- Email: [email protected]
A Remark on the Minimal Polynomial of the Product of Linear Recurring Sequences
FINITE FIELDS AND THEIR APPLICATIONS ARTICLE NO.
4, 87—97 (1998)
FF970203
A Remark on the Minimal Polynomial of the Product of Linear Recurring Sequences* Emrah hakiak Department of Mathematics, Middle East Technical University, 06531 Ankara, Turkey E-mail: [email protected] Communicated by Harald Niederreiter Received May 15, 1997; revised October 29, 1997
By using the techniques given by R. Go¨ttfert and H. Niederreiter (Finite Fields Appl. 1 (1995) 204—218), we give a better lower bound on the linear complexity of the product of two linear recurring sequences. ( 1998 Academic Press
1. INTRODUCTION The determination of the minimal polynomial of the termwise product of two linear recurring sequences is a basic problem in the theory of stream ciphers. There are mainly two results in the literature given by Zierler and Mills [4] and Go¨ttfert and Niederreiter [2]. Our result is an improvement of the latter. We now give the basic terminology and summarize some of the results in [2]. Let F be an arbitrary field. Let F= be the space of sequences over F. Let E be the linear shift operator on F=, defined as for p"(s )= 3 F= . Ep"(s )= n n/0 n`1 n/0 A sequence p3F= is a linear recurring sequence over F if p satisfies an equation of the form f (E)p"0,
(1)
* This work is a part of my M.Sc. thesis which is carried out under the guidance of Professor Ersan Akyıldız. We give further results following from the paper by R. Go¨ttfert and H. Niederreiter [2]. 87 1071-5797/98 $25.00 Copyright ( 1998 by Academic Press All rights of reproduction in any form reserved.
88
EMRAH hAKhAK
where f (x) is a monic polynomial over F. The solution space of Eq. (1) in F= is denoted by S ( f ). For a linear recurring sequence p over F, its minimal F polynomial m 3 F [x] is defined to be the least degree monic polynomial p f 3 F [x] such that p satisfies Eq. (1). The linear complexity of p is defined to be ¸(p)"deg(m ). For a monic polynomial f 3 F [x] let M ( f ) be the set of all p F linear recurring sequences over F with minimal polynomial f. Let us emphasize, also, the following fact that we will use at a couple of crucial points in our main results: the sum of a sequence with minimal polynomial (x!1)c1 and a sequence with minimal polynomial (x!1)c2 has minimal polynomial (x!1)max Mc1 , c2 N , provided c Oc . Further background on linear recurring 1 2 sequences can be found in [3, Chap. 6]. The details of the following discussion can be found in [2]. For each i50, let t denote the sequence i
AA BB
t" i
n i
=
.
n/0
These sequences have the following properties: (i) (E!1)t "t , i51 , i i~1 (ii) t Ej t "(i`j ) Ej t , i, j50. i i`j i j Using property (i), we get Ekt 3M ((x!1)i`1), i, k50, i F
(2)
and
AB
j j Ej t " + t , 04j4l. l k l~j`k k/0
(3)
Note that (2) implies that the sets Mt D04i4cN and MEj t D04j4cN are i j bases for S ((x!1)c`1). F DEFINITION 1.1. For two positive integers a, b, let asb be the maximum value of i#j#1 such that (i`j ) O 0 (in F), where 04i4a!1 and i 04j4b!1. The operation s depends on the characteristic of the field F and has the following properties: (i) max(a, b))asb)a#b!1, (ii) asb"a#b!1 if and only if (a`b~2 )O0. a~1
LINEAR RECURRING SEQUENCES
89
LEMMA 1.2. For given positive integers a and b, let p3M ((x!1)a) and F q3M ((x!1)b). ¹hen the minimal polynomial m 3F [x] of the product pq is F pq in the form m (x)"(x!1)c where 04c4asb. Furthermore, pq (i) the linear complexity ¸(pq)"c of pq is equal to a#b!1 if and only if (a`b~2 )O0; a~1 (ii) in the case (a`b~2 )"0, there exist sequences p , p 3 M ((x!1)a) and a~1 1 2 F q , q 3M ((x!1)b) such that p q "0 and p q 3M ((x!1)a s b). 1 2 F 1 1 2 2 F Let f (x) and g(x) be nonconstant monic polynomials over F. Without loss of generality we may assume that f (0)g(0)O0 (as in [2]). Let E be the splitting field of fg over F, and let a , 2 , a 3E and b , 2 , b 3 E be the 1 r 1 s distinct roots of f and g with multiplicities a , 2 , a and b , 2 , b , respec1 r 1 s tively. Let C"M(i, j)3N2 D 14i4r, 14j4sN, and let c , 2 , c be the distinct elements of the set Ma b D (i, j) 3 CN. We 1 t i j decompose C into pairwise disjoint subsets C "M(i, j)3C D a b "c N, 14d4t, d i j d and then define for each d"1, 2, 2 , t, the integers e " max (a s b ), d (i, j)3C i j
(4)
d
and the set D"Md 3 M1, 2 , tND C contains an ordered pair (i, j ) for d a #b !2 j )O0 and a s b (a s b for all (k, l) 3 C which ( i a !1 i k l i j d with (k, l) O (i, j)N . (5) Let t Z ( f, g) (x)" < (x!c )ed d d/1
(6)
A( f, g) (x)" < (x!c )ed . d d3D
(7)
and
90
EMRAH hAKhAK
The polynomial Z( f, g) was first introduced in an equivalent form by Zierler and Mills [4]; and the polynomial A( f, g) is introduced by Go( ttfert and Niederreiter [2]. THEOREM 1.3. ¸et f (x) and g(x) be nonconstant monic polynomials over F with f (0)g(0)O0. ¹hen for all p3M ( f ) and q3M (g), the minimal F F polynomial m 3 F [x] of the product sequence pq is divisible by the polynomial pq A( f, g)3F[x] and divides the polynomial Z( f, g)3F [x]. In particular, for the linear complexity ¸(pq) of pq we have ¸(pq)5deg (A( f, g)).
