Lambert cylindrical equal-area projection: Difference between revisions
en>Anna Frodesiak m Reverted edits by UnclefesterK (talk) to last version by Strebe |
en>Chienlit →See also: ==See also== {{Portal|Atlas}} * List of map projections |
||
Line 1: | Line 1: | ||
The '''Tonelli–Shanks''' [[algorithm]] (referred to by Shanks as the RESSOL algorithm) is used within [[modular arithmetic]] to solve a congruence of the form | |||
:<math> x^2 \equiv n \pmod p </math> | |||
where ''n'' is a [[quadratic residue]] (mod ''p''), and ''p'' is an odd [[prime number|prime]]. | |||
Tonelli–Shanks cannot be used for composite moduli; finding square roots modulo composite numbers is a computational problem equivalent to [[integer factorization]].<ref>Oded Goldreich, ''Computational complexity: a conceptual perspective'', Cambridge University Press, 2008, p. 588.</ref> | |||
An equivalent, but slightly more redundant version of this algorithm was developed by Alberto Tonelli in 1891. The version discussed here was developed independently by [[Daniel Shanks]] in 1973, who explained: | |||
<blockquote>"My tardiness in learning of these historical references was because I had lent Volume 1 of [[Leonard Eugene Dickson|Dickson's]] [[History_of_the_Theory_of_Numbers|History]] to a friend and it was never returned."<ref>Daniel Shanks. Five Number-theoretic Algorithms. Proceedings of the Second Manitoba Conference on Numerical Mathematics. Pp. 51–70. 1973.</ref> | |||
</blockquote> | |||
== The algorithm == | |||
(Note: All <math>\equiv</math> are taken to mean <math>\pmod p</math>, unless indicated otherwise). | |||
'''Inputs''': ''p'', an odd prime. ''n'', an integer which is a quadratic residue (mod ''p''), meaning that the [[Legendre symbol]] <math>\bigl(\tfrac{n}{p}\bigr)=1</math>. | |||
'''Outputs''': ''R'', an integer satisfying <math>R^2 \equiv n</math>. | |||
# Factor out powers of 2 from ''p'' − 1, defining ''Q'' and ''S'' as: <math>p-1 = Q2^S</math> with ''Q'' odd. Note that if <math>S = 1</math>, ''i.e.'' <math>p \equiv 3 \pmod 4</math>, then solutions are given directly by <math>R \equiv \pm n^{\frac{p+1}{4}}</math>. | |||
# Select a ''z'' such that the [[Legendre symbol]] <math>\bigl(\tfrac{z}{p}\bigr)=-1</math> (that is, ''z'' should be a quadratic non-residue modulo ''p''), and set <math>c \equiv z^Q</math>. | |||
# Let <math>R \equiv n^{\frac{Q+1}{2}}, t\equiv n^Q, M = S.</math> | |||
# Loop: | |||
## If <math>t \equiv 1</math>, return ''R''. | |||
## Otherwise, find the lowest ''i'', <math>0 < i < M</math>, such that <math>t^{2^i} \equiv 1</math>; ''e.g.'' via repeated squaring. | |||
## Let <math>b \equiv c^{2^{M-i-1}}</math>, and set <math>R \equiv Rb, \; t \equiv tb^2, c \equiv b^2</math> and <math>M =\; i</math>. | |||
Once you have solved the congruence with ''R'' the second solution is ''p'' − ''R''. | |||
==Example== | |||
Solving the congruence <math> x^2 \equiv 10 \pmod {13} </math>. It is clear that <math>13</math> is odd, and since <math>10^{\frac{13-1}{2}} = 10^6 \equiv 1 \pmod {13}</math>, 10 is a quadratic residue (by [[Euler's criterion]]). | |||
* Step 1: Observe <math>p-1 = 12 = 3 \cdot 2^2 </math> so <math>Q=3</math>, <math>S=2</math>. | |||
* Step 2: Take <math>z=2</math> as the quadratic nonresidue (2 is a quadratic nonresidue since <math>2^{\frac{13-1}{2}} = -1 \pmod {13}</math> (again, Euler's criterion)). Set <math> c = 2^3 \equiv 8 \pmod {13}. </math> | |||
* Step 3: <math>R=10^2 \equiv -4, \; t\equiv 10^3 \equiv -1 \pmod {13}, M = 2.</math> | |||
* Step 4: Now we start the loop: <math> t \not\equiv 1 \pmod {13}</math> so <math>0 < i <\; 2</math>; ''i.e.'' <math>i = \;1.</math> | |||
** Let <math> b \equiv 8^{2^{2-1-1}} \equiv 8 \pmod {13}</math>, so <math>b^2 \equiv 8^2 \equiv -1 \pmod {13}</math>. | |||
**Set <math>R=-4\cdot8 \equiv 7 \pmod {13} </math>. Set <math>t \equiv -1 \cdot -1 \equiv 1 \pmod {13}</math>, and <math>M =\;1.</math> | |||
**We restart the loop, and since <math>t \equiv 1 \pmod{13}</math> we are done, returning <math>R\equiv7 \pmod {13}.</math> | |||
Indeed, observe that <math>7^2 = 49 \equiv 10 \pmod {13} </math> and naturally also <math>(-7)^2 \equiv 6^2 \equiv 10 \pmod {13} </math>. So the algorithm yields two solutions to our congruence. | |||
==Proof== | |||
