj 1 (mod pl ) l = j,

,  (pj j) | n 1, j = 1, . .. , u, (n) | n 1. 
3 . .

34

. 1.

1.41.  (n)  n 1, p, q
,
1) p | n, p 1  n 1 m  1 qm | p 1, qm  n 1;
2) p q a q- p (. . xq a (mod p) ),
an1  1 (mod n).
. 1) pi p,
, p 1  n 1. , , ,
q m, qm | p 1, qm  n 1.
2) an1 1 (mod n), an1 1 (mod p). b p, a bind a (mod p); b (n1) ind a
1 (mod p). p 1 | (ind a) (n 1). qm | (ind a) (n 1), q | ind a, , a q- . 
1.42. N(p, q) a , (a, p) = 1 a q-
p. N(p, q) q | p 1.
1.43 (. [54]).

N(p, q) = O(log2 p).
1.44.  (n)  n 1
, (ii) 2 , n . ,
a N(p, q)  c log2 p  c log2 n; 1.41
an1  1 (mod n).

 (n)  n 1. ,  (n) | n 1.
1.45. , n A,
j,
2 (  (n)) > 2 (pj 1).
n B, . . j, 1  j  u,

2 (  (n)) = 2 (pj 1).

1.46. n A, p, q n,
2 (  (n)) = 2 (p 1) > 2 (q 1).
a

= 1. a, (a (n) /2 1) (mod n)
1 < a < n,
p

n (. .
1 n).

1.6.

35

. , 2 (  (n))  2, 2 (q 1) 




 (n)
 1. (a, n) = 1. q 1

, a (n) /2 1 (mod q).


2
,

a (n) /2 1 (mod p).


a (n) /2 1 (mod p), (ind a)  (n) /2 0 (mod p 1), ind a


a (mod p) -

 a

Z/pZ. 2 ( (n)) = 2 (p 1), ind a ; ,
= 1,
p

. ,
a

(n) /2

1 (mod q),

a

(n) /2

1 (mod p).


(a (n) /2

1, n) q p,
. 
1.47. n B, p q n, p = q, a
 
a
= 1.
1 < a < n,
pq


(a (n) /2

a,
1) (mod n) n
.
.
 (a,
 n) = 1, ,
 
a
a
= 1,
= 1. n B, 2 (p 1) =
,
p

= 2 (q 1) = 2 (  (n)). 1.46,
a

(n) /2

1 (mod q),

a

(n) /2

1 (mod p).

((a (n) /2 1) (mod n), n) q p.


. 
1.46, 1.47,
 (n).
1.48. p , p | n,  (n) | n 1,


n1
+ 1.
k = 2 
 (n)
a N, 1 < a < n, (a, n) = 1.


a

(n) /2

a (n1) /2 (mod p).

1.49.  (n) , 1  k  2 (n 1).



1.48. a (n) 1 (mod p),


(n) /2
1 (mod p).
a
3*

36

. 1.


1) a

(n) /2

1 (mod p).  (n) | n 1, k

 (n)
n 1

k .
2

, .

2) a (n) /2 1 (mod p).


a (n1) /2 = (a (n) /2) (n1) / ( (n)2 ) (1) (n1) / ( (n)2 ) (mod p).
 n1 
k
= 0 k. a (n1) /2
2 
 (n)2k1
1 (mod p). 
1.50.
 (n) | n 1, n A.

a
= 1, (a, n) = 1, n, a N, 1 < a < n,
k

k1

k1

k, 1  k  2 (n 1),
 n1

k
(a 2 1) (mod n), n =
 1, n.
, a, (iii) 2
, n . ,
a = N(p, 2) = O(log2 p)  c log2 n ( 1.43,
)
c, . . n A.

1.51.
 (n) | n 1, n B.
a
= 1, (a, n) = 1, n, a N, 1 < a < n,
pq

k, 1  k  2 (n 1),
 n1

k
(a 2 1) (mod n), n =
 1, n.

n B

 
a

= 1 .
1(pq) = min a
a N,
pq

1.52 (. [54]).

N(pq) = O(log2 pq).
, n B
a = N(pq)  c log2 n , (iii) 2 , n .

1.7.

37

1.7.
n N, n , n > 1. . a N, 1  a < n,
. , n ,
. , n.
, n .
, .
a ,
.
[262] .
1.53. n . a, 0  a  n 1,
1) (a, n) = 1, 
a
2) a (n1) /2
(mod n),
n

n/2.
1.54. n , 1 2 ,
, a, 1  a  n 1. n
, a
0  a  n 1
1/2. , k a
,
n , , n , 1 1/2k .
1.53. , b
n1
(mod n). n =
b N, (b, n) = 1 b 2 
n

= p1 1 .. . pkk n .
n , b N,
n1

(b, n) = 1, , bn1  1 (mod n), b 2  1 (mod n).


, i , i  2.
b N, b (mod pi i)

Z/pi i Z, j = i b 1 (mod pj j).

38

. 1.

.
bn1 1 (mod n), bn1 1 (mod pi i), n 1 ..  (pi i) =
= pi i 1 (pi 1), , n 1 pi .
, n , n = p1 . .. pk . b N, b (mod p1) Z/p1 Z,
b 1 (mod pj) j > 1. (b, n) = 1
       
b
b
b
b
=
. ..
=
= 1.
n

n1
2

p1

pk

p1

1 (mod n) b

n1
2

n1
1b 2

1 (mod p2),
1 (mod pj) j = 1, .. . , k. k  2,
.
, b . :


 
n1
a
(mod n) ,
W1 = a | 1  a  n 1, (a, n) = 1, a 2
n


a
n1
W2 = a | 1  a  n 1, (a, n) = 1, a 2 
(mod n) ,
n
 a a   a  a 
1 2
2
= 1
.
a1 W1 , a2 W2 , a1 a2 W2 ,
n
n
n
a W1
ba (mod n) W2 . , |W2 |  |W1 |, . 

(. [230; 20]).
1.55. n .
3  n, n 1 = 2r t, r  1, t .
a, 0 < a  n 1, at 1 (mod n), j, 1  j  r,
j
a (n1) /2 1 (mod n),
n/4.
1.56. 1.55 1.54
. ,
k a , n ,
, n ,
1

1
.
4k

1.57. n , Z/nZ , an1


1 (mod n) a, 1  a  n 1. x2 1 (mod n)

1.7.

39

Z/nZ 1, c 1.55
a, 1  a  n 1.
1.58.
, [190] . ,
n a , n ,
.
1.59. [13] ,
. [17]
RSA.
1.55 . S a (mod n), 1  a  n, ,
j
at 1 (mod n), j, 1  j  r, a (n1) /2 1 (mod n).
, n , , 3
.
1.60. p ,
p2 | n,

G = 1 + k (mod n)
k = 0, .. . , p 1
p

(Z/nZ) p.
.



kn
k n
n
1+
1 + ((k + k) (mod p)) (mod n)
1+
p



kn l
n
1 + (kl (mod p)) (mod n)
1+
p

. 
1.61. A a (Z/nZ) ,
:
1) an1  1 (mod n);
2) ak  1 (mod n) k Z, p,
p | n, a (mod p) p 1.
1.62. a A, s S. as  S, . . aS S = .
. an1  1 (mod n), sn1
1 (mod n), (as) n1  1 (mod n), . . as  S.

40

. 1.

a ,
A. an1 1 (mod n) k ak  1 (mod n).
p, p | n, a (mod p) p 1.
i ,
i

a (n1) /2 1 (mod n).


i , , i = 0. , p | n,
i

a (n1) /2 1 (mod p).


n 1 ..

. p 1, p 1
2i
0  i < r. , ,
r

a (n1) /2 = at  1 (mod n).


, s S, j , 0  j  i < r,
j

s (n1) /2 1 (mod n).

(1.1)

s S s (n1) /2 1 (mod n), (1.1) . , s S j1 , 0  j1  r,


j1

s (n1) /2 1 (mod n).


j1 > i , j, 0  j  i,

s (n1) /2 1 (mod n),


. . (1.1) .
j1  i .
j1

s (n1) /2 1 (mod n),

j1

s (n1) /2 1 (mod p).

1.7.

41

, j1  i,

n1
n1
p 1
i
j1 .
2

,
j1

s (n1) /2 1 (mod p).


, 1  1 (mod p).
, (1.1) . , (1.1) ,
i+1

s (n1) /2

1 (mod n),

s S.
i . ,
i < r,
i

a (n1) /2 1 (mod n),


i+1

a (n1) /2

 1 (mod n).

( , ak  1 (mod n) k Z.)
j, 0  j  i,
j

(as) (n1) /2 1 (mod n),

i+1

(as) (n1) /2

i+1

a (n1) /2

 1 (mod n),

, as  S. 
1.63. a, b (Z/nZ) , a = b. aS bS
,
ab1 S S.
.
1.64. G (Z/nZ) . g1 S
g2 S g1 , g2 S, g1 = g2 ,
, S gS g G,
g = 1.
1.65. n n p2 , p
.
1
4

|S|  |(Z/nZ) |.
. G (Z/nZ) 1.60.
p | n, p  n 1, g G, g = 1, gn1  1 (mod n). g A 1.62

42

. 1.

S gS . , 1.63

gS, g G, .

Sg
= |G| |S| = p|S|, p|S|  |(Z/nZ) | =  (n),

gG

|S| 

 (n)
p

1
4

 |(Z/nZ) |,

p  5 . 1.65 . 
1.66. n = p1 p2 , p1 p2
. n 1 pi 1.

n 1 = p1 p2 1 = (p1 1) (p2 1) + (p1 1) + (p2 1).
1.67. n = p1 p2 , p1 = p2 . |S|   (n) /4.
. a1 a2 , ai 1 (mod p3i), ai (mod pi)
pi i = 1, 2. aki  1 (mod p3i)
k Z; , aki 1 (mod pi) , pi 1 | k.
, ai A. , a1
(mod n) A. ,
i
a a1 a2 (mod n) ak 1 (mod n)
, aki 1 (mod pi) i = 1, 2, pi 1 | k. 1.66 , an1  1 (mod n),
. . a = a1 a2 A. a1 a1
2  A.
S, Sa1 , Sa2 , Sa. 1.62
1.63 . , S, Sa1 , Sa2 , Sa (Z/nZ) .
1

|S|  |(Z/nZ) |. 
4
1.68. n p1 , p2 , p3 . |S|   (n) /4.
.
 1.67,

n

, ai (mod pi) a1 , a2 (Z/nZ) , ai 1 mod


pi

pi , i = 1, 2. ai 1 (mod p3)
i = 1, 2; a1 a2 = a 1 (mod p3), b a1 a1
2 1 (mod p3).
aki  1 (mod n) k Z ( 1  1 (mod p3)). ak  1 (mod n) a = a1 a2 bk  1 (mod n) b = a1 a1
2 .
, a1 , a2 , a, b A (
A a1
a2). 1.62 1.63 S, Sa1 , Sa2 , Sa

1.8.

43

. 1

1.67 |S|  |(Z/nZ) | =  (n) /4. 1.68


4
. 
1.55
1.65, 1.67, 1.68.

1.8.

80- , [46]
.
n O((log n) c log log log n) (c )
, n . [10] .
.

. [164] .
, O((log n) c log log log n)
.
n 10100 .
1.69. , . .
n c1 (log n) c2 log log log n
c1 c2 .
,
.
.
n N, n > 1.
1 . p1 , .. . , pk (
) ,
q1 , . .. , qs ( ), :
) qj 1 | p1 . ..pk , j = 1, . .. , s;
) 2q1 ... qs  n.
1.70. {p} = {2, 3, 5, 7}, {q} = {3, 7, 11, 31, 43, 71, 211},
2q1 . .. qs  143 109 > 1011 . , {pi }, {qj }
n, n  1022 .

44

. 1.

2 . , , n = pi n = qj i
j. , n .
(p1 . .. pk q1 .. . qs , n) = 1.
, n .
3 . p, q, , p | q 1, cq q a, b N, p > 2
:
ab(a + b)  0 (mod p),
a + bp  (a + b) p (mod p2).
p

, a, b , a = b = 1. p,q q p:
p,q : (Z/qZ) C,

indq x

p,q (x) = p

p = e2i/p , indq (x) Z/ (q 1)Z, cq q x (mod q).


p | q 1
q.

ind x

 ( p,q) =

q1


p,q (x) a p,q (1 x) b =

x=2

q1


a indq (x)+b indq (1x)

p

x=2

, q , indq x .
4 . p h = h(p), 1  h  t = p (np1 1), ,
q , p | q 1,
 ( p,q) h (n) p,q (mod nZ[p ]).

(1.2)

. p,q p
1; h (n)
n Z[Gal(Q(p))] , h (n) = ah,j j , ah,j Z0 ,
j

j Gal(Q(p)), j (p) = p , 1  j  p 1. ,
 ( p,q) =

p2

l=0

Al lp ,

Al Z,

1.8.

 ( p,q)

h (n)


j

ah,j
=

Al jlp

p2


45

Bl lp ,

l=0

p2
p

Bl Z. 1, p , .. . ,
Z- Z- Z[p ] ,
(p 1)- ,
. (1.2) , n.
(1.2) p, q h = 1
1 (n) =

p1  

nj
j=1

j1

(mod p) ,

n (
an1 1 (mod n)).
5 . p, h = h(p) < t = t(p) p,q = 1
q , p | q 1, :
q, p | q 1
j = 0, 1, . .. , p 1
 ( p,q) h+1 (n) jp Z[p ] ,
p2

1, p , .. . , p , , n.
, ,
n.
6 . 4- p,q u
p,q = pp,q , up,q Z0 . q xq ,
p, p | q 1,
n p ()xq up,q (mod p).

p () =

p1 


(a + b)j
j=1

 aj 
p

 bj 
j1 (mod p)
p

, p. xq
.
v Z, 1  v < 2q1 ... qs ,

x
v 1 (mod 2), v cqq (mod q),
q .

46

. 1.

7 . j, j = 1, . .. , p1 . .. pk 1, rj N,
rj vj (mod 2q1 qs),

0 < rj < 2q1 . .. qs ,

, n rj ? j rj  n,
n .
.
. n , . , n
:
vj (mod 2q1 . .. qs)
v.
O((p1 ... pk) const)
, , n p1 , . .. , pk
,


qi > n, p1 . .. pk  (log n) constlog log log n .


.
qj 1,
pi . , 27 qj ,

qj 1 | 24 32 5 7,
qj > 1050 . {pi } {qj }

n, 10100 .


[90] .
O((log n) clog log log n) . .
, n
. - . 10100 10200
. , p q.
1986 . [126] , .
[56] .

1.8.

47

[56]
10800 101000 .
. 4.
, ,
, ,
.
. ( )
. ( ), . [185; 184;
199; 198; 195; 196] .

[184] .
n = (211279 + 1) /3.
n = (212391 + 1) /3, . [199] .
, [184] [199] ,
, , -,
.
,
.
[16] . ,


.
[68] .
. 1992 . [47]
,
. . - . log75 n,
n . ,

.

48

. 1.


,
.

1.9. .

,
,
, [50] , ,
O(log12 n(log log n) c) (n , c ).
.

O(t(n))
O(t(n) log n), 
- .
[50] .
1.71. p , a Z,
(a, p) = 1. p ,
(x a) p xp a (mod p)

(1.3)

( (1.3) ,
p).
. ,
(x a) p (xp a) =

p1  

p
i=1

xi (a) pi + a ap .

(1.4)

p , (1.3) (1.4),


p
1  i  p 1
p.
i
(1.3) , , p . q k ,
qk  p, q < p. , qk
p
q

p(p 1) . .. (p q + 1)
,
q!

xq (1.4) p,
(1.3). . 

1.9. .

49

P(m) m. or (m) m (mod r)


(Z/rZ) .
1.72. p r .
1) t N GF (pt) ;
2) f(x) Z[x]
f(x) p f(xp) (mod p);
3) h(x) Z[x] , h(x) | xr 1, m1 , m2 Z0 , m mr (mod r),
xm xmr (mod h(x));
4) or (p) p (mod r) (Z/rZ) , Z/pZ[x] xr 1

x1
, or (p).
. .
m  mr , m = mr + kr, k Z0 . xkr
1 (mod xr 1), xkr+mr xmr (mod h(x)),
.
xr 1
d = or (p). h(x)
x1
Z/pZ[x] , deg h(x) = k.
Z/pZ[x] / (h(x)) = GF (pk),
(Z/pZ[x] / (h(x))) = g(x) (mod h(x)) pk 1 ,
d

g(x) Z/pZ[x] . , g(x) p


d
d
g(xp ) (mod h(x)). pd 1 (mod r) h(x) | xr 1, xp
d
x (mod h(x)). , g(x) p g(x) (mod h(x)),
d
g(x) p 1 1 (mod h(x)). , pk 1 | pd 1, k | d.
, xr 1 (mod h(x)) Z/pZ[x] . xr 1 Z/pZ[x] , h(x) = x 1. , x (mod h(x)) r. , ,
, r | pk 1 = |GF (pk) |, . . pk 1 (mod r). d d | k.
, k = d.
. 
.

4 . .

50

. 1.

1.73. c0
n0 , x  n0

#{p | p , p  x, P(p 1) > x2/3 } 

c0 x
.
log x

[123; 61] .
1.74. m  2
m
8m
  (m) 
,
6 log2 m
log2 m

 (m) .
. [55] .
.
.
n N, n > 1.
1 . n ab , a N, b N, b  2, , n , . ( [64]
, O(log n1+o(1) ) .)
2 . r := 2.
3 . r 48.
4 . r < n (r, n) > 1, n ;
, n .
5 . r , 67, 8.
6 . q r 1.
r1

q
 1 (mod r), 9
7 . q  4 r log2 n n
r.
8 . r := r + 1. r  n, , n ,
. 3 .
9 . 1 . n 1  [2 r log2 n] , a r < a  n 1 (a, n) = 1.
2 .
n 1 > [2 r log2 n] , a
1  a  [2 r log2 n]
(x a) n xn a (mod xr 1)
Z/nZ[x] . a 1- (a, n) > 1, 2- xr 1
, n , .

1.9. .

51

10 . , n .
.
1.75. , n .
r A log6 n
A.
1.75
.
1.76. c1 , c2 , n , [c1 log62 n; c2 log62 n] r, : r | n,
r
1 q,
q  4 r log2 n, , q | or (n) n (r1) /q  1 (mod r).
. r, [c1 log62 n; c2 log62 n]
P(r 1) > (c2 log62 n) 2/3 ,

(1.5)

c1 c2 , ; . , [1; c2 log62 n] ,
(1.5), [1; c1 log62 n] . 1.73 1.74 ,
,
c0 c2 log62 n
8c1 log62 n
c c log6 n
8c1 log62 n

 0 2 2
=
log2 c2 + 6 log2 log2 n
log2 c1 + 6 log2 log2 n
7 log2 log2 n
6 log2 log2 n

log62 n
c0 c2
8c
1
log2 log2 n
7
6

= c3

log62 n
,
log2 log2 n

n . , c1 > 46 , c2 > c1 ,
c3 > 0. x = c2 log62 n.
= (n 1) (n2 1) (n3 1) .. . (n [x

1/3

1).

[x1/3 ]

(1.6)


, 1/3
log2 (nx 1)  x1/3 log2 n . x2/3 log2 n . ,
2 3

x2/3 log2 n = c2/ log52 n < c3

4*

log62 n
log2 log2 n

52

. 1.

n. ,
r . , . r  n. nr1 1 (mod r). (1.5) ,
2/3
P(r 1) > r2/3 , . . r
1 q 6, q6 > r .
2/3
,
r  4 r log2 n, r  c1 log2 n c1 > 4 . , q  4 r log2 n q2  r 1. q  or (n), n (r1) /q 1 (mod r),
r | n (r1) /q 1. ,

r1
 [x1/3 ] . , r 1  x1/3 q,
q


r  x1/3 r2/3 ,
r  x = c2 log62 n. , r | ,
r. , q | or (n) n (r1) /q  1 (mod r).
. 
1.77. 1.76 , n , 3 , n ,
r, r  c2 log62 n, , r 1
q, 7 .
1.78. n ,
, n .
. n , r < n 8 r = n , n ; 9
r ( 1.71) 9
a, ,
n .
, n . 1.76 3 r ,
r  c2 log62 n < n, r 1 q, 7 . 9 xr 1
( 1.71) a,

a  2 r log2 n  2 c2 log42 n < n 1,


n . , 10 ,
n. 
, n . n = p1 .. . pk
n ( ). , r 3 , n , r q, 6 7 9 . q | or (n)

1.9. .

53

or (n) | (or (pi)), p, n, ,


i

p.
q | or (p).

l = [2 r log2 n] , l < n 1. 9 a, 1  a  l. . 4 1.72 Z/pZ[x]


h(x), xr 1,
deg h(x) = d = or (p)  2 ( q d). xr 1 9 - a ,

(x a) n xn a (mod h(x))

(1.7)

Z/pZ[x] , . . (x a) n = xn a (Z/pZ[x]) / (h(x)) =


= GF (pd). 1.791.81.
1.79. G
((Z/pZ[x]) / (h(x))) ,


l
(x a) a (mod h(x)) | a Z0 , a = 1, ... , l ,
G=
a=1

x a, a = 1, .. . , l. . , |G| > (d/l) l ,


9- l < n 1.
. deg h(x)  2, x
a (mod h(x)) ((Z/pZ[x]) / (h(x))) , G
. G GF (pd) ,
.
,

l


l


(x a) a (mod h(x))

a  d 1
S=
a=1

a=1

G (Z/pZ[x]) / (h(x)), 9
l < n 1. 9
2 r > q  4 r log2 n  2l. a p, a1 a2 (mod p), a1 < a2 ,
p  a2 a1 < l < r, 4-
r1 = p < r , n . , a (mod p)
l

.
(x a) a Z/pZ[x] ,

l

a=1

a=1

a  d 1 < deg h(x), S

54

. 1.

(Z/pZ[x]) / (h(x)). S
l + d 1
 l + d 1   d l

>
, |G|  |S| > (d/l) l . 
l
l
l

9 , l < n 1.
.
d = or (n) .. q, q  4 r log2 n  2l, d  2l

r log2 n]

|G| > 2l = 2 [2

> 22

r log2 n1

= n2 r /2.

(1.8)

g(x) G.
n2 r /2.
Ig(x) = {m | m Z0 , g(x) m g(xm) (mod xr 1) Z/pZ[x] }.
1.80. Ig(x) .
. m1 , m2 Ig(x) . Z/pZ[x]
g(x) m1 g(xm1) (mod xr 1),

g(x) m2 g(xm2) (mod xr 1).

xm1 x .
g(xm1) m2 g(xm1 m2) (mod xrm1 1),

g(xm1) m2 g(xm1 m2) (mod xr 1).

g(x) m1 m2 (g(x) m1) m2 (g(xm1)) m2 g(xm1 m2) (mod xr 1),


. . m1 m2 Ig(x) . 
1.81. og g(x) Z/pZ[x] / (h(x)).
m1 , m2 Ig(x) . m1 m2 (mod r) ,
m1 m2 (mod og).
. m2 > m1 . m2 = m1 + kr, k Z0 .
Z/pZ[x] g(x) m2 g(xm2)
(mod xr 1) h(x) | xr 1, g(x) m2 g(xm2) (mod h(x)).
g(x) m1 g(x) kr g(xm1 +kr) g(xm1) (mod h(x)).
m1 Ig(x) , , g(x) kr 1 (mod h(x)), . . kr
0 (mod og). . 
1.82. 1.81 , Ig(x) r , og .
1.83. n ,
, n .

1.9. .

55

. , ,
n . 8,
4 r < n n.

10. , 9.
n 1  [2 r log2 n] , 9 a, a  n 1,
,
n . ,
(a, n) > 1, ,
[2 r log2 n] < n 1, a, 1  a  [2 r log2 n] = l,
:
(x a) n xn a (mod xr 1)

Z/pZ[x] .

(1.9)

1.80 1.81 ( g(x) - G) ,


g(x) n g(xn) (mod xr 1)

Z/pZ[x] ,

g(x) x a, (1.9). , n Ig(x) . . 2 1.72 p Ig(x) ;


, 1 Ig(x) .


E = ni pj | 0  i, j  [ r] . 1.80

E Ig(x) . |E| = ([ r] + 1) 2 > r,


(i1 , j1), (i2 , j2), , ni1 pj1 ni2 pj2 (mod r). 1.81
ni1 pj1 ni2 pj2 (mod og). og pd 1 = |(Z/pZ[x] / (h(x))) |,
p  og , p (mod og) Z/og Z. , , j2  j1 .
ni1 ni2 pj2 j1 (mod og).

(1.10)

3  p  n/3,
ni1  n [

 n r  n2 r /2,

  [ r]

n2[ r]
i2 j2 j1
[ r] n
n
= [r]  n2 r /2.
n p
r]

(1.10) (1.8) ,
ni1 = ni2 pj2 j1 .

(1.11)

p n, (1.11)
, n p. (,
n s, s = p, (1.11) ,
i1 = i2 . j1 = j2 , (i1 , j1) = (i2 , j2).)
1 . . 
1.75.
1.78 1.83. r  A log6 n

56

. 1.

n A,
n 1.76 r 
 c2 log62 n. 1.75 .
, .
1.84. , 12

, O(log
n).
. , n . 1
O((log n) 1+o(1) ) ,
[64] . r, 3,
1.76 c2 log62 n. r 4 O(log n) , 5 6 3

O(r1/2 (log r) const) = O(log
n).
7 O(log r) = O(log log n) , 8 . 9 ( , n )
2 .
(x a) n xn a (mod xr 1)
Z/pZ[x]
(. )

(. . 9) O(log
n r log n) . 9
12


r log n r log2 n) = O(log
n) .
O(2
, . 
1.85. 2 9 . ,
.
1.86. [50] , , . .
q p = 2q + 1,
6

O(log
n).
3

O(log
n).
1.87. ,
. n
. ,
r
log6 n, .
.

2.

2.1. .
n , O(nc) ,
c , 0 < c < 1; O(nc1 logc2 n)
c1 , c2 . : n = ab,
1 < a  b < n. O(f(n))
, n O(f(n) log n) ,
n log2 n
.
, , . , , 1.
n 1.2 1. O(n1/2) . , O(n1/2),
. [25, 4.5.4] (. ). . ,
1643 . a n,
n1/2 . , , . ,
n = pq, p q , , n.
RSA.

n , n = ab, 1 < a  b, a
. a = u v, b = u + v, u v

58

. 2.

, u =

a+b
ba
, v=
, n = ab = u2 v2 .
2
2

n n = u2 v2 ,
n = (u v) (u + v) = ab.

rk = x2k y2k n, k = 0, 1, 2, . ..

(x0 , y0) = ([ n] , 0). k . rk = 0, , n = x2k y2k = (xk yk) (xk + yk), .


rk > 0,
(xk+1 , yk+1) := (xk , yk + 1),
rk < 0,
(xk+1 , yk+1) := (xk + 1, yk);

rk+1 := x2k+1 y2k+1 n.

, rk = 0,
xk yk = a, a n,
n1/2 . n , x0 y0 . , n
.
r(x, y) = x2 y2 n. , x y
r(x, y + 1) < r(x, y) < r(x + 1, y).
, xk yk
( ).
Z2 . ;
(x, y),
. , (x, y) Z2 r(x, y): + (), () 0, r(x, y) = 0.
, (),
();
+ (),
+ ().
. , (x0 , y0); ().

2.1. .

59

, + (),
().
.
, .
(xk , yk), yk  1. k,
r(xk , yk 1) > 0, . . (xk , yk) + ().
k = l,
, (xl , yl) = (xl , 1), , yl = 1, (xl1 , yl1) = (xl1 , 0). ,
, r(xl1 , yl1) = r(xl , yl 1) > 0. .
(xk , yk) , . ,
y, , r(xk , yk 1) > 0. ,
(xk1 , yk1) = (xk 1, yk).
r(xk1 , yk1 1) > 0.
, r(xk1 + 1, yk1 1) >
> 0, . . r(xk , yk 1) > 0, .
, u ,
n = u2 v2 .


 , n = ab,
n
a

b= , u=

a+b
1
n
1
n
; u (a) = 1 2 , a2 < n,
= a+
2
2
a
2
a

u (a) < 0; a u = u(a) a, a2 < n.


(xk , yk), xk = u
( ).
yk = v, , r(xk , yk) = 0,
(a, b) = (u v, u + v).
yk < v, r(xk , yk) = u2 y2k n = u2 y2k (u2 v2) = v2 y2k >
> 0. , y, ,
yk+j = v, . . xk+j = u, yk+j = v, r(xk+j , yk+j) = 0
(a, b) = (u v, u + v).
yk > v. , (xk , yk)
+ (), . . r(u, yk 1) > 0. , +
(). (xk , yk) = (u, yk),
r(xk , yk) = u2 y2k n = v2 y2k < 0,
. . (). , 0 ,
, n = u2 v2 .

60

. 2.

, (xk , yk) = (u, v),


rk = 0 a = u v, .
2.1. [178] .

2.2. (P 1)-
[218] , . , [89, . 8] .
. , n,
, p ,
p 1 B-- B > 0. , q, q | p 1,

qq (p1)  B.
, p 1 | (1, 2, ... , B). a N
, (a, n) = 1,
a(1,2,. . . ,B) 1 (mod p).
, (a(1,2,. . . ,B) 1, n) p n ( n).
1 (P 1)-
(P 1)- B, , . B  105 106 . q1 < q2 < .. . < qk  B , B, qi


log B
 (q )
 (q )+1
 (qi) =
> B.
, . . qi i  B, qi i
log qi

a (, a = 2). n
  (q1)
  (q1)  (q2)
   (q1)  (q20)

P20 = aq1 1 aq1 q2 1 . .. aq1 ... q20 1 (mod n)
( 20 ). (P20 , n).
, P20
20, . .
  (q1)  (q21)
   (q1)  (q40)

P40 = P20 aq1 ... q21 1 . .. aq1 ... q40 1 (mod n),

2.2. (P 1)-

61

(P40 , n) . , k  1 , (P20k , n) > 1.


 (q1)

 (q20(k1))

k 1 , b = aq1 ... q20(k1) ,


(bq20(k1)+1 1 (mod n), n),

 2
bq20(k1)+1 1 (mod n), n ,
.................................

  (q20(k1)+1)
bq20(k1)+1 1 (mod n), n ,

  (q20(k1)+1)
bq20(k1)+1 q20(k1)+2 1 (mod n), n ,
.......................................
20  (q
 

20(k1)+j)
q20(k1)+j
j=1
b
1 (mod n), n ,
.
P20 , P40 , P60 , .. . ,
20 , . ,
qi 20,
.
2 (P 1)-
, p | n, p 1 B-- , p 1 = f r, f B-- r
, B < r < B1 . , 1- (P 1)-
b = a(1,2,. . . ,B) (mod n).
br 1 (mod p), (br 1 (mod n), n) p
.
2 (P 1)- r1 , .. ., rN , B < r1 < r2 < . .. < rN < B1 ,
di = ri ri1 , i = 2, .. ., N.
( B1). bdi (mod n)
di .

62

. 2.


x1 br1 (mod n),

xi bri (mod n) xi1 bdi (mod n), i = 2, . .., N,

(xi 1 (mod n), n),

i = 1, .. ., N.

20
.
2.2. (P 1)- O(n1/2 logc n) .
n.
n, -
B.
2.3. - n, a, , a = 3.
2.4. [194]
(P 1)-
.
. (P 1)-
,
n.

2.3. -
- [219] . F8 = 2256 + 1, . [75] .
[71] , . [89; 144; 25, . 4; 37] . -
, .
-.
n N, .
1 .

f : Z/nZ Z/nZ.

2.3. -

63

f(x) 2, ,
f(x) = x2 + 1.
2 . x0 Z/nZ x0 , x1 , x2 , .. .
xi f(xi1) (mod n).
3 . j, k
1 < (xj xk , n) < n
, n, , .
.
2.5. j, k
.
1. j k, k < j; ,
.
2. k 2k, . .
1 < (x2k xk , n) < n.
3. j 2h  j < 2h+1 , h N,
k = 2h 1.
2.6. - . xi (mod n) n,
xi (mod p) p n p. , xj xk n,
p, . . p | (xj xk , n).
2.7. , [246] . j
k .
j k . [37; 89; 144] .
- O(n1/4)
.
n.
, .
2.8. S r
, f - f : S S, x0 S, x0 , x1 , x2 , .. .
xj = f(xj1). > 0, l = 1 + [ 2 r] < r.
(f, x0) ( f S S x0

64

. 2.

S), x0 , x1 , x2 , . ..xl ,
(f, x0) e .
. rr r = rr+1 (f, x0).
(f, x0), x0 , x1 , x2 , . .. xl
r(r 1) .. . (r l) rrl .

t = rr1 rrl+1

l


(r j) =

j=1

l 


j
1 .
j=1

0 < x < 1 log(1 x) < x,


log t =

l

j=1

l



j
j
l(l + 1)
l2
2r
<
log 1
=
< <
= ,

j=1

2r

2r

2r

. 
? n p, l = l(n) = 1 +
[ 2 n] n1/2 , l = l(p) = 1 + [ 2 p]
. (f, x0 (mod n)), f : Z/nZ Z/nZ, x0 (mod n), .. ., xl(n) (mod n) ,
e , (f, x0 (mod p)),
f : Z/pZ Z/pZ,
x0 (mod p), . .. , xl(p) (mod p).
(. [144]).
2.9.
n , p n, p < n, f(x) Z[x] , x0 Z, f n, . . f
f : Z/nZ Z/nZ.
, f(x) p.
(f, x0 (mod p)) , - p
1 4
O(n / log3 n) .
, c, , n
>
0 1
4
c n / log3 n , e .
-
[89, . 8] .

2.4.

65

,
- .

2.4.
[158] , n O(n1/3)
.
.
n , n > 8.
1 . a = 2, 3, ... , [n1/3 ] a | n.
n , 2.
2 . 1 n ,
n = pq, p, q ,
n1/3 < p  q < n2/3 .

k = 1, 2, ... , [n1/3 ] d = 0, 1, .. ., [n1/6 / (4 k)] + 1


,

([ 4kn] + d) 2 4kn

. , A = [ 4kn] + d
B = A2 4kn
A2 B2 (mod n).

1 < (A B, n) < n.
, n
.
.
n , n
. .
n = pq, p, q ,
n1/3 < p  q < n2/3 .
2.10.
r, s ,
rs < n1/3 ,
5 . .

|pr qs| < n1/3 .

66

. 2.

k = rs  [n1/3 ] .

4kn = 4rspq = (pr + qs) 2 (pr qs) 2 .


,
(pr + qs) 2 4kn = (pr qs) 2 = B2 ,
B = |pr qs| < n1/3 .

d = pr + qs [ 4kn] .

n2/3 > (pr + qs) 2 4kn =


= (pr + qs +

4kn) (pr + qs 4kn)  2 4kn(d 1).

n2/3
n1/6
+ 1 = + 1.
4 kn
4 k

d<

, k d
. A = pr + qs = [ 4kn] + d ,
B = A2 4kn = |pr qs| .
A2 B2 = 4kn 0 (mod n). , A B 2pr
n , p, n
, n1/3 , r < n1/3 .
(A B, n) n .
2.10. p = q, . . n = p2 , r = s = 1. p < q.
q/p . pj /qj j- q/p.
p0 = [q/p] ,

q0 = 1,

0 < p0 q0 < n1/3 ,

q
n2/3
< 1/3 = n1/3 . m ,
p
n

pm qm < n1/3 ,

pm+1 qm+1 > n1/3 .

,
qN = p > n1/3 . , r = pm s = qm . , rs < n1/3 . ,

r q

r pm+1

=
s

qm+1

sqm+1

2.5.

r q

|pr qs| = ps


s

pm+1
q
 .
qm+1
p

ps
p
=
=
sqm+1
qm+1

67

p
qm+1

q
pm+1

p
p


qm+1 qm+1

n
n1/2
< 1/6 = n1/3 ,
pm+1 qm+1
n

.
p
q
m+1 > .
qm+1
p
pm+1
qm+1
q
pm
qm
p
> >
,
> >
. ,
qm+1
p
qm
pm
q
pm+1

s p

s q




m+1
=
rq

pm+1

s p

1  |sq pr| = rq


r

rq
q
=
=
rpm+1
pm+1


<

q
pm+1

p
qm+1

1
.
rpm+1

q
q

<
pm+1 pm+1

n
n1/2
< 1/6 = n1/3 .
pm+1 qm+1
n

. 
2.11.
.

2.5.
[165] .
2.12. r, s, n ,
1  r < s < n,

n1/3 < s,

(r, s) = 1.

11 ri n ,
ri r (mod s). , ri
O(log n) .
2.13. 2.12,
n O(n1/3 log2 n) . s = [n1/3 ] + 1.
n n=n1 n2 , (n1 , s) =1, n2 , s.
5*

68

. 2.

n1 , n2 , s s + 1. r = 1, 2, ... , s 1
r, s, ri n1 , ri r (mod s).
n1 s n1 .
2.14. 1.8 1 .
p1 , .. ., pl , ,

q > n1/2 .
s=
q
q1|p1 ...pl

2.12
p1 , ... , pl s > n1/3 .
n
rj (mod s).

.
2.12 . , ri r (mod s)
. ,
11, [165] .
2.15. , ,

1
1
>  > , c() > 0 , 1  r < s < n,
3
4
(r, s) = 1, s > n , c()

n, r s.
.
.
r, s, n N, .
1 . r N,

r r 1 (mod s). r , r r n (mod s), 0  r < s.


2 . i = 0, 1, 2, . .. ai , bi , ci
:
a0 = s,
a1 r r (mod s),

b0 = 0,

0 < a1  s,

c0 = 0,

b1 = 1,

c1

n rr
r (mod s)
s

2.5.

69

i  2
ai = ai2 qi ai1 ,

bi = bi2 qi bi1 ,

ci ci2 qi ci1 (mod s).

qi
0  ai < ai1

i ,

0 < ai  ai1

i .

, qi ai2 ai1 , , i . , ai
.
3 . ai , bi , ci c,

c = ci (mod s),
|c| < s,

i ,

n
2ai bi  c  2 + ai bi ,
s

i .

c ; i , i
.
4 . c 3


xai + ybi = c,
(xs + r) (ys + r) = n.
x y ,
xs + r .
5 . ai = 0, . 2 i.
.
2.16. ,
4 , .
u = ai (xs + r), v = bi (ys + r).

uv = nai bi ,

u + v = s(ai x + bi y) + ai r + bi r = cs + ai r + bi r ,

. . u v
T 2 (cs + ai r + bi r)T + ai bi n.

70

. 2.

,
ai , bi .
,
.
2.17. t , at = 0. ai ,
a0 = s a1 , a1  s, , t = O(log s). , ai t .
2.18. ai , bi :
1. ai > 0, bi > 0 i, 0 < i < t;
2. ai  0, bi  0, (ai , bi) = (0, 0) i, 0  i  t;
3. bi+1 ai ai+1 bi = (1) i s 0  i < t.
. 1 i = 1, 2 3 i = 0
a0 , b0 , a1 b1 . .
3
bi+2 ai+1 ai+2 bi+1 =
= (bi qi+2 bi+1)ai+1 (ai qi+2 ai+1)bi+1 = (bi+1 ai ai+1 bi).
ai > 0 i ai  0 i
ai , (ai , bi) = (0, 0) 3.
bi .
i , i < t.
bi = bi2 qi bi1 > 0,
bi2 > 0 bi1  0 qi
. ,
: bi  bi2 .
i , i  t. bi2  0,
bi1 > 0, qi , . . qi  1. bi = bi2
qi bi1 < 0, bi < bi2 . 
2.19. ai , bi , t .
x, y R0 ,  R>0 . i, 0  i  t, ,

s < xai + ybi < s,

i ,

2ai bi  xai + ybi 

xy

+ ai bi ,

i .

2.5.

71

. x = y = 0, .
x y . 2.18
xa0 + yb0 = xs  0,

xat + ybt = ybt  0,

i ,
xai + ybi  0,

xai+2 + ybi+2  0.

xai + ybi < s xai+2 + ybi+2 > s, .


xai + ybi  s xai+2 + ybi+2  s, 2.18
xai + ybi

 s = bi+1 ai ai+1 bi  bi+1 ai .

xai + ybi  bi+1 ai , ybi , x  bi+1 (, ai = 0, i < t). ,


xai+2 + ybi+2

 s = bi+2 ai+1 ai+2 bi+1  bi+2 ai+1 ,

xai+2 + ybi+2  bi+2 ai+1 , xai+2 ybi+2  bi+2 ai+1 . , bi+2 < 0, xai+2 + ybi+2 
 s < 0. y  ai+1 .
x y
xai+1 + ybi+1  2ai+1 bi+1 ,
. .
i + 1.
(x bi+1) (y ai+1)  0.

xy ai+1 x bi+1 y + 2 bi+1 ai+1  0.

 (ai+1 x + bi+1 y)  xy + 2 bi+1 ai+1 ,

i + 1. 
, n, r s. xs + r ( x Z0
). d N
(xs + r)d = n, dr n (mod s) d nr r (mod s). ,
d = r + ys, y Z0 , r < s.
(xs + r) (ys + r) = n.

72

. 2.

rr + s(xr + yr) n (mod s2),

xr + yr

xr r + y
. .

n rr
(mod s).
s
n rr
r (mod s),
s

xa1 + yb1 c1 (mod s).

xa0 + yb0 c0 (mod s) . ,


xai + ybi ci (mod s),

i = 0, . .., t.

2.19  = 1. i ,
|xai + ybi | < s,

i ,

2ai bi  xai + ybi  xy + ai bi ,

i .

i c = xai + ybi . c ci (mod s).


xy 

(xs + r) (ys + r)


n
= 2
s2
s

,
|c| < s,

i ,

n
2ai bi  c  2 + ai bi ,
s

i .

, c , 3
. , i

. i c


n
n
n
2ai bi , 2 + ai bi 2 ai bi < 2 . n/s3 < 1,
s
s
s
ci (mod s)
. , 3
c = xai + ybi . 4 , x y,
, , xs + r.
. ai , t = O(log n). 2, 3, 4

2.6.

73

O(1) , [53] ,
. O(log n) ,
4
, .

2.6.
[218] ,
(. [264]). n
O(n1/4 log4 n) , . . . .
2.20. z N, y = z2 . t (t, y!) O(z log2 z log2 t) .

z = [n1/4 ] + 1, y = z2 > n1/2 , t = n. 2.20
(n, y!). y! p
n ( p  n1/2 < y), p. O(z log2 z log2 t) =
= O(n1/4 log4 n).
2.20.
y! =

z

j=1



t,

(jz)!
.
((j 1)z)!