2. THE MAIN RESULTS We start this section with the definition of the set J(a, b), associated to any two positive integers a and b. This set plays a crucial role in the paper. DEFINITION 2.1. For two positive integers a, b , let J(a, b) be the set of integers k with 04k4a s b, such that (x!1)k is the minimal polynomial of the product sequence pq for some p3MFM ((x!1)a) and q3MFM ((x!1)b) (here FM denotes the algebraic closure of the field F). By Lemma (1.2), if (a`b~2 )O0 then J(a, b) has only one element, namely a~1 J(a, b)"Ma#b!1N; also if (a`b~2 )"0 then both 0 and a s b are elements a~1 of J(a, b). In the next section we will give an example (Example (3.1)) that, the set J(a, b) is not equal to whole set of integers M0, 1, 2 , asbN; i.e., there is a k3M0, 1, 2 , asbN such that (x!1)k does not appear as the minimal polynomial of any product sequence pq, where p3MFM ((x!1)a) and q3MFM ((x!1)b). For each d"1, 2 , t, let C* consists of the pairs (k, l)3C satisfying d d (i) J (a , b )"Ma #b !1N, and k l k l (ii) for each integer c5a #b !1, there exists at most one pair (i, j )3C k l d with c3J (a , b ). i j We now define the polynomial t B( f, g) (x)" < (x!c )cd , d d/1 where for each d"1, 2 , t,
G
c" d
max (a #b !1), if C* O0, k l d
(k, l) 3 C * d
0,
if C*"0 . d
(8)
LINEAR RECURRING SEQUENCES
91
Note that if d3D (D is defined in (5)), then the set C* is not empty and the d integer e (defined in (4)) equals c . Therefore we have d d A( f, g) D B( f, g) . Also A ( f, g)"B( f, g) if and only if C* O 0 8 d 3 D. d
(9)
We also would like to note that, if for each (i, j )3C, J(a , b ) either equals i j Ma #b !1N or M0, 1, 2 , a s b N, then condition (9) holds. We summarize i j i j these facts in the following theorem. THEOREM 2.2. ¸et f (x) and g(x) be nonconstant monic polynomials over F with f (0) g(0)O0. ¹hen for all p3M ( f ) and q 3 M (g), the minimal F F polynomial m 3 F [x] of the product sequence pq is divisible by B( f, g). pq Proof. Let p and q be as in the theorem and let E be the splitting field of fg over F. If we view p and q as sequences in E, then by the direct-sum decomposition for linear recurring sequences they can be written in the form s r p" + m (an )= , q" + f (bn )= , j j n/0 i i n/0 j/1 i/1 where m 3M ((x!1)ai ) for 14i4r and f 3 M ((x!1)bj ) for 14j4s. It i E j E follows that t pq" + d/1
A
B
+ m f (cn )= . d n/0 i j
(i, j)3C d
Let d3M1, 2 , tN be such that C* O0. By the definition of the set C* , there is d d one and only one pair (k, l)3C such that d c "a s b "a #b !1. d k l k l We write the sum
+ (i, j)3C
d
m f as h #h , where i j 1 2
h "m f # 1 k l
+
(i, j) 3 C d !1 a sb (a #b i j k l
h " 2
+
(i, j) 3 C d !1 a sb 'a #b i j k l
mf. i j
mf, i j
92
EMRAH hAKhAK
Now, the minimal polynomial of h is (x!1)ak#bl!1 . We note that the 1 minimal polynomial of each m f with (i, j)3C and a s b 'a #b !1 is i j d i j k l (x!1)c for some c3J(a , b ). On the other hand, it follows from the definii j tion of C* that the minimal polynomial of h is (x!1)c, where c is either d 2 strictly greater or strictly less than a #b !1. In each case the minimal k l polynomial of the sum + (i, j)3C m f is divisible by (x!1)ak#bl!1 . Therefore, d i j the polynomial B( f, g) divides the minimal polynomial of pq in E [x]. It remains to show that B( f, g) is a polynomial over F. We leave the reader to check that the same arguments in the proof of [2, Theorem 1] used to show A( f, g) and Z( f, g) are polynomials over F work here too. j For each d"1, 2 , t, if the set C* is nonempty, then the lower bound on d the linear complexity of the product pq with p3M ( f ) and q3M (g) given F F in Theorem (2.2) is the best one and is attained by the minimal polynomial of pq for some p3M ( f ) and q3M (g). We state this in the following corollary. F F COROLLARY 2.3. ¸et f (x) and g(x) be nonconstant monic polynomials over F with f (0) g(0)O0. Assume that, for each d"1, 2 , t , the set C* is nonempty. d ¹hen there exist p3M ( f ) and q3M (g) such that the minimal polynomial of F F the sequence pq is B( f, g). Proof. As in the proof of Theorem 2 in [2], we construct two sequences p3M ( f ) and q3M (g) as follows: let F F r p" + ta !1 Ep i i i/1 and s q" + E bj!1 tb !1 q , j j j/1 where p , q 3E= form the sequence associated to the roots a , b with i j i j p "(an )= , q "(bn )= . We refer the reader to the proof of [2, Theorem 2] i i n/0 j j n/0 (or alternately [1, pp. 39—41]) to see that these sequences are indeed in F= (the shift E in the definition of p is needed for this proof ). The product pq has the form t pq" + d/1
A
+ a i (i, j)3C d
A
B
B
a #b !2 i j E bj!1 ta #b !2 (cn )= . i j d n/0 a !1 i
For each d"1, 2 , t and each (i, j) 3 C , the minimal polynomial of d a
i
A
B
a #b !2 i j E bj!1 ta #b !2 i j a !1 i
93
LINEAR RECURRING SEQUENCES
!2 !2 j j is either 1 (if ( ai#b )"0) or (x!1)ai#bj!1 (if ( ai#b )O0). Now, for each a !1 a !1 i i d"1, 2 , t, since C* O 0, we obtain d
G
c "max a #b !1 D (i, j)3C and d i j d
A
B H
a #b !2 i j O0 , a !1 i
and a unique pair (k, l)3C such that c "a #b !1. But this implies that d d k l the minimal polynomial of + a (i, j)3C d
i
A
B
a #b !2 i j E bj!1 ta #b !2 i j a !1 i
is (x!1)cd . Thus the minimal polynomial of pq is B( f, g).
j
3. EXAMPLES In this section we will compute the set J(3, 5) in the field F and see that this 3 set is equal to M0, 3, 4, 5, 6N. Then using this information we will give an example that the lower bound given in Theorem (2.2) is, in general, better than the lower bound given in [2, Theorem 1] (see Theorem (1.3)). Before passing to the examples let us find a formula for the coefficients, f , of the product l a s b!1
pq" + f t l l l/0 of two sequences, a~1 b~1 p" + c t 3 S ((x!1)a) , q" + d Ej t 3 S ((x!1)b), i i F j j F i/0 j/0 in terms of a, b and the coefficients c , d . We may assume 14a4b; then we i j have a~1 b~1 pq" + + c d t Ej t , i j i j i/0 j/0
A B
a~1 b~1 i#j "+ + cd Ej t . i j i`j i i/0 j/0
94
EMRAH hAKhAK
From the identity (3) we get Ejt "+j ( j ) t , and using the identity i`j k/0 k i`k
A BA B A BA B i#j i
j i#k " k i
i#j i#k
for i, j, k50
we obtain
A BA B
a~1 b~1 j i#k pq" + + c d + i j i i/0 j/0 k/0
i#j t . i`k i#k
(10)
Now for a fixed l, we will compute the coefficient of t in (10). For this, we l shall look at the indices i, j, k which satisfy i#k"l. This gives us (i) max M0, l!b#1N4i4min Ml, a!1N, (ii) for each i, l!i4j4b!1, (iii) for each i, j, k"l!i. It follows from this observation that for each l"0, 2 , asb!1 the coefficient f of t is equal to l l
AB
A B
min Ml, a!1N l b~1 i#j + c + d. f" j l i"max M0, l!b#1N i i l j/l~i
(11)
EXAMPLE 3.1. Let F"F be the field with three elements. We claim that 3 the set J (3, 5) is equal to the set M0, 3, 4, 5, 6N. To show this, we take Mt , t , t N and ME0t , 2 , E4t N as the basis of SFM ((x!1)3) and 0 1 2 0 4 SFM ((x!1)5), respectively. First, by Lemma (1.2), the integers 0 and 3 s 5"6 are elements of J (3, 5). Before computing the remaining elements of J (3, 5), let us write the coefficients f of the product pq"+5 f t of two sequences l l/0 l l 2 4 p" + c t 3 MFM ((x!1)3) , q" + d Ej t 3 MFM ((x!1)5) , i i j j i/0 j/0 where c , d 3 FM with c d O0, according to formula (11): i j 2 4 f "c (d #d #d #d #d ), 0 0 0 1 2 3 4 f "c (d #2d #d )#c (d #2d #d #2d ), 1 0 1 2 4 1 0 1 3 4 f "c d #2c (d #d )#c (d #d ), 2 0 2 1 1 4 2 0 3
95
LINEAR RECURRING SEQUENCES
f "c (d #d ), 3 0 3 4 f "c d #c (d #2d ), 4 0 4 1 3 4 f "2c d #c d . 5 1 4 2 3 If we let p "t , 1 2
