Chapter III: The P -scheme algorithm
3.4 Main algorithm
We present the main body of the P-scheme algorithm in this section. Its input contains a collection of number fields that are isomorphic to subfields of L. In order to avoid duplicate data, we assume that these number fields are mutually non-isomorphic. This is formalized by the following definition:
Definition 3.3((Q, g)-subfield system). Letg(X)be a polynomial inQ[X]with the splitting fieldL(g)overQ. LetF be a collection of number fields such that (1) the fields inF are mutually non-isomorphic, and (2) each field K0 ∈ F is isomorphic to a subfield ofL(g). We sayF is a(Q, g)-subfield system.
Given a (Q, g)-subfield system, we define a subgroup system over Gal(g/Q) as follows.
Definition 3.4. Letg(X)be a polynomial inQ[X]with the splitting fieldL(g)over Q. LetF be a(Q, g)-subfield system. DefineP]to be the poset of subfields ofL(g) that includes all the fields isomorphic to those inF:
P]:={K0 ⊆L(g) :K0 ∼=K for someK ∈ F }.
By Galois theory, it corresponds to a posetP of subgroups ofGal(g/Q), given by P :=
H ⊆Gal(g/Q) : (L(g))H ∈ P]
which is closed under conjugation in Gal(g/Q), and hence is a subgroup system overGal(g/Q). We sayP andP]areassociated withF.
The pseudocode of the algorithm is given in Algorithm 2 below. Its input is the prime number p and a (Q,f˜)-subfield system F. We fix P to be the subgroup system overG= Gal( ˜f /Q)associated withF.
The algorithm outputs, for every K ∈ F, the ringO¯K and an idempotent decom- positionIK ofO¯K, together with the auxiliary data of ap-maximal orderO0K and the related maps OK0 ,→ K, O0K → O¯K. We will see below that the idempotent decompositionsIK altogether determine aP-collection, which is guaranteed to be a strongly antisymmetricP-scheme when the algorithm terminates.
The first half (Lines 1–7) of the algorithm is the preprocessing stage, where we computeO¯KforK ∈ Fand the ring homomorphisms between them that are induced from the field embeddings. For each K ∈ F, we also initialize the idempotent decompositionIK ofO¯K to be the trivial one containing only the unity ofO¯K. The second half (Lines 8–12) is the “refining” stage. To understand it, we need to associate aP-collectionCwith the idempotent decompositionsIK. By Lemma 3.12, we knowpsplits completely inF. So it also splits completely in every subfield of L. In particular, for a fieldK inP]orF, the quotient ringO¯K is semisimple.
For eachH ∈ P, we define a partitionCH of the coset spaceH\Gas follows: Let K be the unique field inF isomorphic toLH. Fix an isomorphismτH :K →LH, which induces a ring isomorphismτ¯H : ¯OK →O¯LH. DefineIH := ¯τH(IK), which is an idempotent decomposition of O¯LH. By Definition 3.2, it corresponds to a
Algorithm 2ComputePscheme
Input: prime numberp,(Q,f)˜-subfield systemF
Output: for eachK ∈ F: O¯K, idempotent decompositionIK ofO¯K, p-maximal orderOK0 ofK and mapsOK0 ,→K,O0K →O¯K
1: forK ∈ F do
2: callComputeQuotientRingto computeO¯F, ap-maximal orderO0K ofK and mapsOK0 ,→K,O0K →O¯K
3: IK ← {1}, where1denotes the unity ofO¯K
4: for(K, K0)∈ F2 do
5: callComputeEmbeddingsto compute all the embeddings fromK toK0
6: forembeddingφ :K ,→K0 do
7: callComputeRingHomto computeφ¯: ¯OK →O¯K0 induced fromφ
8: repeat
9: callCompatibilityAndInvarianceTest
10: callRegularityTest
11: callStrongAntisymmetryTest
12: untilIKremains the same in the last iteration for allK ∈ F
13: returnO¯K,IK,OK0 and the mapsOK0 ,→K,O0K →O¯K forK ∈ F
partitionP(IH)ofH\G.7 And we define
CH :=P(IH).
Finally, define theP-collectionC by
C :={CH :H ∈ P}.
We call several subroutines to update IK in Lines 9–11, whose effects can be understood in terms ofC:
Lemma 3.13. There exists a subroutineCompatibilityAndInvarianceTestthat updates IK in time polynomial in logp and the size of F so that the partitions CH ∈ C are refined, and at least one partition CH is properly refined if C is not compatible or invariant.
7Definition 3.2 is made with respect to a fixed prime idealQ0ofOLlying overp. This ideal is chosen at the beginning of Section 3.3.
Lemma 3.14. There exists a subroutineRegularityTestthat updatesIK in time polynomial inlogpand the size ofF so that the partitionsCH ∈ Care refined, and at least one partitionCH is properly refined ifC is compatible but not regular.
Lemma 3.15. Under GRH, there exists a subroutine StrongAntisymmetryTest that updatesIK in time polynomial inlogpand the size ofF so that the partitions CH ∈ C are refined, and at least one partition CH is properly refined if C is a P-scheme, but not strongly antisymmetric.
We will describe these subroutines and prove the lemmas above in the next three sections. For now we just assume them and prove the main result of this section:
Theorem 3.8(Theorem 3.1 restated). Under GRH, the algorithmComputePscheme runs in time polynomial in the size of the input, and when it terminates, the P- collectionC is a strongly antisymmetricP-scheme.
Proof. We first analyze the running time. As each fieldK ∈ F is encoded by a rational polynomial of degree [K : Q], the total degree N := P
K∈F[K : Q] is bounded by the size ofF. The loops in Lines 1–3 and Lines 4–7 iterate|F | ≤ N and|F2| ≤N2times respectively. For each(K, K0)∈ F2, there are at most[K :Q] embeddings fromK toK0, and hence the inner loop in Lines 6–7 iterates at most [K :Q]times for each fixed(K, K0).
For the loop in Lines 8–12, we consider K ∈ F and pick H ∈ P so that LH is isomorphic to K. By Lemma 3.5, the number of idempotents in IK equals the number of blocks inCH, and this number increases every timeIK is changed by the subroutines. On the other hand, the number of idempotents inIKis at most[K :Q]. So the loop in Lines 8–12 iteratesO(N)times. The claim about the running time easily follows.
Finally, note that the algorithm exits the loop in Lines 8–12 after an iteration iff all of the idempotent decompositions IK remain the same in that iteration, in which caseC is already a strongly antisymmetricP-scheme by Lemma 3.13, Lemma 3.14 and Lemma 3.15.
Remark. The input of the the algorithm containsF whose size may be much greater than that of f andf˜. Therefore, the polynomiality of this algorithm in the size of its input doesnotimply that polynomial factoring over finite fields can be solved in
(deterministic) polynomial time. It does suggest, however, that the total degree of the fields inF overQis the bottleneck of our factoring algorithm.