(jz)!
,
((j 1)z)!

j = 1, ... , z,

, (t, y!)
(j 1)z + 1,

(j 1)z + 2,

. .. ,

jz.

, t (t, y!);
z t .

74

. 2.

f(x) =

z1


(x i).

i=0

f(jz) =

(jz)!
.
((j 1)z)!

9, , ,
j = 1, . .., z,

f(jz) (mod t),


2

O(z log z log t) . ,



(t, f(jz) (mod t)),

j = 1, . .., z,

zO(log t) = O(z log t) .


O(z log2 z log2 t) + O(z log t) + z = O(z log2 z log2 t),
. 
,
PS .
.

2.7. (P + 1)-
[283] n N
. (P 1)- , P + 1.
[59] . (P + 1)- .
,

u0 = 0,

u1 = u,

un+1 = Pun Qun1 ,

P, Q . p
n , p + 1 B--, . .
k

qi i 1,
p=
i=1

2.8.

75

qi , qi i  B. i N ,
qi i  B,
R =

k

i=1

qii +1 > B,

i = 1, .. ., k.

qi i . p + 1 | R. -

Q n

 2
P 4Q
= 1
p

(
P Q),
p | (uR , n).
uR (uR , n).
[283] , - . [59] ,
(P + 1)- .

2.8.
,
, . , . [233; 248; 284] .

,
,
.
O(n1/5+) .
SQUFOF
.
, .
SQUFOF O(n1/4+) ;
, 2 n.
SQUFOF
.

76

. 2.


,
. . [84; 89, . 8] .

2.9. .
n , .
2.21. b, k N, b > 1, n = bk 1. p
, n, :
1. p | bd 1 d < k, d | k;
2. p 1 (mod k).
, p > 2 k ,
p 1 (mod 2k).
. bp1 1 (mod p),
bk 1 (mod p). d = (k, p 1), bd 1 (mod p).
d < k, .
d = k, k | p 1, . . p 1 (mod k). 
2.22. n = 211 1. , 11 d = 1
(21 1 = 1). , p 1 (mod 22). n = 23 89.

[273] . .
[60; 89] . ,
,
.
, , .
(P 1)- , - .
,
3, , ,
.

3.

3.1.
n, Ln [; c]
=

1
1
 = , 2
3

, c. ,
, .
, n ( 1) n
( , 2).
x, y , x2 y2 (mod n),
1 < (x y, n) < n.
n , ,
x, y.
3.1. n , . x,
y, 1  x, y  n 1,
(x, n) = (y, n) = 1,
x2 = y2 (mod n),
,
1 < (x y, n) < n,
1/2.
. n = p1 1 .. . pkk , k  2, n
. x, y, , z, 1  z  n 1, z2 1 (mod n) (,

78

. 3.

z = xy1 (mod n)). , z,



1 < (z 1, n) < n,
. , z2 1 (mod n)
z 1 (mod p1 1),
..................
z 1 (mod pkk),
.
z 2k , z 1 (mod n)
(z 1, n) 1 n. k  2,
. 
x, y , x2 = y2 (mod n), n, p, . . n = p .
n . . a N, p  a, ap a (mod p).
.
an a (mod p), (an a, n) .. p, . . (an a, n) > 1.
, a (an a, n) = 1, n = p . a (an a, n) > 1, n ( (an a, n) < n), n ,
2, 3, 5, 7, .. . n.
,
n .
, ,
L = L(n) = exp((log n log log n) 1/2). , n p ,
 p  L(n);
1

O(L(n)) = Ln , 1 2
.

3.2. .
n N , , L = L(n) = exp((log n log log n) 1/2). a ,
0 < a < 1, .

3.2. .

79

p,
2  p  La .
k , 2 = p1 < p2 < ...
.. . < pk  La . Q(m) m2 (mod n).
, [221] .
.
1 . m1 , .. ., mk+1 ,


1 < mi < n,

Q(mi) = p1 i,1 .. . pki,k

i = 1, . .., k + 1. , m2i Q(mi) (mod n)


, . v i = (i,1 , . .. , i,k) Zk
Q(mi) .
2 .
x1 v 1 + .. . + xk+1 v k+1 0 (mod 2)
(Z/2Z) k , x1 , .. ., xk+1
{0, 1}, ( ,
k ).
3 . x1 , .. ., xk
k+1


(mx11

xk+1 2
... mk+1
)

p1

i=1

xi i,1

k+1


. .. pki=1

k


xi i,k

(mod n).

k+1



xi i,j

k+1
X = mx11 ... mk+1
,
Y=
pj i=1
,
j=1
k+1


2 xi), xi i,j
(

i=1

X2 Y 2 (mod n).


1 < (X Y, n) < n.
n (
3.1). 1
mi .
.

80

. 3.

3.2. Q(mi) 1
.
3.3. 2
.
, [221] . . Lconst+o(1)
Lconst ; o(1)


1
; c . ,
2
;  (Lconst) = Lconst ,

Ln

const Lconst = Lconst


 (x) , x.
m 1
Q(m) La . , p  La
k =  (La) = La . p Q(m) p  logp Q(m)  log2 n.
,
Q(m)
La log2 n = La

elog log n
= La Lo(1) = La
log 2

.
m 1 Lb
b. La+b
Q(m) . k + 1
mi , 2- ,
k + 1 = La + 1 = La ,
L3a . [221] 1

, b = a +
Lb
2a
a
m  (L ) + 1 = La = k + 1
mi , Q(mi) .



max 2a+ 1 ,3a
max(a+b,3a)
2a
L
=L


1
. max 2a + , 3a
2a
(0; +) 2.

3.2. .

1
2

81

a = :
L2 = Ln

1
;2
2

.
.
p  L(n) 1/2 L(n) 3/2 m,
2
2

 x, y N , x = y (mod n).
1

Ln ; 2 (2
2
).
(. [221]).
LP ( )
[79] .

.
LP . Q(m) = m2 (mod n);
p  La , Q(m) s,

Q(m) = s
pp (m) .
pLa

, s > La .
( s ,
s  L2a , s

s  La). s m,
Q(m) s.
- 1 . ,
k, 1 . ,
s,
Q(m) , s Q(m)
. , , Q(m1) Q(m2),
s, Q(m1) Q(m2) (m1 m2) 2 (mod n)
s2 . , s
6 . .

82

. 3.


Z/2Z.
LP , . . , m N,
m2 Q(m) (mod n)

Q(m) =
pp (m) s1 s2 ... st ,
pLa

s1 , .. ., st , . : ,
,
s1 , ... , st .
3.4.
LP - 

Ln

1
; 2 .
2

PS ( )
2.6 ,
z N y = z2 (t, y!)
O(z log2 z log2 t) .
Q(m) ,
p, p  La . z = [La/2 ] + 1, y = z2  La , y  La , log2 n
t = Q(m). Q(m) p  La
O(log n La/2 log4 n) = La/2 ( ). ,
a
Lmax( 2 +b,3a)
.
3.5. 1 
1
1
PS a = b = a +
Ln ; 3
.

2a

EAS ( )
a, c,  , 0 < a, c,  <
< 1. Q(m) -

3.3.

83

p  La . EAS
Q(m) p  La , Q(m) , n1c , m . [221] EAS.

3.6.  EAS



2
1
1
1
7
, c= , =
Ln ;
a=
7

. m Lb
b=a+

c
1c
+
.
2a
2a

3.7. EAS
, i
ci .

, , . . , [98]
k
Z/2Z O(k2,495548) .
3.8. PS, EAS
k O(k)
1 5
< 5/2 Ln ;
2

.
3.9. - . , ; m
,
.

3.3.
m m, m2 (mod n)
. m
6*

84

. 3.

n.
[79] ;
F7 . 1981 . , .
. [25; 285] .
.

p
3.10. n N, n > 16, n  N. i ,
qi

i = 0, 1, 2, . .. n . p2i (mod n)
p2i nq2i

|p2i nq2i | < 2 n.

. x = n > 1.

|p2i nq2i | = q2i


x i

x + i
<
qi
qi





p

p
q
p

< q2i
i+1 i
x + i = i x + i .
qi+1

,
x+
p

qi

qi

qi+1

qi

pi
p

p
< x + x +
i+1 i
= 2x +
,
qi
qi+1
qi
qi qi+1
p

i+1 i x. qi+1
qi
,


q
1
|p2i x2 q2i | 2x < 2x 1 + i +
<
2
qi+1

2xqi+1





q
1
q +1
< 2x 1 + i +
= 2x 1 + i
 0,
qi+1

qi+1

qi+1

i  1 ( qi + 1  qi+1). i  1

n
|p2i nq2i | < 2x = 2 n < ,
2

n > 16. , i  1
3.10.

i = 0, p0 = [ n] , q0 = 1
= { n}

|[ n] 2 n| = |( n
) 2 n| = | 2
n +
2 | =
(2 n
) < 2 n.
. 

3.3.

85

n
.

3.11.  ,

Du
=
, D N, D  N, v N, u Z, v | D2 u.
v
k  0
 = [a0 , a1 , .. ., ak , k+1 ] ,

a0 Z, a1 , . .. , ak N, k+1 (k + 1)- . :
a0 = [] ,

v0 = v,

u0 = u + a0 v

k  0
ak+1 = [k+1 ] ,

D u2k
vk+1 =
Z,
vk

vk+1 = 0,

k+1 =

D + uk
>1,
vk+1

uk
uk+1 = ak+1 vk+1 uk .
. k. k = 0
1 =

 a0

1
v
=
=
Du
D u va0
a0

v
v0
D + u0
D + u0
=
=
.
=
2
v1
(D

u
)
v
D u0
0 / 0

v1 ,
D u20
D (u + a0 v) 2
D u2
=
=
2a0 u a20 v Z
v0
v
v

. , v1 = 0 D = u2 .
3.11 k + 1. , k + 2. (k + 2)-

k+2 =

k+1 ak+1

vk+1
1
=
=
D + uk
D + uk ak+1 vk+1
ak+1
vk+1

v
D + uk+1
D + uk+1
= k+1
=
=
.
vk+2
(D u2k+1) /vk+1
D uk+1

86

. 3.

ak+2 = [k+2 ] . , vk+2 =

D u2k+1
.
vk+1

vk+2 =

D u2k+1
D (ak+1 vk+1 uk) 2
=
vk+1
vk+1

D u2k
= vk ;
vk+1

vk . 

3.12. 3.11 n
,

D+u

.
v

Pi /Qi n
(
{pi }). p0 = 1 pi ,
pi  L(n) a = La , a = const;
n
,
= +1. pi

, m mi = Pi , 3.10
m2i (mod n)
Q(mi) = Pi2 nQ2i ,

|Q(mi)| < 2 n. : Q(m) < n,

|Q(m)| (

2 n). , , Q(m) (. .
),
.
3.13. p
(Pi , Qi) = 1.
p | Q(mi) i, p  Qi ,
 
Q2i n Pi2 (mod p),

n
p

= +1.

,
[221] . . , ,
1 + [log2 n] (x, y) ,
x2 y2 (mod n),
1 < (x y, n).

3.4.

87

3.14. a = 1/ 2
p = 1 p ,
 
n
= +1,
2  p  La ,
p



1
Lb b = a +

4a
,
  n
1
Ln ; 2 2
.
3.15. 3.14 LP
( ).
1
6

3.16. PS a = ,
1

b=a+

4a
  
1
3
Ln ;
.
2

3.17. PS, EAS k



k Z/2Z O(k)

 5/2


1
5
.
Ln ;
2

,
, .

3.4.
.
1981 . (. [221; 222; 225]).
[66; 86; 93; 213; 229;
258; 266] , . [89] .



1

Ln ; 1 .
2
129- RSA- n (. [58]).

88

. 3.

. - X2 = Y 2 (mod n)
:
1 < (X Y, n) < n.

Q(x) = (x + [ n]) 2 n H(x) 2 (mod n),

H(x) = x + [ n] . Q(x) , ,
n. Q(x) , n1/2 .
S
p0 = 1

n
= +1.
pi , pi  B, ,
pi

xi ,

p i p ,
Ai = Q(xi) =
pS

. . Q(xi) . ,
Bi = H(xi), B2i Ai (mod n), ,
, X2 Y 2 (mod
  n) , .
n
3.18.
= +1 p p

(x + [ n]) 2 n (mod p),


x Z.
. xi Z, Q(xi) , .
(p)
(p)
p r1 r2
Q(x) 0 (mod p) (, , . . 6
). x Z [M; M] , M N, ,
x, x
log |Q(x)|. p S :
, (p)
(p)
x r1 (mod p) x r2 (mod p),
log p.
, x Q(x)
p, Q(x) p
log |Q(x)| log p.

3.4.

89

x

log |Q(x)|
log p.
pS, p|Q(x)

pl l.
(p,l)
(p,l)
r1 , r2 Q(x) 0 (mod pl), (p,l)
x r1
(mod pl)
(p,l)
x r2 (mod pl) log p. x

log |Q(x)|
l log p.
pS, pl |Q(x)


x, . x Q(x)

Q(x) x,
Ai = Q(xi) .
3.19.
. , , x [M; M]
Q(x) ,
x, Q(x) .
, -
.
3.20.
2, 3 . .,
, . . , pk  100.
,
, ,
, log |Q(x)| log 2, log 3,
log 5 . .
3.21. LP ( [89] LP ).

90

. 3.

[258] , Q(x)
Q(x) = Ax2 + 2Bx + C,
A N, B, C Z, B2 AC > 0, n | B2 AC.
, [89] . AQ(x)
AQ(x) = (Ax + B) 2 (B2 AC) (Ax + B) 2 (mod n).
, Q(x) ,
 B

B
I = M; + M
A

B
( M
A

). , x I




B
B
 Q(x)  Q + M .
Q
A

Q(x) ,




B
B
Q
Q +M ;
A

 



B
B
Q(x) Q + M ; Q + M .
A

 

B2
B2
B
2 +C A +M
2
A
A
A

2




B
+ 2B + M + C =
A

= AM2 +

B2
C.
A

,
AM2 2


B2
2C,
A

2(B2 AC)
. , n | B2 AC, B2 AC = n,
M




B
B2 AC
n

max |Q(x)|
Q
=

xI

2n/M

n
.
2

n, M , n.

3.4.

91

Q(x) 
 M

1
(M n, M L2 ; const ). 2
A,

 
2n
n
A
= +1.
,
M

B Z,

B2 n (mod A)

(
. 6). C =

B2 n
,
A

Q(x) = Ax2 + 2Bx + C.


3.22. 1. [258] .
2. [89] .
3. A ,

n
= +1. B
q,
q

z2 n (mod A). A B
{log |Q(x)|} .
[229] .
,
u(x) = a2 x + b,

v(x) = a,

w(x) = a2 x2 + 2bx + c

xi [M; M] ,

u(xi) 2 v(xi) 2 w(xi) (mod n),

u(xi) 2 = v(xi) 2 w(xi),

w(xi) .
I ,

w(xi) .
iI

X=

u(xi),

Y=

iI

v(xi)

iI


X2 Y 2 (mod n).


i I

w(xi)

92

. 3.

[229] , [89] , u(x), v(x) w(x). {log |w(x)|}


. [229]
[213] .
[66] LP .
[74] .
. . , -, n N,
n < 10110 , (. . 4),
. n, 10110 ,
. 3.6. ,

[110112] , . [74] .

3.5.


.
[169] , ,
. [89; 241] .

,
. O(log n) , , , 
. Ln

1
;1
2

; .
.
n ;
.

3.6.

93

, . ( . 4)
,
, .
.



n Ln

1
; 1
2

. , ,
.

.
, [169] ,
n ,
, .
,
.
, ,
, .

3.6.
(special number eld sieve, SNFS)
1990 . [161] .
F9 = 2512 + 1,
155 (. [162]). Ln [1/3; c]
c = (32/9) 1/3 = 1,5263. .. n, SNFS, n = re s, r N, s Z, r |s| .

. general number eld
sieve , , GNFS.
Ln [1/3; c] c.
,
SNFS, ,

94

. 3.

227 , . [265] . RSA- n,


,
1999 .: 140- RSA- (. [87]),
155- RSA- (512 ), . [88] . 8400 mips-year1 .

, . [107; 110; 111; 112; 159; 162; 163; 203; 204; 205; 226;
227; 290] . , [74] ,
n > 10110 ( NFS
. 3.4); . [211]
[209] .
.
, ,
.
SNFS GNFS . ,
,
F9 , [162] .
,
, , [263] .
N = F9 = 2512 + 1. 1903 .
p7 = 2424833. n = N/p7 .
SNFS : n = p49 p99 .
700
;
. ( ),
n ;
.
SNFS n.
1 . .

ap Z/nZ, ap = 0, p P0 . ap Z/nZ ( n).
ZP0 |P0 |- :
ZP0 = {(p) pP0 | p Z}.
1 Mips (.)
. million instructions per second
( ); year , mips-year
.

3.6.


f : ZP0 (Z/nZ) ,

f((p) pP0) =

95

app (mod n).

pP0

, {ap } (Z/nZ) ; , , , .
2 . .
v Ker f, . . v = (vp) pP0 ,
 vp
ap 1 (mod n).
pP0

V = {v Ker f}
, , |V| |P0 |.
3 . .
2
v V; , ,
.



zj vj 0 (mod 2),
j

V = {vj }.
Z/2Z. , W V,


v = 0 (mod 2).
vW

w =

1 
2

vW

v ,

2w Ker f. , X f(W) (mod n)


X2 f(2W) 1 (mod n).
,
1 < (X 1, n) < n.
, n , . 2 ( ), 1
( ).
.

96

. 3.

n = F9 /p7 4


5
5
K = Q( 2).  K  =
qi ( 2) i ,
i=0

qi Q; (q0 , q1 , q2 , q3 , q4) Q5 .
() ,
5
( 2) 5 = 2. Norm   K K;  (j)
j (), 1 , 2 , 3 , 4 , 5
K C.

5
3.23. 1  l  4, a, b R. Norm(a ( 2) l b) =
5
l 5
=a 2 b .

5
. j ( 2) l x5 2l ,




a
5
5
( 2) l =
Norm(a ( 2) l b) = b5 Norm
b

= b5

5 

a
j=1


 5


a
5
j ( 2) l = b5
2l ,
b

. 
ZK K;
5
, ZK = Z[ 2] .
B R>0 ( ).
3.24.  ZK B-,

Norm  Z B- (. . Norm  =
prp ,
p ,

pB
rp Z0).
R , :

5
: Z[ 2] R, (1) = 1.

5
c = ( 2) N c5 = (2) = 2 R.
, c R , c5 = 2 R,
5

: Z[ 2] R
5
(1) = 1, ( 2) = c.
3.25. n = F9 /p7 R = Z/nZ, c 2205 (mod n).
2512 1 (mod n), c5 21025 2 (mod n).
5
5
 : Z[ 2] Z/nZ ,  (1) = 1,  ( 2) =
205
=2
(mod n).
3.26. p , p  1 (mod 5).
Z/pZ c , c5 2 (mod p).

3.6.

97

. k N , 5k
1 (mod p 1), 1  k  p 1. , f(x) g(x)
Z/pZ , f(x) = x5 , g(x) = xk , f(g(x)) . , f(x) ,
. 
3.27. p 1 (mod 5), Z/pZ c, c5 2 (mod p), 5
c Z/pZ, c5 2 (mod p). c0 , . .. , c4 ,
p1

cj = c0 a 5 , a p.

5
Zm = Z[ 2] . B Norm B =
= |ZK /B|.
, . . Norm AB = Norm A Norm B.
, K , . . ; , ZK
.
P = (0) ZK . ZK /P = GF (pk) p k.
3.28. P , ZK /P = GF (p), p .

ZK

5
P = (p, 2 c), p , c Z, f(x) = x5 2, f(c)
0 (mod p).

ZK ZK /P =

5
5
= GF (p) 2 2 c (mod p), c5 2 (mod p).
3.29. p  1 (mod 5), ZK
P p.  ZK P = () ,
| Norm | = p.
.
ZK ,
5
p, Pi = (p, fi ( 2)), fi (x) Z[x] 
, fi (x) (mod p) Z/pZ[x] , f(x) = fiei (x) (mod p).
i

, Norm Pi = pdeg fi (x) . , Pi


, fi (x) . f(x) (mod p) 3.26
; P.
, P = (), Norm P = | Norm | = p. ,
| Norm | = Norm() = p, ()
, P
, () = P. 
7 . .

98

. 3.

3.30. p
= 2. f(x) = x5 2 x5 (mod 2), (2) =

5
5
5
5
= (2, 2) = P , P = ( 2) .
Z/P = Z/2Z.
5
3.31. p = 3, f(x) = x5 2 x
+ 1 (mod 3) = (x + 1)
5
4
3
2
(x x + x x + 1) (mod 3). P = (3, 2 + 1)

5
3. ,  = 1 + 2

3.23 , Norm  = 3. P =

5
= (1 + 2).
3.32. p , c Z/pZ, c5
2 (mod p). p,c

5
p,c : ZK Z/pZ, p,c ( 2) = c.
5

3.33. P Z[ 2] ,

5
5
2 c), p , c 2 (mod p).
P = (p,

5
 Z[ 2] . P = () ,
| Norm | = p p,c () = 0.
. ,
ZK / Ker p,c  Z/pZ.

5
Ker p,c ZK , p 2 c; , Ker p,c = P.
| Norm | = p p,c () = 0,  P () P ,
() = P.
P = (),  P, p,c () = 0.
| Norm | = p . 

5
5
3.34.  = 1 + ( 2) 2 2( 2) 3 , Norm  = 151, p =
= 151 . c = 116, c5 2 (mod 151).
, 151,116 () 0 (mod 151). P =

5
= (151, 2 116) = () ZK .
3.35. 3.33 ZK .
3.36.
ZK K,
1 ZK .

K

=
l11
l22 ,

l1 , l2 Z,


1
2 K.
K , P P = (P) P ZK .

3.6.

99

 ZK \ 0

() =
PmP ()
P


=


P

m ()

PP



K. | Norm | = | Norm P |mP () .
P

5
3.37.  = 1 + ( 2) 4 , Norm  = 15. () = P1 P2 ,
P1 , P2
3 5 .

5
5
=
(1
+
2)
(
3.31), P2 = (1 + ( 2) 2).
,
P
1

5
5
5
4
2
1 +
( 2) =
1 (1 + 2) (1 + ( 2) ), ,

5

1 = 1 + 2.
1 K,
Norm
1 = 1.

5
3.38.
 =1 + ( 2) 3 . ,

3.37,

5
5
5
5
5
3
2
1 + ( 2) =
2 (1 + 2) ,
2 = 1 + ( 2) 2 ( 2) 3 + ( 2) 4
K, Norm
2 = 1.

n = F9 /p7 [162] , 3.37 3.38

1
2 K.
,
. , (. [217]),
.

K.
=
v00
v11
v22 ,

0 = 1,
1 ,
2 3.37 3.38;
vj Z. v0 , v1 , v2 ,
. ,
v0 = 0, Norm
> 0; v0 = 1, Norm
< 0.
1 = e (log 2) /5 ,

2 = e

2i+log 2
5
,

1 , 2 C,

5
j : Z[ 2] C,

5
j ( 2) = j , j = 1, 2. j = 1, 2
log |j (
)| = v1 log |j(
1)| + v2 log |j (
2)|, , log |j (
k)|j,k=1,2 .
v1 , v2 ,
,
.
7*

100

. 3.

. B = 1294973
n = F9 /p7 . p  B. p
c Z/pZ, c5 2 (mod p),
(p, c),
5
P = (p, 2 c).
c
f(x) 0 (mod p) (. . 6). , p  1 (mod 5),
c 2k (mod p), 5k 1 (mod p 1). p 1 (mod 5),
2 (p1) /5 1 (mod p). , c5 2 (mod p) ;
x5 2 0 (mod p) .

5
P = (p, 2 c) P ZK , , P = (P).
.



4

5
i

ri ( 2)
ri Z, |ri |  const .
T=
i=0

const T [8, . 2] .  T Norm .


Norm  = p p  B,

5
P, p, . . P = (p, 2 c).
P ,  = P .
P ,  , p,c () = 0
( 3.33).
[162]
4


5
:  =
si i ,  = ( 2) 3 . si i=0

, si  0, si+1 = ... = s4 = 0,
4

s2i 26i/5  15000.

i=0

49 726 . 99 500
(p, c) P.

5
P 8 Norm P (  = ( 2) 3); . .  8p ,  , P .
( P P),
Norm P > 0.

3.6.

101

:

5
 : Z[ 2] Z/nZ,

5
5
 (1) 1 (mod n),  ( 2) 2205 (mod n), 3.25.  = ( 2) 3
 () = 2615 2103 (mod n),

2512 1 (mod n). 2103 n1/5 ,


. ,
a, b Z
 (a + b) a + 2103 b (mod n).

P0 , , :
1) 99 700 p, p  B1 = 1295377;
2)
0 = 1,
1 ,
2 3.37 3.38;
3) P 99 500
P ZK , Norm P  B2 = 1294973.
 P0
a =  () Z/nZ,
1 .
2
.
5

20 = 1 2 = ( 2) 5 . , 4944 p ,
f(x) x5 2 (mod p) .
p

P ,
p=

P|(p)

P P,
K.

=
v11
v22 ( );
0 = 1
, p > 0 P
.

 (p) =  (
1) v1  (
2) v2
 (P).
P|(p)

2,5% , 2 .

102

. 3.

. a, b Z, b > 0, ,
1) (a, b) = 1;
2) |a + 2103 b| = | (a + b)| B1 - , , , p1 , B1 < p1 < 108 ;
3) |a5 8b5 | B2 -, , ,
p2 , B2 < p2 < 108 .
p1 p2 , a, b ; . ,
Norm(a + b) = a5 8b5 , p2 = 1 a + b B2 -.
3.39. a, b Z, (a, b) = 1.
P ZK , a + b, . , Norm(a + b)

m


Norm(a + b) =

qekk ,

k=1

(a + b) ZK
:
(a + b) =

m


Qekk .

k=1

Qk | (qk) k > 2

5
Qk = (qk , 2 21 (ab1) 2 (mod qk)),

5
qk = 2 Qk = ( 2).
. p > 2 , P , , P | (p) P | (a + b). (a, b) = 1, p  b. , ab1 (mod p) P,

5
(ab1 (mod p)) 2 2 = (ab1 (mod p)) 2 2 2 P,

5
2 (21 (ab1) 2) (mod p) P.
3.23, Norm(a + b) = a5 8b5 . a5 8b5
0 (mod p),
(21 (ab1) 2) 5 2 0 (mod p).

3.6.

103

5
c 21 (ab1) 2 (mod p). Q = (p, 2 c)
, Q P. , Q = P .
, p = qk , Norm(a + b), Qk ZK , a + b qk ,
3.39 . m

(a + b) =
Qekk . 
k=1

3.40. 3.39 (a + b) ( (a, b) = 1)


Norm(a + b) = a5 8b5
.

PkP .
(a + b) =
P

3.39 Norm P ,

Norm(a + b) =
(Norm P) kP .
P

P , a + b, Norm P = p
.
1) p  1 (mod 5), p P
3.29; kP = P ((a + b)) = p (a5 8b5).
2) p 1 (mod 5), , 5
c P = (p, 2 c)
(a + b). 3.39.

5
c ( 2) (mod P),
P | (a + b),
(a + b) a(1) + b() 0 (mod p).

() c3 (mod p)

c 21

 a 2

c6 2c

a
(mod p).
b

 2
a
b

(mod p),

(mod p) a, b p .

5
c P = (p, 2 c) P (a + b) = p (a5 8b5).
b

104

. 3.

, (a + b) ZK .
2 . (a, b) = 1 a, b , . .
|a + 2103 b| B1 - Norm(a + b) = a5 8b5
B2 - . .
 u
1) a + b =
PP ,
, P , Norm P 
P

 B2 . uP .


u

= (a + b)
PP
P

=
v00
v11
v22 .

v0
, v1 v2
,
 wp .
2) a + 2103 b =
p ,
pB1

, .
 3.25.


pwp = a + 2103 b  (a + b) (mod n)

2

i=0

 (
i) vi

 (P) uP (mod n),

,
2 .
a, b, . , . .
p1 , p2 , . ;
.
, 3
X Z, X2 1 (mod n), Z/2Z. n = F9 /p7

Z/2Z (. . 11).

3.6.

105

, a, b Z,
(a, b) = 1, , a + 2103 b a5 8b5 B1 - B2 - . ,
3.4.
b, 0 < b < 2, 5 106 .
[A; A] ( A b), a.
, a [A; A] , a Z,
(a, b) = 1. a log |a + 2103 b|.
p, p  B1 , a,
a + 2103 b 0 (mod p), . . a = a0 (p) + jp, j Z.
a log p.
pk
p: a + 2103 b 0 (mod pk)
a log p.
, p, .
a , , , a + 2103 b
B1 - . a + 2103 b
p  B1 . a + 2103 b B1 -, , , p1 , B1 < p1 < 108 ,
a, b M.
3.41.
, . [162] .
a, b M B2 - a5 8b5 = Norm(a + b).
a, b,
.
n = F9 /p7 44 106 2 903 999 .
700 5 .
340 mips-year.
Z/2Z 6 . n
,
(. . 1).
F9 .
3.42.
,

5
K = Q( 2) n = F9 /p7 .

106

. 3.

n n = re s, [159] . d N
( d = 3, 5, 7) k , kd  e. t = s rkde ; t
.
f(x) = xd t,

m = rk n1/d .

f(m) = md t = rkd srkde 0 (mod n). f(x) Z[x] , K = Q(),


 C, f() = 0. , [K : Q] = d.
Z[] ZK .
,
 (1) 1 (mod n),  () m (mod n). , Z[] = ZK K ( n = F9 /p7),
.

.

3.7.
. n, p = 2, 3, 5, 7, . ..
.
, , , . . 1. ,
. 1. ,
(P 1)- - . 2,
( . 4).
, n 10110 .
.
,
RSA- n, , n 2512 . [74]
RSA- n 21024
15 [74] ,
.

4.


4.1. .

, -
.

. [30; 256; 257] .
[65] , [188; 181; 145; 146; 179] .
K , char K =
/ 2, 3. K
y2 = x3 + ax + b,

a, b K,

4a3 + 27b2 =
/ 0.

E Ea,b . K1 , K,

Ea,b (K1) = E(K1) = {(x, y) K21 : y2 = x3 + ax + b} {O}.
O , .
, .
, . x = X/Z, y = Y /Z ; Y 2 Z = X3 + aXZ2 + bZ3 .
(X : Y : Z) K
( K1 K), .
, Z =
/ 0 ( , Z = 1),
(X/Z, Y /Z) Ea,b (K) ( Ea,b (K1)).
Z = 0, , X = 0. Y =
/ 0
, Y = 1. (0 : 1 : 0)
O .

108

. 4.

K , Ea,b (K1)
K1 K . , , .
1. (x, y) O = (x, y), O O = O.
2. (x, y) (x, y) = O.
3. P = (x1 , y1), Q = (x2 , y2) x1 =
/ x2 .
P Q:
y = y1 + (x x1),

y2 y1
.
x2 x1

. P, Q R,
R = (x3 , y3), x3
(y1 + (x x1)) 2 = x3 + ax + b.

x1 + x2 + x3 = 2 ,

x3 = x1 x2 + 2 .

y3 = y1 + (x3 x1). P Q
P Q
P Q = (x3 , y3).
4. P = (x0 , y1), Q = (x0 , y2), y1 =
/ y2 .
, y1 = y2 =
/ 0. y0 = y1 = y2 . P = (x0 , y0), . . 2P = P P,
. , 2y dy = (3x2 + a) dx.
P
y = y0 + (x x0),

3x20 + a
.
2y0

,
(y0 + (x x0)) 2 = x3 + ax + b;
x0 .
x3 = 2x0 + 2 . y3 = y0 + (x3 x0). 2P = P P = (x3 , y3).
,
Ea,b (K1) . K1 ,
.

4.2.

109

4.1 ( ). p , p > 3,
Ea,b Z/pZ.

||Ea,b (Z/pZ)| (p + 1)| < 2 p.


|Ea,b (Z/pZ)|
|Ea,b (Z/pZ)| = 1 +

 x3 + ax + b 
 
1+
=
xZ/pZ

=p+1+

xZ/pZ

 
(

  x3 + ax + b 
p

z
).
p

|Ea,b (Z/pZ)| = p + 1 t. j N
|Ea,b (GF (pj))| :
|Ea,b (GF (pj))| = pj + 1 tj ,
tj
tj+1 = t1 tj ptj1 ,

j  1,

t1 = t, t0 = 2.

4.3
.
4.2. j-
j = j(E) = 1728

4a3

4a3
.
+ 27b2

4.2.

[167; 166]

1/2
e ((2+o(1)) log p log log p) log2 n
; p n. p n1/2 ,
Ln [1/2; 1] . [192] , . [57; 72; 89, . 10; 106; 260] .

110

. 4.

1995 .
F10 = 21024 + 1 (. [73]).
F10 = p8 p10 p40 p252 ,
pj , j .
240 mips-years.
,
, .
.
.
. , , [144] .

, Z/nZ, n 3 , . (x, y, z) (Z/nZ) 3 , , ,
x, y z, Z/nZ. , , (x, n) = 1. (x, y, z) (Z/nZ) 3

{(ux, uy, uz) | u (Z/nZ) };
(x : y : z).
P2 (Z/nZ) .
E = Ea,b Z/nZ
y2 = x3 + ax + b,
a, b Z/nZ, 6(4a3 + 27b2) (Z/nZ) .

E = Ea,b (Z/nZ) = {(x : y : z) P2 (Z/nZ) | y2 z = x3 + axz2 + bz3 }.
, .
, -

4.2.

111

(. 4.1). ,
O = (0 : 1 : 0) P2 (Z/nZ),
Vn = {(x : y : 1) | x, y Z/nZ} {O}.
P Vn p, n,
Pp P2 (Z/pZ), P p. , Pp = Op ,
P = O.
P, Q Vn
(, a ). P Q
d n ( n ), R Vn ,
:
p | n, a a (mod p), p b Z/pZ ,
6(4a 3 + 27b 2) =
/ 0 Z/pZ Pp , Qp Ea, b (Z/pZ),
Rp = Pp Qp Ea, b (Z/pZ);
, 4.1.
4.3. P = (x : y : 1), p a,
y2 x3 + ax + b (mod n). b y2 x3 ax (mod n) n . b b (mod p). p | n Qp
y2 x3 + ax + b (mod p) Z/pZ, Pp Qp Z/pZ P Q
Z/nZ. p Qp
y2 x3 + ax + b (mod p), P Q .
P Q Vn
. P = O, R = Q; Q = O, R = P. P,
Q=
/ O, P = (x1 : y1 : 1), Q = (x2 : y2 : 1). d = (x1 x2 , n)
. 1 < d < n, n, . d = 1, x1  x2 (mod n),
x1  x2 (mod p) p, p | n. (
) (x1 x2) 1 (mod n).

= (y1 y2) (x1 x2) 1 (mod n),

x3 = x1 x2 + (mod n),
2

 = y1 x1 (mod n),

y3 = x3  (mod n).

P Q R = P Q = (x3 : y3 : 1).
, d = 1 P Q
4.1.

112

. 4.

d = (x1 x2 , n) = n. x1
x2 (mod n), .
d1 = (y1 + y2 , n). 1 < d1 < n, n, . d1 = n, . . y1 y2 (mod n),
R = P Q = O. d1 = 1,
1 = (3x21 + a) (y1 + y2) 1 (mod n),

x3 = 2x1 + (mod n),


2

 = y1 x1 (mod n),

y3 = x3  (mod n)

R = P Q = (x3 : y3 : 1).
, Vn . P Vn k. d n, 1 < d < n,
R Vn , :
p , p | n, a a mod p, p b Z/pZ , 6(4a 3 + 27b 2) =
/ 0 (mod p),
Pp Ea, b (Z/pZ), Rp = kPp Ea, b (Z/pZ); kPp ,
4.1.
4.4. R = kP Vn
R = P Q Vn .

;

, k = 2ji
i

kP = 2ji P, 2j P.
i

k = k1 ... kt ki , k1 > k2 > . .. > kt . k


. kP k1 (k2 (.. . (kt P) ...))

ki , i = t, ... , 1;
.
.
n v, w N, n. a, x, y Z/nZ ,
P = (x : y : 1) Vn b y2 x3 ax (mod n)
6(4a3 + 27b2) (Z/nZ) . d
n, 1 < d < n.
r N, 2  r  w,

e(r) = max{m | m Z0 , rm  v + 2 v + 1},

4.2.


k=

113

re(r) .

2rw
r

P = (x : y : 1) Vn . P Ea,b
Z/nZ, Y 2 = X3 + aX + b. kP , .
d n, 1 < d < n, n . kP d
,
.
.
4.5. v, w, a, x, y?
a, x, y Z/nZ ; b y2
x3 ax (mod n) Ea,b Z/nZ
1 +o(1)

,
. w w = L(p) 2

L(t) = exp log t log log t, p

n.
p  n1/2 , L(p)  L(n1/2) =
p ,

1
= exp + o(1)
log n log log n ,
2

1 +o(1)

w  L(n) 2

w. v,
r, k , ,
.
4.6. n, v, w .
a, x, y Z/nZ .
, n
.
4.7. [192]
a1 (mod n), . .. , al (mod n) Z/nZ (. [89,
. 10]). . ;
8 . .

114

. 4.

n.
[89, . 10] .
4.8. (P 1)- , . 2. , , (P 1)-,
, . [89; 192; 74] .

4.3.

,
, .
p , p > 3, E = Ea,b
Z/pZ y2 = x3 + ax + b. |E(Z/pZ)| . 1985 . [244] ,
O(log8 p)
(. [245]).
, , ,
. [65; 113; 202; 171; 245] .
,
; p 10499 + 153.

[244] .
Z/pZ Z/pZ.
 : E(Z/pZ) E(Z/pZ)
 (x, y) = (xp , yp),  (O) = O.
, 
E(Z/pZ) ; , E(Z/pZ)
.
|E(Z/pZ)| = p + 1 t,

|t| < 2 p. t ; 
2 t + p = 0.

4.3.

115

n E[n]
E(Z/pZ), , n:
E[n] = {P E(Z/pZ) | nP = O}.
4.9 (. [256]). n > 1 p n, E[n]
Z/pZ Z/pZ.
4.10. x1 , x2 , x3 x3 + ax + b = 0 Z/pZ.
E[2] = {(xi , 0) : i = 1, 2, 3} {O}.
n (x, y) Z/pZ[x, y] , n = 1, 0, 1, 2, .. .,
:
1 (x, y) = 1,

0 (x, y) = 0,

1 (x, y) = 1,

2 (x, y) = 2y,

3 (x, y) = 3x + 6ax + 12bx a ,


4

4 (x, y) = 4y(x6 + 5ax4 + 20bx3 5a2 x2 4abx 8b2 a3);

n  3
2n (x, y) = n (x, y) ( n+2 (x, y) n1 (x, y) 2 n2 (x, y) n+1 (x, y) 2) / (2y),

n  2
2n+1 (x, y) = n+2 (x, y) n (x, y) 3 n+1 (x, y) 3 n1 (x, y);

y2 x3 + ax + b.
n (x, y) . , fn (x),

n (x, y),
n ,
fn (x) =
n (x, y) /y, n ,
x, . . fn (x) Z/pZ[x] . , n
, p  n, deg fn (x) = (n2 1) /2.
4.11. P = (x, y) E(Z/pZ) \ E[2] . n  3. nP = O , fn (x) = 0.
4.12. P = (x, y) E(Z/pZ) \ E[2] , n  2,
nP =
/ O.
 
(x, y) n+1 (x, y) n+2 (x, y) n1 (x, y) 2n2 (x, y) n+1 (x, y) 2 
nP= x n1
.
,
n (x, y) 2
4yn (x, y) 3
t (mod l)
l. l ,
8*

116

. 4.

, l > 4 p, , t (mod l), , t t (mod l). (. 4.1).


|E(Z/pZ)| = p + 1 t.
l = 2. , E(Z/pZ) P = (x, 0)
,
(xp x, x3 + ax + b) =
/ 1.
|E(Z/pZ)| , ,
t, p + 1 . , t 0 (mod 2)
,
(xp x, x3 + ax + b) =
/ 1;
t 1 (mod 2).
l
() , l =
/ p. l O(log p).
E[l] ; ,  (E[l]) E[l] . ,  E[l] . l = |E [l] . l

2l tl + p = 0.

, l
2l t l + p = 0

t Z, t t (mod l). ,
,
(t t) l = 0 E[l] ,
t t (mod l), l .
, 0    l 1,
2l l + p = 0

E[l] .

t (mod l). ,
 Z/lZ, E[l]
2l + p = l .  = 0 .  =
/ 0,
,
k p (mod l), 1  k  l 1,

4.3.

117

, 4.12, P = (x, y) E[l] \ O


2l (P) + pP = l (P)

2
2
 (x, y) k+1 (x, y)
,
(xp , yp ) x k1
k (x, y) 2
k+2 (x, y) k1 (x, y) 2 k2 (x, y) k+1 (x, y) 2 
=
4yk (x, y) 3
  (x, y)  (x, y) p


+1
,
= xp
1

(x, y) 2
  (x, y)  (x, y) 2  (x, y)  (x, y) 2 p 

+2

+1
.
4y
(x, y) 3
.


H1 (x) 0 (mod fl (x)),
H2 (x) 0 (mod fl (x)),
H1 (x), H2 (x) Z/pZ[x] .  = 0, 1, . .. , l 1
t  (mod l).
, .
.
t (mod l) l,


l > 4 p. t. t (mod 2) ,
. l > 2, l
, l =
/ p.
1 l. , P = (x, y) E[l] \ O ,
2l (P) = kP,

k p (mod l), 1  k  l 1. ; ,
2

xp = x

k1 (x, y) k+1 (x, y)


.
k (x, y) 2

k
2

xp = x

fk1 (x)fk+1 (x)


,
fk (x) 2 (x3 + ax + b)

118

. 4.

k
2

xp = x

fk1 (x)fk+1 (x) (x3 + ax + b)


.
fk (x) 2

, 4.11 P = (x, y) E[l] \ O, 2l (P) = kP, ,

((xp x)fk (x) 2 (x3 + ax + b) + fk1 (x)fk+1 (x), fl (x)) =


/1
k,
2

((xp x)fk (x) 2 + fk1 (x)fk+1 (x) (x3 + ax + b), fl (x)) =


/1
k. ( k
) 1,  0 l. ,  0 (mod l),
(2l + k) (P) = 0

P E[l] ,

( = 1) , O.
2l (P) = kP E[l] \ O 2- .
, P E[l] \ O,
2
l (P) = kP = pP.
1 . 2l (P) = pP, (2l + p)P = O. (2 t +
+ p) (P) = O P , (tl) (P) = O.
l E[l] , , t 0 (mod l).
, t (mod l).
2 . 2l (P) = pP, , 2
t + p = 0, (2p tl) (P) = O.
2pP =
/ O P E[l] \ O, t  0 (mod l). l (P) =
(

1
t1 (mod l)). l ,
t

pP = 2l (P) =

2p
P
t

2p
4p2
l (P) = 2 P.
t
t

p 4p2 /t2 (mod l),

t2 4p (mod l). , p l.
w2 p (mod l) (
. 6; l ).