p "2t #at #t , p "t #t , 2 0 1 2 3 0 2
and q "E0t #E4t , 1 0 4
q "aE3t #E4t , 2 3 4
q "E4 t , 3 4
where a3FM is a root of x2#2x#2"0, then for each i"1, 2, 3 we have p 3MFM ((x!1)3), q 3MFM ((x!1)5), and p q 3MFM ((x!1)i`2). This shows i i i i that the integers 3, 4, 5 are elements of the set J(3, 5). To show 1 N J (3, 5), let us assume f O0, i"1, 2 , 5, and f O0, with c d O0; f O0 implies c O0. i 0 2 4 0 0 This, together with f "0, gives d "!d O0. Using this identity in the 3 3 4 equations f "0 and f "0, we obtain c "!c O0 and c "!2c O0. 4 5 1 0 2 0 The equation f "0 gives d "2(d #d ). Using this, together with 2 2 0 1 d "!d , one gets d #d #d #d #d "0 which contradicts f O0. 3 4 0 1 2 3 4 0 This shows that there are no sequences p 3 MFM ((x!1)3) and q3MFM ((x!1)5) with the property that pq3MFM ((x!1)); in other words 1 N J (3, 5). Now to show 2 N J (3, 5), assume f O0, i"2, 2 , 5 and f O0. Let us first suppose i 1 that c O0; then, as in the proof of 1 N J(3, 5), we have 0 d O!d , c "!c , c "!2c , 3 4 1 0 2 0
d "2(d #d ). 2 0 1
Using these identities one obtains f "0, which is a contradiction. Therefore, 1 c "0. This, together with f O0, implies c O0. Using c "0, c O0, and 0 1 1 0 1 f "f "f "0, we obtain d "!2d and d "!2d . But these identities 2 4 5 3 4 0 1 give f "0, which contradicts our assumption. Thus 2 N J (3, 5). 1 Remark. In this example, we note that there are sequences p, q over F1 , 3 with minimal polynomials (x!1)3, (x!1)5, with the property that the product pq admits (x!1)4 as the minimal polynomial (i.e., 4 3 J (3, 5)). However, one can check that there are no such sequences over F . 3 EXAMPLE 3.2. Let F"F be the field with three elements. Consider the 3 polynomials f (x)"(x!1) (x!2)3 and g(x)"(x!1)5 (x!2) over F. The polynomials f and g split in F. Let us enumerate the distinct roots of them
96
EMRAH hAKhAK
with their corresponding multiplicities using our notation: a "b "1, 1 1
a "b "2, 2 2
a "1, b "5, 1 1
a "3, b "1. 2 2
The distinct elements among the products of a root of f and a root of g are c "(a b )"(a b )"1 and c "(a b )"(a b )"2, so that we have 1 1 1 2 2 2 1 2 2 1 (in our notation) C "M(1, 1), (2, 2)N, 1
C "M(1, 2), (2, 1)N. 2
!2 j Now if the pair (i, j) is one of (1, 1), (1, 2), or (2, 2) then we have ( ai#b ) O 0, a !1 i so that the set J (a , b )"Ma #b !1N, and the values of a s b " i j i j i j a #b !1 are i j
a s b "5, 1 1
a s b "1, a s b "3. 1 2 2 2
!2 1 For the pair (2, 1) we have, ( a2#b )"0, a s b "6, and J(a , b )" a !1 2 2 1 2 1 J(3, 5)"M0, 3, 4, 5, 6N (by Example (3.1)). On the other hand, it is easy to see that
C*"M(1, 1), (2, 2)N, C*"M(1, 2)N, 2 1 c "5, c "1, e "5, e "6. 1 2 1 2 We also note that the set D"M1N. From these, we obtain the polynomials Z( f, g), A( f, g), and B( f, g) as follows: Z ( f, g)"(x!1)5 (x!2)6, A ( f, g)"(x!1)5, B ( f, g)"(x!1)5 (x!2). Note also that, by Corollary (2.3), B( f, g) is the monic polynomial of maximal degree (which is uniquely determined) dividing all minimal polynomials m of the products pq with p3M ( f ) and q3M (g). pq F F ACKNOWLEDGMENT The author heartily thanks the referees for finding some errors and for suggestions for improving the manuscript.
LINEAR RECURRING SEQUENCES
97
REFERENCES 1. A. E. hakiak, ‘‘Linear Recurring Sequences,’’ M.Sc. thesis, Middle East Technical University, 1997. 2. R. Go( ttfert and H. Niederreiter, On the minimal polynomial of the product of linear recurring sequences, Finite Fields Appl. 1 (1995), 204—218. 3. R. Lidl and H. Niederreiter, ‘‘Introduction to Finite Fields and Their Applications,’’ 1st ed., Cambridge Univ. Press, Cambridge, 1986. 4. N. Zierler and W. H. Mills, Products of linear recurring sequences, J. Algebra 27 (1973), 147.