First write <math>p-1=Q2^S</math>. Now write <math>r \equiv n^{\frac{Q+1}{2}}\pmod p</math> and <math>t \equiv n^Q \pmod p</math>, observing that <math>r^2 \equiv nt \pmod p</math>. This latter congruence will be true after every iteration of the algorithm's main loop. If at any point, <math>t \equiv 1 \pmod p </math> then <math>r^2 \equiv n \pmod p </math> and the algorithm terminates with <math>R \equiv \pm r \pmod p</math>. | |||
If <math>t \not\equiv 1 \pmod p </math>, then consider <math>z</math>, a quadratic non-residue of <math>p</math>. Let <math>c \equiv z^Q \pmod p</math>. Then | |||
<math>c^{2^S} \equiv (z^Q)^{2^S} \equiv z^{2^SQ}\equiv z^{p-1} \equiv 1 \pmod p</math> and <math> c^{2^{S-1}} \equiv z^\frac{p-1}{2}\equiv -1 \pmod p</math>, which shows that the [[Order (group theory)|order]] of <math>c</math> is <math>2^S</math>. | |||
Similarly we have <math>t^{2^S} \equiv 1 \pmod p</math>, so the order of <math>t</math> divides <math>2^S</math>. Suppose the order of <math>t</math> is <math>2^{S'}</math>. Since <math>n</math> is a square modulo <math>p</math>, <math>t \equiv n^Q \pmod p</math> is also a square, and hence <math>S'\leq S-1 </math>. | |||
Now we set <math> b \equiv c^{2^{S-S'-1}} \pmod p</math> and with this <math>r' \equiv br \pmod p</math>, <math>c' \equiv b^2 \pmod p</math> and <math> t' \equiv c't \pmod p</math>. As before, <math>r'^2 \equiv nt' \pmod p</math> holds; however with this construction both <math>t</math> and <math> c'</math> have order <math>2^{S'}</math>. This implies that <math>t'</math> has order <math>2^{S''}</math> with <math> S'' < S' </math>. | |||
If <math>S'' = 0 </math> then <math>t' \equiv 1 \pmod p</math>, and the algorithm stops, returning <math>R \equiv \pm r' \pmod p</math>. Else, we restart the loop with analogous definitions of <math>b'</math>, <math>r''</math>, <math>c''</math> and <math>t''</math> until we arrive at an <math>S^{(j)'}</math> that equals 0. Since the sequence of ''S'' is strictly decreasing the algorithm terminates. | |||
==Speed of the algorithm== | |||
The Tonelli–Shanks algorithm requires (on average over all possible input (quadratic residues and quadratic nonresidues)) | |||
:<math>2m+2k+\frac{S(S-1)}{4} +\frac{1}{2^{S-1}} - 9</math> | |||
modular multiplications, where <math>m</math> is the number of digits in the binary representation of <math>p</math> and <math>k</math> is the number of ones in the binary representation of <math>p</math>. If the required quadratic nonresidue <math>z</math> is to be found by checking if a randomly taken number <math>y</math> is a quadratic nonresidue, it requires (on average) <math>2</math> computations of the Legendre symbol.<ref>Gonzalo Tornaria - Square roots modulo p, page 2 http://www.springerlink.com/content/xgxe68edy03la96p/fulltext.pdf</ref> The average of two computations of the Legendre symbol are explained as follows: <math>y</math> is a quadratic residue with chance <math>\frac{\frac{p+1}{2}}{p} = \frac{1 + \frac{1}{p}}{2}</math>, which is smaller than <math>1</math> but <math>\geq \frac{1}{2}</math>, so we will on average need to check if a <math>y</math> is a quadratic residue two times. | |||
This shows essentially that the Tonelli–Shanks algorithm works very well if the modulus <math>p</math> is random, that is, if <math>S</math> is not particularly large with respect to the number of digits in the binary representation of <math>p</math>. [[Cipolla's algorithm]] works better than Tonelli–Shanks if (and only if) <math>S(S-1) > 8m + 20</math>. | |||
The algorithm requires us to find a quadratic nonresidue <math>z</math>. There is no known deterministic algorithm that runs in polynomial time for finding such a <math>z</math>. However, if the [[generalized Riemann hypothesis]] is true, there exists a quadratic nonresidue <math>z < 2\ln^2{p}</math>,<ref>{{Citation |last=Bach |first=Eric |year=1990 |title=Explicit bounds for primality testing and related problems |journal=Mathematics of Computation |volume=55 |issue=191 |pages=355–380 |jstor=2008811 |issn= }}</ref> making it possible to check every <math>z</math> up to that limit and find a suitable <math>z</math> within [[polynomial time]]. Keep in mind, however, that this is a worst case scenario; in general, <math>z</math> is found in on average 2 trials as stated above. | |||
== Uses == | |||
The Tonelli–Shanks algorithm can (naturally) be used for any process in which square roots modulo a prime are necessary. For example, it can be used for finding points on [[elliptic curves]]. It is also useful for the computations in the [[Rabin cryptosystem]]. | |||