4.3.

119

w t 2w (mod l), + .
t 2w (mod l) l ,
2l 2wl + w2 = 0,

(l w) 2 = 0 E[l] . l E[l] w (mod l)


( r , (r w) 2 0 (mod l)). Q E[l] ( w)Q = O
,
2l (P) = kP. , Q = (x, y). l (Q) = wQ


(x, y) w+1 (x, y)
xp = x w1
.
w (x, y) 2
w
xp = x

fw1 (x)fw+1 (x)


,
fw (x) 2 (x3 + ax + b)

w
xp = x

fw1 (x)fw+1 (x) (x3 + ax + b)


.
fw (x) 2

Q E[l] ,
((xp x)fw (x) 2 (x3 + ax + b) + fw1 (x)fw+1 (x), fl (x)) =
/1
w , w
((xp x)fw (x) 2 + fw1 (x)fw+1 (x) (x3 + ax + b), fl (x)) =
/ 1.
Q (. .
1), w .


(x, y) w+1 (x, y)
,
(xp , yp) = l (w) = wQ = x w1
w (x, y) 2
w+2 (x, y) w1 (x, y) 2 w2 (x, y) w+1 (x, y) 2 
,
4yw (x, y) 3

yp =

2
fw+2 (x) yfw1
fw2 (x) yfw+1 (x) 2

4y4 fw (x) 3

120

. 4.

w
yp =

2
fw+2 (x) y2 fw1
fw2 (x) y2 fw+1 (x) 2

4yfw (x) 3

w . y2 = x3 + ax + b, ,
w l (Q) = wQ,

p+3

4fw (x) 3 (x3 +ax+b) 2 fw+2 (x)fw1 (x) 2 +fw2 (x)fw+1 (x) 2 , fl (x) =1.
/
, w
p1


4fw (x) 3 (x3 +ax+b) 2 fw+2 (x)fw1 (x) 2 +fw2 (x)fw+1 (x) 2 , fl (x) =1.
/

, l (Q) = wQ, .
w


p+3
4fw (x) 3 (x3 +ax+b) 2 +fw+2 (x)fw1 (x) 2 fw2 (x)fw+1 (x) 2 , fl (x) =1,
/

p1


4fw (x) 3 (x3 +ax+b) 2 +fw+2 (x)fw1 (x) 2 fw2 (x)fw+1 (x) 2 , fl (x) =1.
/

w .
, Q E[l] \ O ,
l (Q) = wQ. , 2 ,
. . P E[l] \ O , 2l (P) = kP. , . 2l (P) = (w) 2 P; ,
, (l w) 2 P = O.
,
w2 P 2wl (P) + w2 P = O,
. . 2w2 P = 2wl (P). 2w =
/ 0 (mod l), l (P) = wP.
, Q E[l] \ O ( P),
l (Q) = wQ . , .
, P E[l] \ O , 2l (P) = kP,
Q E[l] \ O , l (Q) = wQ.
1 . P E[l] \ O, 2l (P) = kP,

4.3.

121

2 . P (. .

 
p
1),
= 1 
t 0 (mod l) (

l
p
2 ).
= +1, w Z ,
l

w2 p (mod l) 0 < w < l. , +w w


l E[l] ( ,
). w l
E[l] , t 0 (mod l) ,
.
l (Q) = wQ Q E[l] \ O, 2l (Q) = pQ.
2p

, l (Q) = Q, , t

2p
0 (mod l).
t

p w2  0 (mod l), t 2w (mod l)


t l.
l (Q) = wQ Q E[l] \ O,

w+

2p
0 (mod l),
t

t 2w (mod l).
, 1 , P
E[l] \ O, 2l (P) = kP,
t (mod l), 2- l .
2 l. 1 , P E[l] \ O,
2l (P) = kP = pP.

,  t (mod l), E[l]


2l + p = l ,

,  =
/ 0, .
l1
, ,
, 1   
2

(2l + p) (P) = l (P)

122

. 4.

E[l] . P = (x, y) E[l] \ O


k p (mod l), 1  k < l
2

(xp , yp )

 (x, y) k+1 (x, y) k+2 (x, y) k1 (x, y) 2 k2 (x, y) k+1 (x, y) 2 
,
,
x k1
k (x, y) 2
4yk (x, y) 3
, 2l (P) =
/ pP P E[l] \ O. , . .
l (P) = l (P),


xp

p

1 (x, y) 
+1 (x, y)




(x, y) 2



2
2 p 

+2 (x, y) 
1 (x, y) 
2 (x, y) 
+1 (x, y)

4y
(x, y) 3

(2l + p) (P) = l (P) E[l] , fl (x),


fl (x). k .
, , k  .

2
2
(xp , yp ) x


= xp

fk1 (x)fk+1 (x)


f
(x)f
(x) 2 fk2 (x)fk+1 (x) 2
, k+2 k1
2
3
3
fk (x) (x + ax + b)
4(x + ax + b)fk (x) 3 y

p
f
1 (x)f
+1 (x)
,
2
3
f
(x) (x + ax + b)

f

2
2 p 

+2 (x)f
1 (x) f
2 (x)f
+1 (x)

4(x3 + ax + b)f
(x) 3 y

y2 = x3 + ax + b, ,


H1 (x) H3 (x)
,
y1 ,
H2 (x)

H4 (x)

H5 (x)
H (x)
, 7 y1 ,
H6 (x)
H8 (x)

H1 (x), .. . , H8 (x) Z/pZ[x] .


(2l + p) (P) = l (P)
, H1 (x)H6 (x)H5 (x)H2 (x)
fl (x) Z/pZ[x] . , . , ,

4.4.

123

. ,

H3 (x)
H (x)
y1 7 y1
H4 (x)
H8 (x)
H9 (x)
y1 , H9 (x), H10 (x) Z/pZ[x] , H10 (x)
H9 (x) fl (x). k 

. 2 l.
3 . t (mod l)
 l ,
 

l > 4 p. t mod l ;
t.
|E(Z/pZ)| = p + 1 t.
.
4.13. l > 2
fl (x). , , xp ;
, p .
xp (mod fl (x)) ,
l2 1

deg fl (x) 1 =
1.
2
4.14. 2
2
xp , yp , xp , yp fl (x).
4.15. [133]

.

4.4.

1986 . [126]
.
4.16 (. [126]).
.
k k- , -

124

. 4.

, ,
c/ log log k
).
1 O(2k
4.17.
.
4.18. .
, ,
.
, , .
4.19. ( ) . 1, ,
. k- , ,
k- .
4.20.
, .
k- O(k3+)
.
4.21. [47]
,
. , , x,
, O(x15/16).
, 3 n.
En Z/nZ,

y2 x3 + ax + b (mod n),

(4a3 + 27b2 , n) = 1.


En (Z/nZ) = {(x, y) | x, y Z/nZ, y2 = x3 + ax + b} {O}
,
4.1 n. q N, P En (Z/nZ) -

4.4.

125

qP :
 q 
2 P ,
q ,
2
qP =
P (q 1)P, q .
: p , p|n,
P = (x, y) En (Z/nZ),
(P) p = (x (mod p), y (mod p)) Ep (Z/pZ).
Ep (Z/pZ) = {(x, y) | x, y Z/pZ, y2 = x3 + ax + b (mod p)} O
Z/pZ, 4a3 + 27b2 =
/ 0 (mod p). , P, Q En (Z/nZ)
P Q , (P Q) p = Pp Qp .
.
1 . p0 = n, i = 0. k N , 2k1 <
< p0 < 2k .
2 . A, B Z/pi Z D =
= (4A3 + 27B2 , pi) = 1. i = 0 (1; p0), p0 = n , . i > 0 1 < D < pi , 1- .
i > 0 D = pi , 2- (. .
A, B).
3 . , pi , y2 = x3 + ax + b (mod pi) |Epi (Z/pi Z)|
(, 4.3). |Epi (Z/pi Z)| , 2- .

q = |Epi (Z/pi Z)|/2

|2q pi 1| < 2 pi .
i > 0, 1 . i = 0, n = p0
.
4 . l ( ), . 1, q. , q , 2 .
 1 l
l ,
 1/p3 .
2

126

. 4.

5 . P = (x, y), P Epi (Z/pi Z).



 3
x + ax + b
= 1
x Z/pi Z
p

y (x3 + ax + b) 1/2 (mod p), P = (x, y);


x.
6 . P = (x, y) Epi (Z/pi Z), 2qP = O Epi (Z/pi Z).
i > 0, 1 . i = 0,
n . , pi+1 = q.
7 .
c/ log log k

q  2k

c
O((log n) c log log log n)

, . 1.
, i := i + 1 2 . q , q
. q , 1 .
, n .
.
.
4.22. n N, n > 1, (n, b) = 1, En Z/nZ, P = (x, y) En (Z/nZ), P = O. q
, q > n1/2 + 2n1/4 + 1, qP = O. n
.
. ,
n ,
p n, p  n. p
Mp = (P) p ,
Mp =
/ Op ,

qMp = Op .

|Ep (Z/pZ)|  q > n1/2 + 2n1/4 + 1  p + 2 p + 1.

4.4.

127

|Ep (Z/pZ)| (p + 1)  2 p,

. . 

n = p0 > p1 > . .. > pl ,


pl n,
. , q
|2q pi 1| < 2p1i /2 ,
1 2

1 4

3 . q > pi / + 2pi / + 1
, pi > 5
1 2

pi 2pi / + 1
1 2
1 4
> pi / + 2pi / + 1.
2

q pi .
, . . n.
4.23.
n = p0 > p1 > .. . > pl
n, 4.20.
-

. [56]
. ;
.

, . 1.
2.8, . [89, . 9] . [199] .

128

. 4.

4.5.
, .
, kP P ( k Z).
. [200; 261] .

GF (2l) [182] .
[189; 154] .
[133] , (,
), (. [235]).
[224] ,
p,
O(log p) .
p. , ,
.

5.

5.1. .
G , a, b G.
ax = b
G. x b a loga b, a
; loga b Z/|G|Z, |G| < .

. G = GF (q) , q = pl , p
, l N, , G
.

ax b (mod p)

(5.1)

(Z/pZ) , p . ,
a (mod p) p 1. , x Z/ (p 1)Z.
(5.1).
(5.1) O(p) .
loga b (5.1)
loga b

p2


(1 aj) 1 bj (mod p 1),

j=1

. [210] . ,
.
(5.1) O(p1/2 log p)
(. [36, . 6]).
9 . .

130

. 5.

.
1 . H := [p1/2 ] + 1.
2 . c aH (mod p).
3 . cu (mod p), 1  u  H, .
4 . b av (mod p), 0  v  H, .
5 . .

cu b av (mod p),
aHuv b (mod p).
6 . x Hu v (mod p 1).
.
, . x, 0  x  p 2, x Hu v (mod p 1),
1  u  H, 0  v  H. , H, H 1,
H 2, .. . , H H, 2H, 2H 1, .. . , 2H H, . .. , H2 , H2 1, .. . , H2 H
0, 1, .. . , p 2, H2 > p.
. ,
N O(N log N)
, . [5, . 3] .
5.1. . [36, . 6] .
.
, p 1
:
s

qi i .
p1=
i=1

(5.1) O


s

i (log p + qi)


-

i=1

, . [215] . (

qi q1i /2 .)
.
1 . q, q | p 1,

rq,j aj(p1) /q (mod p), j = 0, ... , q 1.


2 . q, q  p 1, loga b (mod q).

5.2. -

131

x loga b (mod q) x0 + x1 q + . .. + x1 q1 (mod q),


0  xi  q 1. (5.1) ,
b (p1) /q ax0 (p1) /q (mod p).
1 x0 .
(bax0) (p1) /q ax1 (p1) /q (mod p).
2

x1 , . . xi
(bax0 x1 q...xi1 q ) (p1) /q
i1

i+1

axi (p1) /q (mod p).

3 . loga b (mod qi i), i = 1, . .. , s, loga b (mod p 1)


.
.

.
s

a
(mod p)
O(log p) .
i=1
s

rqi ,j qi , j
O(qi) (p1) /qi

i=1

. xi 3
i1
(. . axi1 q ), , ,
.
O(log p) .

.
5.2. O((log p) c1 ) , qi
p (log p) c2 , c1 , c2 . , , p
p = 2 + 1, p = 21 32 + 1. p 1 q,
q  pc , c > 0, .

5.2. -

2.3 - . [220]
9*

132

. 5.

p.
ax b (mod p).
{ui }, {vi }, {zi },

i = 0, 1, 2, . .. ,

:
u0 = v0 = 0, z0 = 1;

ui + 1 (mod p 1),

ui+1 2ui (mod p 1),

u (mod p 1),

vi (mod p 1),

vi+1 2vi (mod p 1),

v + 1 (mod p 1),
i

0 < zi < p/3;


2
3

p/3 < zi < p;


2
p < zi < p;
3

0 < zi < p/3;


2
3

p/3 < zi < p;


2
p < zi < p;
3

zi+1 bui+1 avi+1 (mod p 1).

c (mod p)
.
(zi , ui , vi , z2i , u2i , v2i), i = 1, 2, 3, .. .,
i, zi = z2i . ,
bu2i ui avi v2i (mod p).
, (u2i ui , p 1) = 1, l Z, l(u2i ui) 1
(mod p 1)
b al(vi v2i) (mod p),
x loga b l(vi v2i) (mod p 1).
, , zi , z2i , . [220] .
O(p1/2) .
, [276]
-
, 22 .
[267] .

5.3.

133

5.3.


ax b (mod p),

(5.2)

 p
 ,
1
Lp ; c c. ,
2
a (mod p) p 1. [44] .
.
.
1 .
,
q, q  B = econst log p log log p .
2 . ri
,

ari
qiq (mod p)
qB,
q

,
ri

iq loga q (mod p 1).

(5.3)

qB,
q

3 . (5.3),
loga q .
4 . r,


qq p1 .. . pk (mod p),
ar b
qB

p1 , . .. , pk , . . B < pi < B1 ,
B1 , B1 =
= econst log p log log p .
5 . , 2 3 , loga pi
p1 , .. . , pk 4 .

134

. 5.

6 . loga b:
loga b r +

q loga q +

qB

k


loga pi (mod p 1).

i=1

.
5.3. , ,
[280] . . [95; 176; 210] .
,
.
1986 . ,

 1

Lp ; 1 . [151] 1991 .
2
[97] ( ) p  1058 . 1997 . [276]
p  1085 [97] . , , ,
[97] , , p  1085 . [134] ,
p  1090 [97] .
p > 10100 ,
[134] . , [97] [276]
, 5.5 .

.
COS.
1 . H = [p1/2 ] + 1, J = H2 p > 0.
S = {q | q , q < L1/2 } {H + c | 0 < c < L1/2+ },


1
L
, L = Lp ; 1 , 0 <
< 1.
2
2 .
1 +

c1 , c2 , 0 < ci < L 2 , i = 1, 2,
(H + c1) (H + c2) (mod p)

5.3.

L1/2 , . .
(H + c1) (H + c2)

135

qq (c1 ,c2) (mod p).

q<L1/2 ,
q

, J = O(p1/2),
(H + c1) (H + c2) J + (c1 + c2)H + c1 c2 (mod p),

J + (c1 + c2)H + c1 c2 O(p1/2+).
, [1, p 1] .
a,

q (c1 , c2) loga q (mod p 1).
loga (H + c1) + loga (H + c2)
q<L1/2 ,
q


loga (H + c), loga q. , a L1/2 - q
, a =
q ,

q<L1/2
1
q loga q (mod p 1).
q

3 . 2- , Z/ (p 1)Z
loga (H + c), loga q.
4 . x = loga b L2 .
w ,


aw b
qgq
uhu (mod p).
q<L1/2 ,
q

L1/2 u<L2 ,
u

u .
5 . , 2 3 ,
u ,
4 .
6 .


x = loga b w +
gq loga q +
hu loga u (mod p 1).
q<L1/2 ,
q

136

. 5.

5.4. loga (H + c), 2 , .


loga b. 3 ;
[103] . loga q
, [151] , , [276] .
5.5. , 2 . c1 . q , f , qf J + (c1 + c2)H + c1 c2 .
c2 (J + c1 H) (H + c1) 1 (mod qg).
, c2 g f . ,
,
. 3. L1/2+ ,
c2 . 0.
qf qf
c2 , c2 (J + c1 H) (H + c1) 1 (mod qf), log q.
q < L1/2 f

J + (c1 + c2)H + c1 c2 . c2
log |J + (c1 + c2)H + c1 c2 |,
J + (c1 + c2)H + c1 c2 ,
a, a < L1/2 . ,
,
.
5.6. [134] p1

p = [1089 ] + 156137,
. 2
COS . 60 mips-years , .
,
.

5.4.

137

5.4.
p, n > 1,
q = pn . a GF (q) .

ax = b

(5.4)

GF (q). . , p ,
  [144, . 4] .
1

Lq ; const
2
.
index-calculus.
1 . ( .) GF (q) GF (p) [y] / (f(y)), f(y) GF (p) [y]
n. GF (q)
n 1. f(y). , a = a(y)
. a1 = a (q1) / (p1) p 1
GF (p) . . . GF (p) GF (q).
p2
a01 = 1, a1 , a21 , . .. , a1 ; ,
, p .
2 . ( .) B GF (q) g t, t
, t < n ( t ).
3 . ( .) m, 1  m 
 q 2, ,

am c0
gg (m) (mod f(y)),
gB

c0 GF (p). .
,

m loga c0 +
g (m) loga g (mod q 1).
gB

loga c0 , loga g .

138

. 5.

4 . ( .) 3 (, |B|),
Z/ (q 1)Z
loga g g B.
5 . ( .)
m,

gg (mod f(x)),
b am c1
gB

c1 GF (p).

loga b m + loga c1 +
q loga g (mod q 1).
gB

.
, p , . GF (p2)

 [108]
, Lp

1
; const 2

. GF (p2)
ZK K
f : GF (p2) ZK .

K , ZK , .
ax = b GF (p2) x =  ZK ,
 = f(a),  = f(b). , .

() ZK .
, , ,
.
[109] .
GF (pn), p
, n > 2.


1

Lpn ; const .
2
GF (pn) ZK /P, ZK K, P ZK c ,
pn .

5.4.

139

p = 2, q = 2n . 1984 . [95]
.
,



1
; const . 3
1
;
3

Lq

1990 . ( ;
. . 3).
. GF (q)
GF (q) = GF (2) [x] / (P(x)), P(x)
P(x) = xn + Q(x), deg Q(x) < n2/3 . n = 127; P(x) = x127 + x + 1 GF (2) [x] .
GF (2127) = GF (2) [x] / (P(x)).
a = a(x) GF (2127) . ,
A(x), B(x) GF (2) [x] , deg A(x)  10, deg B(x)  10,
(A(x), B(x)) = 1. A(x), B(x)
GF (2127). C(x) = x32 A(x) + B(x), deg C(x)  42.
D(x),
D(x) C(x) 4 (mod P(x)),

deg D(x) < 127,

D(x) x128 A(x) 4 + B(x) 4 (mod P(x)),



x128 x2 + x (mod P(x)),

D(x) (x2 + x)A(x) 4 + B(x) 4 (mod P(x)).


,
C(x) 4 D(x) (mod P(x)),

deg D(x)  42,

deg C(x)  42.

C(x) D(x) ,
, .

C(x)
gj (x) ej (mod P(x)),
j

D(x)


j

gj (x) fj (mod P(x)).

140

. 5.




ej loga gj (x)
fj loga gj (x) (mod q 1)
4
j

loga gj (x) GF (2127).


. , a = a(x) (5.4) ,
:

gj (x) vj (mod P(x)).
a = a(x)
j



vj loga gj (x) (mod q 1),
1 = loga a
j

loga gj (x). ,
5.3.
[269; 270]
GF (2607).
19 000 mips-years.
,
(.
. 11).
. [269] ,
GF (2n) n  997.
GF (pn) . [173; 32] .

5.5.


.
(. 3.6). , . -

5.5.

141

1993 . [127]
ax b (mod p),

(5.5)

 p
;

1 2/3
.
Lp ; 3
3

. [236]


 1

(5.5) Lp ; (64/9) 1/3 .


3
, [274] p  1040 , [238] 1996 .
p  1065 . [275] , p  10129 ; [278]
(5.5) p. p ,
, . 1997 . [276]
p  1085 , , ( ),
(
). , p (. [277; 276]),
.
, p > 10100
, , . [134] .
2001 . p  10110 (. [135]), 2001 . p  10120
(. [136]). p , .

(5.5),
.
[237] [236]
GF (pn). q = pn
Lq [1/3; (64/9) 1/3 ] .
p n . [237] , log p > n2+
> 0. [247]
.

142

. 5.

[33]


1
GF (p) Lp ; c , c =
3

= (92 + 26 13) 1/3 /3 1,902.


[127]


2

Lp ; c ,
5
c 1,00475. , c 1, 
1

Lp ; c ,
3
[278] .
. [208; 152] .
, [276] , (5.5). ,
,
.
[97] ,
,
.
, 3.6, ,
[263] .
.
1 . (5.5)
ax s (mod p),

s S,

S
. , z N, ,

az b
sj (mod p),
j



2
sj , , sj  Lp ; const .
3
az b (mod p)
(. . 4). S = {sj }, loga b z +

+ loga sj (mod p 1).
j

2 . g1 (x), g2 (x) Z[x] , deg gi (x) = ni , i = 1, 2,

5.5.

143

m (mod p). j = 1, 2:
j C gj (x),
hj N gj (x),
Kj Q(j),
Oj = ZKj Kj .
5.7.

:
1) n1 = 2; g1 (x) ; K1
;
2) n2 = 1, g2 (x) Ux + V, U, V Z.
3 . ( .) j = 1, 2
Fj = { | Oj , Norm < Bj } {hj }.
Bj ,
p.
4 .
C = {(c, d)} Z2 , i = 1, 2 (hi (c + di)) Oj Fj . C
, |C| > |F1 | + |F2 |.
5 . s S .
s O1 , s,
c, d , (h1 (c + d)) /1
F1 (h2 (c + d2)) F2 .
6 . q, p 1
( , p 1 ), .
1.
( . ) hj (c + dj), j = 1, 2, (c, d) C.
2. A Z/qZ.
hj (c + dj)
.
3. AX 0 (mod q) i Oi , i = 1, 2, , i = qi , i Oi , i = 1, 2.
4.
j : Z[hj j ] Z/pZ,

j (hj j) hj m (mod p),

j = 1, 2,

q- Oj k, l Z , ak bl dq (mod p). ,

144

. 5.

k + lx 0 (mod q), x (mod p 1) (5.5). x (mod q).


5.8. [97]
,
Oi
.
7 . 6 x (mod q)
q p 1. , p 1 .
x (mod qq), q , qq p 1,
.
x (mod p 1).
.
, 6 .  , deg  = n,
f(x) = an xn + ... + a0 Z[x] , K = Q(),
O = ZK K.
= { O | l  NormK/Q ()},



E = |(O/b) |
b O, b|(l) .
, .
: (, ) lO/l2 O,

() = E 1 (mod l2 O).

,
lO/l2 O.
O = Z1 ... Zn ,
1 , . .. , n O. lO/l2 O
Z/lZ l1 (mod l2 O), ...
n

b i i ,
.. . , ln (mod l2 O). i li (mod l2 O), i () =
i=1

bi Z/lZ. i : Z/lZ, i () bi (mod l).


,
1 , . .. , n .
[236] ,
() = 0 ,  = l ,  O.
q
i = i 6 .
, 4 . (hi (c + di)) Oi

5.6.

145

NormK/Q (hi (c + di)) .


fi (c, d),
fi (X, Y) Z[X, Y] . ,
c, d, fi (c, d)
B. d, q
h, c, , qh |f(c, d),
c d rj (mod qh),
rj (mod qh) - f(Z, 1) 0 (mod qh).
, , 3.4, 3.6. . ( , Z2) ,
. [107] .

. , ,
.
5.9. [45]
-

1

GF (pn) Lpn ; const


3
.
pn , . [209] . , log p < n1/2 .

5.6.

Z/mZ m, GF (p) [x] / (f(x)), f(x) GF (p) [x] ,
. [234; 15; 14] .
5.10. r N, r = 20 p1 1 . .. pt t , r
, 2 < p1 < .. . < pt . (r) :
(r) = (0 (20 ),  (p1 1 ), . .. ,  (pt t )),
10 . .

146

. 5.

 , 0 (1) = 0 (2) = 1, 0 (4) = 2, 0 (20) = 20 2


0  3.
, a Z, (a, r) = 1, a (r) 1 (mod r).
5.11. r Z>1 , a Z, (a, r) = 1. Q(a, r)
Q(a, r)


a (r) 1
(mod r)
r


a (r) 1

a (r) 1 r Z .
r
;
. [234; 114; 80; 170] .
5.12. a, b Z, (a, r) = (b, r) = 1.
Q(ab, r) = Q(a, r) + Q(b, r) (mod r).
.
a (r) 1 + rQ(a, r) (mod r2),

b (r) 1 + rQ(b, r) (mod r2),

(ab)  (r) 1 + r(Q(a, r) + Q(b, r)) (mod r2).

. 
5.13. ,
, : .
5.14. Q(r, x)
x Z, (x, r) = 1. m Z, m = 0, Q(r, x),
1) m , r;
2) Q(a + m, r) Q(a, r) (mod r) a Z, (a, r) = 1.

r2
Q(r, x).
( (r), r)
r
, r | R; . R = r
( (r), r)

5.15. R =

, . ,
R2
0 (mod r),
r
(a + R)  (r) 1
a (r) 1
R
Q(a + R, r)
(mod r)
+ (r)a (r)1 (mod r).
r
r
r

 (r)R

 (r)r2
0 (mod r).
r
r( (r), r)
Q(a + R, r) Q(a, r) (mod r), . 
=

5.6.

147

5.16. m Q(x, r), (Z/mZ)


Z/rZ.
ax
b (mod m), m Q(x, r).
(a, m) = (b, m) = 1 , (a, r) = (b, r) = 1.

Q(b, r) Q(ax , r) (mod r) xQ(a, r) (mod r).
(Q(a, r), r) = 1,
x Q(b, r)Q(a, r) 1 (mod r).
, x (mod r); x a (mod m) (Z/mZ) .
; [234] . - . - . [28] .
5.17. m = 1600 = 26 52 , a = 3.
3x b (mod 1600).
r = 80 = 24 5; (r) = 4, R =

r2
6400
=
= 1600 = m.
( (r), r)
4

5.15 m Q(x, r). ,


Q(3, r)

34 1
(mod 80) 1 (mod r).
80


Q(b, r) Q(3x , r) xQ(3, r) x (mod 80) x (mod (m)),
(m) = 80. 3 (mod m) (Z/mZ) (m),
3x b (mod 1600)
x

b4 1
(mod 80).
80

x ,
b (Z/mZ) 3x b (mod m) .
, m r
(m) | r; .

ax b (mod p), ax
b (mod p+1).
10*

148

. 5.

5.18. p ,  Z2 ,
m = p . g Z, g (mod m) m, b Z, (b, p) = 1. x = [log b]  Z/ (p)Z
gx b (mod m). [log b]   (p)

Q(g, p1)x Q(b, p1) (mod p1),
x = [log b] 1 (mod p 1),
[log b] 1 gy b (mod p).
5.19. , (Z/p Z) p > 2 (Z/pZ) .
. r = p1 .
R=

r2
p22
= 2
= p = m.
( (r), r)
(p
(p 1), p1)

5.15 m Q(x, r). gx


b (mod m) , xQ(g, r) Q(b, r) (mod r); . . . gx b (mod m) ,
gx b (mod p). , .
,
Q(g, p1)  0 (mod p). g (mod p) , gp1  1 (mod p2). ,
u = 1, 2, 3, .. .
u

g (p1)p = 1 + pu+1 Au ,
1

Au Z, Au  0 (mod p). u =  2; g (p ) 1
p1 p . (p1) =  (p1),
Q(g, p1)

1

g (p ) 1
(mod p1)
p1

, Q(g, p1)  0 (mod p). 


5.20. m = 2 ,  Z5 . b Z, b ,
b (1) k0 5k1 (mod 2),
k0 = 0 b 1 (mod 4), k0 = 1 b 3 (mod 4), 0  k1 
 22 1. [log b]  = k1 . [log b] 

5.6.

149

22
xQ(5, 22) Q(b, 22) (mod 22).
5.21. 5.20 , Z/2 Z   5
Q(b, 22)Q(5, 22) 1 (mod 22).
. r = 22 .
R=

r2
224
= 4 2 = 2 = m
( (r), r)
(2
,2
)

Q(x, r). b (1) k0 5k1 (mod 2),


Q(b, r) Q((1) k0 5k1 , r)

((1) k0 5k1)  (r) 1


5k1  (r) 1

(mod r),
r
r

(r)   5. ,
Q(b, r) Q(5k1 , r) k1 Q(5, r) (mod r).
, Q(5, r)
.
Q(5, 22)

2

4

5 (2 ) 1
52
1

(mod 22),

2
2
22
4

, 52  1 (mod 21)   5;
. 5.20 . 

ax b (mod s),

(a, s) = (b, s) = 1,

(5.6)

s N, s > 1, s , s qi :
k

qui i , k  2.
(5.7)
s=
i=1

qi 1 :
qi 1 =

vi


pijij ,

i = 1, . .. , k.

(5.8)

j=1

(5.6).
, (5.6). gi
qui i , i = 1, .. . , k; ,

150

. 5.

(5.8). ci i = 1, ... , k

ci gi (mod qui i ),
u
ci 1 (mod qj j)
j = i.
ci (mod s)  (qui i ) = Mi ,
(Z/sZ) = c1 (mod s) M1 ... ck (mod s) Mk
(Z/sZ) .


a cA1 1 . .. cAk k (mod s),
(5.9)
b cB1 1 .. . cBk k (mod s).
y

Ai , 0  Ai  Mi 1, , gi a (mod qui i)
( Bi). 5.18 giz a (mod qi).
Ai , Bi .
, , .
, Ai , Bi (5.9).
(5.6) (5.9) ,
giAi x giBi (mod qui i),

i = 1, .. . , k.

Ai x Bi (mod  (qui i )),

i = 1, ... , k.

(5.10)

, (5.10) , ,

(5.11)
Di = (Ai ,  (qui i ))
Bi . , (5.10) ,
x (Ai /Di) 1 (Bi /Di) (mod  (qui i ) /Di),

i = 1, .. . , k.

(5.12)

, (5.12)
, i = j i- j-
u
(5.12) ( (qui i ) /Di ,  (qj j) /Dj).
(5.12);
x0 (mod ( (qu11 ) /D1 , ... ,  (qukk ) /Dk)).

(5.13)

5.6.

151

5.22. (5.11) Di
ord a (mod s) = ( (qu11 ) /D1 , ... ,  (qukk ) /Dk),
ord a (mod s) a (mod s) (Z/sZ)
.
ord a (mod s) = i=1,...,k (ord(a (mod qui i))),
,
ord(a (mod qui i )) =  (qui i ) /Di ,

i = 1, . .. , k.

Ai a giAi (mod qui i ).


p ,  = p ( (qui i ))  1. p (Ai)  ,
p (ord(a (mod qui i ))) = 0 p (Di) = .  = p (Ai) 0   < ,
, p (ord(a (mod qui i ))) =  , p (Di) = .

p (ord(a (mod qui i ))) = p ( (qui i ) /Di).


5.22 . 
5.23. Di = (Ai ,  (qui i )) ,
ord(a (mod qui i)), Ai . 5.22. , p  ,
5.22, Ei = ord(a (mod qui i )). p  Ei ,
p | Ai , p (Di) = . pe  Ei , 1  e  p ( (qui i )),
p (Ai) = p ( (qui i )) e; p (Di) = p ( (qui i )) e.
, Ei , (5.8);
. 1.5.
5.24. 5.22 , (5.13)
(5.6) , (5.12) .
, (5.6), A1 , . .. , Ak , B1 , . .. , Bk . ,
(5.6).
, Ai Bi .
n


5.25. q , q 1= pj j
j=1

q 1 . u N, a, b
(Z/qu Z) , a  1 (mod qu). g
qu . .

152

. 5.

1)
ord(a(mod qu)) = qu10

n

 
pj j j ,

j Z0 ,

j=1

ag

q 0

n

j=1

j

pj l

(mod qu),

0 < l <  (qu). , u > 1 0 < u 1 u = 1,


q  l; j > 0 j < j , pj  l.
2) ax b (mod qu) ,
ord(b(mod qu)) ord(a(mod qu)).
. ,
(Z/qu Z) . 
(5.6), (5.7), (5.8), (5.9).
5.26. (5.6) ,


Ai x Bi (mod qui i 1),
(5.14)

Ai x Bi (mod pijij), j = 1, .. . , vi , i = 1, . .. , k.
. ax b (mod s)
,
cAi i x cBi i (mod qui i),

i = 1, . .. , k.

, Ai xBi (mod  (qui i )),


i = 1, . .. , k, . , (5.14). 
5.27. (5.8) pi1 = 2, i1 = 1 i = 1, . .. , k.
qi pij j = 2, ... , vi , i = 1, .. . , k,
. , a  1 (mod qui i ),
ord(a (mod qui i )) = qui i 1i0

vi


 ij

pijij

i = 1, . .. , k,

j=1

i0 < ui 1, ui > 1, ij < ij j = 1, .. . , vi ,


i = 1, . .. , k. ord(b(mod qui i )) | ord(a(mod qui i)) i =
= 1, . .. , k. (5.6) ,

ui 1
bqi (qi 1) /2 F (mod qui i), i = 1, . .. , k,
F = 1 F = 1.

5.6.

153

. , k  2 (5.7).
(5.9) . 1 5.25 ,
Ai = qi i0

vi


pijij Li ,

i = 1, . .. , k,

j=1

Li N, (Li ,  (qui i )) = 1.
, qi  Li .

, ui = 1, i0 = 0;

ord(b (mod qui i)) = qui i 1 i0

vi


 ij

pijij

i = 1, ... , k.

j=1

, ij  ij j = 1, .. . , vi ,
i = 1, . .. , k. 5.25 ,
Bi = q i i0

vi


i = 1, ... , k,

pijij Ni ,

j=1

Ni N. 5.26 (5.6) (5.14).


Ai x Bi (mod qui i 1)
,
vi

j=1

pijij Li x q i i0 i0

vi


pijij Ni (mod qui i 1i0).

(5.15)

j=1

; ui = 1 , ui > 1
, qi  Li .

Ai x Bi (mod pijij), j > 1,
(5.16)
(5.14), , pij (Ai) =
= ij  ij  pij (Bi). (5.15) (5.16)
, (5.14)
,
(5.17)
Ai x Bi (mod 2), i = 1, .. . , k.
i1 = 1, i1 = 0 i = 1, ... , k, Li . Ai 1 (mod 2), i = 1, .. . , k. , (5.17)

154

. 5.

x Bi (mod 2), i = 1, ... , k. (5.17) ,


Bi E (mod 2),

i = 1, . .. , k,

E = 0 E = 1. ,

 ui 1
ui 1
q
(qi 1) /2 Bi
bqi (qi 1) /2 gi i
(1) Bi (mod qui i).
. 
5.28. q1 , . .. , qk
,
vi


pijij , i = 1, .. . , k,
qi 1 = 2
j=2

pij . pij j = 2, .. . , vi ,
i = 1, . .. , k, . s = q1 . .. qk . a, b N,
(a, s) = (b, s) = 1, t N, 1  t  k. , a (mod qi)
qi 1 i = 1, ... , t (qi 1) /2
i = t + 1, . .. , k. (5.6) ,

 


 
 
 

b
q1

= . .. =

b
,
q1

b
qt+1

= ... =

b
qk

= 1,

b
.
q

. (5.9) , Ai  (qi) = qi 1 i = 1, .. . , t, i = t + 1, . .. , k Ai (qi 1) /2. 5.10


Ai x Bi (mod 2),

Ai x Bi (mod pijij),
j = 2, ... , vi , i = 1, .. . , k.
,
Ai x Bi (mod 2),


x Bi (mod 2),
Bi 0 (mod 2),

i = 1, .. . , k.

i = 1, . .. , t,
i = t + 1, . .. , k.

5.6.

155

b
= 1.
, Bi 0 (mod 2) ,
qi
. 
5.29. 5.27 5.28 qi 1 qj 1 2. (5.6).
qi 1 qj 1
p > 2, (5.6)
, .
.
p ax =b (Z/pZ[x] / (F (x)))
Z/pZ[x] / (F (x)), F (x) Z/pZ[x] .
f = f(x) = xn + An1 xn1 + ...
.. . + A0 Z/pZ[x] n, n > 1. Rk = Z/pZ[x] / (fk (x)),
k = 1, 2, 3, . .. , R1 = GF (pn)
g(x) Z/pZ[x] , deg g(x) < n, , g(x) (mod f)
pn 1 (., , [31, . 2]). g(x).
5.30.
1) g1 (x) ( g(x), g(x) + f(x)),
n
, deg g1 (x)  n g1 (x) p 1  1 (mod f2).
2) h = h(x) Z/pZ[x] , f  h, j  0
j

hp (p

1)

1 (mod fp ).

3) j  1 pj1 < k  pj ,
Rn pj (pn 1), .
n
. g(x) p 1 = 1 + fl (x)t(x), t(x) Z/pZ[x] ,
f(x)  t(x), l N. l = 1, g1 (x) = g(x). l  2,
(g(x) + f(x)) p

= g(x) p

+ (pn 1)g(x) p

f(x) + .. . =

= 1 g(x) p

f(x) + t1 (x)f2 (x),

t1 (x) Z/pZ[x] . , g1 (x) = g(x) + f(x)


n
l  2. , h(x) p 1 = 1 +
n
j
j
j
+ f(x)t(x). h(x) (p 1)p = 1 + t(x) p f(x) p ,
. , g1 (x) (mod fk (x)), g1 (x)
, pj (pn 1) Rk ;
. 

156

. 5.

5.31. k > 1. |Rk | = pnk , |Rk | = pn(k1) (pn 1).


, pj1 < k  pj Rk
Rk =  k,0 pn 1  k,1 plk,1 .. .  k,sk plk,sk ,
lk,1 + .. . + lk,sk = n(k 1) j = lk,1  lk,2  . ..  lk,sk . ,
1 < k  p sk = n(k 1)
Rk =  k,0 pn 1  k,1 p . ..  k,n(k1) p .
. Rk \ Rk
f(x) (a0 + a1 x + ... + an(k1)1 xn(k1)1). |Rk |. Rk

5.12. 
5.32. k  2, Rk .

= a0 (x) + a1 (x)f(x) + . .. + ak1 (x)fk1 (x) (mod fk (x)),

ai (x) Z/pZ[x] , deg < n. Rk ,


a0 (x) = 0. , p
, a0 (x) = 1.
. .
k
k
p a0 (x) p (mod fk). 5.31, ,
p, pn(k1) ,
, a0 (x) = 1. 
5.33. 2  k  p, M = n(k 1), 1 , ... , M p Rk :
1 + f(x), 1 + xf(x), ... , 1 + xn1 f(x);
1 + f(x) 2 , 1 + xf(x) 2 , . .. , 1 + xn1 f(x) 2 ;
.........................................
1 + f(x) k1 , 1 + xf(x) k1 , . .. , 1 + xk1 f(x) n1 .
Rk = 0 pn 1 1 p . .. M p Rk ( 0 - pn 1
Rk).
. , j = 1, .. . , M j p. ,

5.6.

157

00 11 . .. MM z00 z11 .. . zMM (mod fk),

0  y0 , z0 < pn 1, 0  yj , zj < p, j = 1, . .. , M, , yj = zj ,
j = 1, .. . , M. , j 1 (mod f(x)) j  1,
y
00 z00 (mod f(x)). 0 (y0 z0)pk .
y
y0 = z0 . 00
mod f2 ,
y
11 . .. ynn z11 . .. znn (mod f2).

11 . .. ynn (1 + y1 f(x)) (1 + y2 xf(x)) .. . (1 + yn xn1 f(x))

(1 + (y1 + y2 x + ... + yn xn1)f(x)) (mod f2);


z11 .. . znn (1 + (z1 + z2 x + . .. + zn xn1)f(x)) (mod f2).

, y1 = z1 , . .. , yn = zn . . 
.
5.34. m1 , m2 N, d = (m1 , m2). (pm1 1,
m2
p 1) = pd 1.
5.35. k N, k  2, h Rk , h p.
Q0 (h) =

hp 1
(mod fk).
fk

Q0 (h)
Q0 (h1 h2) = Q0 (h1) + Q0 (h2) (mod fk).
. 5.32 h
h 1 + a1 f + . .. + ak1 fk1 (mod fk),

deg ai < n.

hp 1 + a1 fp + ... + ak1 fp(k1) (mod fkp) 1 (mod fk).


j  1, (j 1)p < k  jp; , a1 = ... = aj1 = 0.

hp 1 apj fpj + .. . + apk1 fp(k1) (mod fkp) 1 (mod fkp).


Q0 (h). ,
hp 1 + fk Q0 (h) (mod f2k).

158

. 5.

(h1 h2) p 1 + fk (Q0 (h1) + Q0 (h2)) (mod f2k).


. 
5.36. k  2, h1 , h2 Rk . h1
y
n
p 1, h1 = h2 , h1 h2 .
. 5.31
 k,0 pn 1  h1 , h2 . 
5.37. p/2 < k  p, h1 , h2 Rk
p. ( 5.32)
h1 1 + a1 (x)f(x) + . .. + ak1 (x)f(x) k1 (mod fk),
h2 1 + b1 (x)f(x) + .. . + bk1 (x)f(x) k1 (mod fk),
y

deg ai , deg bj < n. b1 (x) = 0 h1 = h2 ,


y1 (a1 (x)b1 (x) 1) p (mod f(x)).
. 5.35 Q0 (h1)
yQ0 (h2) (mod fk). , p  k,
p

Q0 (h1) a1 fpk (mod fk),

Q0 (h2) b1 fpk (mod fk).


p

2k p  1, a1 yb1 (mod f2kp),


. 
5.38. h1 , h2 , p,
b1 (x) = 0, , y 5.37, , h1 = hy2 .
5.39. p/2 < k  p. h1 , h2 Rk , h1
pd1 , h2 pd2 , d1 |d2 |pn 1. ( 5.22)
pn 1

1 + a1 (x)f(x) + . .. + ak1 (x)f(x) k1 (mod fk),

pn 1

1 + b1 (x)f(x) + . .. + bk1 (x)f(x) k1 (mod fk),

h1
h2

deg ai , deg bj < n b1 (x) = 0.