4, 87—97 (1998)
FF970203
A Remark on the Minimal Polynomial of the Product of Linear Recurring Sequences* Emrah hakiak Department of Mathematics, Middle East Technical University, 06531 Ankara, Turkey E-mail: [email protected] Communicated by Harald Niederreiter Received May 15, 1997; revised October 29, 1997
By using the techniques given by R. Go¨ttfert and H. Niederreiter (Finite Fields Appl. 1 (1995) 204—218), we give a better lower bound on the linear complexity of the product of two linear recurring sequences. ( 1998 Academic Press
1. INTRODUCTION The determination of the minimal polynomial of the termwise product of two linear recurring sequences is a basic problem in the theory of stream ciphers. There are mainly two results in the literature given by Zierler and Mills [4] and Go¨ttfert and Niederreiter [2]. Our result is an improvement of the latter. We now give the basic terminology and summarize some of the results in [2]. Let F be an arbitrary field. Let F= be the space of sequences over F. Let E be the linear shift operator on F=, defined as for p"(s )= 3 F= . Ep"(s )= n n/0 n`1 n/0 A sequence p3F= is a linear recurring sequence over F if p satisfies an equation of the form f (E)p"0,
(1)
* This work is a part of my M.Sc. thesis which is carried out under the guidance of Professor Ersan Akyıldız. We give further results following from the paper by R. Go¨ttfert and H. Niederreiter [2]. 87 1071-5797/98 $25.00 Copyright ( 1998 by Academic Press All rights of reproduction in any form reserved.
88
EMRAH hAKhAK
where f (x) is a monic polynomial over F. The solution space of Eq. (1) in F= is denoted by S ( f ). For a linear recurring sequence p over F, its minimal F polynomial m 3 F [x] is defined to be the least degree monic polynomial p f 3 F [x] such that p satisfies Eq. (1). The linear complexity of p is defined to be ¸(p)"deg(m ). For a monic polynomial f 3 F [x] let M ( f ) be the set of all p F linear recurring sequences over F with minimal polynomial f. Let us emphasize, also, the following fact that we will use at a couple of crucial points in our main results: the sum of a sequence with minimal polynomial (x!1)c1 and a sequence with minimal polynomial (x!1)c2 has minimal polynomial (x!1)max Mc1 , c2 N , provided c Oc . Further background on linear recurring 1 2 sequences can be found in [3, Chap. 6]. The details of the following discussion can be found in [2]. For each i50, let t denote the sequence i
AA BB
t" i
n i
=
.
n/0
These sequences have the following properties: (i) (E!1)t "t , i51 , i i~1 (ii) t Ej t "(i`j ) Ej t , i, j50. i i`j i j Using property (i), we get Ekt 3M ((x!1)i`1), i, k50, i F
(2)
and
AB
j j Ej t " + t , 04j4l. l k l~j`k k/0
(3)
Note that (2) implies that the sets Mt D04i4cN and MEj t D04j4cN are i j bases for S ((x!1)c`1). F DEFINITION 1.1. For two positive integers a, b, let asb be the maximum value of i#j#1 such that (i`j ) O 0 (in F), where 04i4a!1 and i 04j4b!1. The operation s depends on the characteristic of the field F and has the following properties: (i) max(a, b))asb)a#b!1, (ii) asb"a#b!1 if and only if (a`b~2 )O0. a~1
LINEAR RECURRING SEQUENCES
89
LEMMA 1.2. For given positive integers a and b, let p3M ((x!1)a) and F q3M ((x!1)b). ¹hen the minimal polynomial m 3F [x] of the product pq is F pq in the form m (x)"(x!1)c where 04c4asb. Furthermore, pq (i) the linear complexity ¸(pq)"c of pq is equal to a#b!1 if and only if (a`b~2 )O0; a~1 (ii) in the case (a`b~2 )"0, there exist sequences p , p 3 M ((x!1)a) and a~1 1 2 F q , q 3M ((x!1)b) such that p q "0 and p q 3M ((x!1)a s b). 1 2 F 1 1 2 2 F Let f (x) and g(x) be nonconstant monic polynomials over F. Without loss of generality we may assume that f (0)g(0)O0 (as in [2]). Let E be the splitting field of fg over F, and let a , 2 , a 3E and b , 2 , b 3 E be the 1 r 1 s distinct roots of f and g with multiplicities a , 2 , a and b , 2 , b , respec1 r 1 s tively. Let C"M(i, j)3N2 D 14i4r, 14j4sN, and let c , 2 , c be the distinct elements of the set Ma b D (i, j) 3 CN. We 1 t i j decompose C into pairwise disjoint subsets C "M(i, j)3C D a b "c N, 14d4t, d i j d and then define for each d"1, 2, 2 , t, the integers e " max (a s b ), d (i, j)3C i j
(4)
d
and the set D"Md 3 M1, 2 , tND C contains an ordered pair (i, j ) for d a #b !2 j )O0 and a s b (a s b for all (k, l) 3 C which ( i a !1 i k l i j d with (k, l) O (i, j)N . (5) Let t Z ( f, g) (x)" < (x!c )ed d d/1
(6)
A( f, g) (x)" < (x!c )ed . d d3D
(7)
and
90
EMRAH hAKhAK
The polynomial Z( f, g) was first introduced in an equivalent form by Zierler and Mills [4]; and the polynomial A( f, g) is introduced by Go( ttfert and Niederreiter [2]. THEOREM 1.3. ¸et f (x) and g(x) be nonconstant monic polynomials over F with f (0)g(0)O0. ¹hen for all p3M ( f ) and q3M (g), the minimal F F polynomial m 3 F [x] of the product sequence pq is divisible by the polynomial pq A( f, g)3F[x] and divides the polynomial Z( f, g)3F [x]. In particular, for the linear complexity ¸(pq) of pq we have ¸(pq)5deg (A( f, g)).