1) , y0 Z/pZ, p
y0 (a1 b1
1 ) (mod f(x)).
hp1

(hp2

h1 = hy2 .

1 y0

) ,

5.6.

159

p
2) (a1 b1
(mod f(x)) 1 )
pn 1
pn 1
y0 Z/pZ, y0 Z/pZ, h1
= (h2 ) y0 ,
h1 = hy2 .
. . 5.31
u

n(k1)
h1 uk00 uk11 . .. k,n(k1)
(mod fk),

n(k1)
h2 vk00 vk11 .. . k,n(k1)
(mod fk).

d1 |d2 , y1 , 0  y1 < pn 1, , uk00 ( vk00 ) y1


(mod fk). , ,
 u0 u1

un(k1) pn 1
vn(k1)  (pn 1)y0
k0 k1 . .. k,n(k1)
vk00 vk11 ... k,n(k1)
(mod fk).
, y , y y0 (mod p), y
y1 (mod pn 1), h1 = hy2 .
5.37. 

P Qy (mod F),

(P, F) = (Q, F) = 1,

P, Q, F Z/pZ[x] , deg F = N  2, F .
F = F (x) = f1 (x) . .. fs (x),

s  2,

fj (x) Z/pZ[x] ,
deg fj = nj .
, P Qy (mod F) , P Qy
(mod fj (x)), j = 1, .. . , s. j Q (mod fj (x)).
P Qy (mod fj (x)) , P (mod fj (x)) j . yj (mod j), ,
P Qyj (mod fj (x)). P Qy (mod F) y yj (mod j),
j = 1, .. . , s. ,
yi yj (mod ij) i = j, ij = (i , j). ij ,
yi (mod ij)
P i / ij Q ( i / ij)yj (mod fi (x)),
, yi yj (mod ij). ,
P Qy (mod F),
. , p ni , 5.34 ij
p 1, . ,

pni 1 .

160

. 5.

5.40.
F (x) Z/pZ[x]
,
F (x) .

5.7.

[130; 291; 131] .
[210; 176; 83; 209] .
[48] - , .
[35; 34; 223; 174; 254; 255; 147] .
, [147] uj , ,
loga j uj (mod p) j .
[268] G O(|G|1/2) . . [201] .
[128]
.
[82] G,
G. ,
, .
5.41. ,
g, d G, d = 1, , d g ,
, logg d. x = |g | d  g x = logg d

d g , 6 x  + log2 x 
G.
2 x 

(h, r) G {1,
... , 2 x}.
4 x .
[251]
a p.
a = O(r4 (log r + 1) 4 (log p) 2),

5.7.

161

r p 1.
q p, p = 2q + 1. , p
. p , . [42,
. 168170] .
5.42. p, q .
1) q = 4n + 1, p = 2q + 1, 2
p.
2) q = 4n + 3, p = 2q + 1, 2
p.
. , a p,

x2 a (mod p), xq a (mod p).


q = 4n + 1, p = 8n + 3.

2
= 1. ,
x 2 (mod p) ,
2

x4n+1 2 (mod p) . x8n+2 4 (mod 8n + 3).


, 4 1 (mod p).
p > 3, .
q = 4n + 3, p = 8n + 7. x2 2 (mod p) ,
p1
    
2
1
2
=
= (1) 2 = 1.
p

2 (mod p) . , x
x8n+6 4 (mod p),
. 
4n+3

11 . .

6.

6.1. .

,
.
p , p > 2, f(x) GF (p) [x] , deg f(x) = n  2.
f(x) = 0 GF (p).
f(x) = 0 GF(p).
1 .
g(x) = (f(x), xp x) GF (p) [x] .
, f(x) GF (p) g(x)
1, g(x) . deg g(x) = 0,
f(x) GF (p) . deg g(x) = 1, g(x) = x a, a
f(x) GF (p) ( ). deg g(x) = p,
GF (p) f(x). ,
2  deg g(x) < p, g(x) GF (p).
2 .  GF (p)
p1


d(x) = (x + ) 2 1, g(x) .

3 . d(x) = 1 d(x) = g(x), 2.


deg d(x) = 1, d(x) = x b, b f(x);
, g(x) g(x) / (x b) 2. , deg d(x) = deg g(x) 1
xb=

g(x)
, b , g(x) d(x) d(x)

2- . 2  deg d(x) < deg g(x) 1, g(x) d(x) g(x) /d(x),

6.1. .

163

2 3 ,
.
.
6.1. g(x) GF (p) [x] , 2  deg g(x) < p g(x) | xp x,
 2- , ,

1
1
, 1  deg d(x) <
2
2p

< deg g(x).


. a1 , a2 GF (p), a1 = a2 , g(a1) = g(a2) = 0.
 = a1 ,  = a2 .
(ai + )

p1
2

1 0 2 i = 1, 2.

(a1 + )

p1
2

1 = (a2 + )

p1
2

1,

a1 , a2 d(x)
1  deg d(x) < deg g(x). ,  = a1 , a2 ,
(a1 + )

p1
2

1 = (a2 + )

p1
2

 (x + a1)

1
p1
2

(x + a2)

p1
2 ,

p1

1. ,
2
p1
p+1
 GF (p), 2 +
1=
 2
2

d(x) 1  deg d(x) < deg g(x).


. 
6.2. 6.1 k 
deg g(x); 1

1
1
+O ;
p
2k1

O() k.
k

6.3. g(x) = (x ai), ai GF (p), ai ;
i=1


1 , ... ,
k - 1. ,


ai + 
0    p 1,
=
i , i = 1, .. . , k.
p

p
 N = k + O( p),
2
O() k.
11*

164

. 6.

6.2 . 0    p 1,  = ai ,
i = 1, . .. , k. , deg d(x) = 0.
(ai + )

p1
2

1 = 0,

i = 1, . .. , k.

,
(ai + )

p1
2

= 1,

i = 1, ... , k,

. .
1 = . .. =
k = 1. deg d(x) = k.
,
(ai + )

p1
2

= 1,

i = 1, . .. , k,


1 = .. . =
k = 1. ,   ,
1  deg d(x) < k,

p
p k 2 k + O( p) . 6.2.
2
. a p. di = a,
i = 1, di = 1,
i = 1.

y1 d1 (x + a1) (mod p),


........................

2
yk dk (x + ak) (mod p),

x, y1 , ... , yk Z/pZ. 
d
. y2 d (mod p) 1 + (d) .
(d) =
p


M=

p1 k



(1 + (di (x + ai))) =

x=0 i=1

p1


(d1 (x + a1)) l1 .. . (dk (x + ak)) lk =

x=0 l1 ,...,lk {0,1}

=p+

p1


l=(l1 ,...,lk); x=0


l=0

(gl (x)),

6.1. .

165

gl (x) = (d1 (x + a1)) l1 . .. (dk (x + ak)) lk .


(. [31, 5.41])

p1

(gl (x))
 (deg gl (x) 1) p,

x=0

.
|M p| 

k  

k
r=2

deg gl (x) = 1,
(r 1)

k
r

p1

x=0

(r 1) p,

(gl (x)) = 0.

k 1
k! (r 1)
k!
<
=k
,
r! (k r)!
(r 1)! (k r)!
r1

|M p|  k p(2k1 1).
, .

  
di ( + ai)
d
(di ( + ai)) =
= i
i = 1
p

di . y2i di ( + ai) (mod p)


, x =  2k . ,
M = 2k N + N1 ,
N1 , ,  + ai 
.  = ai , i = 1, . .. , k,
=
i
p
  

di (ai + )
di
=
(
i) = 1, x = 
i,
p

.  = ai i, x = 
2k . N1  k 2k . ,

|2k N p|  |M p| + |2k N M|  k p(2k1 1) + k 2k .


6.3. 

. [31, . 4,
3] . GF (q) , p ,
m1
 pj
q = pm S(x) =
x ,
j=0

166

. 6.

f(x),
(f(x), S(x) c),

c GF (p),

(f(x), S(j x) c),

c GF (p),

 GF (q) , 1, , .. . , m1 GF (q) GF (p)


. GF (q) , n

p , f(x) = j xj
fk (x) =

n


i=0
p

k = 0, ... , m 1.

j xj ,

j=0

F (x) =

m1


fk (x) GF (p) [x] -

k=0

F (x) = G1 (x) . .. Gr (x) GF (p) [x]


f(x),
(f(x), Gt (x)), t = 1, . .. , r.
GF (q).
.

6.2.

x2 a (mod p),

(6.1)

p > 2, p .
(6.1) AX2 + BX + C
0 (mod p). a 0 (mod p), (6.1)
a
= 1, . .
,
p

a (p1) /2 1 (mod p)
, p 3 (mod 4), . . p = 4k + 3.

(6.2)
p1
= 2k + 1,
2

(6.2) , a2k+1 1 (mod p). a2k+2 a (mod p),


(6.1):
x ak+1 (mod p).

6.2.

, p 1 (mod 4), p = 4k + 1.
(6.2)
s
a2 t 1 (mod p),

167

p1
= 2k,
2

(6.3)

2k = 2 t, s  1, t . (6.1) N p. N
 
s
N
N2k N2 t (mod p).
1 =
s

. (6.3) ,
s1

a2

1 (mod p).

s1

a2 t +1 (mod p), ,
s1
s1
s
a2 t 1 (mod p), a2 t N2 t 1 (mod p),
. s
N2 t 1 (mod p),
1 (mod p),
at N2l 1 (mod p)
l Z0 . (a (t+1) /2 Nl) 2 a (mod p),
x a (t+1) /2 Nl (mod p) (6.1).
6.4. N
1

{1, 2, ... , p 1} . 2
p
1.6 ( ).
p 1 (mod 4) N ; , N = 2 p 5 (mod 8).
(6.1) p 1 (mod 4) .
p 1 = 4k = 2s+1 t = 2e t; N -
p. ,


a
= +1.
p

.
1 . :
y := Nt (mod p),

r := e,

b := ax2 (mod p),

x := a (t1) /2 (mod p),


x := ax (mod p).

2 . b 1 (mod p), x (6.1),


.

168

. 6.
m

3 . m N , b2 1 (mod p).
1  m  r 1.
4 .
rm1

l := y2

y := l2 ,

(mod p),

x := xl (mod p),

r := m

b := by (mod p)

2- .
.
, .
A1 , .. . , Ae1 , 0 1, ,
at Nt(A1 2+A2 2

+...+Ae1 2e1)

1 (mod p).

A1 , .. . , Ae1 . 1-
x a (t+1) /2 (mod p),

b at (mod p),

r = e.

m1

3 m , b2 at2 1 (mod p), b2


=
m1
= at2
1 (mod p), (6.2), m  r 1 = e 1. A1 = . .. = Aem1 = 0, Aem = 1,
ej

a2

Nt(A1 2

ej+1

+...+Aj1 2e1)

1 (mod p),

j = e m + 1. 4
rm1

l = Nt2

j2

= Nt2

t+1
x=a 2

j1

y = Nt2

r = m = e j + 1,

Nt(A1 +...+Aem 2

em1

b=a N
t

t(2A1 +...+Aem 2em

) (mod p),

) (mod p).

b 1 (mod p), , x (6.1).


b  1 (mod p), .
, 24 j  2 A1 , .. . , Aj1 {0; 1}, Aj1 = 1
, :
ej

a2

ej+1

Nt(A1 2

+...+Aj1 2e1)

1 (mod p),

t+1
j2
x a 2 Nt(A1 +...+Aj1 2 )

b at Nt(A1 2+...+Aj1 2

j1

l=N

j2

t2

y=N

j1

t2

(mod p),
(mod p),

r = e j + 1.

6.2.

169

j = e, A1 , . .. , Ae1 , x .
j < e, b 1 (mod p), x ,
. j < e b  1 (mod p), 24 j
Aj = Aj+1 = .. . = Aj 1 = 0, Aj = 1,
ej

a2

ej +1

Nt(A1 2

+...+Aj 1 2e1)

1 (mod p).

, x, b, l, y, r j , A1 , ... , Aj 1 ,
.
.
6.5. [89, . 1] ,
. [60, . 7] . , N .
6.6. [244] (6.1)
O(|a|1/2+ (log p) 9) . ; a Z
p.
6.7. [60, . 7]
x2 = a GF (q) q, O(log3 q) .

xN a (mod p),

(6.4)

p , N N, N > 2. (N, p 1) = 1,
x aM (mod p), NM 1 (mod p 1).
[282; 49] (6.4)
(N, p 1) > 1; . [60, . 7] .
x2 a (mod n), n = pq, p, q
,
, , n . ,
. [4, . 3, 4] .

n N, m = [ n] , [89, . 1] .
.
1 . x := n.
2 . ( 2),

n"
!
y=

x+

170

. 6.

3 . y < x, x := y 2- . x
[ n] .
.
, . t > 0,
t+
2

n
t  n.

n
x  [ n] , x + 
x
 

n
 2 n , x +
 [2 n]  2[ n] . 3 x


y  x. , x = [ n] . , x  [ n] + 1, . ,
n"
!
!n
"
x

x+

x
0yx=
x= x
< 0,
2
2
 
 

n
n
n
 < n, . .
x  [ n] [ n] 1 = 1.
x > n
x

x2 = n,
n N, ; n, , n
, . [89, . 1] .

6.3.
p , q = pm .
(. [7; 31, . 4; 63])
f(x) GF (q) [x] . deg f(x) = n  2.
f(x) = f1 (x) e1 .. . fk (x) ek
(6.5)
f(x)
f1 (x), .. . , fk (x). , (6.5)

f(x)
= fi1 (x) . .. fil (x),

1  i1 < i2 < .. . < il  z,

(6.6)

.
d(x) = (f(x), f (x)).

6.3.

171

f (x) , f(x) =g0 (xp), g0 (y) GF (q) [y] .


p GF (q) (A + B) p = Ap + Bp A, B GF (q) [x] ,
f(x) = g0 (xp) = (g(x)) p , f(x) g(x), . g(x)
f(x), GF (q)
m > 1. q = p (. . m = 1), g(x) = g0 (x),
ap = a a GF (p).
, f (x) . ,
d(x) = f1 (x) v1 .. . fk (x) vk ,
vi =ei 1 p  ei , vi = ei p | ei . vi = ei . =f(x) /d(x)
f(x)

f1 (x), .. . , fk (x), p  ei . f(x)


,

ei

, p  ei . f(x) /
fi (x) ei . i : pei

. ,
p , , g(x)

g(x)
, . .
6.8. [89, . 3, 3.4.2] ,
f(x) Z/pZ[x] 
f(x) =
Ai (x) i , Ai (x) Z/pZ[x] , Ai i1

, i = j(Ai (x), Aj (x) = 1.


, (6.5) ei
1.
6.9. h(x) GF (q) [x] , 1  deg h(x) < n,

h(x) q h(x) (mod f(x)).




f(x) =
(f(x), h(x) c),

(6.7)

cGF (q)


f(x) .
. c1 , c2 GF (q), c1 = c2 , h(x) c1 h(x) c2 ,
(6.7) . deg(h(x) c) < n, (6.7) ,

172

. 6.

f(x) (. . (6.7) f(x) ).


 (6.7) ,
h(x) q h(x) =
(h(x) c) 0 (mod f(x)),
cGF (q)

h(x) c c GF (q). 
6.10. h(x) GF (q) [x] , 1 
 deg h(x) < n, h(x) q h(x) (mod f(x)), f-
.
6.9 , - f- , f(x)
.
.
6.11. B = bij i,j=0,...,n1
n1

bij xi (mod f(x)), i = 0, ... , n 1.
xiq
j=0

h(x) = a0 + a1 x + . .. + an1 xn1 GF (q) [x] h(x) q h(x) (mod f(x)) ,

(a0 , . .. , an1)B = (a0 , .. . , an1),


. . , B
1.
. h(x) q h(x) (mod f(x))
n1
n1


ai xiq
ai xi (mod f(x)).
i=0

i=0

B
n1

i=0

ai

n1

j=0

bij xj =

n1


ai xi ,

i=0

n1


bij = aj ,

j = 0, ... , n 1,

i=0

. 

6.3.

173

.
f(x) GF (q) [x] ,
deg f(x) = n  2, , . f(x)
.
1 . B 6.11.
2 .

x0
B1 ... = 0,
(6.8)
xn1
B1 = (B In) T , In , () T . e1 = (1, 0, .. . , 0), e2 , ... , ek .
6.12. xiq 1 (mod f(x)) i = 0, B (1, 0, .. . , 0),
B1 . e1 = (1, 0, ... , 0) .
3 . k = 1 f(x) ; ,
k f(x) GF (q) [x] .
k > 1 e2 = (h2,0 , ... , h2,n1) f n1

h2 (x) =
h2,i xi . , 6.9,
i=0

. . (f(x), h2 (x) c) c GF (q),


f(x) = g1 (x) . .. gl (x),
gi (x) GF (q) [x] , l  2. l = k, . n1

l < k, e3 = (h30 ... , h3,n1), h3 (x) =
h3i xi ; i=0

(gi (x), h3 (x) c) gi (x), f(x), . . ,


e2 , . .. , ek ,
hi (x)
f(x) hi (x) c, c GF (q).
6.13. ,
f(x) k , k = n rank B1 .
.
6.14.
f (x) .

174

. 6.

. f(x) = f1 (x) . .. fk (x)


,
c1 , .. . , ck GF (q)
h(x) GF (q) [x] , h(x) ci (mod fi (x)),
i = 1, . .. , k, deg h(x) < n. h(x)
q

h(x) q ci ci h(x) (mod fi (x)),

i = 1, ... , k,

f-. , f-
h(x)

(h(x) c) 0 (mod f(x)),
hq (x) h(x)
cGF (q)

fi (x) c = ci , h(x) ci (mod fi (x)).


, f- h(x) ci , .. . , ck GF (q).
6.11 (h0 , .. . , hn1) h(x) (6.8), B1 n k, k-.
h1 (x), . .. , hk (x) f- ,
(6.8); , h1 (x) = 1. fi (x) fj (x) -
f(x), i = j. , u, 2  u  k,
c GF (q) ,
hu (x) c (mod fi (x)),

hu (x)  c (mod fj (x)).

, . . u = 2, .. . , k
cu GF (q) hu (x) cu (mod fi (x) fj (x)).
u = 1, h1 (x) = 1 = c1 . , f- h(x)
GF (q) h1 (x), . .. , hk (x),
h(x) c (mod fi (x) fj (x)),
c GF (q), c h(x). f- h(x) ,
h(x) 0 (mod fi (x)),

h(x) 1 (mod fj (x)).

. 
6.15. O(n3 + qkn)
(. [22, . 191]).

6.4.

175

q ( , - c GF (q) 3 ); . .
.
,
GF (q).
, GF (q) [x] . [197] ,
f(x).
6.16. p , f(x) Z/pZ, deg f(x) =
= n < p. D f(x),
 w

f(x), p  D.

D
p

= (1) nw .

f- [31, 4.3] .
6.17. f (x) GF (q) [x] ,
f(x) = f1 (x) . .. fk (x) f (x) , k  2. deg fi (x) = ni ,
i = 1, . .. , k, N = (n1 , . .. , nk).
2

T (x) = x + xq + xq + .. . + xq

N1

Ti (x) GF (q) [x] :


Ti (x) T (xi) (mod f(x)),

deg Ti (x) < n,

i = 1, 2, ...

T1 (x), .. . , Tn1 (x) f-.

6.4.
p. f(x) Z/pZ[x] , f(x)
. , d N f(x), d.
.
6.18. g(x) Z/pZ[x]
.
d
1. deg g(x) = d, g(x) xp x.
d
e
2. g(x) xp x g(x) xp x e < d,
deg g(x) = d.

176

. 6.

. , K =
= Z/pZ[x] / (g(x)) = GF (pd), x x (mod g(x)) K d
xp = x. l = deg g(x), K1 = GF (pl) = Z/pZ[x] / (g(x)). l
xp x (mod g(x)), , l  d.
, f(x) Z/pZ[x]
d

f(x) p = f(xp ) f(x) (mod g(x)).


K1

(6.9)

p 1 f(x) (mod g(x)) f(x) Z/pZ[x] ,


(6.9) , pl 1 | pd 1, . . l  d. , l = d,
. 
6.18.
l

B1 (x) = (f(x), xp x).


, B1 (x) f(x)
. f(x) f1 (x) = f(x) /B1 (x).
2

B2 (x) = (f1 (x), xp x).


B2 (x) f(x) .
f2 (x) = f1 (x) /B2 (x). , ,
d

Bd (x) = (fd1 (x), xp x)


f(x), d; fd (x) = fd1 (x) /Bd (x), . .
6.19.
f(x), , ,
f(x).
6.20. g(x) Z/pZ[x] , g(x) , deg g(x) = d,
g(x) g(x) . g(x) d
, xp x (mod g(x))
q, d,
 d/q

xp x, g(x) = 1.
. . . g(x) g1 (x),
l
deg g1 (x) = l < d, g1 (x) | xp x. , l | d, l = d/k.

6.4.

177

k , .
k = qr, r  2, q , ,
l
lr
g1 (x) | xp x | xp x = xd/q x. 
, f(x) Z/pZ[x] , f(x) ,
d,
. f(x) (. [85]). p = 2 p > 2.
6.21. p > 2, T = T (x)
Z/pZ[x]
f(x) = (f(x), T) (f(x), T (p

1) /2

+ 1) (f(x), T (p

1) /2

1).

. GF (p )
d
xp x. T = T (x) Z/pZ[x] .
d
d
d
T (x) p T (x) = T (xp ) T (x) xp x. 6.18 ,
d
d
d
f(x) T p T = T (T (p 1) /2 1) (T (p 1) /2 + 1),
d
d
p > 2, T, T (p 1) /2 1 T (p 1) /2 + 1 .
. 
6.22. ,
T Z/pZ[x] , deg T  2d 1,
d
D = (f(x), T (p 1) /2 1) ,
1/2, . [89, . 3, 3.4.4] . f(x)
T D. deg D = 0 deg D = deg f(x),
T; D f(x) /D .
f(x), d,
.
p = 2.
d1
6.23. p = 2, U(x) = x + x2 + x4 + ... + x2 Z/2Z[x] .
T = T (x) Z/2Z[x]
f(x) = (f(x), U(T)) (f(x), U(T) + 1).
.
d1

U(T) = T + T 2 + .. . + T 2

,
d

U(T) = U(T ) = T + T + ... + T 2 ,


2

U(T) + U(T) 2 = T 2 + T = T 2 T.

6.21. 
12 . .

178

. 6.

p > 2, , T = T (x), deg T  2d 1,


f(x) U(T) ,
1

. T (x) x, x3 , . .. , x2d1 ,
2
. . j, 1  j  2d 1,
(U(xj), f(x)) ,

1
. . , . .,
2

j, 1  j  2d 1, U(xj) 0 (mod f(x)),


U(xj 1 (mod f(x)) ( 6.23). 6.23 , U(T 2) = U(T) 2 U(T) (mod f(x)).
j, 1  j  2d 1 U(xj) 0 (mod f(x))
U(xj) 1 (mod f(x)). U(T1 + T2) = U(T1) + U(T2),
H = H(x) Z/2Z[x] , deg H(x)  2d 1,
U(H) 0 (mod f(x)) U(H) 1 (mod f(x)).
, deg f(x) > d ( deg f(x) = d, f(x)
), f(x) f1 (x) f2 (x), deg f1 (x) = deg f2 (x) = d.  f2 (x)
GF (2d). f2 (x) , GF (2d) = Z/2Z[] .
deg U(x) = 2d1 ,  GF (2d), U() = 0. P(x) Z/2Z[x] , deg P(x)  d 1,  =
= P().
T = T (x) Z/2Z[x] , deg T (x)  2d 1, T (x) 0 (mod f1 (x)),
T (x) P(x) (mod f2 (x)). U(T) U(0) 0 (mod f1 (x)), U(T)
U(P(x))  0 (mod f2 (x)), U() = U(P()) = 0.
, U(T) 0 (mod f(x)) U(T) 1 (mod f(x)).
, j,
1  j  2d 1, (U(xj), f(x)) .

6.5.

, 6.3. Z/pZ.
p . c Z/pZ
(f(x), h(x) c) . M Z/pZ, c, (f(x), h(x) c)
.

6.5.

179

M Res(f(x), h(x) c).


n

[9, . 5] . f(x) =
Ai xi Z/pZ[x] ,
h(x) =

m


i=0

Bi x Z/pZ[x] , Res(f(x), h(x) c)


i

i=0

R (n + m) (n + m),

An An1 .. .
A0
0
.......
0
0
An
.. .
A1
A0
0 .. .
0

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

0
An1 . . . . . . .
A0
0
.. .
An

R=
Bm Bm1 .. . B0 c
0
.......
0

0
Bm
.. .
B1
B0 c . . . . . . .
0

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
.. . B1 B0 c
0
0
...........
Bm
, Res(f(x), h(x) c) n
c Z/pZ.
c, (f(x), h(x) c) . M
Res(f(x), h(x) c), c, Z/pZ;
, , ,
6.1.
M . ,
, f(x) , m < n, h(x) p h(x) (mod f(x)).


(f(x), h(x) c).
(6.10)
f(x) =
cM

G(y) =


cM

(y c) Z/pZ[x] .

6.24. f(x) G(h(x)); G(y)


g(y)
Z/pZ[y] \ {0} , f(x) g(h(x)).
. I Z/pZ[y] ,
g(y) , f(x) g(h(x)). G(y) I. , I , I = (g0 (y))
g0 (y) Z/pZ[y] \ {0}. M
12*

180

. 6.



g0 (y) | G(y),
 (6.10) , M = M.
(y c) M M. 
g0 (y) =
cM

6.24 M. |M| = k k

. G(y) =
bj yj , bk = 1, m
j=0

, , 1, h(x), . .. , h(x) k Z/pZ


f(x). n1
n1


h(x) 0 (mod f(x)) = 1 =
h0j xj , h(x) (mod f(x)) =
h1j xj , ...
j=0
j=0
n1

.. . , h(x) i (mod f(x)) =
hij xj , . .., k, ,
j=0

(hk,0 , ... , hk,n1) Z/pZ


(h0,0 , ... , h0,n1), . .. , (hk1,0 , .. . , hk1,n1).
k


bj h(x) j 0 (mod f(x)),

bk = 1,

j=0

k. G(y) =

k


bj yj . -

j=0

M G(y);
, , 6.1.
f(x) GF (q) [x] , ,
[31, . 4, 2] .
A . .
[139] .
GF (q) [x] n O((n log n + log q)n(log n) 2 log log n)
GF (q). (. . 11 ).
. (, 250)
, .
; , 10 001 Z/127Z 102,5
Sun 4.

6.6.

181

6.6.


p , p > 2, r N, r  1, q = pr , K = GF (q).
f = f(x) K [x] , n =
= deg f(x)  2.
f(x), (. 1.7).
qn 1 = 2k t, t , R = K [x] / (f) qn
. f(x) , R , |R | = qn 1,
n
k
a R \ {0} aq 1 = a2 t = 1. , ,
at = 1,

at2 = 1 j,

0  j < k.

(6.11)

f(x) S
a R, (6.11).
6.25. f(x) ,
1
2

|S|  |R | 

qn 1
.
2

6.26. (6.11) a R, , f(x) . (6.11) l


a R, , f(x) 1

, 1 l .
2
.
1 . g=g(x) K [x]
, g2 | f. G



f (x)

(mod f(x))
h(x) K [x] , deg h(x) < deg g .
G = 1 + h(x)
g(x)

6.27. :
1. G R ;
2. h G \ 1 h p;
3. |G| = qm , m = deg g(x).
.



f
f
f
1 + h1
1 + h2
1 + (h1 + h2) (mod f),
g

182

. 6.

. w G \ 1, w = 1 + , wp =
g


p2
f p
f
f
= 1 + hp f p2 2 1 (mod f).
= 1+h
g

. 
6.28. w G \ 1, wS S = .
. 6.27 w p, n
n
n
wq 1 = 1. a S, aq 1 = 1, (aw) q 1 = 1. ,
aw  S, . 
6.29. a, b, G, a = b. aS bS = .
. aS bS = , S
a1 bS = , 6.28. 
6.30.
|S|  |R |/qm ,
m = deg g.
. w1 = 1, w2 , . .. , wqm G R . w1 S, .. . , wqm S R
6.29. |R |  qm |S|, . 
6.30 6.25 .
2 . f , . . f = f1 .. . fl , fi
K [x] , l  2.
di = deg fi , Ri = K [x] / (fi) = GF (qdi), i = 1, .. . , l. , R R1 ... Rl ;
a R ai a (mod fi) Ri , i = 1, .. . , l. m N,
am 1 R , am
i = 1 Ri , i = 1, ... , l.
#{a R | am = 1} =

l


#{a Ri | am = 1} =

i=1

l


(m, qdi 1),

i=1

Ri

q 1.
l

#{a Ri | am = 1} =
#{a R | am = 1} =

di

l


i=1

(#{a Ri | a2m = 1} #{a Ri | am = 1}) =

i=1

l

i=1

((2m, qdi 1) (m, qdi 1)).

6.6.

183

S = S1 S2 ,
S1 = {a R | at = 1},

|S1 | =

l


(t, qdi 1),

i=1
t2kj

S2 = {a R | a
|S2 | =

l
k 


= 1 j, 1  j  k},

((t2kj+1 , qdi 1) (t2kj , qdi 1)).

j=1 i=1

qdi 1 = 2ci bi ,

i = 1, . .. , l,

bi . , e Z0
(2e t, 2ci bi) = 2min(e,ci) (t, bi),

2e (t, bi)
e+1
ci
e
ci
(2 t, 2 bi) (2 t, 2 bi) =
0

e < ci ,
e  ci .

c = min(c1 , . .. , cl) v = min(c, k)


l
v1 

|S2 | =
2j (t, bi).
j=0 i=1

,
|S|=|S1 |+|S2 |=

l


 

v1
l


2vl 1
.
(t, bi) 1+
2lj = (t, bi) 1+ l

i=1

j=0

2 1

i=1

(qn 1, qdi 1) = 2min(k,ci) (t, bi),

l

i=1

(t, bi) =

l

(qn 1, qdi 1)

2min(k,ci)

i=1

l


(qdi 1)

i=1

i=1 2

l


2min(k,ci) = l

min(k,ci )

|R |

i=1

i=1

,


|R |
2vl 1
|S|  1 + l
l
2 1



2vl 1 |R |
 1+ l
.
vl
2 1

2min(k,ci)

184

. 6.

,


2vl 1
1
2vl  l1 ,
1+ l
2 1

v  1. l  2, |S|  |R |/2. 6.25 . 


6.31. (. [101]). p , f(x) Z/pZ[x] , deg f(x) = n.
f(x) , k,
1  k  n/2,
k

(f(x), xp x) = 1.

(6.12)

, f(x) ,
g(x), deg g(x) = k  n/2. g(x) GF (pk), k
, xp x. k = deg g(x) (6.12) . f(x) ,
k
xp x k < n. f(x) (6.12) k  n/2.

6.7.
[31, . 4, ]
.
, .
. 3 [89] ,
.
GF (q)
[60, . 7] . , ,
GF (q) O(log4 q) ( ).

.

6.7.

185

[272] .
GF (q) [x] ,
,
O(n (w+1) /2+o(1) + n1+o(1) log q)
GF (q); w . [142]
: , 0    1
n GF (q) [x] ,
O(n (w+1) /2+(1) (w1) /2 + n1++o(1) log q)
GF (q).

-, . [62] .

, . [206; 122; 207] .
.
[253]
GF (q) [x] O(n2,5 + n1+o(1) log q)
GF (q), O(n3/2) GF (q). ,
q
, .
[250; 252]
. [249]
.
[141]
.
[137] .
, , ;
. [157; 172; 100; 156; 155; 81; 125] .
[168] .
,
.

7.

7.1. .
Rn n- (, ). b1 , . .. , bn Rn .
Rn
= (b1 , . .. , bn) = Zb1 .. . Zbn = {x1 b1 + ... + xn bn | x1 , .. . , xn Z};
b1 , . .. , bn .
d(),
d() = (det (bi , bj)i,j=1,...,n) 1/2 .
;
1, d() .
:
d() 

n


|bi |,

i=1

|b| b Rn . e1 , . .. , en n

Rn , bi =
bij ej , i = 1, . .. , n,
j=1

d() = | det bij i,j=1,...,n |.


7.1. [24] .
.
, . . Rn
.
.
b1 , .. . , bn Rn .

7.1. .

187

b1 , ... , bn
b1 = b1 ,

bi = bi

i1


ij bj ,

i = 2, ... , n,

j=1

ij = (bi , bj ) / (bj , bj ),

b1 ,

1  j < i.

bn


. .. ,
.
- ,
. .
Rn G , . G
: {a1 , .. . , an }, {b1 , ... , bn } G
{a1 , . .. , an } < {b1 , . .. , bn },
j , i < j
|ai | = |bi |, |aj | < |bj |.
7.2. G < .
, .
. , Zn e1 , .. . , en .
<T .
a = (x1 , .. . , xn), b = (y1 , . .. , yn , ), a, b Rn . , a <T b, |a| < |b|, |a| = |b| j , xi = yi
i < j, xj > yj (. .
). , Rn <T . <T G :
{a1 , . .. , an }, {b1 , .. . , bn } G ,
{a1 , . .. , an } <T {b1 , . .. , bn },
j , ai = bi i < j, aj <T bj .
7.3. G <T .
7.4. , . [217, . 3]
.

188

. 7.


, . [217, . 3, 5] . - ,
(LLL- ), .

7.2. LLL-
7.5. b1 , . .. , bn Rn
LLL-, b1 , .. . , bn ij ,

(. 7.1), :
1
2

|ij |  ,

1  j < i  n,

(7.1)

3
4

(7.2)

|bi + ii1 bi1 |2  |bi1 |2 .

7.6. LLL-

[160] . (7.2) , bi + ii1 bi1 ,


bi L (b1 , .. . , bi2) , bi L (b1 , . .. , bi2) .
LLL- .
7.7. b1 , . .. , bn LLL- Rn . :

1. |bj |2  2i1 |bi |2 i, j, 1  j < i  n;


n

|bi |  2n(n1) /4 d();
2. d() 
i=1

3. |b1 |  2 (n1) /4 d() 1/n .

. bi ,
|bi + ii1 bi1 |2 = |bi |2 + 2ii1 |bi1 |2 .
2ii1  1/4, (7.2) ,

1
2

|bi |2  |bi1 |2 .

|bj |  2ij |bi |2 ,

(7.3)

7.2. LLL-

189

i  j. bi ,



 1

|bi |2 = |bi |2 +
2ij |bj |2  |bi |2 1 +
2ij =
i<j

1j<i



1
= |bi |2 1 + (2i1 1)  2i1 |bi |2 .
2

|bj |2

|bi |2 ,

|bj |  2
2 2

.
. ,
2

n


j1

j1

n

|bi |  2

i=1

i1
2

i=1

ij

n


|bi | = 2

n(n1)
2

d().

i=1

( [b1 , .. . , bn ] , i- bi),

d() =
det[b1 , .. . , bn ]
=
det[b1 , ... , bn ]
=
n

1/2 


1/2

=
det [b1 , .. . , bn ] [b1 , . .. , bn ] T
=
det (bi , bj )
=
|bi |.
i=1

|b1 |2  2i1 |bi |2 ,

i = 1, . .. , n,

,
|b1 |2n  2n(n1) /2

n


|bi |2 = 2n(n1) /2 d() 2 ,

i=1

. 
7.8. b1 , . .. , bn LLL- . x \ 0
|b1 |2  2n1 |x|2 .
7.9. 7.8 , b1
.
n

ri bi \ 0, ri Z. . x =
i=1
n


x x = ri bi , ri R. i0 ,
i=1

190

. 7.

ri = 0, , ri0 = ri0 . (

bi )
|x| =
2

n


(ri ) 2 |bi |2  r2i0 |bi0 |2  |bi0 |2 

i=1

1
1
|b1 |2  n1 |b1 |2 ,
2i0 1
2

. 
7.10. b1 , .. . , bn LLL- , x1 , ... , xt .
j  t
|bj |2  2n1 max(|x1 |2 , . .. , |xt |2).
. xi :
xi =

n


rij bj ,

rij Z,

i = 1, . .. , t.

j=1

i, 1  i  t, j(i) j ,
rij = 0. , 7.8,

|xi |2  |bj(i) |2 , i = 1, .. . , t.
, , j(1) 
 j(2)  ...  j(t). j(i)  i, i = 1, .. . , t,
i , j(i) < i, x1 , .. . , xi L (b1 , ... , bj(i) ), x1 , . .. , xi . 7.7

|bi |2  2j(i)1 |bj(i) |2  2n1 |xi |2 ;


j(i). 

7.3. LLL-

LLL-
Rn . 7.2.
LLL- .
b1 , . .. , bn - . b1 , .. . , bn LLL- .
k {1, 2, . .. , n + 1}. k = 2; k = n + 1, LLL-
.

7.3. LLL-

191

k () k

|ij |  1 ,
1  j  i < k,
2
() k
|b +  b |2  3 |b |2 , 1 < i < k.
ii1 i1
i
i1
4

k = 2, () 2 , i 1 < i < 2. k = n + 1, () n+1 ,


( ).
, k, 1 < k < n + 1, () k . () k+1 .

1
2

|k,k1 |  .

(7.4)

(7.4) , .
r k,k1 , bk

bk rbk1 = bk +

k2


(kj rk1,j)bj + (k,k1 r)bk1 .

j=1

k,k1 k,k1 r,
(7.4). k,j kj rk1,j ,

j = 1, .. . , k 2. ij bi i < k

i > k, bk . , bi
bi L (b1 , ... , bi1) ; bk bk rbk1

, , bi .

, ij = (bi , bj ) / (bj , bi ), , i = k, ij


, bi bj .
() k+1 , (7.4)
.
1 . k  2

3
4

|bk + k,k1 bk1 |2 < |bk1 |2 .

(7.5)

bk bk1 . bk1 bk k,k1 , k1,j , k,j , i,k1 , i,k ,

j < k 1 i > k. bi , bi ij


, , . . , L (b1 , . .. , bi) i = k, k 1

, bi i = k, k 1 .

192

. 7.

bk bk1 ? bk +
+ k,k1 bk1 bk L (b1 , .. . , bk2) ,
bk1 L (b1 , .. . , bk2) .

, bk1 bk1 L (b1 , ... , bk2) ,


bk L (b1 , .. . , bi) .
(7.5) , |bk1 |2
3/4 .
bk bk1 , k k 1 () k1 .
2 . k = 1,
3
4

|bk + k,k1 bk1 |  |bk1 |2 .

(7.6)

k = 1, k 2 ,
. . () 2 .
(7.6) k > 1,

1
2

|kj |  ,

1j<k1

(7.7)

( j = k 1 (7.7) (7.4)). l
1

, |kl | > . l  k 2. r 2
kl bk bk rbl . kj

kl r. ij bi
. , l, l = 1. () k+1 .
() n+1 , , b1 , . .. , bn ; , . . k.
.
, .
di = det (bj , bl)1j,li ,

i = 1, . .. , n.

,
di = det (bj  bl T) = (det bj 1ji) 2 =
=

(det bj 1ji) 2

= det(bj  bl T)

i

j=1

|bj |2 .

7.3. LLL-

193

2
k , ,
1 . ,
1 k dk1 3/4 ,
|bk1 |2 .
di
, . ,
m() ,
m() 

  (i1) /2
4
3

1 i

di / ,

i = 1, . .. , n

(. [24, . 2]). k 1 . ,
.
7.11 (. [160]). Zn
b1 , .. . , bn ,
|bi |  B,

i = 1, ... , n,

B R, B  2, LLL- O(n4 log B) . , , O(n log B) .


7.12. [89, . 2] - LLL- ,
.
7.13. [149] c = 3/4

3
4

|bi + i,i1 bi1 |2  |bi1 |2 .


c

1
+
0,99.
4

7.14. LLL- [239] .


.
13 . .

194

. 7.

7.4.
LLL-
LLL- . [239; 102; 240; 216] [89] .
Bi :

Bi = (bi , bi ),

i = 1, ... , n.

LLL-
. LLL- .
,
LLL-,
,
.
LLL- . k > i; bk bi1 bi
.

bk = bk +

k1


kj bj = bk + v +

j=1

v =

k1

j=i

i1


kj bj ,

j=1

kj bj , bk bi bi1

bi bi,new :

bi,new = bk + v = bk +

k1


kj bj .

j=i

bi Bi,new :


k1
k1
k1




Bi,new = bk +
kj bj , bk +
kj bj 4 = Bk +
2kj Bj .
j=i

j=i

j=i



3
Bi,new , Bi,new  Bi ,
4
; i = k 1,
LLL-. i = k 1,
ij ,
LLL-;

7.4. LLL-

195

. - LLL-
[89, . 2, 2.6.4] .
LLL-
LLL-. . , G = (bi , bj)i,j=1,...,n
b1 , . .. , bn ( , , , Zn).
, .
7.15.
( 7.3)
d0 = 1, di =
= det (bj , bl)j,l=1,...,i , i = 1, ... , n. , i, 1  i  n,
j < i :
1. di1 Bi Z, di ij Z;

2. m, j < m  i, di
ik mk Bk Z.
1kj

. 7.3 ,
di =

i


|bj |2 =

j=1

i


Bj .

j=1

di = di1 Bi Z. j < i.
v = bi

j


ik bk = bi +

k=1

i1


ik bk .

(7.8)

k=j+1

, (v, bk) = 0 k = 1, . .. , j. L (b1 , . .. , bk) =

= L (b1 , .. . , bk),
(v, bk) = 0,

k = 1, ... , j

(7.9)

v = bi

j


xk bk

(7.10)

k=1

x1 , . .. , xk R. (7.8) (7.9)



(bi , b1)
(b1 , b1) .. . (b1 , bj)
x1
.. . = . . . . . . . . . . . . . . . . . . . . . . .. . .
xj
(bi , bj)
(bj , b1) .. . (bj , bj)
13*

196

. 7.