2. THE MAIN RESULTS We start this section with the definition of the set J(a, b), associated to any two positive integers a and b. This set plays a crucial role in the paper. DEFINITION 2.1. For two positive integers a, b , let J(a, b) be the set of integers k with 04k4a s b, such that (x!1)k is the minimal polynomial of the product sequence pq for some p3MFM ((x!1)a) and q3MFM ((x!1)b) (here FM denotes the algebraic closure of the field F). By Lemma (1.2), if (a`b~2 )O0 then J(a, b) has only one element, namely a~1 J(a, b)"Ma#b!1N; also if (a`b~2 )"0 then both 0 and a s b are elements a~1 of J(a, b). In the next section we will give an example (Example (3.1)) that, the set J(a, b) is not equal to whole set of integers M0, 1, 2 , asbN; i.e., there is a k3M0, 1, 2 , asbN such that (x!1)k does not appear as the minimal polynomial of any product sequence pq, where p3MFM ((x!1)a) and q3MFM ((x!1)b). For each d"1, 2 , t, let C* consists of the pairs (k, l)3C satisfying d d (i) J (a , b )"Ma #b !1N, and k l k l (ii) for each integer c5a #b !1, there exists at most one pair (i, j )3C k l d with c3J (a , b ). i j We now define the polynomial t B( f, g) (x)" < (x!c )cd , d d/1 where for each d"1, 2 , t,
G
c" d
max (a #b !1), if C* O0, k l d
(k, l) 3 C * d
0,
if C*"0 . d
(8)
LINEAR RECURRING SEQUENCES
91
Note that if d3D (D is defined in (5)), then the set C* is not empty and the d integer e (defined in (4)) equals c . Therefore we have d d A( f, g) D B( f, g) . Also A ( f, g)"B( f, g) if and only if C* O 0 8 d 3 D. d
(9)
We also would like to note that, if for each (i, j )3C, J(a , b ) either equals i j Ma #b !1N or M0, 1, 2 , a s b N, then condition (9) holds. We summarize i j i j these facts in the following theorem. THEOREM 2.2. ¸et f (x) and g(x) be nonconstant monic polynomials over F with f (0) g(0)O0. ¹hen for all p3M ( f ) and q 3 M (g), the minimal F F polynomial m 3 F [x] of the product sequence pq is divisible by B( f, g). pq Proof. Let p and q be as in the theorem and let E be the splitting field of fg over F. If we view p and q as sequences in E, then by the direct-sum decomposition for linear recurring sequences they can be written in the form s r p" + m (an )= , q" + f (bn )= , j j n/0 i i n/0 j/1 i/1 where m 3M ((x!1)ai ) for 14i4r and f 3 M ((x!1)bj ) for 14j4s. It i E j E follows that t pq" + d/1
A
B
+ m f (cn )= . d n/0 i j
(i, j)3C d
Let d3M1, 2 , tN be such that C* O0. By the definition of the set C* , there is d d one and only one pair (k, l)3C such that d c "a s b "a #b !1. d k l k l We write the sum
+ (i, j)3C
d
m f as h #h , where i j 1 2
h "m f # 1 k l
+
(i, j) 3 C d !1 a sb (a #b i j k l
h " 2
+
(i, j) 3 C d !1 a sb 'a #b i j k l
mf. i j
mf, i j
92
EMRAH hAKhAK
Now, the minimal polynomial of h is (x!1)ak#bl!1 . We note that the 1 minimal polynomial of each m f with (i, j)3C and a s b 'a #b !1 is i j d i j k l (x!1)c for some c3J(a , b ). On the other hand, it follows from the definii j tion of C* that the minimal polynomial of h is (x!1)c, where c is either d 2 strictly greater or strictly less than a #b !1. In each case the minimal k l polynomial of the sum + (i, j)3C m f is divisible by (x!1)ak#bl!1 . Therefore, d i j the polynomial B( f, g) divides the minimal polynomial of pq in E [x]. It remains to show that B( f, g) is a polynomial over F. We leave the reader to check that the same arguments in the proof of [2, Theorem 1] used to show A( f, g) and Z( f, g) are polynomials over F work here too. j For each d"1, 2 , t, if the set C* is nonempty, then the lower bound on d the linear complexity of the product pq with p3M ( f ) and q3M (g) given F F in Theorem (2.2) is the best one and is attained by the minimal polynomial of pq for some p3M ( f ) and q3M (g). We state this in the following corollary. F F COROLLARY 2.3. ¸et f (x) and g(x) be nonconstant monic polynomials over F with f (0) g(0)O0. Assume that, for each d"1, 2 , t , the set C* is nonempty. d ¹hen there exist p3M ( f ) and q3M (g) such that the minimal polynomial of F F the sequence pq is B( f, g). Proof. As in the proof of Theorem 2 in [2], we construct two sequences p3M ( f ) and q3M (g) as follows: let F F r p" + ta !1 Ep i i i/1 and s q" + E bj!1 tb !1 q , j j j/1 where p , q 3E= form the sequence associated to the roots a , b with i j i j p "(an )= , q "(bn )= . We refer the reader to the proof of [2, Theorem 2] i i n/0 j j n/0 (or alternately [1, pp. 39—41]) to see that these sequences are indeed in F= (the shift E in the definition of p is needed for this proof ). The product pq has the form t pq" + d/1
A
+ a i (i, j)3C d
A
B
B
a #b !2 i j E bj!1 ta #b !2 (cn )= . i j d n/0 a !1 i
For each d"1, 2 , t and each (i, j) 3 C , the minimal polynomial of d a
i
A
B
a #b !2 i j E bj!1 ta #b !2 i j a !1 i
93
LINEAR RECURRING SEQUENCES
!2 !2 j j is either 1 (if ( ai#b )"0) or (x!1)ai#bj!1 (if ( ai#b )O0). Now, for each a !1 a !1 i i d"1, 2 , t, since C* O 0, we obtain d
G
c "max a #b !1 D (i, j)3C and d i j d
A
B H
a #b !2 i j O0 , a !1 i
and a unique pair (k, l)3C such that c "a #b !1. But this implies that d d k l the minimal polynomial of + a (i, j)3C d
i
A
B
a #b !2 i j E bj!1 ta #b !2 i j a !1 i
is (x!1)cd . Thus the minimal polynomial of pq is B( f, g).
j
3. EXAMPLES In this section we will compute the set J(3, 5) in the field F and see that this 3 set is equal to M0, 3, 4, 5, 6N. Then using this information we will give an example that the lower bound given in Theorem (2.2) is, in general, better than the lower bound given in [2, Theorem 1] (see Theorem (1.3)). Before passing to the examples let us find a formula for the coefficients, f , of the product l a s b!1
pq" + f t l l l/0 of two sequences, a~1 b~1 p" + c t 3 S ((x!1)a) , q" + d Ej t 3 S ((x!1)b), i i F j j F i/0 j/0 in terms of a, b and the coefficients c , d . We may assume 14a4b; then we i j have a~1 b~1 pq" + + c d t Ej t , i j i j i/0 j/0
A B
a~1 b~1 i#j "+ + cd Ej t . i j i`j i i/0 j/0
94
EMRAH hAKhAK
From the identity (3) we get Ejt "+j ( j ) t , and using the identity i`j k/0 k i`k
A BA B A BA B i#j i
j i#k " k i
i#j i#k
for i, j, k50
we obtain
A BA B
a~1 b~1 j i#k pq" + + c d + i j i i/0 j/0 k/0
i#j t . i`k i#k
(10)
Now for a fixed l, we will compute the coefficient of t in (10). For this, we l shall look at the indices i, j, k which satisfy i#k"l. This gives us (i) max M0, l!b#1N4i4min Ml, a!1N, (ii) for each i, l!i4j4b!1, (iii) for each i, j, k"l!i. It follows from this observation that for each l"0, 2 , asb!1 the coefficient f of t is equal to l l
AB
A B
min Ml, a!1N l b~1 i#j + c + d. f" j l i"max M0, l!b#1N i i l j/l~i
(11)
EXAMPLE 3.1. Let F"F be the field with three elements. We claim that 3 the set J (3, 5) is equal to the set M0, 3, 4, 5, 6N. To show this, we take Mt , t , t N and ME0t , 2 , E4t N as the basis of SFM ((x!1)3) and 0 1 2 0 4 SFM ((x!1)5), respectively. First, by Lemma (1.2), the integers 0 and 3 s 5"6 are elements of J (3, 5). Before computing the remaining elements of J (3, 5), let us write the coefficients f of the product pq"+5 f t of two sequences l l/0 l l 2 4 p" + c t 3 MFM ((x!1)3) , q" + d Ej t 3 MFM ((x!1)5) , i i j j i/0 j/0 where c , d 3 FM with c d O0, according to formula (11): i j 2 4 f "c (d #d #d #d #d ), 0 0 0 1 2 3 4 f "c (d #2d #d )#c (d #2d #d #2d ), 1 0 1 2 4 1 0 1 3 4 f "c d #2c (d #d )#c (d #d ), 2 0 2 1 1 4 2 0 3
95
LINEAR RECURRING SEQUENCES
f "c (d #d ), 3 0 3 4 f "c d #c (d #2d ), 4 0 4 1 3 4 f "2c d #c d . 5 1 4 2 3 If we let p "t , 1 2