, , xk = k ,
dj
k = 1, . .. , j, mk Z.
j


xk bk =

k=1

j


ik bk ,

k=1

xj = ij , .
. v, (7.8),
dj v = dj bi

j


dj xk bk ,

k=1

di xk Z. , dj v ,
(dj v, bm) Z m = 1, ... , n.


j


dj bi
ik bk , bm Z, m = 1, .. . , n.
k=1

dj


j

ik bk , bm

Z,

m = 1, . .. , n.

k=1

j < m  i. bm = bm +

dj


j

ik bk , bm


= dj


j

k=1

m1

l=1

ml bl

ik bk , bm +

k=1

m1


ml bl

l=1

= dj

j


ik mk Bk Z,

k=1

. 
7.16.
ij = dj ij Z

i < j,

ii = di .

i, j, , j  i,
dk uk1 ik jk
u0 = (bi , bj), uk =
, k = 1, ... , j 1.
dk1

uk Z, uj1 = ij .

7.4. LLL-

. ,


k

il jl
uk = dk (bi , bj)
.
l=1

197

(7.11)

dl dl1

k = 0 . m < k (7.11) .



k1

ik jk
il jl
d u
d
1
= dk (bi , bj)

ik jk ,
uk = k k1 k
dk1

dk1

dk

l=1

dl dl1

dk dk1

(7.11) k. (7.11) ,


k

uk = dk (bi , bj)
il jl Bl ,

(7.12)

l=1

il jl
dl dl1

dl
  = Bl il jl .
dl1 il jl

(7.12) , uk Z. uj1 = ij
(7.12),


j1

il jl Bl =
uj1 = dj1 (bi , bj)
l=1




j1
j1
i1



= dj1
bi +
it bt , bj +
js bs
il jl Bl =

= dj1 ij Bj +

t=1


j1

s=1

s=1


j1

is js Bs

il jl Bl

l=1

= dj1 ij Bj = dj ij = ij .

l=1

. 
LLL- . b1 , .. . , bn , G.
H, LLL- . . -
[89, . 2, 2.6.7] .
LLL-, , MLLL- .

198

. 7.

b1 , ... , bn Rn , = Zb1 + . .. + Zbn Rn ,


b1 , .. . , bn . MLLL- Z- LLL- . -
[89, . 2, 2.6.8] .

7.5. LLL-
LLL- , . [89, 2.7] . LLL-:
.
z1 , .. . , zn , z1 = 0.

x1 z1 + .. . + xn zn = 0,

x1 , ... , xn Z,

(7.13)

xi 0. N
Q(a1 , ... , an) = Q(a) = a22 + . .. + a2n + N(z1 a1 + . .. + zn an) 2 .

(7.14)

Q(a) , Rn .
x1 , ... , xn , (7.13), :
(a1 , . .. , an) Zn , Q(a), z1 a1 + ... + zn an
, aj j > 1.
z1 , . .. , zn ,
(7.13).
Rn , bi = (i1 , ... , in), i = 1, .. . , n, ij
. LLL- 7.3 ( 7.4) LLL- (
Rn Q(a) (7.14)).
LLL- ,
, , (7.13),
.

7.5. LLL-

199

7.17. b1 , ... , bn Zn ,
i1 = zi /z1 ,
i = 2, . .. , n;
ij = 0,
2  j < i  n;

bi = bi

zi
b ,
z1 1

i = 2, . .. , n.

, Bi = |bi |2 bi , Q(a),
B1 = Nz21 ,

Bi = 1

i = 2, . .. , n.

. [u, v] Rn ,
Q(a).
1
2

[u, v] = (Q(u + v) Q(u) Q(v)).


,

b1 = b1 = (1, 0, .. . , 0),
 z

z

bi = bi i b1 = i , 0, . .. , 1, ... , 0 ,
z1

z1

i = 2, . .. , n,

. , i, j  2, i = j,
Q(bi + bj ) Q(bi ) Q(bj ) =
= 1 + 1 + N((zi zj) + zi + zj) 2
(1 + N(zi + zi) 2) (1 + N(zj + zj) 2) = 0
, j  2,

Q(b1 + bj) Q(b1) Q(bj ) =


= 1 + N((z1 zj) + zj) 2 Nz21 (1 + N(zi + zi) 2) = 0.
Bi . 
, N
(7.14). N ;

N. [89, . 2]
N

;
, zi
2
1 (, (106 ; 106))

.
:

200

. 7.

, xi (7.13) X,

X3n/2 . Xn
(, , X
).
().
z1 , .. . , zn R, , N N. x1 z1 + ... + xn zn xi Z, .
1 . b1 , .. . , bn Zn

7.17 b1 , ... , bn ij .


2 . b1 , . .. , bn ( b1 , . .. , bn ij) LLL- 7.3; Rn
(7.14). LLL-
Zn .
3 . LLL-
; x 1, . .. , xn , , (7.13), .
.
7.18. LLL- LLL- , 7.4, .
. , = Zb1 + . .. + Zbn
Rn , C ;
b ,
(7.15)
|b|2  C.
;
, n.
b , b = x1 b1 + .. . + xn bn x1 , ... , xn Z.
(7.15)
|Q(x)| = |Q(x1 , . .. , xn)|  C,

Q(x1 , . .. , xn) = (x1 b1 + .. . + xn bn , x1 b1 + . .. + xn bn) =

n

i,j=1

(bj , bj)xi xj

7.5. LLL-

201

.


2
n
n


qii xi +
qij xj , qii > 0.
(7.16)
Q(x) =
i=1

j=i+1

Q(x)
Q(x) =

n


aij = (bi , bj), aij = aji .

aij xi xj ,

i,j=1

a11 = (b1 , b1) .


Q(x) = a11 x21 + 2

n


a1j x1 xj +

n
n 


j=2

aij xi xj =

i=2 j=2



2
n
n

a1j
a1j
x1 xj +
xj
= a11 x21 + 2
+
j=2

n
n 


a11

aij xi xj

i=2 j=2


n
a1j
j=2

Q1 (x2 , ... , xn) =

a11

xj


2
n

a1j
xj + Q1 (x2 , . .. , xn),
= a11 x1 +
j=2

a11

j=2

n
n 

j=2 j=2

aij xi xj

a11


n
aij
j=2

a11

2
xj

,
Q(x1 , . .. , xn) = a11 y21 + Q1 (y2 , .. . , yn).
Q1 (x2 , ... , xn) Q(x) (7.16). (7.16)
Q(x).
.
Q(x) = Q(x1 , ... , xn) (7.16) C. x Zn , Q(x)  C
( x ).

202

. 7.

1 . i := n,
Ti := C, Vi := 0.
2 . z := Ti /qii , Li := [z Vi ] , xi := z Vi  1.
3 . xi := xi + 1. xi > Li , i := i + 1 3- .
i > 1
i

Ti1 := Ti qii (xi + Vi) 2 , i := i 1, Vi :=
qij xj
j=i+1

2- .
4 . (x1 , . .. , xn) = (0, . .. , 0), . x = (x1 , . .. , xn),
Q(x) = C T1 + q11 (x1 + V1) 2 3 .
.
, . ,


 x1 , ...
, xn . i = n, Tn = C,
Vn = 0, z = C/qnn , Ln = C/qnn , xn =  C/qnn  1. xn Z, x = (x1 , .. . , xn)
Q(x)  C. , x = (x1 , ... , xn) Q(x)  C (7.16) ,
qnn x2n  C, |xn |  +C/qnn , xn  Ln (
) xn   C/qnn . 3 Tn1 c qn,n1 x2n , Vn1 qn1,n xn
2 . (
xn) xn1 .

qn1,n1 (xn1 + Vn1) 2  Tn1 ,


|xn1 + Vn1 | 

Tn1
= z.
qn1,n1

xn1  z Vn1 ,
xn1  z Vn1 , xn1  Ln1 . ,
3 xn1 > Ln1 , xn1 ( xn),
xn . , , xn xn1 , xn2 . , ()
xn 0 ()

7.6.

203

xn = 0 0. , , x, Q(x)  C,
. , 3
Ti1 := Ti qii (xi + Vi) 2 Ti1  0,

xi  Li xi  z Vi  ,

|xi + Vi |  Ti /qii = z.
.
Q(x) = xT Ax, A A = RT R R,
LLL- R1 .
xi ;
.
. [121] [89, . 2] .
7.19. , NP-. NP- | | | |1 Rn , . [48] .

7.6.
,
. [117] , . [116; 119; 120; 118; 76] .
.
7.5.
. n N, n  2.
n

a2ij .
A = aij  n n |A| =
i,j=1
, |A + B|  |A| + |B|, |AB|  |A| |B|.
x = (x1 , .. . , xn) Rn . m Zn , m = 0,
,
xmT = 0.

(7.17)

, x ,
(7.17) .
P n n:
P = xxT In xT x,

(7.18)

Il l l, l = 1, 2, 3, ...

204

. 7.

xP = xxT (xIn x) = 0. , y Rn , yP = 0,
y(x, x) (y, x)x = 0,
yi = xi

(y, x)
. , rank P = n 1.
(x, x)

H n (n 1), (L (x)) . , rank H = n 1, xH = 0.


, H. vi i-
H, i = 1, ... , n; vi Rn1 . H0 = 0 Rn1 ,

v1
Hi = ... , i = 1, ... , n.
(7.19)
vi
i  1 Hi i (n 1), Hn = H.
G0 = 1 i i

(v1 , v1) . .. (v1 , vi)


Gi = . . . . . . . . . . . . . . . . . . . . . . = Hi HiT ,
(vi , v1) . .. (vi , vi)

(7.20)

i = 1, . .. , n. x , Gi 1  i < n. , xH = 0,
x1 v1 + .. . + xn vn = 0. , vn
v1 , . .. , vn1 , rank H = n 1, v1 , . .. , vn1 . , Gi v1 , . .. , vi
i < n.
Pi = HiT G1
i Hi ,

i = 0, 1, ... , n,

(7.21)

Pi (n 1) (n 1).
Qi = In1 Pi ,

(7.22)


C(k, j) = vk Pj Qj1 vTj ,

1  j  k  n.

(7.23)

j, k C(k, j) = 0.
C(H), H.
. x, H xA1 , AH A,
.
1.
0. xi = 0,
.

7.6.

205

1. T = Tkj 
n n, , 1  j < k  n Tkj
 T C(i, j)
C(k, j)
ki
+
.

C(j, j)

j<i<k

C(j, j)

( , C(j, j) = 0, . . Tkj .)
x, H, C(H) xT 1 , TH, C(TH).
2. i, 1  i < n, ,
2i C(i, i) = max 2j C(j, j).
1i<n

E n n- i- (i + 1)- H.
x, H, C(H) xE1 , EH, C(EH).
3. A = ET.
.
, A, 3 , .
H, ,
.

1 ... 0
x1
. . . . . . . . . . . . . . . .

X=
0 ... 1 xn1 ,
0 ... 0 xn
PX = (H0T). , PX PxT = 0,
, P = PT . , X rank H = rank PX = rank P = n 1. xP = 0,
xPX = 0, , H .
A0 = In , x (0) = x, H (0) = H
(7.24)
x (k) , H (k) , Ak , k = 1, 2, .. .
k  1 x (k1) , H (k1)
x (k1) , x (k1) , H (k1)
1. 3- A = Ak .
(k)
x (k) = x (k1) A1
= Ak H (k1) (,
k , H
1).
1
Rk = A1
1 .. . Ak ,

(7.25)

206

. 7.

x (k) = xRk ,

H (k) = R1
k H.

(7.26)

, x
xxT = 1,

0 < x1 < .. . < xn .

(7.27)

.
7.20. x m M. k,

(7.28)
k < 2n+1 n log(3n3 M2),
Rk .
, ,
. - Hj , Gj , Pj , Qj
(7.19), (7.20), (7.21), (7.22), rank Hj = j
1  j  n 1, rank H = n 1, vj H, Gj
j  n 1.
V = L (v1 , ... , vn),
(7.29)
dim V = n 1.
7.21. j, k, 1  j, k  n,
:
1) PjT = Pj , QTj = Qj , Pj Pj = Pj , Qj Qj = Qj , Pj Qj = 0, v Rn ,
vPj = 0 (vQj = 0), vPj vT > 0 (vQj vT > 0);
2) Pj Pk = Pmin(j,k) , Qj Qk = Qmax(j,k) , Pj Qk = Pj Pmin(j,k) = Qk Qmax(j,k) ;
3) j  k VPj VPk , VQj VQk , vj = vj Pk , Pj Qk = 0;
4) Qk Pj = Pj Qk ;


(Qj1 Qj) =
Pj Qj1 5) In1 =
1jn1

1jn1

In1 ;
6) rank Pj Qj1 = 1, vj Qj1 = 0 1  j  n 1.
. GTj = Gj , , PjT = Pj , QTj = Qj . , Pj Pj = HjT (Hj HjT) 1 Hj HjT (Hj HjT) 1 Hj = Pj ;
(7.22) , Qj Qj = Qj . Pj Qj = Pj Pj2 = 0. , vPj = 0 , vPj vT = vPj2 vT = vPj PjT vT > 0; ,
vQj = 0 vQj vT > 0. ,
.

7.6.

, V =

n


207

Rvj ,

j=1

VPk =

k


Rvj .

(7.30)

j=1

v1
.. . ,
Pk = (vT1 . .. vTk )G1
k
vk

l  k

v1
... = vl .
vl Pk = ((vl , v1) ... (vl , vk))G1
k
vk

l > k

k
v1

...
vl Pk = ((vl , v1) .. . (vl , vk))G1
Rvj .
k
vk
j=1

(7.30) , j  k
VPj VPk ,

vj = vj Pk .

(7.31)

In1 = Pj + Qj , V = VPj + VQj . , Pj Qj = 0. , (uPj , wQj) =


= (uPj QTj , w) = 0. VPj VPk j  k ,
VQj VQk . , j  k Pj Qk = 0,
Pj Qk = 0, u , w = uPj Qk = 0.
0 < (w, w) = (uPj Qk , uPj Qk) = (uPj Qk , uPj). uPj Qk VQk ,
uPj VPj , VPj VQk . ,
.
G0 H0 , P0 = 0 ,
T
Q0 = In1 . Pn1 = Hn1
GTn1 Hn1 = In1 , T
Hn1 , Gn1 = Hn1 Hn1
. , Qn1 = 0.

n1

In1 =
(Qj1 Qj).
(7.32)
j=1

, Pj Pk =Pmin(j,k) . jk. Pj Pk = (In1 Qj)Pk =


= Pk Qj Pk = Pk , (Qj Pk) T = Qj Pk = 0

208

. 7.

.
.

Qk Pj = QTk PjT = (Pj Qk) T = (Pj Pmin(j,k) ) T = Pj Pmin(j,k) = Pj Qk .
In1 =

n1


Pj Qj1 (7.32)

j=1

Qj1 Qj = Pj Qj1 .
.
i = j
(Qj1 Qj) (Qi1 Qi) = Qj1 Qi1 Qj Qj1 Qj1 Qi + Qj Qi = Mij .
i < j, Mij = Qj1 Qj Qj1 + Qj = 0, i > j. .
, . rank Pj Qj1  1, v V


j
j

vPj Qj1 =
l vl Qj1 =
l vl (In1 Pj1) = j vj (In1 Pj1).
l=1

l=1

Pj Qj1 (n 1)- V
n1

. In1 =
Pj Qj1 n 1,
j=1

1 vj Qj1 = 0 j = 1, ... , n 1. 
7.22. C(j, j) = vj Pj Qj1 vTj > 0.
7.23. B n n;
Bj j j, j
B, j = 1, ... , n. det Bj = 0,
Hj = Bj Hj , j = 1, . .. , n, Pj , Qj
(7.21) (7.22) Hj Hj . Pj = Pj , Qj = Qj .
.
T

Pj = Hj (Hj Hj ) 1 Hj = HjT BTj (Bj Hj HjT BTj ) 1 Bj Hj =


= HjT BTj (BTj ) 1 (Hj HjT) 1 B1
j B j Hj = P j .
Qj = Qj . 

1

[[]]  {{}} =  [[]] ;  = + n,


2
n Z, , [[]] = n.

7.6.

209

7.21 ,
vk = vk In1 =

k


aki vi Pi Qi1

(7.33)

i=1

aki R, k = 1, ... , n. , vi Pi = vi
i1

vi Qi1 = vi vi Pi1 = vi +
ij vj , aki j=1

. , , akk = 1, k = 1, .. . , n.
C(k, j) = vk Pj Qj1 vTj (7.23).
akj =

C(k, j)
,
C(j, j)

1  j < k  n.

(7.34)

, (7.23) 7.21
C(k, i) = vk QTi1 PiT vTi = (vk , vi Pi Qi1) =
= aki (vi Pi Qi1 , vi Pi Qi1) = aki C(i, i),
(7.34).
Dk,j :
Dk,k1 = [[ak,k1 ]] ,

k = 2, . .. , n,

(7.35)

k, j, k  n, k 1 > j  1,
!!
""

Dk,i aij .
(7.36)
Dk,j = akj
j<i<k

k j, n  k, j  1,
Dkj = 0.

(7.37)

D = Dk,j k,j=1,...,n , ,
B = In D

(7.38)

.
B1 = In + D + D2 + .. . + Dn1 .

H = BH.
H vk ,

vk = vk
Dk,j vj .
1j<k
14 . .

(7.39)

(7.40)

210

. 7.

7.23 (7.33) ( , Pj = Pj
Qj = Qj) vk , k = 1, .. . , n:
vk =

k


akj vj Pj Qj1 ,

akj R.

(7.41)

j=1

7.24. 1  j < k  n |akj | 


 1/2.
. j < k. (7.40) 7.21, . 4


vk Pj Qj1 = vk Pj Qj1 = vk Pj Qj1
Dk,i vi Pj Qj1 =
1i<k

= akj vj Pj Qj1

Dk,i vi Pj Qj1 =

ji<k




= akj
Dk,i aij vj Pj Qj1 ,

(7.42)

ji<k

(7.33) . (7.40) 7.21


vj Pj Qj1 = vj Pj Qj1 .

(7.43)

vj Pj Qj1 vTj = vj Pj Qj1 vTj ,

(vj Pj Qj1 , vj) = (vj Pj , vj Qj1) =


= (vj Pj , (vj

Djl vl)Qj1) = (vj Pj , vj Qj1).

l<j

, (7.42) (7.43)



vk Pj Qj1 vTj = akj
Dki aij vj Pj Qj1 vTj =
ji<k







T
= akj
Dki aij vj Pj Qj1 vj = akj
Dki aij C(j, j).
ji<k

ji<k

7.6.

211

akj =

vk Pj Qj1 vTj
vj Pj Qj1 vTj

= akj

Dki aij = akj

ji<k

Dki aij Dkj .

j<i<k

(7.36)
ajj = 1. 
i, 1  i < n. Tin i i + 1
H (Tin n n).

v1
. ..

vi+1


H = Tin H =

vi
. ..
vn
i , Pj , Q
j , (7.19),
H
H
i . H
i (7.21) (7.22), H Hi H



i = Hi1 .
H
vi+1
n v j , j = 1, .. ., n. Tij j j,
H
j Tin . j = i,
Tij , ,
7.23, Bj = Tij . ,
Pj = Pj ,

j = Qj ,
Q

1  j  n 1, j = i.

(7.44)


In1 =

n1


j1 =
Pj Q

j=1

i1


i +
Pj Qj1 + Pi Qi1 + Pi+1 Q

j=1

n1


Pj Qj1 .

j=i+1

u, w u w,
.
7.25. 1  i < n,  = vi+1 Qi1 , vi Qi1 .
i1 v Ti = vi+1 Qi vTi+1 csc2 ,
v i Q

i v Ti+1 = vi Qi1 vTi sin2 .


v i+1 Q

. v = u + cw, uwT = 0,
(vwT) 2 = c2 (wwT) 2 ,
14*

c2 wwT = vvT cos2 v, w ,

uuT = vvT sin2 v, w .

212

. 7.

i1 , v i Q
i1 = vi Qi1 , vi+1 Qi1 = . ,  = v i+1 Q

i = v i+1 Pi+1 Q
i = vi Qi , v = v i+1 Q
i1 = vi Qi1 ,
u = v i+1 Q



w = v i Pi Qi1 = v i Qi1 = vi+1 Qi1 .
7.21 , uwT = 0. , w, v = ,
, v = u + cw c.
7.21
i1 = Q
i1 Q
i ,
Pi Q
i1 Q
i) = v i+1 Pi Q
i1 = cv i Q
i1 = cw
v u = v i+1 (Q
c R.

i1 = v i Pi Q
i1 ,
u = vi+1 Qi = vi+1 Pi+1 Qi , v = vi+1 Qi1 = v i Q
w = vi Qi1 = vi Pi Qi1 = 0.
uwT = 0. Qi1 Qi = Pi Qi1 ,
vi+1 (Qi1 Qi) = vi+1 Pi Qi1 = cvi Pi Qi1 = cw
c R. v, w = , . 
7.26. i, 1  i < n , ai+1,i =
= {{ai+1,i }}
vi Qi1 vTi > 2vi+1 Qi vTi+1 ,

3vi Qi1 vTi > 4vi+1 Qi1 vTi+1 .


. Qi1 Qi = Pi Qi1 ,
vi+1 Qi1 = vi+1 Qi + ai+1,i vi Qi1 ,
.
vi+1 Qi1 vTi+1 = vi+1 Qi vTi+1 + a2i+1,i vi Qi1 vTi .
, ,
4vi+1 Qi1 vTi+1 < 2vi Qi1 vTi + vi Qi1 vTi ,
4a2i+1,i  1. 

7.6.

213

,
L(H) =

n1


(2n 2j + 1)vj Qj1 vTj .

(7.45)

j=1

(A)
A.
7.27. B akj (7.33) (7.38).

n1
n


1) (HHT) =
a2kj vj Qj1 vTj ;
1+
j=1

k=j+1

2) k, j, k = j, akj = {{akj }},


(HHT) < L(H);
3) H = BH L(H) = L(H).
. ,
k

vk vTk =
a2kj vj Qj1 vTj .
j=1

(HHT) =

n

k=1

vk vTk =

k
n 


a2kj vj Qj1 vTj =

k=1 j=1


n1 
n


a2kj vj Qj1 vTj
1+
j=1

k=j+1

( , akk =1, Qn1 =0). , akj ={{akj }}


n

nj
k = j, 1 +
a2kj  1 +
. 4

k=j+1

. , H = BH 7.24
,
vj Qj1 vTj = vj Pj Qj1 vTj = vj Pj Qj1 vTj = vj Qj1 vTj ,
. 
7.28. i, 1  i  n 1, ,
2i vi Qi1 vTi  2j vj Qj1 vTj
j = 1, . .. , n 1.
L(H)  2n nvi Qi1 vTi .
.
vj Qj1 vTj  2ij vi Qi1 vTi ,

214

. 7.

L(H)  2i vi Qi1 vTi

n1

2n 2j + 1
j=1

2j

 2i+1 nvi Qi1 vTi ,

i  n 1 n  2. 
7.29. i , 7.28;
 = Tin H. ai,i+1 =
Tin H
= {{ai,i+1 }}.


  1 1
L(H)
L(H).
2n+1 n

. (7.44) 7.25
 = (2n 2i + 1) (vi Qi1 vTi v i Q
i1 v Ti ) +
L(H) L(H)
i v Ti+1) =
+ (2n 2i 1) (vi+1 Qi vTi+1 v i+1 Q
i1 v Ti ) +
= (2n 2i + 1) (vi Qi1 vTi v i Q
i1 v Ti sin2  vi Qi1 vTi sin2 ) =
+ (2n 2i 1) (v i Q
= (2n 2i + 1 (2n 2i 1) sin2 ) (vi Qi1 vTi vi+1 Qi vTi+1).
  2(vi Qi1 vTi vi+1 Qi vT ). i
L(H) L(H)
i+1
7.26, , 7.28,
  2(vi Qi1 vTi /4) 
L(H) L(H)

L(H)
.
2n+1 n

. 
7.30.
L(H) < (xxT) 2 n2 .
. In1 = Pi1 + Qi1 In1 , vj Pj1 vTj  0,
vj vTj = vj Pj1 vTj + vj Qj1 vTj  vj Qj1 vTj  0.
P ,
vj vTj = (xxT) 2 x2j (xxT + x2n)  (xxT) 2 ,
j = 1, . .. , n 1.
L(H) 

n1


(2n 2j + 1)vj vTj  (xxT) 2 (n2 1),

j=1

. 

7.6.

215

7.31. m Zn \ 0 .
A n n :
0 < (xxT) 2  (mmT)|AP|2 ,
0<

(xn xxT) 2
 (mmT)|AH|2 .
(xxT + x2n (n 1))

. 1  |AmT |,
0  xxT  |AxxT mT | = |APmT |  |AP| |m|.
, P = (H0T)X1 , |AP|2  |AH|2 |X1 |2 , |X1 |2 =
= n 1 + xxT /x2n . . 
7.20. xxT = 1, 0 < x1 < .. . < xn , xxT 
 nx2n ,

1
T
 n. A = R1
k . xm = 0;
x2n

PX = [H0T ] . |X1 |  2n 1.
7.27 7.31 ,
|AH|2  L(AH),
1 < 3n(mmT)L(AH).

n =

(7.46)

1
. 7.29
2n+1 n
k
L(R1
k H)  (1
n) L(H).

7.30
k
T 2 2
k 2
L(AH) = L(R1
k H) < (1
n) (xx ) n = (1
n) n .

(7.46) ,
1 < 3n3 (mmT) (1
n) k .
t, 0 < t < 1, et > 1 t,
1 < 3n3 (mmT)ekn .
log(3n3 (mmT))

= 2n+1 n log(3n3 M2). 7.20 .


n
2 ( ).
x Rn . 2 1 1
x (k) , H (k) , Ak (7.24) Rk = A1
1 . .. Ak , k = 1, 2, ...
k <

216

. 7.

m Zn M, (7.17), k, (7.28),
Rk .
.
7.32. , 2 O(2n2 log M + 20n3)
.

7.7.
. LLL- , . LLL-
, .
, LLL- , , .
7.5,
.

. 7.5 7.6 .
[129] .

8.


8.1.
Z[x] .
LLL- , . , . . [160] .
.
, .
f(x) Z[x] , 1.
Q [x] Z[x] .
f0 (x) Q [x] Q [x] . f0 (x)

,
f(x) Q [x] Q [x] .
. f(x), g(x), h(x) Z[x] , deg g(x)  1, deg h(x)  1,
g(x) h(x) , f(x) = g(x) h(x), f(x) .
l
m
n



ak xk .
. g(x) = bi xi , h(x) = cj xj , f(x) =
i=0
j=0
k=0


ak =
bi cj , 0  k  n.
(8.1)
i+j=k,
0il,
0jm

, f(x) . p,
ak , k = 0, . .. , n. g(x) i0 , , p | bi i > i0 , p  bi0 . ,

218

. 8.

j0 , , p | cj j > j0 , p  cj0 . k0 = i0 + j0 . (8.1) p



ak0 = bi0 cj0 +
bi cj ,
i+j=i0 +j0 ,
i>i0 ,
j>j0


p, . 
8.2. f (x) Z[x] , f(x)
Z[x] . f(x) Q [x] .
. , f(x) = g(x) h(x), g(x),
h(x) Q [x] , deg g(x)  1, deg h(x)  1. , g(x) h(x)
,

f(x) =

A
g (x)h1 (x),
B 1

A Z, B N, (A, B) = 1, g1 (x), h1 (x) Z[x] , g1 (x) h1 (x) .


(8.2)
Bf(x) = Ag1 (x)h1 (x).
, B Ag1 (x)h1 (x), g1 (x)h1 (x) (
) (A, B) = 1 , B = 1. (8.2)
, f(x) Z[x] , . 
, f0 Q [x]
f(x) Z[x]
Z[x] .
f(x) =

n


a i xi ,

n = deg f(x)  2,

(8.3)

i=0

a i Z, i = 0, . .. , n 1, a n N, a 0 , .. . , a n
.
8.2 8.5.
m

 h(x) = hi xi Q [x] i=0
m

|h| =
h2i i=0

8.2. LLL- :

219

Z[x]
Z/lZ[x] , l -
m

; h(x) = hi xi Z[x]
i=0
m

h(x) (mod l)
hi (mod l)xi Z/lZ[x] . , i=0

h(x) (mod l) | g(x) (mod l) Z/lZ[x] .


, Z[x] (., , [27, . 9]).

8.2. LLL- :

f(x) , (8.3)
8.1. , p, k h(x) Z[x] , :
) h(x) 1;
) h(x) (mod pk) f(x) (mod pk) Z/pk Z[x] ;
) h(x) (mod p) Z/pZ[x] ;
) (h(x) (mod p)) 2  f(x) (mod p) Z/pZ[x] .
8.3. h0 (x) Z[x] , h0 (x) f(x) Z[x] ,
h(x) (mod p) | h0 (x) (mod p). g(x) Z[x] ,
f(x) Z[x] , :
1) h(x) (mod p) | g(x) (mod p);
2) h(x) (mod pk) | g(x) (mod pk);
3) h0 (x) g(x) Z[x] .
. ) , h(x) (mod p) f(x) (mod p) Z/pZ[x] . f(x)
Z[x] ( f(x)), , p, h(x) (mod p).
) f(x) ; h0 (x).
1) 3). ,
,
.
, .
h(x) (mod p) | g(x) (mod p). )




f (x)
(mod p).
h(x) (mod p)

g(x)

220

. 8.

Z/pZ


h(x) (mod p)

h(x) (mod p) ,

(mod p) Z/pZ[x] . -

f (x)
g(x)

, (x),  (x) Z[x] ,




f (x)
(mod p) = 1,
(x) (mod p)h(x) (mod p) +  (x) (mod p)
g(x)

, ,
(x)h(x) +  (x)

f (x)
= 1 p (x)
g(x)

 (x) Z[x] . (1 + p (x) + ...


.. . + pk1  (x) k1)g(x), ,
1 (x)h(x) + 1 (x)f(x) = (1 pk  (x) k)g(x),

1 (x), 1 (x) Z[x] .


1 (x) (mod pk)h(x) (mod pk)+ 1 (x) (mod pk)f(x) (mod pk)=g(x) (mod pk),

) , h(x) (mod pk)|g(x) (mod pk).


,
.

f (x)

f (x)
) , h(x) (mod p)

(mod p). h (x)

g(x)

g(x)

Z[x] . h0 (x) , h0 (x) | g(x). 


p, k
h(x) , ) ). f(x) Z[x] .

8.3. LLL- :

, f(x), p, k h(x) Z[x] , 8.2,
) ). l = deg h(x). l  n
), ) f(x); l = n
8.3 , f(x) .
m, m  l.



L = P(x) Z[x]
deg P  m, h(x) (mod pk) | P(x) (mod pk) ,

0 : L Zm+1 ,


m
i=0


zj xj = (a0 , a1 , . .. , am).

8.3. LLL- :

221

, L = 0 (L) Zm+1 Zm+1 .


, L Zm+1 ,
. .,
m + 1 .
, |P(x)| = |0 (P(x))|,
(. 8.1), Rm+1 .
L Z :
(0, .. . , 0, pk , 0, . .. , 0) = 0 (pk xi),

i = 0, 1, .. . , l 1,

(8.4)

0 (h(x)xil),

i = l, .. . , m.

(8.5)

, P(x) L, P(x) (mod pk) = h(x) (mod pk) Q(x)


(mod pk) Q(x) Z[x] . P(x) = h(x)Q(x) + pk T (x)
T (x) Z[x] , , deg T (x) < deg h(x) = l,
h(x) . , Q(x) = 0, deg Q(x) = deg P(x)
deg h(x)  m l. ,
P(x) = h(x)Q(x) + pk T (x) Z[x] , m, 
L. , (8.4) (8.5) L.
Z Q : ,
(8.4) (8.5), ,
pk (l ) (m l + 1 ).
L , (. 7.1)
d(L) = pkl .

(8.6)

8.4. h0 (x) 8.3. b(x) L,


pkl > |f(x)|m |b(x)|n .
h0 (x) b(x) Z[x] .
. b(x) = 0 ( ).
g(x) = (f(x), b(x)) Z[x] .
8.3 , h(x) (mod p)|g(x) (mod p).
, h(x) (mod p)  g(x) (mod p), )
8.2
3 (x)h(x) + 3 (x)g(x) = 1 p3 (x)

(8.7)

3 (x), 3 (x), 3 (x) Z[x] . m1 = deg b(x),

222

. 8.

m2 = deg g(x). m  m1  m2  0.
M = { f + b | ,  Z[x] , deg < m1 m, deg  < n m2 },
f = f(x), b = b(x). M
n + m1 m2 1.
, f + b M deg( f + b) < m2 , =  = 0.
, g(x) = g| f + b, deg

g = m2 , f + b = 0,


f
b
f b
f

=  . ,
= 1;
 Z[x] . deg  <
g

g g

< n m2 = deg f deg g,  = 0; = 0.



: M Zn+m1 2m2 ,

n+m
1 m2 1
ai xi = (am2 , am2 +1 , .. . , an+m1 m2 1).

i=0

.
(xi f(x)),

i = 0, 1, . .. , m1 m2 1,

(8.8)

(x b(x)),

j = 0, 1, .. . , n m2 1,

(8.9)

Z (M). ,
(M) Zn+m1 2m2 . d((M)) (M)
d((M))  |f(x)|m1 m2 |b(x)|nm2  |f|m |b|n < pkl .
, ; .

{ (x) M | deg  (x) < m2 + l} pk Z[x] .

(8.10)

(x)

 (x) M, deg  (x) < m2 + l.


Z[x] . g(x)

(x)
(8.7)
1 + p3 (x) + .. . + pk1 k1
(x). ,
3
g(x)

4 (x)h(x) + 4 (x)  (x)

(x)
pk Z[x] .
g(x)

(8.11)

 (x) M, b(x) L, h(x) (mod pk)  (x) (mod pk).


(8.11) ,

(x)
h(x) (mod pk) |
(mod pk).
g(x)

8.3. LLL- :

223

(x)
deg
< m2 + l m2 = l = deg h(x) = deg(h(x) (mod pk)). ,
g(x)

(x)
pk Z[x] , (8.10).
g(x)

, , ZN , (. [24, . 1]).
(M) Zn+m1 2m2 . bi = (bi1 , ... , bii ,
0, ... , 0), bij Z, bii = 0, i = 1, .. ., n + m1 2m2 . d((M)) =
n+m
1 2m2
|bii |. 1 (bi) bi =
i=1

M i + m2 1, i = 1, . .. , n + m1 2m2 . (8.10) , bii 0 (mod pk) i = 1, ... , l.


d((M))  pkl . 
8.5. h0 (x) f(x) ,
h(x) (mod p) | h0 (x) (mod p). b1 , . .. , bm+1
L = 0 (L),
2

pkl > 2mn/2 (n + 1) n/2 en |f|n+m .

(8.12)

h0 (x) m ,
 kl 1/n
p
|b1 | <
.
(8.13)
m
|f|

. (8.13) , |b1 |n |f|m < pkl , . . 8.4 b(x) = 0 (b1) L. L deg b(x)  m. 8.4 ,
h0 (x) | b(x), deg h0 (x)  m.
deg h0 (x)  m. h0 (x) L. h0 (x) f(x),

|h0 (x)|  n + 1en |f(x)|


(8.14)
( . [183] ; -
). 7.8 = 0 (h0 (x)) L = 0 (L).
= 0 L Rm+1 ,

b1  2m/2 || = 2m/2 |h0 (x)|  2m/2 n + 1en |f(x)|.

|b1 |n |f(x)|m  2mn/2 (n + 1) n/2 en |f|m+n .

224

. 8.

(8.12) ,
|b1 |n |f(x)|m < pkl ,
(8.13). 
8.6.
,
 kl 1/n 


p
 1.
(8.15)
t = max j

|bj | <
m
|f (x)|

deg h0 (x) = m + 1 t
h0 (x) =

1
1
0 (b1), . . . , 0 (bt)

(8.16)

 , 1
p
(1
0 (b1), ... , 0 (bt)) Z[x] .
. J = j | 1  j  m + 1,
 pkl 
= . 8.4 j J h0 (x) | 1
|bj | <
0 (bj).
m
|f|

h1 (x) = jJ (1
0 (bj)); h0 (x) | h1 (x). , J = {1, . .. , t}
h0 (x) = h1 (x) /p
,  (8.16).
deg 1
0 (bj)  m j = 1, .. . , m 1,
1
0 (bj) Z,
|J|  m + 1 deg h1 (x).
(8.17)

, |h0 (x) xj | = |h0 (x)|  n + 1en |f(x)| (8.14), i = 0, 1, .. .


.. . , m deg h0 (x) h0 (x) xi L
. 7.10 j = 1, 2, ... , m + 1 deg h0 (x)

|bj |  2m/2 max{|0 (h0 (x))|, |0 (h0 (x) x)|, . .. , |0 (h0 (x) xmdeg h0 (x) )|} =

= 2m/2 |0 (h0 (x))| = 2m/2 |h0 (x)|  2m/2 n + 1en |f(x)|.


, ,
|bj |n |f(x)|m  pkl

(8.18)

j = 1, . .. , m + 1 deg h0 (x). 1, 2, .. . , m + 1 deg h0 (x) J.


, m + 1 deg h0 (x)  |J|  m + 1 deg h1 (x); ,
deg h1 (x)  deg h0 (x). h0 (x)|h1 (x) Z[x] ,
h1 (x) = dh0 (x),

d Z, d = 0.

(8.19)

8.4. LLL- :

225

, |J| = m + 1 deg h0 (x), J = {1, . .. , m + 1 deg h0 (x)},


t = |J|, . . deg h0 (x) = m + 1 t.
, h1 (x) (8.19) ,
. .
p; (8.16). , . . q, q = p, ,
h1 (x) /q Z[x] . h1 (x) ,

1
b
q 1

 1 J. b1 = (b10 , .. . , b1m) Zm+1 . b1i = qb ,


L,
1i

b1i Z, i = 0, ... , m. b1 L,

m



h(x) (mod pk)


q
b1i xi (mod pk) .
i=0

q = p, ,

m


k

 i
k
h(x) (mod p )

b1i x (mod p ) ,
i=0

 , b1 . . (b10 , . .. , b1m) L.
 
L.

8.4. LLL- :

,
u0 (x)v0 (x) w(x) (mod pm),
p , m N, u0 (x), v0 (x), w0 (x) Z[x] ,

u2 (x)v2 (x) w(x) (mod pm1)
u2 (x), v2 (x) Z[x]
m1 > m.
,
- .
K. g(x), h(x)
K [x] , deg g(x)  deg h(x)  1, d(x) = (g(x), h(x)).
1.
u(x), v(x) Z[x] .
u(x)g(x) + v(x)h(x) = d(x).
15 . .

226

. 8.

1 . (u1 , u2 , u3) := (1, 0, g(x)), (v1 , v2 , v3) := (0, 1, h(x)).


2 . v3 = 0, u(x) = u1 , v(x) = u2 , d(x) = u3
.
3 . :
u3 = qv3 + r,

deg r < deg v3 .

4 . (t1 , t2 , t3) := (u1 , u2 , u3) q(v1 , v2 , v3), (u1 , u2 , u3) :=


:= (v1 , v2 , v3), (v1 , v2 , v3) := (t1 , t2 , t3) 2 .
.
, u(x), v(x), d(x) u(x)g(x) + v(x)h(x) = d(x) =
= (g(x), h(x)). ,
(. ). (. [25, 4.6.1, . 3]), deg v(x) < deg g(x), deg u(x) < deg h(x).
K = Z/pZ.
2.
p, j N, a(x), b(x), c(x),
gj (x), hj (x) Z/pZ[x] , , hj (x)
Z/pj Z a(x)gj (x) + b(x)hj (x) = 1 Z/pj Z[x] .
a (x), b (x) Z/pj Z , a (x)gj (x) + b (x)hj (x) = c(x)
Z/pj Z[x] , deg a (x) < deg hj (x).
1 . hj (x)
:
a(x)c(x) = hj (x) q(x) + r(x),

deg r(x) < deg hj (x).

2 .
a (x) := r(x),

b (x) := b(x)c(x) + gj (x)q(x).

.

gj (x)a (x) + hj (x)b (x) =
= gj (x) (a(x)c(x) hj (x)q(x)) + hj (x) (b(x)c(x) + gj (x)q(x)) =
= c(x) (gj (x)a(x) + hj (x)b(x)) = c(x).
8.7. p , j N, t(x) Z/p2j Z[x] .
gj (x), hj (x) Z/pj Z[x] , t(x) gj (x)hj (x) (mod pj),
hj (x) Z/pj Z[x] aj (x), bj (x) Z/pj Z[x] , aj (x)gj (x) + bj (x)hj (x) = 1

8.4. LLL- :

227

Z/pj Z[x] . a2j (x), b2j (x),


g2j (x), h2j (x) Z/p2j Z[x] ,
t(x) g2j (x)h2j (x) (mod p2j),
a2j (x)g2j (x) + b2j (x)h2j (x) = 1 Z/p2j Z[x] ,
g2j (x) gj (mod pj),

h2j (x) hj (x) (mod pj),

deg h2j (x) = deg hj (x).


. cj (x) Z/pj Z[x]
t(x) gj (x)hj (x) = pj cj (x).
2 aj (x), bj (x) ,
aj (x)gj (x) + bj (x)hj (x) = cj (x) Z/pj Z[x] ,

deg aj (x) < deg hj (x).

g2j (x) = gj (x) + pj bj (x), h2j (x) = hj (x) + pj aj (x), g2j (x), h2j (x)
Z/p2j Z[x] . , deg h2j (x) = deghj (x) g2j (x) gj (x)
(mod pj), h2j (x) hj (x) (mod pj). ,
g2j (x)h2j (x) gj (x)hj (x) + pj (aj (x)gj (x) + bj (x)hj (x)) (mod p2j)
t(x) pj cj (x) + pj cj (x) (mod p2j) t(x) (mod p2j).
c1j (x) Z/pj Z[x]
g2j (x)aj (x) + h2j (x)bj (x) = 1 + pj c1j (x)

Z/p2j Z[x] .

2 aj (x), bj (x) , Z/pj Z[x]


gj (x)aj (x) + hj (x)bj (x) = c1j (x).

a2j (x) = aj (x) pj aj (x) Z/p2j Z[x] ,


b2j (x) = bj (x) pj bj (x) Z/p2j Z[x] .

g2j (x)a2j (x) + h2j (x)b2j (x) = g2j (x)aj (x) + h2j (x)bj (x) pj c1j (x) = 1
Z/p2j Z[x] . . 
8.8. , . .
pj p2j .
15*

228

. 8.

, . . pj pj+1 (. [1, . 6; 89, . 3]).


p pk , k ,
,
.

8.5. LLL- :

LLL-
Z[x] .
(LLL-).
f0 (x) Z[x] ,
deg f0 = n0 > 1. f0 (x) Z[x] .
1 . g(x) = (f0 (x), f0 (x)) Z[x] , f0 (x) . f(x) =

f0 (x)
. , ,
g(x)

f0 (x) = f1 (x) 1 .. . fk (x) k

(8.20)

f0 (x) Z[x] ,
f0 (x) Q [x] (.
8.2). g(x) = f1 (x) 1 1 . .. fk (x) k1 1 , Q [x] .
f(x) = f1 (x) . .. fk (x) ,
.
n = deg f(x). , n  2 (f(x) n = 1 f0 (x) = f(x)  ,  = deg f0 (x)).
2 . Res(f, f) Z; Res(f, f) = 0 ( f
f ). . [9,
. 5] .
3 . p, , p  Res(f, f).
p f(x), f(x) (mod p) Z/pZ[x]
. (. [160]),
p


n log n + (2 1) log |f|
,
p  max 101,
0,84

, .

8.5. LLL- :

229

4 . f(x) (mod p) Z/pZ[x] . S . S1 f(x)


Z[x] , S1 := . F (x) = f(x), N = deg f(x). |S| = 1, f(x)
Z[x] ( Z/pZ[x]).
5 . - h 1 (x) S; deg h 1 (x) = l1
( , |S|  2). F (x) = h 1 (x) g 1 (x) (mod p). h 1 (x) g 1 (x) Z/pZ[x] , 1
8.4 u(x) h 1 (x) + v(x) g 1 (x) = 1 Z/pZ[x] ,
deg u(x) < deg g 1 (x), deg v(x) < deg h 1 (x). k ,
pkl1 > 2N

/2

(N + 1) N/2 eN |F (x)|2N .

6 . 8.7 8.4
( ),
h1 (x) Z/pk Z[x] , ,
h1 (x) (mod pk) | F (x) (mod pk),
deg h1 (x) = deg h 1 (x), h1 (x) pk . h(x) Z/pk Z[x] Z/pk Z,
, h(x) Z[x] . h1 (x) ), ) ) 8.2. h1 (x) Z/pk Z[x]
a (Z/pk Z) , a 1 (mod p), ).
7 .
 




N1
N1
N1
, N1 , .. . ,
, N 1,
m=
N
2

8, 9,
h0 (x) Z[x] , h0 (x) | F (x). m,
F (x) Z[x] ( 8.5).
8 . m L Z[x] ,
L = 0 (L) Zm+1 , 8.3.
{0 (pk xi) | 0  i  l 1} {0 (h1 (x)xi) | 0  i  m l}
L b1 , . .. , bm+1 .

 pkl 1/N
,
(8.21)
|b1 | <
m
|F (x)|

230

. 8.

8.6.
h0 (x) =

1
(1
0 (b1), . . . , 0 (bt))
,

t  . h0 (x) Z[x] , F (x). h0 (x) S1


9 . (8.21) , m.
9 . N := deg(F (x) /h0 (x)), F (x) = F (x) /h0 (x) S h0 (x) (mod p) ( S). N > 1 |S| > 1, 5 . N = 0 N = 1 |S| = 1, F (x)
( F (x) = 1). F (x) S1 (
N > 0) 10 .
10 . S1 f1 (s), .. . , fk (x)
(. (8.20)).
1 , ... , k f0 (x) = f1 (x) 1 ... fk (x) k .
.
8.2 8.4
.
8.9 (. [160]). f0 (x) O(n6 + n5 log |f|) .
8.10. [38]
LLL- , - .

8.6.
[89, 3.5.5] , 8.5
,
. 3 , ,
, LLL-.
.
Z[x] .
f0 (x) Z[x] ,
.

8.6.

231

1 . LLL- 8.5, f0 (x)


f(x) Z[x] , .
2 . p,
(f(x) (mod p), f (x) (mod p)) =1 Z/pZ[x] . -
, . 6, f(x) Z/pZ[x] ( ).
3 . h(x) Z[x] , h(x) | f(x), h(x) B, f(x)
(. [89, 3.5.1] (8.14) 8.3, [183]). B e N, ,
pe > 2l(f)B, l(f) f(x) (l(f) N).
n0 = deg f(x). S1
f(x), S1 := .
4 . 8.4,
f(x) = l(f)g1 (x) . .. gr (x) (mod pe)
Z/pe Z[x] .
d := 1, S := {g1 (x), . .. , gr (x)}.
5 .
G(x) = gi1 (x) . .. gij (x) (mod pe).

G(x) Z[x] , :


1
1
1) G(x) pe ; pe ;
2) G(x) l(f)G(x) (mod pe), deg G(x) 
1

2
2
1
deg f(x), G(x)
2

f(x) /G(x) (mod pe), deg G(x) > deg f(x).


2
G(x) l(f)f(x),
G(x) G1 (x), f(x) Z[x] .
S1 f(x),
gi1 (x), . .. , gij (x) S f(x) f(x) /G1 (x).
6 . d 1, . . d := d + 1. d  n0 /2, 5 . d > n0 /2, 5 f(x) ,
S1 ( ).
.
8.11. . [89, 3.5.4] . [1, . 6] [25, 4.6.2] .

232

. 8.

8.7.

[160] .
,
Q [x] Z[x] . LLL-
.
,  C ,
h(x) Q [x] ,
. , h(x) Z[x] , h(x) . h(x)
, deg h(x) deg 
, h(x) 
, h(x)
.
m

g(x) =
gi xi Q [x]
i=0

|g(x)| = max |gi |.


i=0,...,m

|g(x)| , 8.1.
, . .
= Zb1 + . .. + Zbk Rn , k  n b1 , . .. , bk . , k = n,
, . [160] .
|v1 |  2 (k1) /2 |w|

(8.22)

w , w = 0 (. [160]); v1 .
 , ; d H .
 
h(x) .
 , i i . 
.
g(x) = g = gi xi C[x] g
i

g =
gi i .
(8.23)
i

8.7.

233

n, 1  n  d, s N. Ls Rn+3 ,

*
)
1 .. . 0 2s Re 0 2s Im 0
..............................
(8.24)
0 .. . 1 2s Re n 2s Im n
(n+1) (n+3). b1 , .. . , bn+1
n

Rn+3 . g = g(x) =
gi xi Z[x]
i=0

g =

gi bi Ls .

(8.25)

i=0

,
|g| 2 =g02 +...+gn2 +22s

n


 
2  
2
n
n
Re gi i + Im gi i
=|g(x)|2 +22s |g |2 .
i=0

i=0

, (8.25)
Z[x] n Ls .
h(x)  . n = deg h(x) = deg .
g(x) Z[x] , deg g(x)  n, , g() = 0,
2,
|g| 2 > 2n |h|
(8.26)
s
|i i | . Ls . v
, v(x) ( (8.25)
. h Ls , (8.22)
2.
|v| 2  2n |h|
(8.26) , v() = 0, h(x) | v(x). deg v(x)  n = deg h(x), v(x) = h(x) c, c Z. v
Ls h Ls , c = 1, v(x) = h(x)
.
.
8.12. , 0 , ... , n C, 0 = 1, |i i | 
, i = 1, . .. , n.
f (x) C[x] , deg f(x)  n.
|f() f | 
n|f| .

234

. 8.

|f() f | =

ai ( i)

 n
|f| .
i=1

. 
8.13. h(x), g(x) Z[x] \ {0}, deg h(x) = n, deg g(x) =
= m.  C, ||  1, h() = 0. h(x) g() = 0,

1
n

|g()|  |h(x)|m |g(x)|n+1 .


. m = 0, .
m  1. M (n + m) (n + m), i-
xi1 h(x) 1  i  m,
xim1 g(x) m + 1  i  n + m.
R = | det M| = | Res(h(x), g(x))|. R = 0,
h(x) g() = 0. i = 2, . .. , n + m i-
M, xi1 ,
M .
R = |h(x) (a0 + a1 x + ... + am1 xm1) + g(x) (c0 + . .. cn1 xn1)|,
ai , cj M. x =  R =
= |g()||co + . .. + cn1 n1 |.
|cj |  |h(x)|m |g(x)|n1 .
||  1, |c0 + .. . + cn1 n1 |  n|h(x)|m |g(x)|n1 .
R  1 . 
8.14. s N,  , ||  1,
h(x) , deg h(x) = d  1, h(x)
1
H. 0 , . .. , d C, 0 = 1, |i i |  s
2
1  i  d. g(x) Z[x] , deg g(x)  d, g() = 0. ,

2s  2d

/2 (d + 1) (3d+4) /2 H 2d .

(8.27)

( (8.25))
|h| < (d + 1)H,

> 2d/2 (d + 1)H.


|g|

. , f(x) C[x] ,
deg f(x)  d, |f(x)|2  (d + 1)|f(x)|2 .

8.7.

235

|h| 2 = |h(x)|2 + 22s |h |2 , 8.12 |h | = |h() h |  2s dH,


|h| 2  |h(x)|2 + d2 H2  (d + 1)H2 + d2 H2 < (d + 1) 2 H2 .
|g(x)| > 2d/2 (d + 1)H,
|g|.
2
2
2s
2
= |g(x)| + 2 |g | .
|g|
, |g(x)|  2d/2 (d + 1)H. 8.13
|g()| 

1
1
1
1
1
1

>
d |h(x)|d |g(x)|d1
d ((d + 1)H2) d/2 (2d/2 (d + 1)H) d1
3

> 2d(d1) /2 (d + 1) 2 d H2d+1 .

 2s |g |  2s (|g()| |g() g |) >


|g|
> 2s (2d(d1) /2 (d + 1)

3 d 2d+1
2 H

= 2s

d(d1)
2

2s d|g(x)|) =

(d + 1)

3 d 2d+1
2 H

d|g(x)| .

|g(x)|  |g(x)|  2d/2 (d + 1)H,


2

s d
2

> H 2d/2 (2
|g|

(d + 1)

3 d 2d
2 H

d(d + 1)),

>
(8.27) |g|
> H 2d/2 (d + 1). 

8.15. s, , h(x), d, h i 2s Z[ 1] ,
i = 0, . .. , d, 8.14, (8.27). n N, 1  n  L, LLL-
,
b1 , .. . , bn+1 , (8.24), n

v =
vi bi .
i=0

:
1) |v|  2d/2 (d + 1)H;
n

2)  v(x) = vi xi ;
i=0
3) deg   n.
, deg  = n, h(x) = v(x).
. (8.22)
 w
 Ls = Zb1 + . .. + Zbn+1 , w
 = 0. |v|  2n/2 |w|
. 8.14 ,
v() = 0.

236

. 8.

, . . deg h(x)  n, h Ls .
< (d + 1)H. (8.22) ,
8.14 |h|
n
2
/
|v|  2 (d + 1)H, . . .
, deg  = n. v() = 0.
h(x) , (. 8.1) , h(x)
v(x) Z[x] ; v(x) = h(x) l, l Z. v = h l. v
Ls h Ls , l = 1. 
1 ( ).
d H
, ||  1;  Q + 1Q,
||  1, , | |  2s / (4d), s
,
2s  2d

/2 (d + 1) (3d+4) /2 H 2d .


.
1 . i 2s (Q + 1Q), i = 0, .. . , d, ,
s 1
2,
i

0 = 1, |i i |  2

1  i  d.
 s . ,
|i i |  2s ,
|i i |  |i i | + |i i | 
 | |

i1

j=0

s 1
2

||j ||i1j + 2

2s
s 1
2  1 .
d+2
4d
2s

, 8.15.
2 (). n = 1, 2, ... , d 3 4,
.
3 . LLL-, Ls = Zb0 + . .. + Zbn , (8.24).
4 . v n

|v|  2d/2 (d + 1)H, v(x) =
vi xi


i=0
n

vi bi .
v =
i=0

.
8.15.
8.16. ||  1 . || > 1  h(x) 1/

8.7.

237

1
1

,

< 1. , 
xdeg h(x) h
x

1
, | | 
, 0 <
 ,  1/, | 1/| 
,
2


1 1




+


 


+
.



||
1

||  || | |  || ||


 , | |  3
, . .  2

1/ 3
.
8.17 (. [143]).  , d
H ,   ,
2s

| | 
, s , 12d
(8.27). 1
 O(d5 (d + log H))
, O(d2 (d + log H))
.
. f(x) Z[x]
, deg f(x) = d  2,
f(x) Z[x] . h(x) Z[x] ,
h(x) f(x), deg h(x) = n, h(x)
n 1
j

|f(x)| +

n 1
j1

|ad | j = 1, . .. , n 1, ad

f(x) (. [25, . 4.6.2.20; 89, 3.5.1]). ,


, n  d/2 ( f(x) ), H
h(x),
1.
2 ( f(x) Z[x]).
f(x), d, H.
f(x), f(x)
Z[x] .
1 . d  1, f(x) , .
2 . s N ,
2s  2d

/2 (d + 1) (3d+4) /2 H 2d .

3 . (- )
 Q + iQ  f(x), | | 

||  1, | | 

2s
12d

2s
.
4d

238

. 8.

4 . 1, h(x)
.
5 . k N ,
h(x) k | f(x), h(x) k. , f(x) ;
, 8.5.
6 . d d k deg h(x), f(x) f(x) /h(x) k 1 .
.
2 . .
Z[x] 3 2.
, . [6; 89, . 3] . , , d, log |f(x)| , . [143; 242] .
2 (. [143, 3.7]).

8.8.
80- XX LLL- Z[x]
.

, . 24. LLL- ;
. 7. [160]
, ., , [21; 43] .
Z[x] Q [x]
, ., , [89, . 3] .
,
LLL-
, ., , [204] .
, .

9.

9.1. .

. , ., , [5; 37] . .
. , ,
2; [271] .
. t N, n = 2t . R 1, 21 ,
2. R 2n
xn + 1 = 0. n = 22n .
9.1. 2n
R
2n.
t
. 22n = 1,
t+1
2n 2 = 2n. 
9.2. (f0 , . .., fn1) Rn .
1- n- (f 0 , . .., f n1) Rn ,
n1

f i =
ijn fj , i = 0, . .., n 1.
j=0

2-
n- (f 1 , f 3 , . .., f 2n1) Rn ,
f i =

n1

j=0

ij

2n fj ,

i = 1, 3, .. ., 2n 1.

240

. 9.

9.3. f i
n1
 j
F (x) =
fj x R [x] x = in ; f i
j=0

F (x) x = i2n i.
.
9.4. :
fi = n1

n1


f j ij
n ,

(9.1)

j=0

fi = n1

f j ij
2n ,

(9.2)

1j2n1
j

n1 = (21) t R.
2nrk
. k Z. k
, r Z, 2nr
2n = 2n
k  0. , n n,
n1


ljn = n

l 0 (mod n),

(9.3)

ljn = 0

l  0 (mod n).

(9.4)

j=0
n1

j=0

(9.1) ,
n1


f j ij
n =

j=0

n1
n1 


ij
fk jk
n n =

j=0 k=0

n1

k=0

fk

n1


n(ki)j = nfi

j=0

(9.3) (9.4).
(9.2)

1j2n1
j

ij
f j 2n =

n1


i(2k+1)
f 2k+1 2n
=

k=0

n1
n1 


l(2k+1) i(2k+1)
2n

fl 2n

k=0 l=0

(9.3) (9.4) (9.2). 

n1

l=0

fl li
2n

n1

k=0

n(li)k .

9.2.

241

, (9.1) (9.2) O(n2)


R. ,
O(n log n) . .

9.2.


9.1.
9.5. (f 0 , ... , f n1)
nt R nt
R n .
(f 1 , . .. , f 2n1)
nt R nt R
2n .
(f 0 , ... , f n1) (f 1 , .. ., f 2n1),
(f0 , ... , fn1) nt R, nt
R 2n n
n1 R.
.
F (x) =

n1


fj xj =

j=0


0jn1
j

deg F0 (x), deg F1 (x) <

fj xj +

fj xj = F0 (x2) + xF1 (x2),

0jn1
j

n
= 2t1 .
2

i
2i
F (in) = F0 (2i
n ) + n F1 (n ) ,

i = 0, . .., n 1.

(9.5)

n/2 = 2n .

i
{2i
|
0

i

n

1}
=


1
.
0

i


n
n/2
2

. , . . (F (0n), ... , F (n1


n ))
(9.5) n R n
R n , F0 (in/2)
F1 (in/2), i = 0, .. .,
16 . .

n
1. t = 1 n = 2 = 2t (
2

242

. 9.

), (f 0 , f 1) F0 + i2 F1 , F0
F1 R, i = 0, 1. n = 2 2 = nt
R n = 2 2 = nt R.
, j < t
2j -
tj
2j j R 2j = (n) 2 2j j R.
j = t (f 0 , ... , f n1) (9.5)
F0 (in/2) F1 (in/2) i = 0, . .., n 1, . .
n/2, F0 (x) F1 (x), n R n R
n . , ,
(f 0 , ... , f n1) n R, n
R, 2 2t1 (t 1) R, 2 2t1 (t 1)
R n . n + n(t 1) = nt R n + n(t 1) = nt R n .
.
,
n 2n .
9.4. 

9.3.

, .
9.1.
t
9.6. R [x] / (x2 + 1) n = 2t R, 3tn R, 3tn R 2n n R n1 .
9.7. R = Z R = Q, Z Q 2n .
n1
n1
 i

. F =
fi x , G =
gi xi , F, G R [x] i=0

i=0
t

- R [x] / (x2 + 1).


n1

H =
hi xi R [x] , FG H (mod xn + 1), . . H
i=0

F G ; .

9.3.

243

2- (f0 , ... , fn1)


(g0 , ... , gn1)
f i g i = F (i2n)G(i2n) = H(i2n) = h i
i, 1  i  2n 1, n2n + 1 = 0. f i g i
, h i n R. 9.5
f i g i 2tn R 2tn
R 2n . hi ,
h i , tn R, tn R 2n
n R n1 .
. 
9.8. T , 21 T, 4n = 2t+2 T x2n + 1 = 0.
F (x), G(x) T [x] , deg F (x) < n, deg G(x) < n, F (x) G(x) T [x] 2n
T, 6n(t + 1) T, 6n(t + 1) T
4n 2n T (21) t+1 .
. - F (x)
G(x) F (x) G(x) , 2n, F (x) G(x) 22n + 1.
F (x) G(x) R [x]
R [x] / (x2n + 1). 9.1,
n 2n t t + 1. 
T , 21 . T,
. O() .
.
t
9.9. t  2, T [x] / (x2 + 1)
O(2t t) T O(2t t log t) T.
9.10.
Z, T :

T = k
m Z, k Z0 , T Z.
2

T , , (m, k).
9.9,
.

16*

244

. 9.

9.11. T [x]
, n (n  3),
M(n) = O(n log n) T A(n) = O(n log n log log n) T.
. t N , 2t1  2n < 2t . ,
t  2, 2n < 2t  4n.
t
n x2 + 1 . 9.9 M(n) = O(2t t) = O(n log n)
T A(n) = O(2t t log t) = O(n log n log log n)
T. 
9.9. F = F (x) G = G(x) t
2
1
, 2t 1, H = H(x) =
Hi xi ,
i=0
t

H FG (mod x2 + 1). H0 , .. ., H2t 1 F G. k ,


1  k < t, . F G
F=

2tk
1


fi (x)x

i2k

G=

2tk
1


i=0

gi (x)xi2 ,

i=0

fi (x), gi (x) T [x] , deg fi (x)  2 1, deg gi (x)  2k 1.


k

F G .
2tk
2tk
1
1
i
1 .
fi (x)Y

gi (x)Y i
i=0
tk

T [x, Y] / (Y 2

i=0

=
1). H

1

tk

hi (x)Y i .

i=0

k
 x2t + 1 =
2 . Y = x2 H
tk
= Y 2 + 1.

F (x) G(x) =

2tk
1

l=0

fl (x)x

2k l

2tk
1


gj (x)x2 j

j=0

2tk
1


hi (x)x2

tk

(mod (x2 ) 2

+ 1).

i=0

2 H(x) =

t
2
1

Hi xi . ,

i=0
t

2 {hi (x)} x2 + 1
Hi .

9.3.

245

1
2tk
1


fl (x)Y
l

2tk
1


l=0

gj (x)Y
j

j=0

2tk
1


tk

hi (x)Y i (mod Y 2

+ 1).

i=0

l + j  2tk+1 2 < 2tk+1 1. .


1 . 0  l + j  2tk 1,
tk

Y l Y j Y l+j (mod Y 2

+ 1).

2 . 2tk  l + j  2 2tk 2,
tk

Y l+j Y i (mod Y 2
i = l + j 2

tk

+ 1),

hi (x) =

fl (x)gi (x)

l,j
l+j=i

fl (x)gi (x),

l,j
l+j=i+2tk

i = 0, ... , 2tk 1. , deg hi (x)  deg fl (x) =


= deg gj (x)  2k+1 2 < 2k+1 1. k < t, deg hi < 2t 1.
2 2t T,
2k+1
1
k
hi (x) =
hij xj , Y = x2
j=0

2tk
1 2k+1

1
i=0

hij xj+i2 (mod x2 + 1).

j=0
t

x2 + 1 ,
j + i2k  2t . j + i2k = r2t + l, 0  l < 2t ,
k
xj+i2 (1) r xl , . . (1) r hij
xl (. . ). ,
, . . , 2tk 2k+1 = 2t+1 .
0  i  2tk1
j + 2k i  2k+1 1 + 2t1 2k = 2k + 2t1 1  2t 1,
k  t 1. i . i 2tk1  i  2tk 1; 2tk1 . , (i, j)

246

. 9.

, ,
2tk1 2k+1 = 2t . , 2
2t T.
1 .
tk
tk
T [x, Y] / (Y 2 1), R [Y] / (Y 2 + 1), R =
k+1
= T [x] / (x2 + 1). , deg fi (x) < 2k , deg gi (x) < 2k ,
T [x] k+1
k+1
T [x] / (x2 + 1). R 2k+2 x (mod x2 + 1)
k+1
X2 + 1 = 0.
k = [t/2]  1.
k

t1
,
2

k

t
< t.
2

(9.6)

2tk+1  2k+2 , R 2tk+1 2k+2 .


2tk+1 R 2k+1 T. ,
k+1
x 2k+2 (mod x2 + 1),
R = {a0 + a1 2k+2 + .. . + a2k+1 1 22k+2 1 | ai T, i = 0, .. ., 2k+1 1}.
k+1

k+1

j2t+k1 = j21k+2 22k+2 = 1


a0 , a1 , .. ., a2k+1 1 , .
9.6
tk
R [Y] / (Y 2 + 1). 2tk R,
3 (t k) 2tk R ( 3 (t k) 2tk 2k+1
T, R T [x] 2k+1 1), 3 (t k) 2tk
R 2tk+1 , 2tk R (21) tk
( - 2tk 2k+1 = 2t+1 T (21) tk). 2tk R, 6 (t k) 2t+1
T 2t+1 T (21) tk .
2t T 2 .
 
t
+ 1  2.
(9.7)
k(t) = k + 1 =
2

k+1

T [x] / (x2 + 1) 2tk(t)+1 k(t)


R = T [x] / (x2 + 1) , 12 t 2t t+1
T, 2
T.

9.3.

247

t  3, k(t) < t. t
k(t)
T [x] / (x2 + 1) T [x] / (x2 + 1)
, T [x] / (x4 + 1),
O(1)
T.
M1 (2j) A1 (2j) T T,
j
T [x] / (x2 + 1). , t  3

M1 (2t)  2tk(t)+1 M1 (2k(t) ) + 2t+1 ,
A1 (2 )  2
t

tk(t)+1

k(t)

A1 (2

(9.8)

) + 12 t 2 ,
t

(9.9)

k(t) (9.7).
 (j) = A1 (2j) /2j ,

j = 2, 3, ...

(9.10)

 (t)  2 (k(t)) + 12t. , 2  j < t  (j)  cj log j c.




 

t
t
 (t)  2ck(t) log k(t) + 12t  2c
+ 1 log + 1 + 12t < ct log t,
2

c . , A1 (2t)  2t ct log t =
= O(2t t log t) 2 9.9
.

 (j) =

M1 (2j)
,
2j

j = 2, 3, . ..

(9.11)

 (t)  2 (k(t)) + 2.
 (t)  2(2 (k(k(t))) + 2) + 2 = 22  (k(k(t))) + 22 + 2,

. . k(t) 
k(k(.. . (k (t)) . ..)) <
j

t
1 t
t
1
+ 1, k((k(t)) 
+1 +1= 2 +1+ ;
2
2 2
2
2

t
+ 2 j  1. j = [log2 t]
2j


 (t)  2j c1 + 2 + 22 + .. . + 2j < 2j c1 + 2j+1  c2 t,

c1 , c2 . , M1 (t) = O(t 2t). 9.9


. 

248

. 9.

9.4.

9.1.
M(n) A(n) , 9.11.
9.12. T , 21 . F (x), G(x) T [x] ,
deg F (x)  n, deg G(x)  n, n  3, T, G(x).
,
F (x) = Q(x)G(x) + R(x), Q(x), R(x) T [x] , deg R(x) < deg G(x),
Q(x) R(x) O(n log n) T
O(n log n log log n) T.
. , n = deg F (x), m =
n
m


fi xi , G(x) =
gj xj .
= deg G(x) m  n. F (x) =
i=0

j=0

q0 , . .., qnm , r0 , . .., rm1 T ,


n


fi xi =

i=0

nm


qi xi

m


i=0

j=0

gj xj +

m1


ri xi .

(9.12)

i=0

x x1 xn , (9.12)
n

i=0

fi xni

nm

i=0

qi xnmi

m


gj xmj (mod xnm+1).

(9.13)

j=0

T [[x]]
a0 + a1 x + a2 x2 + ... T. H = H(x) T [[x]]
m

gi xmi . H
, G (x) =
i=0

, gm
T. , H (mod xN1) N1 N
(9.13), Q(x) (mod xN1).
P T [[x]] f(P) =

1
G T [[x]] ,
P

1
T [[x]] . , f(H) = 0. P T [[x]]
P

9.4.

249

(P) = 2P P2 G = H G (P H) 2 T [[x]] .

(9.14)

, P H (mod xk) k N. (9.14)


, (P) H (mod x2k). P ,
P H (mod xk), (P) (mod x2k) :
G x2k , (P), 2 x2k ; 2 + (P)G (mod x2k)
P x2k .
(P) (mod x2k) P(2 PG) (mod x2k) H (mod x2k).
P H (mod xk), (P) H (mod x2k),
(P) (mod x2k) T [x] ,
2k, T ( 2).
P = g1 T, g = gm
G(x). P H (mod x). j
(P) (mod x2), ((P)) (mod x4), .. ., j (P) (mod x2 ), .. .,
j , j .
j
j (P) H (mod x2 ), , , j (P) T [[x]] .
A (k) M (k) T,
, H (mod xk). ,
A (2k)  A (k) + 2A(2k) + 1,

M (2k)  M (k) + 2M(2k).

(9.15)
(9.16)

A (1) = M (1) = 0, g1 T . 9.3


, M(n) = O(n log n), , M(n) = CM n log n
n > 1, M(1) = CM , CM .
, A(n) = CA n log n log log n n  4
A(n) = CA n = 1, 2, 3, CA .
M(x)

M(x), A(x),
,
x
,

A(x)
. (9.16)
x

M (2t)  4M(2t).

(9.17)

, (9.15) ,
A (2t)  6A(2t).

(9.18)

250

. 9.

,
A (2t)  A (2t1) + 2A(2t) + 1  . ..
. ..  A (1) + 2(A(2) + A(4) + . .. + A(2t)) + t =
=t+2

t
A(2t)  A(2j) 2t
=
2t
A(2t)
j=1

=t+2

t
t

A(2t)  j A(2j) /2j
1t
t
2

t
+
2
A(2
)

2j ;
2t
A(2t) /2t
j=1

j=1

, A(2j) /2j .
A (2t)  t + 2A(2t)

2t+1 1
 t + 4A(2t)  6A(2t),
2t

t  2A(2t).
t N , 2t  n m + 1. 2t 
 2(n m), n > m ( n = m H (mod xnm+1)
). H (mod xnm+1) ,
A (2t) M (2t) T. (9.17) (9.18)
, 6A(2(n m))
4M(2(n m)) T.



n
nm+1
ni
nm+1
)
fi x
(mod x
)
H (mod x
i=0

xnm+1 . (9.13)

nm


qi xnmi .

i=0

nm
 

m

(9.12).
qi xi
gj xj
i=0

j=0

n m m T [x] ,
m1

ri xi n.
i=0

.
6A(2(n m)) + A(n m) + A(max(m, n m)) + n.

(9.19)

9.5.

251


4M(2(n m)) + M(n m) + M(max(m, n m)).

(9.20)

(9.19)
6A(2n) + A(n) + A(n) + n = O(n log n log log n),
(9.20) 4M(2n) + 2M(n) = O(n log n).
. 

9.5.

, 6.2. [271; 67] . 9.1; T.
9.13. T ,
21 . x1 , .. ., xn T
F (x) T [x] , F (x) n
n


F (x) = fi xi , F (x) = (x yi), n = degF (x)  3.
i=0

i=1

F (x1), . .., F (xn) O(n log2 n


log log n) T O(n log2 n) T.
. t , n  2t . xi = 0 n < i  2t .

j2i

Gij (X) =
(X xk), 0  i  t, 1  j  2ti .
(9.21)
k=(j1)2i +1

i = 0 G0j (X) = X xj ; j = 1, ... , 2t . ,


i, 0  i  t 1, 2ti Gij (X) 2i . 2t(i+1) Gi+1,j (X), j = 1, .. ., 2t(i+1) , 2i+1 2t(i+1)
Gij (X) 2i . t1
 t(i+1)
(9.21)
2
A(2i)
i=0
t1
 t(i+1)
2
M(2i) T ( A(x) M(x)
T
i=0

, 9.11). A(x) /x

252

. 9.

, A(x),
CA log x log log x, CA . , M CM x log x.
t1


2t1

i=0
ti1


t1
A(2i)
)
t1 A(2

t

= tA(2t1),
t1
2i
2

2ti1 M(2i)  tM(2t1).

i=0

.
n

1 . F (x)
fi xi , . . i=0

f0 , .. ., fn T. Ft,1 (x) = F (x), 0  i < t,


1  j  2ti Fij (x) F + j+1 , (x)
i+1,

Gij (x) ( i j ).
0  i  t, 1  j  2ti (j 1)2i < k  j 2i
Fij (xk) = Fi1,2j1 (xk),

(2j 2)2i1 < k  (2j 1)2i1 ;

(9.22)

Fij (xk) = Fi1,2j (xk),

(2j 1)2i1 < k  2j2i1 .

(9.23)

, Gij (xk) = 0,
xk . ,
Fij (x) = H(x) Gi1,2j1 (x) + Fi,2j1 (x),
(9.22) , Gi1,2j1 (xk) = 0
(2j 2)2i1 < k  (2j 1)2i1 ; (9.23).
, F (x) = Ft,1 (x) x1 , ... , x2t
Ft1,1 (x) Ft1,2 (x) x1 , .. ., x2t1 x2t1 +1 , .. ., x2t
. , Fi,j (xk), (j 1)2i < k  j 2i ,
Fi1,2j1 (xk) (2j 2)2i1 < k  (2j 1) 2i1
Fi1,2j (xk) (2j 1)2i1 < k  2j 2i1 .
, F0j (x),
1  j  2t . F0j (x) ,
F (x) G0j (x) = x xj . F0j (x) = F (xj) .
, F0j (x).
Gij (x) , Fij (x). deg Fi+1,j (x) < deg Gi+1,j (x) = 2i+1 , 9.12
( , Gij (x) )

9.6.

253

Fij (x)
O(2i+1 log 2i+1 log log 2i+1)  CA A(2i+1)
T

O(2i+1 log 2i+1)  CM M(2i+1)

T (CA CM ).
Fij (x) Gij (x)
t1
t1
 
 
,
CA A(2i+1)2ti T
CM M(2i+1)2ti
i=0

i=0

T.
CA tA(2t),
CM tM(2t), CA CM .
Gij (X) 2t  2n, , t=
=O(log n), .
n

2 . F (x) (xyi).
i=1

, Gt,1 (x) =
n
2t


t
=
= x2 n
(x xk)
k=1

k=1

T. 1 ,
.
. 

9.6.
.
. , : n-
O(n log n log log n) .
, . O()
, , , . [60;
243; 292] .
.

10.

10.1. .
,
Z/nZ.
, b- ,
b , b  2. , n b-
, u1 . .. un (,
u1 , .. . , uk ). b
2; , .
, .

. , ,
, .
, ,
, .
.
( ).
u1 .. . un v1 .. . vn
w0 ... wn ; w0 0 1.
1 . j := n, k := 0 ( j , k
).
2 . wj := uj + vj + k (mod b), wj ;
u + v + k
j
j
.
k=
b

(, wj , k ; k = 0
k = 1. , b = 2 b ,

10.2.

255

wj k ,
( ) uj + vj + k.)
3 . j := j 1. j > 0, 2; j = 0,
w0 := k .
.
.
S ( ).
n- u = u1 .. .un 
 v = v1 .. . vn  0 w = w1 .. . wn = u v.
10.1. , ,
u1 ... un  v1 ... vn , , uj vj . ; u v
.
1 . j := n, k := 0 ( k ).
2 . wj := uj vj + k (mod b) ;
u v + k
j
j
.
k :=
b

3 . j := j 1. j > 0, 2; j = 0
.
.
. j = n wn = un vn , un  vn , wn = b + un vn , un < vn . , k = 0 k = 1 n 1 .
.

10.2.
, .
M ( ).
u = u1 ... un v = v1 ... vm b w = uv = w1 ... wm+n .
1 . wm+1 := 0, . .. , wm+n := 0, j := m. ( j v .)

256

. 10.

2 . vj = 0, wj := 0 6. (
. b , , b = 2, vj
. 2 .)
3 . i := n, k := 0. ( i u, k .)
4 . t := ui vj + wi+j + k, wi+j := t (mod b) , k := [t/b] .
( , 10.1, wi+j k . ,
0  t < b2 , 0  k < b.)
5 . i := i 1. i > 0, 4. i = 0, wj := k.
6 . j := j 1. j > 0, 2. j = 0, .
.
.
j = m. 2 vm = 0, n + 1 w . vm > 0, 4-
ui bni vm bmm = ui vj bm+n(i+j) wi+j k.
wi+j k. j = m 25 wm wm+1 .. . wm+n = u vn .
.
, 26 l u (vml+1 vml+2 ... vm) = wm(l1) wm(l2) .. . wm+n . 6 j = m l, 2 u vml bl .
un , ... , u1 , ui bni vml bl = ui vj bn+li
n + m (n + l i) = i + j.
.
, ,
. [92; 91] . .
n
n


u=u1 ...un = ui bni v=v1 ...vm = vj bmj .
i=1

j=1

, n  m. M mn ui vj
. , vj m , ui mn ( n j),
wi+j mn mn . mn 3mn

10.2.

257

. M uv

uv =
uvj bmj .

(10.1)

j=1

:


m+n2
s

uv =
bs
uni vms+i ,
s=0

(10.2)

i=0

l  0 ul = vl = 0. ,
uv =

m+n2

s=0

bs

uni vmj =

i+j=s
0in1
0jm1

n1


uni vms+i bs =

i=0 ism1+i

m+n2


bs

s=0

uni vms+i .

(10.3)

sm+1is

(10.3) (10.2). , s m + 1 < 0, . . s < m 1, i < 0 uni 0 . s m + 1 > 0, . . s > m 1,


0  i < s m + 1 i + m s < 1, vms+i = 0 .
(10.2), u v.
FM ( )..
1 . t := 0.
2 . () s 0 m + n 1 1 3 4.
3 . i 0 s 1
t := t + uni vms+i .
4 . wm+ns := t (mod b) b (-, ,
, b = 2 b );
t := [t/b] .
.
(10.2).
, ,
ui vj , . : ui vj , . . 2mn (mn
17 . .

258

. 10.

ui mn vj). m + n
wm+ns .
, , FM (
b ).

(. [23]). , 2n-
:
u = u2n1 .. . u0 ,

v = v2n1 .. . v0 .

u = 2n u + u , v = 2n v + v ,
u = u2n1 .. . un ,
v = v2n1 .. . vn ,

u = un1 .. . u0 ,
v = vn1 .. . v0 .

uv = (22n + 2n)u v + 2n (u u) (v v) + (2n + 1)u v .

(10.4)

2n- (10.4)
n- O(1) , 4n- , O(n)
. T (n)
n- ,
T (2n)  3T (n) + cn,

(10.5)

c . (10.5)
T (2k)  c(3k 2k),

k = 1, 2, 3, ...

(10.6)

, k = 1 T (2)  c (
c). , (10.6) k,
T (2k+1)  3T (2k) + c2k  3c(3k 2k) + c2k = c(3k+1 2k+1).
n- 2 [log2 n]+1 - ( ), (10.6)
T (n)  T (2 [log2 n]+1)  c3 [log2 n]+1  c1 3log2 n = c1 nlog2 3 .
,
n- .

10.3.

259

,
, . , - 2450 2640 .
2n- n-, , ,
,
, .
.
10.2.
, . [39; 94] . , ,


T (n) = O n2 2 log2 n log2 n .
[25, 4.3.3] . . , , ,
. 9.
[115] [279] .

10.3.
.

.
DO ( ).
w = w1 .. . wn u = u1 .. . un b v, 1  v < b,
r = u vw.
1 . r := 0, j := 1.
 rb + u 
j
2 . w j :=
; r := rb + uj (mod v) v
.
3 . j := j + 1. j  n, 2 . j > n,
w = w1 .. . wn r.
.
DO
.
17*

260

. 10.

[180, . 14] . b ,
u = un ... u1 u0 , v = vt .. . v1 v0 , n  t  1, vt = 0
( t = 0, . . ,
DO).
.
u, v; q = qnt .. . q0 r = rt ... r0 ,
u = qv + r, 0  r < v.
1 . j 0 n t qj := 0.
2 . , u  vbnt , :
qnt := qnt + 1,

u := u vbnt

( ).
3 . i = n, n 1, . .. , t + 1 14:
1) ui  vt , qit1 := b 1,
u b + u 
i1
;
qit1 := i
vt

2) , qit1 (vt b + vt1) > ui b2 + ui1 b + ui2 ,


qit1 := qit1 1;
(, qit1  0);
3) u := u qit1 bit1 v;
4) u < 0,
u := u + vbit1 ,

qit1 := qit1 1.

4 . r := u. q r.
.
, . 1 q = 0. qnt ,
u , vbnt . i = n;
qnt1 . un  vt ( 1
3 ), qnt1 b 1
(, un = b 1, vt = 1). un < vt , 
u b + u
n
n1
qnt1
. ,
vt

un bn + un1 bn1 + .. . + u0 <


 u b + u
n
n1
vt


+ 1 bnt1 v,

10.3.

261

:
 u b + u


n
n1
un bn + ... + u0 <
+ 1 bnt1 vt bt =
vt


 u b + u
n
n1
+ 1 bn1 vt .
=
vt

,
un bn + un1 bn1 = (un b + un1)bn1 <


 u b + u
n
n1
vt


+ 1 bn1 vt ,

bn1 ,
un2 bn2 + ... + u0 , ,
bn1 , . , 1-
3- . qit1 i t 1, , b 1,
vt  un + 1
 u b + u
 

u b + u
u
b
n
n
n1
n1

= b + n1
< b.
vt

un + 1

un + 1

3 qit1 .
,
(qnt1 + 1) (vt b + vt1) > un b2 + un1 b + un2 ,

(10.7)

qnt1 (vt bt + vt1)  un b2 + un1 b + un2 .

(10.8)

,
bnt1 (qnt1 + 1) (vt bt + vt1 bt1) > un bn + un1 bn1 + un2 .
bn2 un3 bn3 + . .. + u0 < bn2 ,
bnt1 (qnt1 + 1) (vt bt + vt1 bt1) > u.
bnt1 (qnt1 + 1)v > u; , qnt1 + 1
, qnt1 .
qnt1 (10.8). , qnt1 , . . qnt1
2, . .
u < (qnt1 1)bnt1 v.

(10.9)

un bn + un1 bn1 + un2 bn2 < (qnt1 1)bnt1 (vt bt + . .. v0).

262

. 10.

(10.8),
qnt1 (vt b + vt1)bn2 <
< (qnt1 1)bnt1 (vt bt + vt1 bt1 + vt2 bt2 + . .. + v0).
bn2 , vt2 bt2 + ... + v0 < bt1
0  qnt1 < b, ,
qnt1 (vt b + vt1)bn2  (qnt1 1)bnt1 (vt bt + vt1 bt1),
.
, 2 3 qnt1 , .
3 4 3 .
3 i = n
u = un bn + ... + u0 < vbnt1 = bnt1 (vt bt + . .. + v0).
, un = 0. 3-
i = n 1, . .
3- i = n. i .
.
, [25, . 4] .
, [25] . , [25] .
u = u0 . .. un v = v1 .. . vn ,
b, v1 > 0, u/v < b.
u v
q = [u/v] ,

(10.10)

0  q  b 1. q
.
, u/v < b , u/b < v,

u0 ... un1 < v1 ... vn .

(10.11)

 u b + u 

0
1
q = min
, b1 .

(10.12)

v1

10.3.

263

q , u0 b + u1 v1 (. DO
).
10.3. q  q.
. q = [u/v]  b 1,
q = b 1. q < b 1. q =

u0 b + u1
. ,
v1

1  u0 b + u1 v1 + 1.
qv

(10.13)

u b + u1
, 0
Z, (10.13) , v1  1.
v1
u b + u  k
u0 b + u1
u b + u1
1
+ ,
= 0

, 0

v1
v1
v1
v1

k N, 1  k  v1 1.
q =

u0 b + u1
k
u b + u1
v 1
 0
1
,
v1
v1
v1
v1

(10.13).
(10.13)
 u qv
1 bn1 
u qv
 u0 bn2 + . .. + un (u0 bn + u1 bn1 v1 bn1 + bn1) =
= u2 bn2 + ... un bn1 + v1 bn1 < v1 bn1  v.
u  qv u < (q + 1)v, q  q, . 
10.4. v1  [b/2] ,
q 2  q.
. ( 10.3) q  q, , ,
q < q 2, . q  q + 3.
q 

u0 b + u1
u bn + un bn1
u
= 0
<
.
v1
v1 bn1
v bn1

 
u
= u0 b + u1 ,
v > bn1 , v = bn1 , q =
v
q  b 1. , q = u0 b + u1 = q,
.
q , q > u/v 1.
3  q q <

u
u
u
bn1

+
1
=

+ 1.
v
v v bn1
v bn1

264

. 10.

u
bn1

> 2,
v v bn1

u
v bn1
v
> 2 n1 = 2 n1 1  2(v1 1).
v
b
b

, q  b 1,
b u  q 3  q = [u/v]  2v1 2.
b

v1  1, v1 < [b/2] , . 
2
10.5. , v1  [b/2] ,
q q ,
.
: , ,
10.4? ,


u v

b
. q ,
v1 + 1

10.6. v = v

b
v1 + 1

,  [b/2] ,  v b

n-. u = u
v1 + 1

(n + 1)-.
. , a, c N, 1  a < c,

 




c
c
c
a
< (a + 1)
 c.
(10.14)
2

a+1

a+1

(10.14) ; .

 c 
 c  a  [c/2] . , c  a + 1,
a
a
.
a+1

1  a < [c/2] .




 
c
c
c
c
>a
1.
a
1  1
a+1

a+1

,

c
a

a+1


1

c
2ac 2a2 2a ca c + 2a + 2
+1=
=
a+1
2a + 2

ac 2a2 c + 2
(a 1) (c 2a 2)
=
 0,
2a + 2
2a + 2

10.3.