p "2t #at #t , p "t #t , 2 0 1 2 3 0 2
and q "E0t #E4t , 1 0 4
q "aE3t #E4t , 2 3 4
q "E4 t , 3 4
where a3FM is a root of x2#2x#2"0, then for each i"1, 2, 3 we have p 3MFM ((x!1)3), q 3MFM ((x!1)5), and p q 3MFM ((x!1)i`2). This shows i i i i that the integers 3, 4, 5 are elements of the set J(3, 5). To show 1 N J (3, 5), let us assume f O0, i"1, 2 , 5, and f O0, with c d O0; f O0 implies c O0. i 0 2 4 0 0 This, together with f "0, gives d "!d O0. Using this identity in the 3 3 4 equations f "0 and f "0, we obtain c "!c O0 and c "!2c O0. 4 5 1 0 2 0 The equation f "0 gives d "2(d #d ). Using this, together with 2 2 0 1 d "!d , one gets d #d #d #d #d "0 which contradicts f O0. 3 4 0 1 2 3 4 0 This shows that there are no sequences p 3 MFM ((x!1)3) and q3MFM ((x!1)5) with the property that pq3MFM ((x!1)); in other words 1 N J (3, 5). Now to show 2 N J (3, 5), assume f O0, i"2, 2 , 5 and f O0. Let us first suppose i 1 that c O0; then, as in the proof of 1 N J(3, 5), we have 0 d O!d , c "!c , c "!2c , 3 4 1 0 2 0
d "2(d #d ). 2 0 1
Using these identities one obtains f "0, which is a contradiction. Therefore, 1 c "0. This, together with f O0, implies c O0. Using c "0, c O0, and 0 1 1 0 1 f "f "f "0, we obtain d "!2d and d "!2d . But these identities 2 4 5 3 4 0 1 give f "0, which contradicts our assumption. Thus 2 N J (3, 5). 1 Remark. In this example, we note that there are sequences p, q over F1 , 3 with minimal polynomials (x!1)3, (x!1)5, with the property that the product pq admits (x!1)4 as the minimal polynomial (i.e., 4 3 J (3, 5)). However, one can check that there are no such sequences over F . 3 EXAMPLE 3.2. Let F"F be the field with three elements. Consider the 3 polynomials f (x)"(x!1) (x!2)3 and g(x)"(x!1)5 (x!2) over F. The polynomials f and g split in F. Let us enumerate the distinct roots of them
96
EMRAH hAKhAK
with their corresponding multiplicities using our notation: a "b "1, 1 1
a "b "2, 2 2
a "1, b "5, 1 1
a "3, b "1. 2 2
The distinct elements among the products of a root of f and a root of g are c "(a b )"(a b )"1 and c "(a b )"(a b )"2, so that we have 1 1 1 2 2 2 1 2 2 1 (in our notation) C "M(1, 1), (2, 2)N, 1
C "M(1, 2), (2, 1)N. 2
!2 j Now if the pair (i, j) is one of (1, 1), (1, 2), or (2, 2) then we have ( ai#b ) O 0, a !1 i so that the set J (a , b )"Ma #b !1N, and the values of a s b " i j i j i j a #b !1 are i j
a s b "5, 1 1
a s b "1, a s b "3. 1 2 2 2
!2 1 For the pair (2, 1) we have, ( a2#b )"0, a s b "6, and J(a , b )" a !1 2 2 1 2 1 J(3, 5)"M0, 3, 4, 5, 6N (by Example (3.1)). On the other hand, it is easy to see that
C*"M(1, 1), (2, 2)N, C*"M(1, 2)N, 2 1 c "5, c "1, e "5, e "6. 1 2 1 2 We also note that the set D"M1N. From these, we obtain the polynomials Z( f, g), A( f, g), and B( f, g) as follows: Z ( f, g)"(x!1)5 (x!2)6, A ( f, g)"(x!1)5, B ( f, g)"(x!1)5 (x!2). Note also that, by Corollary (2.3), B( f, g) is the monic polynomial of maximal degree (which is uniquely determined) dividing all minimal polynomials m of the products pq with p3M ( f ) and q3M (g). pq F F ACKNOWLEDGMENT The author heartily thanks the referees for finding some errors and for suggestions for improving the manuscript.
LINEAR RECURRING SEQUENCES
97
REFERENCES 1. A. E. hakiak, ‘‘Linear Recurring Sequences,’’ M.Sc. thesis, Middle East Technical University, 1997. 2. R. Go( ttfert and H. Niederreiter, On the minimal polynomial of the product of linear recurring sequences, Finite Fields Appl. 1 (1995), 204—218. 3. R. Lidl and H. Niederreiter, ‘‘Introduction to Finite Fields and Their Applications,’’ 1st ed., Cambridge Univ. Press, Cambridge, 1986. 4. N. Zierler and W. H. Mills, Products of linear recurring sequences, J. Algebra 27 (1973), 147.