265

a < [c/2]  c/2 , a + 1  c/2,


c  2a + 2. , (10.14) .
10.6. (10.14) a = v1 , c = b.


 
b n1
b
 v1 bn1
b
,
(10.15)
v1 + 1


v1

b
b
< (v1 + 1)
 b.
v1 + 1
v1 + 1

(10.16)

(10.16) , (10.15) (10.16)


,


 
b n1
b
b
bn1 < b bn1 .
 v1
(10.17)

v1

v1 + 1

b
v ,
v1 + 1


.


b
,
, v
 v1 + 1 
b
, b. v
, (v1 + 1)
v1 + 1

n-. ,
 b
.
v1 + 1

v n- ,

v

 

 


(b 1)
b
1
b
b
= 1
<
,
b

v1 + 1

v1 + 1

v1 + 1

1
< 1. : , b
 b 
(j + 1)- j- ,
.
v1 + 1

j- (j 1)-
- 

 b 

.
b 
1 bnj + vj
bnj
v1 + 1
v1 + 1

bnj+1
 b .
- b 
1 + (b 1)
v1 + 1
v1 + 1
=

b



b
1
b

<
.
v1 + 1
b
v1 + 1

266

. 10.

, , v n-. (10.17) , v [b/2] . , u


u

(n + 1)-,  = < b. 
v
v
, 10.310.6.
D ( ).
u = u1 ... um+n v = v1 . .. vn ,
 
u
= q0 . .. qm
b, v1 = 0,
v
r = u qv = r1 ... rn . m  0. n = 1,
DO. , n  2. 

1 (). d :=
u0 u1 . .. um+n := u1 . .. um+n d,

b
,
v1 + 1

v1 .. . vn := v1 ... vn d.

( 10.6 , v1
[b/2] .)
2 . j := 0.
3 ( ). uj . . . uj+n
l := 0.
 b, ;
v

4 .

uj . .. uj+n
< b,
v

uj .. . uj+n := uj ... uj+n bv,

l := l + 1.

uj .. . uj+n

< b; , v

4 .

uj ... uj+n := uj . .. uj+n bv,

l := l + 1.

10.7. , 3 u
< b, . . .
v

v1  [b/2] , v = v1 .. . vn  [b/2] bn1 . uj .. . uj+n  bn+1 1. ,


uj ... uj+n < 3bv.
(10.18)
,
3bv  3bv1 bn1  3bn [b/2] > bn+1 1  uj . .. uj+n ,
b = 2
3 2n [2/2] > 2n+1 1

10.3.

267

, b  3 [b/2] = b/2, [b/2] = ,


2
2


b
1
3
3
= 1 + bn+1 bn > bn+1 ,

1 + 3bn [b/2]  1 + 3bn


2

1 n+1 3 n
b
 b . , 3 uj .. . uj+n < bv.
2
2

10.8. l , uj .. . uj+n lbv. lb


9 .
uj  v1 ,
4 ( q).
, uj > v1 ,
uj uj+1 ... uj+n b v1 .. . vn  uj bn (v1 bn + v2 bn1 + .. . + vn b) 
 bn (v2 bn1 + . .. vn b) > 0,
, .
u b + u  
uj+1 
j
j+1
= b+
 b, uj = v1 ,
v1

q := b 1.
uj < v1 ,

u b + u
j

v1

v1

j+1

 b 1,

uj b + uj+1
 b,
v1

uj b + uj+1  bv1 ,

,
b 1  uj+1 ,

b(v1 uj)  b.


u b + u 
j
j+1
.
q =
v1

5 .
1)b + uj+2 .
v2 q > (uj b + uj+1 qv

(10.19)

, q := q 1. (10.19),
, q := q 1.
10.9. n  2, v , u = u0 ... um+n ; ,
uj+2 j + 2 .
10.10. 4 10.3
10.4. , q 2  q  q, . . q q, q + 1,

268

. 10.

1 , q + 2. r := uj b + uj+1 qv
(10.19) . ,
+ uj+2 ,
v2 q > rb

(10.20)

q > q. , ,
< 0.
uj .. . uj+n qv
:
 uj ... uj+n qv
1 bn1 qv
2 bn2 =
uj ... uj+n qv
1 bn1 qv
2 bn2 =
= uj+2 bn2 + .. . + uj+n + uj bn + uj+1 bn1 qv
2 bn2 <
n1 + uj+2 bn2 + .. . + uj+n qv
= rb
2 bn2 =
n1 + (uj+2 + 1)bn2 qv
< rb
+ uj+2 + 1 qv
2).
= bn2 (rb

(10.21)

(10.20), (10.21)
+ uj+2 + 1 qv
2 < rb
+ uj+2 + 1 (r b + uj+2) = 1.
rb

+ uj+2 + 1 q v2 < 0,
rb
(10.21) ,
uj .. . uj+n q v < 0,
. . q  q + 1. , q q 1
q. 5
, q  q + 2 10.4.
10.11. q, 1
q  q  q + 2, r = uj b + uj+1 qv

v2 q  br + uj+2 .

(10.22)

, q q, q + 1.
, . . q = q 2.
1 bn1 + (v2 + 1)bn2) v <
uj ... uj+n < (q 1)v < q(v
2 bn2 + bn1 v,
1 bn1 + qv
< qv

10.3.

269

n2 < bn1 q. , (10.22),


qb

1 bn1 + (br + uj+2)bn2 + bn1 v =


uj ... uj+n < qv
1 b)bn2 + bn1 v 
1 bn1 + (uj b2 + uj+1 b + uj+2 qv
= qv
 uj bn + uj+1 bn1 + uj+2 bn2 ,

(10.23)

v  0. (10.23) , uj . .. uj+n <


b
< uj . .. uj+n , .
, q q q q + 1.
6 .
n1

1 ... vn
uj .. . uj+n qv

(10.24)

uj .. . uj+n , .
7 . qj := q. (10.24) ,
9 .
8 . qj := qj 1 ( (10.24)
, q = q + 1),
uj . .. uj+n := v1 .. . vn uj .. . uj+n .
9 . qj lb 3 .
10.12. 3- , uj .. . uj+n lbv.
qj ( 3 )
uj . .. uj+n v lb. qj
b- ,
, b.
10 . uj . .. uj+n uj 0, n-
v1 . .. vn . j := j + 1. j  m,
3 .
11 . u v
q := q0 bm + q1 bm1 + .. . qm1 b + qm
( qj b- ,
. 9). u v
r = r1 ... rn :=

um+1 . . . um+n
,
d

d 1 , um+1 .. . um+n , 10 .
.

270

. 10.


.
10.13. [101,
. 9; 180, . 14] . [70] .

10.4.

Z/nZ.
.

x a1 (mod m1),
(10.25)
.................

x ak (mod mk),
(mi , mj) = 1 i = j. , . .
(10.25). , . [25, 4.3.2; 124; 180,
. 14] .
M = m1 ... mk .
.
a1 , . .. , ak , m1 , ... , mk , (mi , mj) =
= 1 i = j, M = m1 .. . mk . x
(10.25), 0  x < M.
1 . i = 2, . .. , k 1) 2):
1) ci := 1;
2) j = 1, . .. , i 1 : u := m1
(mod mi) (
j

, . ), ci := uci (mod mi).
2 . u := a1 , x := u.
3 . i = 2, .. . , k u := (ai x)ci (mod mi) mi ,
x := x + u

i1

j=1

mj .

10.4.

271

x .
.
, ,
0  x < M. , 0  ai  mi 1, i = 1, ... , k.
0  x  m1 1 +

k

i=2

(mi 1)

i1


mj = m1 ... mk 1 = M 1.

j=1

, i  2 ci (m1 . .. mi1) 1 (mod mi). , x


a1 (mod m1). xi x ,
3 i
(2  i  k); x1 = a1 .
xi = xi1 + ((ai xi1)ci (mod mi))

i1


mj ,

j=1

 

i1
xi (mod mi) xi1 (ai xi1) ci
mj (mod mi) ai (mod mi).
j=1

x x xi (mod mi), i = 1, ... , k, .


, . [101, . 9; 180, . 14; 191] .
N > 1 R, R > N, (R, N) = 1.
R , R (, R
). R , N Z, ,
0 < R < N, RR NN = 1
(R N ,
. ). T, 0  T < RN,
TR (mod N) (
R R1 (mod N)).
REDC ( ).
1 . m := T (mod R) .
2 . m := mN (mod R) .

272

. 10.

T + mN

3 . t :=
.
R
4 . t  N, t N, t.
.
, . m, 2 ,
mN TN N T (mod R),
t, 3 , . , tR T + mN T (mod N), . . t TR1 (mod N). ,
0  T + mN < RN + RN, 0  t < 2N.
REDC.
, R (
, R) ,
REDC , R.

, (. .
x, y Z N N xyR1 (mod N))
(. . x, N, e N xe (mod N)), . [101,
. 9; 180, . 14; 191] . ,
. [69] .
[132] . , .
x (mod m) x m , . [69; 180, . 14] . [101, . 9]
, ,
N = 2q + c, c Z, q N, ,
N = k 2q + c.
[180, 14.6, 14.7] .
, N N a1 , .. . , ak Z b1 .. . , bk Z ,
ai bi 1 (mod N), i = 1, ... , k. [89, . 10] ;
, . . 4.
.

10.4.

273

.
1 . c1 := a1 i = 2, .. . , k
ci := ci1 ai (mod N).
2 .
(. ) u, d, v ,
uck + vN = d = (ck , N).
3 . i = k, k 1, . .. , 2 :
1) bi := uci1 (mod N);
2) bi ;
3) u := uai (mod N).
u .
.
,
(ai , N) = 1, i = 1, . .. , k, . . 2 d = 1. , ci = a1 .. . ai , i = 1, ... , k. 2 u
(a1 . .. ak) 1 (mod N). 3 i = k bk a1
(mod N),
k
u = (a1 ... ak1) 1 (mod N). , i,
1  i  k, bi a1
(mod N).
i
, . [287; 288; 289; 286] . , [287]
GF (2m), [289] ,
, N = 2n 2m 1, 0 < m <

18 . .

n+1
.
2

11.

11.1.
.
. 3 5,
, .
Z/2Z.
p
Z/ (p 1)Z,
. ,

N


aij xj bi (mod p 1),

i = 1, ... , M,

(11.1)

j=1

x1 , . .. , xN , t

. p 1 =
qkk p 1
k=1

,
(11.1)
N


aij xj bj (mod qkk),

j = 1, . .. , M,

(11.2)

j=1

k = 1, . .. , t, . . xj (mod qkk).
k xj (mod qkk)
xj xj0 + xj1 qk + .. . + xj,k 1 qkk 1 (mod qkk),

(11.3)

0  xjl  qk 1, l = 0, 1, .. . , k 1. (11.2)

11.2.

275

qk ,
N


aij xj0 bj (mod qk),

j = 1, ... , M,

(11.4)

j=1

Z/qk Z. xj0 ,
j = 1, .. . , N, , xj (11.3) xi0 (11.2), q2k qk ,
Z/qk Z xj1 , j = 1, .. . , N, . ,
xj (mod qkk) k, xj (mod p 1)
.
, . ,
11.2 .

11.2.


.
.
,
(11.5)
a1 x1 + .. . + an xn = d,
a1 , . .. , an , d Z. (11.5) x1 , .. . , xn .

a1 . .. an

A = .1. . . ...... . . . 0. .
0 . .. 1
(n + 1) n,
a1 , .. . , an , .
.
1) A
ai .
2) j = i , aj = 0.
18*

276

. 11.

3) : aj = qai + r, 0  r < |ai |.


4) j- A i- ,
q.
A,
aj 0 ( r = 0), ,
A.
, (. . 14), A


0 . .. 0
0 ... 0
0 .. . ... 0

c11 ... c1,s1 c1s c1,s+1 . .. c1n


=
,

(11.6)

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
C
cn1 ... cn,s1 cns cn,s+1 . .. cnn
, cij Z, = 0.  d, (11.5) . | d, (11.5)


x1
... = tc1 + . .. + ts1 cs1 + d cs + ts+1 cs+1 + .. . + tn cn ,
(11.7)

xn
t1 , . .. , ts1 , ts+1 , ... , tn ,
c1 , ... , cn C (11.6).
, (11.7) (11.5) . ,
(. . 14) A ADij , Dij n n ,
i- j- q, 0. Dij
det Dij = 1; , D1
ij . (11.5) :

x1
(a1 , .. . , an) .. . = b.
xn

x1
. .. = b.
(a1 , . .. , an)Dij D1
ij
xn

11.2.

277




x1
y1
.. . = D1 . .. .
ij
yn
xn
a1 y1 + ... + an yn = b,
(a1 , . .. , an) = (a1 , .. . , an)Dij . y1 , .. . , yn , x1 , . .. , xn Z.
k i1 , j1 , i2 , j2 , .. . , ik , jk ,
z1 , . .. , zn ,


z1
x1
.. . = D1 . .. D1 . .. .
ik jk
i1 j1
zn
xn
A
(0, .. . , 0, , 0, ... , 0) = (a1 , .. . , an)Di1 j1 .. . Dik jk ,

z1 = b.

(11.8)

, | b,
 b,
 (11.8)

b
(z1 , . .. , zn) = t1 , ... , ts1 , , ts+1 , ... , tn , t1 , .. . , tn 
.

t1
. ..


ts1
x1

. .. = Di1 ,j1 . .. Dik ,jk b/ .

ts+1
xn

. ..
tn
, C (11.6) Di1 ,j1 .. . Dik,jk ,
A
, , . . (n n)-
A Di1 j1 , Di2 j2 , ... , Dik jk .

278

. 11.

a11 x1 + . .. + a1n xn = b1 ,
(11.9)
........................

am1 x1 + .. . + amn xn = bm ,
aij , bl Z. (11.9) . A m n B
(m + n) (n + 1), A
n n:

b1

A
. ..
a11 .. . a1n

b
m
A = . . . . . . . . . . . . , B =
.
1 . .. 0 0
am1 .. . amn
. . . . . . . . . . . . .
0 . .. 1 0
n B :
1) ;
2) , .
- m B.
B

0
. ..
0
0
... 0
b1
u11
u21
u22 . ..
0
0
... 0
b2

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

uk1
uk2 . .. ukk
0
... 0
bk

uk+1,1 uk+1,2 . .. uk+1,k


0
... 0 bk+1

B1 =
(11.10)
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

um1
um2 . .. umk
0
... 0
bm

c11
c12 . .. c1k c1,k+1 ... c1n
0

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cn2 . .. cnk cn,k+1 ... cnn
0
cn1
k  1, k  min(m, n), u11 = 0, ... , ukk = 0. (
b1 , ... , bm b1 , ... , bm , ,
m B.) B (11.10), B (

11.2.

279

b1) , (
), , , .
(
) . .
B1 (11.10) ,

0
.. .
0
0
. .. 0
u11
u21
u22 .. .
0
0
. .. 0

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

uk1
uk2 .. . ukk
0
. .. 0

uk+1,1 uk+1,2 .. . uk+1,k


0
. .. 0

.
B2 =

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
um1

u
..
.
u
0
.
..
0
mm
m2

c11

c
..
.
c
c
.
..
f
12
1k
1,k+1
1n

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cn1
cn2 .. . cnk cn,k+1 . .. fnn

(11.11)

k B1
. , B2 , b1 /u11 ,
, (n + 1)- . u22 (n + 1)-
.
(11.10) (11.11)
, (11.9)
. B2 (11.11),
(11.9)


x1
c1,k+1
c1n
f1
. .. = . .. + t1 ... + .. . + tnk ... ,
xn
fn
cn,k+1
cnn
t1 , ... , tnk .
(11.9) (11.5);
.

280

. 11.

11.3.

K .
n

aij xj = bi , i = 1, ... , m
(11.12)
j=1

K. , . . .
O(mn2)
K.
n n O(n3)
, ,
.
. [6;
19; 89, . 2] .
, , , . [210; 151; 150] .
,
. .

( ) . xj ,
, ,
.
( )
2 : . ,
- ,
( ,
). ,
,
; .
, - , , , .
, , , . , , ,

11.4.

281

, , , , .
,
.
, .
. . , ,
.
, .
. ,
.
. (
, . . ), .
, ,
(. . ). - (,
). ,
.

. .

,
, . [162; 159] .

11.4.
[153] . , , , . [150; 104;
276] . [193] , GF (2).

282

. 11.

[104] , .
K , A n n K, b n-
, b = 0.
Ax = b.

(11.13)

, A , T
b b Ab = 0. S, n- s0 , s1 , s2 , . ..,
s0 = b,

si = Ai b = Asi1 ,

i = 1, 2, .. .

(11.14)

11.1. m N, s0 , ... , sm1


K, s0 , . .. , sm .
S s0 , .. . , sm1 .
m1

j sj , j K, . sm =
(11.14) , sm+1 = Asm =

j=0
m2


m1


j=0

j=0

j sj+1 + m1

j sj . -

. 
m 11.1.
n

(x, y) = xi yi ,
i=1

x = (x1 , ... , xn), y = (y1 , . .. , yn). x y


(x, y) A = (x, Ay) = xT Ay = (Ax, y) K;

(x, y) A
.
(x, y) A ,
. . w0 , w1 , w2 , .. .,
(wi , wj) A = 0 i = j
(11.15)
,

w0 = s0 ,

w1 = s1 10 w0 ,
..........................

wi = si i0 w0 . .. i,i1 wi1 ,

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

(11.16)

11.4.

283

ij K. , i > j (wi , wj) A = 0, ij



(wi , wj) A = (si , wj) A ij (wj , wj) A = 0.
,
k ,
(wk , wk) A = 0.

(11.17)

11.2. k  m
(11.17).
. (11.16) s0 , .. . , si w0 , .. . , wi ,
. w0 , .. . , wi
, s0 , .. . , si . , w0 , .. . , wm ,
. . k < m (11.17) ., w0 , . .. , wm1 , w0 , . .. , wm ,
m1

ci wi , ci K.
wm =
i=0

0 = (wm , wi) = ci , i = 0, .. . , m 1, . . wm = 0. 
11.3. wk . wk = 0, k = m; wk = 0, k < m.
. 11.2 ,
k < m wk , s0 , .. . , sk
. , wk = 0, k = m. k = m, wm = 0
(. 11.2). 
(11.13). , r  0
x=

r


ci wi ,

ci K.

(11.18)

i=0

Ax =

r


ci Awi = b,

i=0



r

(wi , b) = wi ,
cj Awj = ci (wi , wi) A .
j=0

(wi , wi) A = 0 , ci = (wi , b) / (wi , wi) A .

284

. 11.

, (11.13)
x=

r

(wi , b)
i=0

(wi , wi)

wi .

(11.19)

11.4.
k = m,
w0 , .. . , wm1 , wm = 0. (11.19) r = m 1
(11.13).
. x (11.19)
(wi , Ax) =

m1

j=0

(wj , b)
(w , Awj) = (wi , b),
(wj , wj) A i

i = 0, .. . , m 1.

Ax b ( ) w0 , . .. , wm1 , , ,
= L (S). A ,
w
(Aw, Ax b) = 0.
b = s0 Ax , Ax b =

(11.20)
m1


i wi , i K.

i=0

(11.20) A ,

m1
m1


0 = Awj ,
i wi =
i (wj , wi) A = j (wj , wj) A , j = 0, . .. , m 1.
i=0

i=0

0 = . .. = m1 = 0, Ax = b, . 
11.5. ,
(11.13).
(11.16).
w0 , w1 , ... ,

w0 = s0 = b,





w1 = Aw0 10 w0 ,
(11.21)
.........................

i1





wi = Awi1 j=0 ij wj ,

.........................

11.4.

285

( ij K) , . .
(wi , wj) A = 0

i = j.

(11.22)

(11.23)

ij
ij =

(Awi1 , wj) A
(wj , wj) A

, (wj , wj) A = 0.
11.6. i wi wi ,
wi = wi .
. i = 0 w0 = s0 = w0 .
, wi = wi i  t, wt+1 wt+1 t

. wt+1 = Awt
t+1,j wj . wi j=0
t1


(11.16) si = Ai b, Awt = At+1 b A
tl wl = At+1 b

t

l=0
t

l=0

l=0

tl wl

tl

K. , wt+1 = At+1 b


t+1,l wl . wt+1 (11.16) -

wt+1 = At+1 b

t

l=0

t+1,l wl . wt+1 wt+1 =

t


l wl

l=0

( l K)

w0 , ...
 t


.. . , wt . , 0 =
l wl , wj = j (wj , wj) A = 0 j = 0, ... , t.
l=0

(wj , wj) A = 0, j = 0, j = 0, . .. , l, wt+1 = wt+1 . 


(11.21), (11.22) 11.6 , wi wi
, (11.23)
ij =

(Awi1 , wj) A
,
(wj , wj) A

0  j  i 1.

, j  i 1
ij

j
(wi1 , wj+1 + l=0 j+1,l wl) A
(wi1 , Awj) A
=
=
.
(wj , wj) A
(wj , wj) A

(11.24)

286

. 11.

j + 1 < i 1 , ij = 0. , (11.21)


wi = Awi1

(wi1 , Awi1) A
(w , Awi2) A)
w i1
w ,
(wi1 , wi1) A i1
(wi2 , Awi2) A i2

(11.25)

. . . , (11.16).
.
w0 = b, w1 , w2 , . .. , (11.21), (11.23), (11.25) ( ,
11.6). wi = 0
, (wi , wi) A = 0, (11.13)
. wm = 0, x
(11.19) r = m 1. ,
.
A (11.13) ( ).

D
AT D2 Ax = AT D2 b.

(11.26)

AT D2 A = (DA) T DA , (11.26) .
x
(11.13), D.
Ax = 0 , (x1 , ... , xn) xn = 0. xn = 1,
xn
.

[104] .
,
(. . 5).

11.5.

287

11.5.
[281]

Ax = b,

b = 0,

(11.27)

K = GF (q). A ; w A.
, A n n ; ,
[281] . ,
, . ,
2 O(n(w + n log n log log n)) . ,
[281]

.
, , , . [139] .
, , ,
. [96; 105; 138; 140; 177] .
(11.27). A ( A)
Kn . S, {Ai b | i = 0, 1, 2, . ..}, AS = A|S S S. f(z) K [z] AS , . . , ,
f(AS) S. f(z)
, 1. ,
g(z) K [z] , g(AS) S ,
g(A)b = 0. , f(z) det(zIn A), deg f(z)  n.
d

d = deg f(z), f(z) = f [i] zi , f [i] K
i=0

f(z). f(z), (11.27):


f(A)b = 0 f [0] = 1,
x=

d

i=1

f [i] Ai1 b.

(11.28)

288

. 11.

u - Kn ; (, ) Kn K,
((v1 , . .. , vn), (w1 , .. . , wn)) =

n


vi wi .

i=1

f(A)b = 0,
(u, Ai b),

i = 0, 1, 2, ...

(11.29)

, f(z). fu (z) (11.29) (. . ). fu | f(z).


,
f(z) = q(z)fu (z) + r(z),

deg r(z) < deg fu (z),


0 = (u, f(A)b) = (u, q(A)fu (A)b) + (u, r(A)b),
(u, fu (A)Aj b) = 0,

j = 0, 1, 2, .. . ,

fu (z) , r(z) = 0. f(z) 1, , fu


1.
fu (z) (11.29) (. [7;
31, . 2; 175]) 2n . (11.27): u,
fu (z) , f(z) = fu (z), x (11.28).
[281] ,
(11.27).
(11.27). b0 = b,
f1 (z) = fu1 (z) u1 . b1 = f1 (A)b0 0, x (11.28) ( f1 (z) = f(z)).
b1 = 0, , . .
u2 f2 (z) = fu2 (z) (u2 , Ai b1). b2 = f2 (A)b1 = 0, (
) f(z) = f1 (z)f2 (z) x (11.28),
u3 . .

11.5.

, k ,
f(z). , ,
, , f1 (z) . .. fk1 (z)
fk (z)

289

f1 (z) . .. fk (z) f1 (z) | f(z). f(z),


f (z)

{(uk , Ai bk1)}i = {(uk , fk1 (A) . ..f1 (A)Aj b)}j ,


f1 (z) . .. fk1 (z)

f (z)

, fk (z)

, f1 (z) . . . fk1 (z)


.
, bk = fk (A) . .. f1 (A)b = 0, f(x) = f1 (x) . ..
.. . fk (x). ,
bk = fk (A)bk1 , (11.27) (11.28).
1.

g(z) K [z] g(z)


=

g(z) g(0)
.
z

1.
1 . b0 := b, k := 0, y0 := 0, d0 := 0.
2 . bk = 0, (11.27) x = yk ,
.
3 . uk+1 Kn , uk+1 = 0.
4 . 2(n dk)
{(uk+1 , Ai bk)}i=0,1,2,...
5 . fk+1 (z) 4, , .
6 .
yk+1 := yk + f k+1 (A)bk ,
bk+1 := b0 + Ayk+1 ,
dk+1 := dk + deg fk+1 (z).
7 . k := k + 1 2 .
.
. ,
f(z) = f (z) f (0) (11.28) (
z
). k = 0 u1 , 2n {(u1 , Ai b)}i=0,1,... f1 (x) f (A) 1
. y = f 1 (A)b, b1 = b0 + Ay = b + A 1
b = f1 (A)b,
1

d1 = deg f1 (z). . k
19 . .

290

. 11.


yk =

fk (A) . . . f1 (A) 1
b,
A

bk = fk (A) . . . f1 (A) b.

(11.30)
(11.31)

k + 1
yk+1 = yk + f k+1 (A)bk =
=

f
(A) 1
f
(A) . . . f1 (A) 1
fk (A) . . . f1 (A) 1
b + k+1
fk (A) . .. f1 (A)b = k+1
b,
A
A
A
f
(A) . . . f1 (A) 1
bk+1 = b + A k+1
b = fk+1 (A) . .. f1 (A)b.
A

(11.30) (11.31) . 1 .
.
2.
1 . Ai b, i = 0, 1, ... , 2n 1.
2 . k := 0, g0 (z) := 1.
3 . uk+1 := (0, ... , 0, 1, 0, .. . , 0) (
(k + 1)- ).
4 . 1- ,
(uk+1 , Ai b), i = 0, 1, . .. , 2n 1.
5 .
(uk+1 , gk (A)Ai b),

i = 0, . .. , 2n 1 deg gk (z)

( ,
. [281]).
6 . ( ) fk+1 (z) ,
5- ( fk+1 (z) 1).
7 . gk+1 (z) := fk+1 (z)gk (z).
8 . k := k + 1. deg gk (z) < n k < n,
3 .
9 . f(z) = gk (z) 1
Ai b x (11.27) (11.28).
.
2. , 2 , 1, uk

11.6. .

291

, (0, .. . , 0, 1, 0, ... , 0).


, gk (z) = fk (z) . . . f1 (z), fk (z)
(uk , fk1 (A) . .. f1 (A)Ai b),

i = 0, . .. , 2n 1 deg(fk1 (z) . . . f1 (z)).

k.
k < n deg gk (z) = n. deg f(z)  n
gk (z) | f(z), gk (z) = f(z). , 9
(11.27).
, k = n. u1 , .. . , un , gn (A)b u1 , ... , un
( ). , gn (A)b = 0.
gn (z) | f(z) f(z) , gk (z) = f(z). 2 .
.
[281] .

11.6. .

[150] . ,
(. [97; 210]), , [151] , , .
.

, , (. [2]). [26]
n GF (q) O(n3 / logq n)
. [78] GF (2), , ,
; . [212] .

[74] [209] .
(,
).
19*

.

, . [18] .
; . [25,
. 4.5.2; 60, . 4; 89, . 1] .
. a Z, b N, d = (a, b). a b : a = q0 b + r0 , 0  r0 < b.
r0 > 0, b r0 : b = q1 r0 + r1 , 0  r1 < r0 , . . rj :
rj2 = qj rj1 + rj ,

j = 0, 1, 2 ... ,

(1)

r2 = a, r1 = b. rk , rk1 =
= qk+1 rk . d = (a, b) = rk . (1) .
d = rk d = au + bv, u, v Z.
rk (1),
: rk1 rk2 (1); , rk1 = rk3 qk1 rk2 , rk rk2 rk3 ,
. rk a b.
.

u1 a + u2 b = u3 ,
v1 a + v2 b = v3 ,

t1 a + t2 b = t3 .

(2)

1
(u1 , u2 , u3) := (1, 0, a),

(v1 , v2 , v3) := (0, 1, b),

(t1 , t2 , t3) := (0, 0, 0).

v3 = 0.
, d, u, v u3 , u1 , u2
. v3 = 0, :

293

u3 = qv3 + r. :
(t1 , t2 , t3) := (v1 , v2 , v3),
(v1 , v2 , v3) := (u1 qv1 , u2 qv2 , u3 qv3),
(u1 , u2 , u3) := (t1 , t2 , t3).
v3 Z0 , . ,
u2 , v2 , t2 , u1 , u3 , v1 , v3 , t1 , t3 .
1 (). k (1)

k  5([log10 b] + 1).
2. O(log b)
.
3.
:
- a - b q , r Z , a = q b + r , 0  |r |  b /2.
.
.
4. a, b Z, m N. , a b m ( a b (mod m)), m | a b,
, , a b m;
, , a = b + mt, t Z.
m , Z 0, 1, .. . , m 1
, 0, 1, . .. , m 1 m. Z/mZ m. a Z
a (mod m) m, a. Z/mZ (Z/mZ) . a Z m
,
ax 1 (mod m).

(3)

(3) , (a, m) = 1. (3) :


u, v Z , au + mv = 1, a (mod m)u (mod m)
1 (mod m), . . u a1 (mod m).

294

m a1 , .. . , am , m. m
- b1 , .. . , bk , k = |(Z/mZ) |,
m m.
 (m): m N,  (m) =
= |(Z/mZ) |. ,  (m) {0, 1, ... , m 1}, m. ,  (1) = 1,
 (p) = p 1, p .
k


 (m): m =
pj j m
j=1

,  (m) = m

k


(1 1/pj).

j=1

5 (). (a, m) = 1,
a (m) 1 (mod m).
6 ( ). p , p
a,
ap1 1 (mod p).
7 ( ).

x a1 (mod m1),
.................
(4)

x ak (mod mk),
(mi , mj) = 1 i = j. M = m1 .. . mk ; Mi = M/mi ,
i = 1, . .. , k. ( )
b1 , . .. , bk , Mi bi 1 (mod mi), i = 1, . .. , k.
(4)
x
. . x =

k


k


Mi ai bi (mod M),

i=1

Mi ai bi + Mt, t Z.

i=1

(Z/mZ) . , m = 1, 2, 4, pk , 2pk , p
, k N. g Z , g (mod m)
(Z/mZ) ( , ), m.

295

8. p , p > 2.
k


qj j p 1 1) p 1 =
j=1

. g p
,
(g, p) = 1,

g (p1) /qj  1 (mod p),

j = 1, . .. , k.

2) g p, g1
g g + p, xp1  1 (mod p2). g1
p2 .
3) g2 p2 ,
g2 pk
k N.
9. (Z/4Z) = 3 (mod 4) 2 . , k  3
(Z/2k Z) = 1 (mod 2k) 2 5 (mod 2k) 2k2
(Z/2k Z)
.
m = 20 p1 1 ... pkk m ,
(Z/mZ) ,
pi i , i = 1, . .. , k (. [18, .6]).
g m, a Z, (a, m) = 1,
gx a (mod m) a
g a g indg a logg a.  (m),
. ., indg a Z/ (m)Z.
m Z. m
: Z C :
1) (n) = 0 , (m, n) > 1;
2) (n + m) = (n) n Z;
3) (n1 n2) = (n1) (n2) n1 , n2 Z.
(Z/mZ) ,
Z.
.
p , p > 2. a Z, (a, p) = 1. a
p,
x2 a (mod p)

(5)

296

;

 . a

( a Z) +1, a
a
 a p
= 1, a ;
= 0,
p;
p

a 0 (mod p).
:
1) :
 
a
a (p1) /2 (mod p);
p
a b 
=
;
2) a b (mod p),
p
p
 
 
1
1
= 1,
= (1) (p1) /2 ;
3)
p
p
    
ab
a
b
=
;
4)
p
p
p
 
2
2
= (1) (p 1) /8 ;
5)

6) : p, q , p = q,
 
 
q
p
= (1) (p1) (q1) /4
.
p

m N, m m =

k


pj j  
a
m , a Z
m

k  
  
a
a j
=
.
m

j=1

j=1

pj

:    
a
b
1) a b (mod m),
=
;
m
m
 
 
1
1
= 1,
= (1) (m1) /2 ;
2)
m
m 
   
ab
a
b
=
;
3)
m
m
m
2
2
= (1) (m 1) /8 ;
4)
m

5) m n ,
m
n
= (1) (m1) (n1) /4
.
n

297

, . ,
, [89, . 1] .
m N, f(x) Z[x] . f(x)
0 (mod m),
f(x) 0 (mod p), p
,  N ( ). a
f(x) 0 (mod p), a1
f(x) 0 (mod p+1) ( ).
. [18, . 4] .
f(x) 0 (mod p) . 6 .

( ) , ., , [29; 41] . n Z0 , a0 Z,
a1 , .. . , an N. n- [a0 ; a1 , ... , an ]
[a0 ; a1 , ... , an ] = a0 +

1
a1 +

1
a2 +

1
... +

1
an

, 0- [a0 ; ] = a0 .
10.  = 1  = [a0 ; a1 , .. . , an ] n Z0 , a0 Z,
a1 , .. . , an N. , ,
an > 1.
11.  = 1 = [1; ] = [0; 1] , 1.  = 1,
 = [a0 ; a1 , .. . , an ] , an N, an > 1,   = [a0 ; a1 , .. . , an 1, 1] .
 = [a0 ; a1 , . .. , an ] pk /qk =
= [a0 ; a1 , .. . , ak ] , k = 0, 1, .. . , n, pk Z, qk N, (pk , qk) = 1.
p1 = 1, q1 = 0.

p0 = a0 , q0 = 1,
pk = ak pk1 + pk2 , qk = ak qk1 + qk2 k  1,
.

298

 :
1) pk qk1 pk1 qk = (1) k1 , k = 0, 1, .. .;
2) pk qk2 pk2 qk = (1) k ak , k = 2, 3, . ..;
3) , ;
4) ;
5) 1

= q0 
q1 < q2 < ... < qn ;
p

1
1

6)
 k

 2;
qk
qk+1 qk
q
k

a
p

7)
 k
 k+2 .
qk

qk+2 qk

a0 Z, a1 , a2 , . .. N,
[a0 ; a1 , a2 , .. .]
 = [a0 ; a1 , a2 , .. .] = lim [a0 ; a1 , .. . , an ] .
n

(6)

pn /qn = [a0 ; a1 , .. . , an ]
. ,
; ,
, (6) .
12. 
 = [a0 ; a1 , a2 ...] .
13.  R .  = [] + {}.
a0 = [] , r1 = 1/{},  = a0 + 1/r1 . r1 = [r1 ] +

1
=
1/{r1 }

= a1 + 1/r2 . (k + 1)-
 = a0 +

1
a1 +

1
... +

1
ak1 +

1
rk

 = a/b Q,
a b.  R \ Q, .

:  = [a0 ; a1 , ... , ak1 , ak , .. . , ak+T ] , ak , .. . , ak+T . ,

5 = [2; 4] = [2; 4, 4, 4, . ..] .

299

14 ().  R \ Q ,
 , . . ax2 + bx + c = 0, a N, b, c Z.

.
, . 2
,
.
.
a, b N, a  b. d = (a, b).
1 . r a b. a := b, b := r.
2 . b = 0, a . k := 0,
, a b , :

k := k + 1,
(7)
a := a/2,

b := b/2.
( 2k (a, b), .)
3 . a b . a
, a := a/2 , a
. b.
4 . a b . t := (a b) /2.
t = 0, 2k a .
5 . , t , t := t/2.
6 . t , t = 0. t > 0, a := t. t < 0,
b := t. 4 .
.
15. . [25, . 4.5.2] .
.
u, v N, u  v (u, v ). d = (u, v). : t, w
, u, v, A, B, C, D, T, q , p-. , p,
;
b N.

300

1 . ( .)
1) v ( , v = 0), u v d,
.
2) u b k1 p , v k2 p ,
k1 > k2 , u = tv + w, u := v, v := w. ( u v .)
3) u , p u;
v v.
A := 1,

B := 0,

C := 0,

D := 1.

2 . ( .) u = 0, v = 0, u  v.
u = 0, u + A = 0 u + B = 0 ( ,
; , u = bp 1, A = 1,
u + A = 0), 4 . , v = 0, v + C =0
u + A

.
v + D = 0, 4 . q :=
v + C


u+B
q =
, 4 .
v + D

3 . :

T := A qC,
T := B qD,
A := C,
B := D,

C := T,
D := T,

T := u qv,
u := v,

v := T.

v = 0, 4 . 2 .
4 . B = 0,
u v: u = wv + t, 0  t  v 1. u := v, v := t, 1- . B = 0,

t := Au + Bv,

w := Cu + Dv,

u := t, v := w. 1 .
.
.
a, b N, a  b. d =
= (a, b) N u, v Z , au + bv = d. v1 , v3 , t1 , t3
f1 , f2 .

301

1 . ( .) a < b,
a b f1 := 1. f1 := 0. b = 0,
(u, v, d) = (1, 0, a) f1 = 0, (u, v, d) = (0, 1, a) f1 = 1; . a = bq + r, 0  r < b, a := b, b := r.
2 . ( .) b = 0,
(u, v, d) = (0, 1, a) f1 = 0, (u, v, d) = (1, 0, a) f1 = 1 . k := 0, , a b ,
:

k := k + 1,

a := a/2,

b := b/2.
3 . (.) b , a b
f2 := 1. f2 := 0. ,
u := 1,

d := a,

v1 := 0,

v3 := b.

a , t1 := 0, t3 := b, 5 .
t1 := (b + 1) /2, t3 := a/2.
4 ( .) t3 ,

t3 := t3 /2, t1 := t1 /2,
t1 ,
t3 := t3 /2, t1 := (t1 + b) /2, t1 ,
4 .
5 . (.) t3 > 0, u := t1 , d := t3 ; v1 := b t1 ,
v3 := t3 .
6 . (.)
t1 := u v1 ,

t3 := d v3 .

t1 < 0, t1 := t1 + b. t3 = 0, 4- .
7 . (.) v := (d au) /b, d := 2k d.
f2 = 1, u v . u := u vq.
(u, v, d) f1 = 1, (v, u, d) f1 = 0.
.
. G - , g G,
n N. h = gn G. n = bk 2k + bk1 2k1 + ...
.. . + b1 2 + b0 n, . . bi {0; 1}, bk = 1.

302

1 . hj = g2 , j = 0, 1, ... , k;
h0 = g, hj+1 := hj hj .

h=
hj .
j : bj =1

h 2k + 1 =
= O(log n) G.
2 .
j1
j2
h j = gbk 2 +bk1 2 +...+bkj+1 , j = 1, 2, .. . , k + 1.

h 1 = g = gbk . , h j , h j+1 := h j h j ,
bkj = 0; h j+1 := h j h j g, bkj = 1. h k+1 = h = gn .
O(log n) G.
j
. 510000 Z. 52 .
. h j+1
h j h j , g = 5 ( bkj = 1), . . . .
.


[1] . .
.: , 1994.
[2] . . . // . . 1988. . 25. . 189236.
[3] . ., . ., . ., . .
. .: , 2002. 2- .
[4] . ., . ., . ., . . . .: , 1997.
[5] ., ., . . .: , 1979.
[6] . ., . . . . 1. .: , 1966.
[7] . . .: ,
1971.
[8] . ., . . . .: , 1985.
[9] . . . .: , 1976.
[10] . . . // . . 1988. . 25. . 162188.
[11] . .
// . . -. . 1. . .
1997. 5. . 6264.
[12] . . // .
. -. . 1. . . 1998. 5. . 5658.
[13] . . // .
. -. . 1. . . 2000. 2. . 4142.
[14] . .
// . . -. . 1. . . 2000. 5.
. 5355.
[15] . . // IV
. , 1015 , 2001 / . . 3536.
[16] . .
// . . -. .
1. . . 2001. 5. . 4951.

304

[17] . .
RSA // IV . , 10-15 , 2001 /
. 3637.
[18] . . . .: , 1972.
[19] . . . ., 1954.
[20] . .
- //
. 1998. . 10 (4). . 3538.
[21] . .
// . . .
. 1984. 137. . 2079.
[22] ., ., . . .:
, 1991.
[23] . ., . .
// . 1961. . 145 (2). . 293294.
[24] . . .: , 1965.
[25] . . . 2. . : .., 2000. 3- .
[26] . .
// . 1967.
. 19. . 269274.
[27] . . . .: , 1977.
[28] . . - // . 12 .
. . II. .
., 1999. . 135.
[29] . . .: ,
1970.
[30] . . .: , 1984.
[31] ., . . T. 1, 2. .: , 1988.
[32] . . GF (p) // . 2002.
. 15 (1). . 2849.
[33] . ., . .
GF (p) // . . . . 2000. . 7 (2).
C. 387389,
[34] . . // . 1994. . 4649.

305

[35] . . // . . 1994. . 55 (2).


. 91101.
[36] . . . .: , 1999.
[37] ., . . .: ,
1999.
[38] . . . . .: - , 1988.
[39] . . , // . 1963.
. 150 (3). . 496498.
[40] . // . . 1986. . 23. . 5199.
[41] . . . .: , 1978.
[42] . . . . 1. .
- , 1946.
[43] . .
// . . .
. 1984. 137. . 124188.
[44] Adleman L. A subexponential algorithm for the discrete logarithm
problem with applications to cryptography // Proc. 20th Ann. IEEE
Symp. Found. Comput. Sci. 1979. P. 5560.
[45] Adleman L. The function eld sieve // Proceedings of ANTS-I.
1994. (Lect. Notes in Comput. Sci.; V. 877). P. 108121.
[46] Adleman L., Pomerance C., Rumely R. S. On distinguishing prime
numbers from composite numbers // Ann. Math. 1983. V. 117.
P. 173206.
[47] Adleman L., Huang M.-D. A. Primality testing and abelian varietes
over nite elds. 1992. (Lect. Notes in Math.; V. 1512).
[48] Adleman L., McCurley K. Open problems in number theoretic
complexity // Proceedings of ANTS-I. 1994. (Lect. Notes in
Comput. Sci.; V. 877). P. 291322.
[49] Adleman L. M., Manders K., Miller G. L. On taking roots in
nite elds // Proc. 18th Ann. Symp. Found. Comput. Sci. 1977.
P. 175178.
[50] Agrawal M., Kayal N., Saxena N. PRIMES is in P. Preprint,
August 2002.
[51] Alford W. R., Granville A., Pomerance C. There are innitely many
Carmichael numbers // Ann. Math. 1994. V. 140. P. 703722.
20 . .

306

[52] Alford W. R., Granville A., Pomerance C. On the diculty of


nding reliable witnesses (invited talk) // Proceedings of ANTSI. 1994. (Lect. Notes in Comput. Sci.; V. 877). P. 116.
[53] Alt H. Square rooting is as dicult as multiplication // Computing.
1979. V. 21. P. 221232.
[54] Ankeny N. C. The least quadratic non-residue // Ann. Math. 1952.
V. 55. P. 6572.
[55] Apostol T. M. Introduction to analytic number theory. SpringerVerlag, 1997.
[56] Atkin A. O. L., Morain F. Elliptic curves and primality proving //
Math. Comp. 1993. V. 61 (203). P. 2967.
[57] Atkin A. O. L., Morain F. Finding suitable curves for elliptic method
of factoring // Math. Comp. 1993. V. 60 (201). P. 399405.
[58] Atkins D., Gra M., Lenstra A. K., Leyland P. C. The magic
words are squeamish ossifrage // Advances in cryptology
ASIACRYPT94 (Wollongong, 1994). 1995. (Lecture Notes in
Computer Science; V. 917). P. 263277.
[59] Bach E., Shallit J. Factoring with cyclotomic polynomials // Math.
Comp. 1989. V. 52 (185). P. 201219.
[60] Bach E., Shallit J. Algorithmic number theory. V. 1. MIT Press,
1996.
[61] Baker R. C., Harman G. The BrunTitchmarsh theorem on
average // Proc. Conf. in Honour of Heini Halberstam. V. 1. 1996.
P. 39103.
[62] Ben-Or M. Probabilistic algorithms in nite elds // Proc. 22nd
Ann. IEEE Symp. Found. Comput. Sci. 1981. P. 394398.
[63] Berlekamp E. R. Factoring polynomials over nite elds // Bell
System Tech. J. 1967. V. 46. P. 18531859.
[64] Bernstein D. J. Detecting perfect powers in essentially linear time //
Math. Comp. 1998. V. 67 (223). P. 12531283.
[65] Blake I. F., Seroussi G., Smart N. P. Elliptic curves in
cryptography. Cambridge University Press, 1999.
[66] Boender H., te Riele H. J. J. Factoring integers with large prime
variations of the quadratic sieve / CWI Report NM-R9513. 1995.
[67] Borodin A. B., Munro I. The computational complexity of algebraic
and numeric problems. N. Y.: American Elsevier, 1975.
[68] Bosma W., van der Hulst M. P. Faster primality testing (extended
abstract) // Advances in Cryptology EuroCrypt89 / JeanJacques Quisquater and Joos Vandewalle, editors. Berlin: SpringerVerlag, 1989. (Lect. Notes in Comput. Sci.; V. 434). P. 652656.

307

[69] Bosselaerts A., Govaerts R., Vandewalle J. Comparison of


three modular reduction functions // Advances in Cryptology
Crypto93 / Douglas R. Stinson, editor. Berlin: Springer-Verlag,
1993. (Lect. Notes in Comput. Sci.; V. 773). P. 175186.
[70] Brassard G., Monet S., Zuelato D. Algorithmes pour
larithmetique des tres grands entiers // Techniques and Science
Informatique. 1986. V. 5. P. 89102.
[71] Brent R. P. An improved Monte Carlo factorization algorithm //
BIT. 1980. V. 20. P. 176184.
[72] Brent R. P. Some integer factorization algorithms using elliptic
curves // Austral. Comput. Sci. Comm. 1986. V. 8. P. 149163.
[73] Brent R. P. Factorization of the tenth Fermat number // Math.
Comp. 1999. V. 68. P. 429451.
[74] Brent R. P. Some parallel algorithms for integer factorisation //
Lect. Notes in Comput. Sci. 1999. V. 1685. P. 122.
[75] Brent R. P., Pollard J. M. Factorization of the eighth Fermat
number // Math. Comp. 1981. V. 36. P. 627630.
[76] Brentjes A. J. Multidimensional continued fraction algorithms.
Amsterdam, 1981. (Mathematical Centre Tracts; V. 145).
[77] Bressoud D. M. Factorization and primality testing. SpringerVerlag, 1989.
[78] Brillhart J. A note on nding depencensies over GF (2) // Utilitas
Math. 1989. V. 36. P. 211213.
[79] Brillhart J., Morrison M. A. A method of factoring and the
factorization of F7 // Math. Comp. 1975. V. 29. P. 183205.
[80] Brillhart J., Tonascia J., Weinberger P. On the Fermat quotient //
Computers in number theory. London, N. Y.: Acad. Press, 1971.
P. 213222.
[81] Buchberger B., Winkler F. Grbner bases and applications.
Cambridge Univ. Press, 1998. (London Math. Soc. Lecture Notes
Series; V. 251).
[82] Buchmann J., Jacobson M. J., Teske E. On some computational
problems in nite abelian groups // Math. Comp. 1997. V. 66 (220).
P. 16631687.
[83] Buchmann J., Weber D. Discrete logarithms: Recent progress //
Proc. Internat Conf. on Coding Theory, Cryptography and Related
Areas, Guanajuato. Springer-Verlag, 2000. P. 4256.
[84] Buell D. A. Binary quadratic forms: classical theory and modern
computations. Springer-Verlag, 1989.
20*

308

[85] Cantor D. G., Zassenhaus H. A new algorithm for factoring


polynomials over nite elds // Math. Comp. 1981. V. 36.
P. 587592.
[86] Caron T. R., Silverman R. D. Parallel implementation of the
quadratic sieve. J. Supercomputing. 1988. V. 1. P. 273290.
[87] Cavallar S., Dodson B., Lenstra A. K., Leyland P. C.,
Lioen W. M., Montgomery P. L., Murphy B., te Riele H. J. J.,
Zimmerman P. Factorization of RSA-140 using the number eld
sieve / CWI Report MAS-R9925, September 1999.
[88] Cavallar S., Lioen W. M., te Riele H. J. J., Dodson B.,
Lenstra A. K., Montgomery P. L., Murphy B. et al. Factorization
of 512-bit RSA-modulus / CWI Report MAS-R0007, February
2000.
[89] Cohen H. A course in computational algebraic number theory.
Springer-Verlag, 1993.
[90] Cohen H., Lenstra H. W. Primality testing and Jacobi sums //
Math. Comp. 1984. V. 42 (165). P. 297330.
[91] Comba P. G. Experiments in fast multiplication of integers /
Technical Report G320-2158, IBM, Cambridge Scientic Center,
February 1989.
[92] Comba P. G. Exponentiation cryptosystems on IBM PC // IBM
Systems J. 1990. V. 29 (4). P. 2937.
[93] Contini S. Factoring integers with the self initializing quadratic
sieve / Masters thesis. Univ. Georgia, 1997.
[94] Cook S. A. On the minimum computation time of functions /
Doctoral thesis. Harvard University, Cambridge, Mass., 1966.
[95] Coppersmith D. Fast evaluation of discrete logarithms in elds of
characteristic two. IEEE Trans // Inform. Theory. 1984. V. 30 (4).
P. 587594.
[96] Coppersmith D. Solving homogeneous linear equations over GF (2)
via block Wiedemann algorithm // Math. Comp. 1994. V. 62 (205).
P. 333350.
[97] Coppersmith D., Odlyzko A., Schroeppel R. Discrete logarithms
in GF (p) // Algorithmica. 1986. V. 1. P. 115.
[98] Coppersmith D., Winograd S. On the asymptotic complexity of
matrix multiplication // SIAM J. Comput. 1982. V. 11. P. 472492.
[99] Couvreur C., Quisquater J. J. An introduction to fast generation of
large primes // Philips J. Res. 1982. V. 37. P. 231264. Errata in:
1983. V. 38. P. 77.

309

[100] Cox D., Little J., OShea D. Ideals, verietes and algorithms. N. Y.:
Springer-Verlag, 1992. (Undergraduate Texts in Mathematics).
[101] Crandall R., Pomerance C. Prime numbers: a computational
perspective. Springer-Verlag, 2001.
[102] de Weger B. Algorithms for Diophantine equations / Dissertation.
Centrum voor Wiskunde en Informatica, Amsterdam, 1988.
[103] Denny T., Mller V. On the reduction of composed relations from
the number eld sieve // Proceedings of ANTS-II. 1996. (Lect.
Notes in Comput. Sci.; V. 1122). P. 7590.
[104] Denny T. F. Lsen groer dnnbesetzter Gleichungssysteme ber
endlichen Primkrpern / Dissertation. Universitt des Saarlandes,
Saarbrcken, 1997.
[105] Diaz A., Hitz M., Kaltofen E., Lobo A. Process scheduling in
DSC and the large sparce linear systems challenge // Lect. Notes
in Comput. Sci. 1993. V. 722. P. 6680.
[106] Dixon B., Lenstra A. K. Massively parallel elliptic curve factoring //
Lect. Notes in Comput. Sci. V. 658. 1993. P. 183193.
[107] Dodson B., Lenstra A. K. NFS with four large primes: an explosive
experiment // Advances in Cryptology Crypto95. 1995. (Lect.
Notes in Comput. Sci.; V. 963). P. 372385.
[108] ElGamal T. A subexponential-time algorithm for computing
discrete logarithms over GF (p2) // IEEE Trans. Inform. Theory.
1985. V. 31. P. 473481.
[109] ElGamal T. On computing logarithm over nite elds // Advances
in cryptology CRYPTO85 (Santa Barbara, Calif., 1985). 1986.
(Lect. Notes in Comput. Sci.; V. 218). P. 396402.
[110] Elkenbracht-Huizing M. An implementation of the number eld
sieve // Experimental Mathematics. 1996. V. 5. P. 231253.
[111] Elkenbracht-Huizing M. A multiple polynomial general number
eld sieve // Proceedings of ANTS-II. 1996. (Lect. Notes in
Comput. Sci.; V. 1122). P. 99114.
[112] Elkenbracht-Huizing M. Factoring integers with the number eld
sieve / PhD thesis. Leiden Univ., 1997.
[113] Elkies N. D. Elliptic and modular curves over nite elds and related
computaional issues // Computational perspectives in number
theory: Proc. of a Conf. in Honor of A. O. L. Atkin / J. T. Teitelbaum
and D. A. Buell, editors. 1998. (Amer. Math. Soc. Inf. Press; V. 7).
P. 2176.
[114] Ernvall R., Mtsankla T. On the p-divisibility of Fermat
quotients // Math. Comp. 1997. V. 66 (219). P. 13531365.

310

[115] Fagin B. S. Large integers multiplication on massively parallel


processors // Proc. Frontiers90: Third Symp. on the Frontiers of
Massively Parallel Computation. IEEE Press, 1990. P. 3842.
[116] Ferguson H. R. P. A short proof of the existence of vector Eucledian
algorithm // Proc. Amer. Math. Soc. 1986. V. 97. P. 810.
[117] Ferguson H. R. P. A non-inductive GL(n, 2) algorithm that
constructs integral linear relations for n Z-linearly dependent real
numbers // J. Algorithms. 1987. V. 8 (1). P. 131142.
[118] Ferguson H. R. P., Bailey D. H., Arno S. Analysis of integer relation
nding algorithm // Math. Comp. 1999. V. 68 (225). P. 351369.
[119] Ferguson H. R. P., Forcade R. W. Generalization of the Eucledian
algorithm for real numbers to all dimensions higher than two //
Bull. Amer. Math. Soc. (N. S.). 1979. V. 1. P. 912914.
[120] Ferguson H. R. P., Forcade R. W. Multidimensional Eucledian
algorithms // J. Reine Angew. Math. 1982. V. 334. P. 171181.
[121] Fincke U., Pohst M. Improved methods for calculating vectors of
short length in a lattice, including acomplexity analysis // Math.
Comp. 1985. V. 44. P. 463471.
[122] Fleischmann P. Connections between the algorithms of Berlekamp
and Niederraiter for factoring polynomials over Fq // Linear Algebra
and Applications. 1993. V. 192. P. 101108.
[123] Fouvry E. Theoreme de Brun-Titchmarsh: application an theoreme
de Fermat // Invent. Math. 1985. V. 79. P. 383407.
[124] Garner H. The residue number system // IRE Transactions on
Electronic Computers. 1959. V. 8. P. 140147.
[125] Gianni P., Mora T. Algebraic solution of systems of polynomial
equations using Grbner bases // Applied algebra, algebraic
algorithms and error-correcting codes (Menorca, 1987). 1989.
(Lect. Notes in Comput. Sci.; V. 356). P. 247257.
[126] Goldwasser S., Kilian J. Almost all primes can be quickly
certied // Proc. 18-th Ann. ACM Symp. on Theory of Computing.
1986. P. 316329.
[127] Gordon D. Discrete logarithms in GF (p) using the number eld
sieve // SIAM J. Disc. Math. 1993. V. 6. P. 124138.
[128] Gordon D. M., McCurley K. S. Massively parallel computation
of discrete logarithms // Advances in Cryptology Crypto92 /
Ernest F. Brickell, editor. Berlin: Springer-Verlag, 1993. (Lect.
Notes in Comput. Sci.; V. 740). P. 312323.

311

[129] Hastad J., Just B., Lagarias J. C., Schnorr C. P. Polynomial time
algorithms for nding integer relations among real numbers //
SIAM J. Comput. 1989. V. 18. P. 859881.
[130] Hellman M. E., Reyneri J. M. Fast computation of discrete
logarithms in GF (q) // Advances in Cryptology CRYPTO82.
N. Y.: Plenum Press, 1983. P. 313.
[131] Herlestam T., Johannesson R. On computing logarithms over
GF (2p) // BIT. 1981. V. 21. P. 326336.
[132] Hong S. M., Oh S. Y., Yoon H. New modular multiplication
algorithms for fast modular exponentiation // Lect. Notes in
Comput. Sci. 1996. V. 1070. P. 166177.
[133] Izu T., Kogure J., Noro M., Yokoyama K. Ecient implementation
of Schoofs algorithm // Advances in cryptology ASIACRYPT98
(Beijing). 1998. (Lect. Notes in Comput. Sci.; V. 1514). P. 6679.
[134] Joux A., Lercier R. Improvements to the general number
eld sieve for discrete logarithms in prime elds. Preprint.
http://www.medicis.polytechnique.fr/~lercier.
[135] Joux A., Lercier R. Discrete logarithms in GF (p) / e-mail to the
NMBRTHRY mailing list, January 2001.
http://listserv.nodak.edu/archives/nmbrthry.html.
[136] Joux A., Lercier R. Discrete logarithms in GF (p) / e-mail to the
NMBRTHRY mailing list, April 2001.
http://listserv.nodak.edu/archives/nmbrthry.html.
[137] Kaltofen E. Polynomial factorization 19871991 // LATIN92
(So Paulo, 1992). 1992. (Lect. Notes in Comput. Sci.; V. 583).
P. 294313.
[138] Kaltofen E. Analysis of Coppersmiths block Wiedemann algorithm
for the parallel solution of sparce linear systems // Applied algebra,
algebraic algorithms and error-correcting codes (San Juan, PR,
1993). 1993. (Lect. Notes in Comput. Sci.; V. 673). P. 195212.
[139] Kaltofen E., Lobo A. Factoring high-degree polynomials by the
black box Berlekamp algorithm // Proceedings of ISSAC94. ACM
Press, 1994. P. 9098.
[140] Kaltofen E., Sanders B. D. On Wiedemanns method of solving
sparce linear systems // Applied algebra, algebraic algorithms and
error-correcting codes (New Orleans, LA, 1991). 1991. (Lect. Notes
in Comput. Sci.; V. 539). P. 2938.
[141] Kaltofen E., Shoup V. Fast polynomial factorization over high
algebraic extensions of nite elds // Proceedings of ISSAC97.
ACM Press, 1997. P. 184188.

312

[142] Kaltofen E., Shoup V. Subquadratic-time factoring of polynomials


over nite elds // Math. Comp. 1998. V. 67 (223). P. 11791197.
[143] Kannan R., Lenstra A. K., Lovasz L. Polynomial factorization
and nonrandomness of bits of algebraic and some transcendental
numbers // Math. Comp. 1988. V. 50 (181). P. 235250.
[144] Koblitz N. A course in number theory and cryptography. SpringerVerlag, 1987.
[145] Koblitz N. Elliptic curve cryptosystems // Math. Comp. 1987. V. 48.
P. 203209.
[146] Koblitz N. Algebraic aspects of cryptography. Springer-Verlag,
1998.
[147] Konyagin S., Shparlinski I. Linear complexity of discrete
logarithm. Preprint, December 2000.
[148] Konyagin S. V., Pomerance C. On primes recognizable in
deterministic polynomial time // Algorithms and combinatorics.
Springer-Verlag, 1997. (The mathematics of Paul Erds; V. 1).
P. 176198.
[149] LaMacchia B. Basis reduction algorithms and subset sum
problems / Thesis. MIT Artical Intelligence Lab., 1991.
[150] LaMacchia B., Odlyzko A. Solving large sparse linear systems
over nite elds // Advances in Cryptology CRYPTO90. 1990.
(Lecture Notes in Computer Science; V. 537). P. 109133.
[151] LaMacchia B. A., Odlyzko A. M. Computation of discrete
logarithm in prime elds // Des. Codes Cryptogr. 1991. V. 1.
P. 4762.
[152] Lambert R. Computational aspects of discrete logarithms / PhD
thesis. Univ. of Waterloo, Dept. Electrical Comp. Eng., 1996.
[153] Lanczos C. Solution of systems of linear equations by minimized
iterations // J. Res. Nat. Bur. Standards. 1952. V. 49. P. 3353.
[154] Lay G.-J., Zimmer H. G. Constructing elliptic curves with given
group order over large nite elds // Algorithmic number theory
(Ithaca, NY, 1994). 1994. (Lect. Notes in Comput. Sci.; V. 877).
P. 250263.
[155] Lazard D. Resolution des systems dequations algebraiques //
Theor. Comput. Sci. 1981. V. 15. P. 77110.
[156] Lazard D. Ideal basis and primary decomposition: case of two
variables // J. Symb. Comput. 1985. V. 1. P. 261270.
[157] Lazard D. Solving zero-dimensional algebraic systems // J. Symb.
Comput. 1992. V. 13. P. 117131.

313

[158] Lehman R. S. Factoring large integers // Math. Comp. 1974. V. 28.


P. 637646.
[159] Lenstra A. K., Lenstra H. W., editors. The development of the
number eld sieve. 1993. (Lecture Notes in Mathematics; V. 1554).
[160] Lenstra A. K., Lenstra H. W., Lovsz L. Factoring polynomials
with rational coecients // Math. Ann. 1982. V. 261. P. 515534.
[161] Lenstra A. K., Lenstra H. W., Manasse M. S., Pollard J. M. The
number eld sieve // Proc. 22nd ACM Symposium on Theory of
Computing. 1990. P. 564572.
[162] Lenstra A. K., Lenstra H. W., Manasse M. S., Pollard J. M. The
factorization of the ninth Fermat number // Math. Comp. 1993.
V. 61 (203). P. 319349.
[163] Lenstra A. K., Manasse M. S. Factoring with two large primes //
Math. Comp. 1994. V. 63. P. 785798.
[164] Lenstra H. W. Primality testing algorithms (after Adleman, Rumely
and Williams) // Bourbaki Seminar. V. 1980/81. 1981. (Lect. Notes
in Math.; V. 901). P. 243257.
[165] Lenstra H. W. Divisors in residue classes // Math. Comp. 1984.
V. 42 (165). P. 331340.
[166] Lenstra H. W. Elliptic curves and number-theoretic algorithms //
International Congress of Mathematicians. 1986. P. 99120.
[167] Lenstra H. W. Factoring integers with elliptic curves // Ann. Math.
1987. V. 126. P. 649673.
[168] Lenstra H. W. Finding isomorphisms between nite elds // Math.
Comp. 1991. V. 56 (193). P. 329347.
[169] Lenstra H. W., Pomerance C. A rigorous time bound for factoring
integers // J. Amer. Math. Soc. 1992. V. 5 (3). P. 483516.
[170] Lerch M. Zur Theorie des Fermatischen Quotienten
ap1 1
= q(a) // Math. Ann. 1905. V. 60. P. 471490.
p

[171] Lercier R. Algorithmique des courbes dans les corps nis / These.
LEcole Polytechnique, Laboratoire DInformatique, CNRC, Paris,
1997.
[172] Li T. Y. Solving polynomial systems // Math. Intelligencer. 1987.
V. 9. P. 3339.
[173] Lovorn Bender R. Rigorous, subexponential algorithms for discrete
logarithms in GF (p2) // SIAM J. Discrete Math., to appear.

314

[174] Lovorn Bender R., Pomerance C. Rigorous discrete logarithm


computations in nite elds via smooth polynomials //
Computational perspectives in number theory (Chicago, 1995).
Amer. Math. Soc., 1998. (AMS/IS Stud. Adv. Math.; V. 7).
P. 221232.
[175] Massey J. L. Shift-register synthesis and BCH decoding // IEEE
Trans. Inform. Theory. 1969. V. 15. P. 122127.
[176] McCurley K. S. The discrete logarithm problem // Cryptology and
computational number theory (Boulder, CO, 1989). Amer. Math.
Soc., 1990. (Proc. of Symp. Appl. Math.; V. 42). P. 4974.
[177] McCurley K. S. Odds and ends from cryptology and computational
number theory // Cryptology and computational number theory
(Boulder, CO, 1989). Amer. Math. Soc., 1990. (Proc. of Symp.
Appl. Math.; V. 42). P. 145166.
[178] McKee J. Speeding Fermats factoring method // Math. Comp.
1999. V. 68 (228). P. 17291737.
[179] Menezes A. Elliptic curve public key cryptosystems. Kluwer Acad.
Publ., 1993.
[180] Menezes A., Van Oorschot P. C., Vanstone S. A. Handbook of
applied cryptography. CRC Press, 1997.
[181] Menezes A., Qu M., Vanstone S. IEEE P1363 Standard, Part 4:
Elliptic curve systems, 1995.
[182] Menezes A. J., Vanstone S. A., Zuccherato R. J. Counting points
on elliptic curves over F2m // Math. Comp. 1993. V. 60 (201).
P. 407420.
[183] Mignotte M. An inequality about factors of polynomials // Math.
Comp. 1974. V. 28. P. 11531157.
[184] Mihailescu P. Cyclotomic primality proving recent
developments // Proceedings of ANTS-III. 1998. (Lect. Notes in
Comput. Sci.; V. 1423). P. 95110.
[185] Mihailescu P. Cyclotomy of rings and primality testing / PhD
thesis. Swiss Federal Institute of Technology, Zrich, 1998.
[186] Mihailescu P. Fast generation of provable primes using search in
arithmetic progressions. Preprint, 1998.
[187] Miller G. L. Riemanns hypothesis and tests for primality //
J. Comput. and Syst. Sci. 1976. V. 13. P. 300317. [:
. 1986. . 23. . 3150.]
[188] Miller V. Use of elliptic curves in cryptography // Advances in
cryptology CRYPTO85 (Santa Barbara, Calif., 1985). 1986.
(Lecture Notes in Comput. Sci.; V. 218). P. 417426.

315

[189] Miyaji A. Elliptic curves over Fp suitable for cryptosystems //


Advances in cryptology AUSCRYPT92 (Gold Coast, 1992).
1993. (Lect. Notes in Comput. Sci.; V. 718). P. 479471.
[190] Monier L. Evaluation and comparision of two ecient probabilistic
primality testing algorithms // Theor. Comput. Sci. 1980. V. 12.
P. 97108.
[191] Montgomery P. L. Modular multiplication without trial division //
Math. Comp. 1985. V. 44 (170). P. 519521.
[192] Montgomery P. L. Speeding the Pollard and elliptic curve methods
of factorization // Math. Comp. 1987. V. 48 (177). P. 243264.
[193] Montgomery P. L. A block Lanczos algorithm for nding
dependencies over GF (2) // Advances in Cryptology
EuroCrypt95 / Louis C. Guillou and Jean-Jacques Quisquater,
editors. Berlin: Springer-Verlag, 1995. (Lect. Notes in Comput.
Sci.; V. 921). P. 106120.
[194] Montgomery P. L., Silverman R. D. A FFT-extension to the p 1
factoring algorithm // Math. Comp. 1990. V. 54 (190). P. 839854.
[195] Morain F. Atkins test: news from the front. Preprint.
[196] Morain F. Elliptic curves, primality proving and some titanic
primes. Preprint.
[197] Morain F. Solving equations of small degree modulo large primes.
Preprint.
[198] Morain F. Distributed primality proving and the primality of
(23539 + 1) /3. Preprint, 1990.
[199] Morain F. Primality proving using elliptic curves: an update //
Proceedings of ANTS-III. 1998. (Lect. Notes in Comput. Sci.;
V. 1423). P. 111127.
[200] Morain F., Olivos J. Speeding up the computations on an elliptic
curve using addition-subtraction chains // Inform. Theor. et Appl.
1990. V. 24. P. 531544.
[201] Mullen G. L., White D. A polynomial representation for logarithms
in GF (q) // Acta Arithm. 1986. V. 47. P. 255261.
[202] Mller V. Ein Algorithmus zur Bestimmung der Punktzahl
elliptischer Kurvenber endlichen Krpern der Characteristic
grssen drei / PhD thesis, Universitt des Saarlandes, 1995.
[203] Murphy B. A. Modelling the yield of number eld sieve
polynomials // Proceedings of ANTS-III. 1998. (Lect. Notes in
Comput. Sci.; V. 1423). P. 137150.

316

[204] Murphy B. A. Polynomial selection for the number eld sieve


integer factorisation algorithm / PhD thesis. Australian National
University, July 1999.
[205] Murphy B. A., Brent R. P. On quadratic polynomials for the number
eld sieve // Austral. Comput. Sci. Comm. 1998. V. 20. P. 199213.
[206] Niederreiter H. A new ecient factorization algorithm for
polynomials over small nite elds // Appl. Algebra Engrg. Comm.
Comput. 1993. V. 4. P. 8187.
[207] Niederreiter H., Gttfert R. Factorization of polynomials over nite
elds and characteristic sequences // J. Symbolic Computation.
1993. V. 16 (5). P. 401412.
[208] Odlyzko A. Discrete logarithms and smooth polynomials //
Contemp. Math. 1994. V. 168. P. 269278.
[209] Odlyzko A. Discrete logarithms: the past and the future // Designs,
Codes and Cryptography. 2000. V. 19. P. 129145.
[210] Odlyzko A. M. Discrete logarithms in nite elds and their
cryptographic signicance // Advances in Cryptology: Proceedings
of EuroCrypt84 / Thomas Beth, Norbert Cot, and Ingemar
Ingemarsson, editors. Berlin: Springer-Verlag, 1984. (Lect. Notes
in Comput. Sci.; V. 209). P. 224316.
[211] Odlyzko A. M. The future of integer factorization // CryptoBytes.
1995. V. 1 (2). P. 512.
[212] Parkinson D., Wunderlich M. A compact algorithm for Gaussian
elimination over GF (2) implemented on highly parallel computers //
Parallel Computing. 1984. V. 1. P. 6573.
[213] Peralta R. Implementation of the hypercube multiple polynomial
sieve. Preprint.
[214] Plaisted D. A. Fast verication, testing and generation of large
primes // Theoret. Comp. Sci. 1979. V. 9. P. 116. Errata in: 1981.
V. 14. P. 345.
[215] Pohlig S., Hellman M. An improved algorithm for computing
logarithms over GF (p) and its cryptographic signicance // IEEE
Trans. Inform. Theory. 1978. V. 24. P. 106110.
[216] Pohst M. A modication of the LLL-reduction algorithm //
J. Symb. Comp. 1987. V. 4. P. 123128.
[217] Pohst M., Zassenhaus H. Algorithmic algebraic number theory.
Cambridge University Press, 1989.
[218] Pollard J. M. Theorems on factorization and primality testing //
Proc. Cambridge Phil. Soc. 1974. V. 76. P. 521528.

317

[219] Pollard J. M. A Monte Carlo method for factorization // BIT. 1975.


V. 15. P. 331334.
[220] Pollard J. M. Monte Carlo methods for index computation
(mod p) // Math. Comp. 1978. V. 32 (143). P. 918924.
[221] Pomerance C. Analysis and comparision of some integer
factoring algorithms // Computational methods in number theory.
V. 1 / H. W. Lenstra and R. Tijdeman, editors. Amsterdam, 1982.
P. 89139.
[222] Pomerance C. The quadratic sieve factoring algorithm // Advances
in cryptology (Paris, 1984). 1985. (Lecture Notes in Comput. Sci.;
V. 209). P. 169183.
[223] Pomerance C. Fast, rigorous factorization and discrete
logarithms // Discrete Algorithms and complexity / A. Nozaki
D. S. Johnson, T. Nishizeki and H. S. Wilf, editors. Orlando: Acad.
Press, 1987. P. 119144.
[224] Pomerance C. Very short primality proofs // Math. Comp. 1987.
V. 48 (177). P. 315322.
[225] Pomerance C. Factoring // Proc. of Symp. Appl. Math. 1990. V. 42.
P. 2447.
[226] Pomerance C. The number eld sieve // Proc. of Symp. Appl. Math.
1994. V. 48. P. 465480.
[227] Pomerance C. A tale of two sieves // Notices Amer. Math. Soc.
1996. V. 43. P. 14731485.
[228] Pomerance C., Selfridge J. L., Wagsta S. S. The pseudoprimes
to 2.5 109 // Math. Comp. 1980. V. 36 (151). P. 10031026.
[229] Pomerance C., Smith J. W., Tuler R. A pipeline architecture for
factoring large integers with the quadratic sieve algorithm // SIAM
J. Comput. 1988. V. 17 (2). P. 387403.
[230] Rabin M. Probabilistic algorithms for testing primality // J. Number
Theory. 1980. V. 12. P. 128138.
[231] Ribenboim P. The book of prime number records. Springer-Verlag,
1988.
[232] Ribenboim P. The new book of prime number records. SpringerVerlag, 1996.
[233] Riesel H. Prime numbers and computer methods for factorization.
Birkhauser, 1985. (Progr. in Math.; V. 57).
[234] Riesel H. Some soluble cases of the discrete logarithm problem //
BIT. 1988. V. 28 (4). P. 839851.

318

[235] Satoh T., Araki K. Fermat quotients and polynomial time discrete
log algorithm for anomalous elliptic curves // Comment. Math.
Univ. Sancti Pauli. 1998. V. 47. P. 8192.
[236] Schirokauer O. Discrete logarithms and local units. Phil. Trans.
R. Soc. Lond. A. 1993. V. 345. P. 409423.
[237] Schirokauer O. Using number elds to compute discrete logarithms
in nite elds // Math. Comp. 2000. V. 69. P. 12671283.
[238] Schirokauer O., Weber D., Denny T. Discrete logarithms: the
eectiveness of the index calculus method // Proceedings of ANTSII. 1996. (Lect. Notes in Comput. Sci.; V. 1122). P. 337362.
[239] Schnorr C. P. A more ecient algorithm for lattice basis
reduction // J. Algorithms. 1988. V. 9. P. 4762.
[240] Schnorr C. P., Euchner M. Lattice basis reduction: improved
practical algorithms and solving subset sum problems //
Fundamentals of computation theory (Gosen, 1991). 1991. (Lect.
Notes in Comput. Sci.; V. 529). P. 6885.
[241] Schnorr C. P., Lenstra H. W. A Monte-Carlo factoring algorithm
with linear storage // Math. Comp. 1984. V. 43. P. 289312.
[242] Schnhage A. The fundamental theorem of algebra in terms
of computational complexity / Preliminary report, 1982. Math.
Institute Univ. Tbingen.
[243] Schnhage A., Grotfeld A. F. W., Vetter E. Fast algorithms:
a multitape Turing mashine implementation. Mannheim: BIWissenschaftsverlag, 1994.
[244] Schoof R. Elliptic curves over nite elds and the computation of
square roots modp // Math. Comp. 1985. V. 44. P. 483494.
[245] Schoof R. Counting points on elliptic curves over nite elds //
J. Theorie des Nombres des Bordeaux. 1995. V. 7. P. 219254.
[246] Sedgewick R., Szymanski T. G., Yao A. C. The complexity of
nding cycles in periodic functions // SIAM J. Comput. 1982.
V. 11 (2). P. 376390.
[247] Semaev I. A. An algorithm for evaluation of discrete logarithms
in some nonprime nite elds // Math. Comp. 1998. V. 67.
P. 16791689.
[248] Shanks D. Class number, a theory of factorization and genera //
Proc. Symp. Pure Math. V. 20. Providence, R. I.: AMS, 1971.
P. 415440.
[249] Shoup V. The deterministic complexity of factoring polynomials
over nite elds // Inform. Process. Lett. 1990. V. 33 (5).
P. 261267.

319

[250] Shoup V. New algorithm for nding irreducible polynomials over


nite elds // Math. Comp. 1990. V. 54. P. 435447.
[251] Shoup V. Searching for primitive roots in nite elds // Math.
Comp. 1992. V. 58 (197). P. 369380.
[252] Shoup V. Fast construction of irreducible polynomials over nite
elds // J. Symbolic Comput. 1994. V. 17 (5). P. 371391.
[253] Shoup V. A new polynomial factorization algorithm and its
implementation // J. Symbolic Comput. 1995. V. 20. P. 364397.
[254] Shoup V. Lower bounds for discrete logarithms and related
problems // Advances in Cryptology EuroCrypt97 / Walter
Fumy, editor. Berlin: Springer-Verlag, 1997. (Lect. Notes in
Comput. Sci.; V. 1233). P. 256266.
[255] Shparlinski I. E. Number theoretic methods in cryptography:
Complexity lower bounds. Birkhuser, 1999.
[256] Silverman J. H. The arithmetic of elliptic curves, Springer-Verlag,
1986. (Graduate Texts in Mathematics; V. 106).
[257] Silverman J. H. Advanced topics in the arithmetic of elliptic curves.
Springer-Verlag, 1994. (Graduate Texts in Mathematics; V. 151).
[258] Silverman R. D. The multiple polynomial quadratic sieve // Math.
Comp. 1987. V. 48 (177). P. 329339.
[259] Silverman R. D. Fast generation of random strong RSA primes.
Preprint. RSA Laboratories, 1997.
[260] Silverman R. D., Wagsta S. S. A practical analysis of the elliptic
curve factoring algorithm // Math. Comp. 1993. V. 61. P. 445462.
[261] Solinas J. A. An improved algorithm for arithmetic on a family
of elliptic curves // Advances in Cryptology Crypto97 / Burt
Kaliski, editor. Berlin: Springer-Verlag, 1997. (Lecture Notes in
Computer Science; V. 1294). P. 357371.
[262] Solovay R., Strassen V. A fast Monte-carlo test for primality //
SIAM J. Comput. 1977. V. 6. P. 8485. Errata in: 1978. V. 7.
P. 117.
[263] Stewart I., Tall D. Algebraic number theory. LondonN. Y.:
Chapman and Hall, 1986.
[264] Strassen V. Einige Resultate ber Berechnungskomplexitt //
Jahresber. Deutsch. Math.-Verein. 1976/77. V. 78. P. 18.
[265] te Riele H. 227-digit SNFS factorization.
ftp://ftp.cwi.nl/pub/herman/SNFSgiants/SNFS-227,
January 2002.

320

[266] te Riele H. J. J., Lioen W., Winter D. Factoring with the quadratic
sieve on large vector computers // Belgian J. Comp. Appl. Math.
1989. V. 27. P. 267278.
[267] Teske E. Speeding up Pollards rho method for computing discrete
logarithms // Proceedings of ANTS-III. 1998. (Lect. Notes in
Comput. Sci.; V. 1423). P. 541554.
[268] Teske E. Square root algorithms for the discrete logarithm problem
(a survey). Preprint, January 2001.
[269] Thom E. Computation of discrete logarithms in GF (2607) //
Advances in Cryptology AsiaCrypt2001. 2001. (Lect. Notes in
Comput. Sci.; V. 2248). P. 107124.
[270] Thom E. Discrete logarithms in GF (2607). e-mail to the
NMBRTHRY mailing list, February 2002.
http://listserv.nodak.edu/archives/nmbrthry.html.
[271] Turk J. W. M. Fast arithmetic operations on numbers and
polynomials // Computational methods in number theory.
V. 2 / H. W. Lenstra and R. Tijdeman, editors. Amsterdam, 1982.
P. 4354.
[272] von zur Gathen J., Shoup V. Computing Frobenius maps
and factoring polynomials // Comput. Complexity. 1992. V. 2.
P. 187224.
[273] Voorhoeve M. Factorization algorithms of exponential order //
Computational methods in number theory. V. 1 / H. W. Lenstra and
R. Tijdeman, editors. Amsterdam, 1982. P. 7988.
[274] Weber D. An implementation of the general number eld sieve to
compute discrete logarithms modp // Advances in Cryptology
EuroCrypt95 / Louis C. Guillou and Jean-Jacques Quisquater,
editors. Berlin: Springer-Verlag, 1995. (Lecture Notes in Computer
Science; V. 921). P. 95105.
[275] Weber D. Computing discrete logarithms with the general number
eld sieve // Proceedings of ANTS-II. 1996. (Lect. Notes in
Comput. Sci.; V. 1122). P. 391404.
[276] Weber D. On the computation of discrete logarithms in nite prime
elds / PhD thesis. Univ. des Saarlandes, Saarbrcken, 1997.
[277] Weber D. Computing discrete logarithms with quadratic number
rings // Advances in Cryptology EUROCRYPT98. SpringerVerlag, 1998. (Lect. Notes in Comput. Sci.; V. 1403). P. 171183.
[278] Weber D., Denny T. The solution of McCurleys discrete log
challenge // Advances in Cryptology CRYPTO98. SpringerVerlag, 1998. (Lect. Notes in Comput. Sci.; V. 1462). P. 458471.

321

[279] Weber K. An experiment in high-precision arithmetic on shared


memory multiprocessors // ACM SIGSAM Bull. 1990. V. 24 (2).
P. 2244.
[280] Western A. E., Miller J. C. P. Tables of indices and primitive roots.
Cambridge University Press, 1968. (Royal Society Mathematical
Tables; V. 9).
[281] Wiedemann D. H. Solving sparce linear equations over nite
elds // IEEE Trans. Inform. Theory. 1986. V. 32 (1). P. 5462.
[282] Williams H. C. Some algorithms for solving xq N (mod p) //
Proc. 3rd South East Conf. on Combinatorics, Graph Theory and
Computing. 1972. P. 451462.
[283] Williams H. C. A p + 1 method of factoring // Math. Comp. 1982.
V. 39 (159). P. 225234.
[284] Williams H. C. Factoring on a computer // Math. Intell. 1984.
V. 6 (3). P. 2936.
[285] Williams H. C., Wunderlich M. C. On the parallel generation of
the residues for the continued fraction factoring algorithm // Math.
Comp. 1987. V. 48 (177). P. 405423.
[286] Wu H. Ecient computations in nite elds with cryptographic
signicance / PhD thesis. Univ. of Waterloo, Waterloo, Ontario,
Canada, 1998.
[287] Wu H. Montgomery multiplier and squarer in GF (2n) / Technical
report, Univ. of Waterloo, The Centre for applied cryptographic
research, May 2000.
[288] Wu H. On computation of polynomial modular reduction / Technical
report, Univ. of Waterloo, The Centre for applied cryptographic
research, June 2000.
[289] Wu H. On modular reduction / Technical report, Univ. of Waterloo,
The Centre for applied cryptographic research, June 2000.
[290] Zayer J. Factorisieren mit dem Number Field Sieve / PhD thesis,
Universitt der Saarlandes, 1995.
[291] Zierler N. A conversion algorithm for logarithms on GF (2n) //
J. Pure and Appl. Algebra. 1974. V. 4. P. 353356.
[292] Zuras D. On squaring and multiplying large integers // Proceedings
of 11th IEEE Symp. Comp. Arith. IEEE Press, 1993. P. 260271.

21 . .


(P + 1)- 74
(P 1)- 60
- 147
- 62
- 132
B- 9
B-- 9
f- 172
j- 109

47

48
79
292
292
87
139
291

134
LLL- 185
194
228 281
281
195
299
MLLL- 197
68
46

93
186
272
index-calculus 137

133

201

43
200
47

47

236
- 185

173
30
288
300
299
130
83
9

181
73
287
LLL-
190
270

f(x) = 0 GF (p) 162


93
130
167
259
203
57
253
65
92
291
114
138

LLL- 188
187
185

187
186
107
75

241
257

206
271
232

280
280
195
186

129
21*

323

1- 239
2- 239
129
9
n- 297
298
297
298
297
297

98

129

12
13
295
296
296
294
282

295
217
129

SQUFOF 75
301
177
258
12
75
115

324

232
217
186

140
13

107
218

295
295
294
294
8
9
9
9
293

232
EAS 82
LP 81
PS 82
9
44

108
186
12

294
227
228
9
9
(P 1)- 60
- 62
294
282
28
271
294
88
12
97
97
283

201
149
32
179
186
93

98
294
293
294
109
253
294
299
38
37

271

78
114
33, 145
294

201

146
B- 9, 96
B-- 9
232
43
16
15
43

232
56

325

14
15
295


144

296
9
107
13

295


-
. .


01335 24.03.2000 .
07.10.2003 . 60 90 1/16. 1.
. . . . 20.5. 1000 .
.

119002, , ., 11
- .
140010, . ., -, 403. . 554 21 86
,
., . 11. . 241 72 85. E-mail: biblio@mccme.ru