== Generalizations == | |||
Tonelli–Shanks can be generalized to any cyclic group (instead of <math>\mathbb{Z}/p\mathbb{Z}^*</math>) and to ''k''th roots for arbitrary integer ''k'', in particular to taking the ''k''th root of an element of a [[finite field]] | |||
.<ref>Adleman, L. M., K. Manders, and G. Miller: 1977, `On taking roots in finite | |||
fields'. In: 18th IEEE Symposium on Foundations of Computer Science. pp. | |||
175-177</ref> | |||
If many square-roots must be done in the same cyclic group and S is not too large, a table of square-roots of the elements of 2-power order can be prepared in advance and the algorithm simplified and speeded up as follows. | |||
# Factor out powers of 2 from ''p'' − 1, defining ''Q'' and ''S'' as: <math>p-1 = Q2^S</math> with ''Q'' odd. | |||
# Let <math>R \equiv n^{\frac{Q+1}{2}}, t\equiv n^Q \equiv R^2/n</math> | |||
# Find <math>b</math> from the table such that <math>b^2 \equiv t </math> and set <math>R \equiv R/b</math> | |||
#return ''R''. | |||
== Notes == | |||
{{Reflist}} | |||
== References == | |||
* {{cite book | |||
|last=Niven | |||
|first=Ivan | |||
|authorlink=Ivan Niven | |||
|coauthors=[[Herbert Zuckerman|Herbert S. Zuckerman]], [[Hugh L. Montgomery]] | |||
|title=An Introduction to the Theory of Numbers | |||
|edition=5th edition | |||
|year=1991 | |||
|publisher=Wiley | |||
|isbn=0-471-62546-9 | |||
}} | |||
Pages 110–115 describe the algorithm and explain the group theory behind it. | |||
* Daniel Shanks. Five Number Theoretic Algorithms. Proceedings of the Second Manitoba Conference on Numerical Mathematics. Pp. 51–70. 1973. | |||
* Alberto Tonelli, Bemerkung über die Auflösung quadratischer Congruenzen. Nachrichten von der Königlichen Gesellschaft der Wissenschaften und der Georg-Augusts-Universität zu Göttingen. Pp. 344–346. 1891. [http://resolver.sub.uni-goettingen.de/purl?GDZPPN002525739] | |||
*Gagan Tara Nanda - Mathematics 115: The RESSOL Algorithm [http://www.ocf.berkeley.edu/~gagnanda/mathstuff/RESSOL.pdf] | |||
== External links == | |||
*Implementation in C# http://shankstonelli.blogspot.com/2010/12/shanks-tonelli-algorithm-in-c.html | |||
*Implementation in Python http://eli.thegreenplace.net/2009/03/07/computing-modular-square-roots-in-python | |||
{{number theoretic algorithms}} | |||
{{DEFAULTSORT:Tonelli-Shanks algorithm}} | |||
[[Category:Modular arithmetic]] | |||
[[Category:Number theoretic algorithms]] | |||
[[Category:Articles containing proofs]] | |||
[[ru:Алгоритм Шенкса]] |
Latest revision as of 01:40, 22 December 2013
The Tonelli–Shanks algorithm (referred to by Shanks as the RESSOL algorithm) is used within modular arithmetic to solve a congruence of the form
where n is a quadratic residue (mod p), and p is an odd prime.
Tonelli–Shanks cannot be used for composite moduli; finding square roots modulo composite numbers is a computational problem equivalent to integer factorization.[1]
An equivalent, but slightly more redundant version of this algorithm was developed by Alberto Tonelli in 1891. The version discussed here was developed independently by Daniel Shanks in 1973, who explained:
"My tardiness in learning of these historical references was because I had lent Volume 1 of Dickson's History to a friend and it was never returned."[2]
The algorithm
(Note: All are taken to mean , unless indicated otherwise).
Inputs: p, an odd prime. n, an integer which is a quadratic residue (mod p), meaning that the Legendre symbol .
Outputs: R, an integer satisfying .
- Factor out powers of 2 from p − 1, defining Q and S as: with Q odd. Note that if , i.e. , then solutions are given directly by .
- Select a z such that the Legendre symbol (that is, z should be a quadratic non-residue modulo p), and set .
- Let
- Loop:
Once you have solved the congruence with R the second solution is p − R.
Example
Solving the congruence . It is clear that is odd, and since , 10 is a quadratic residue (by Euler's criterion).
- Step 2: Take as the quadratic nonresidue (2 is a quadratic nonresidue since (again, Euler's criterion)). Set
Indeed, observe that and naturally also . So the algorithm yields two solutions to our congruence.
Proof
First write . Now write and , observing that . This latter congruence will be true after every iteration of the algorithm's main loop. If at any point, then and the algorithm terminates with .
If , then consider , a quadratic non-residue of . Let . Then and , which shows that the order of is .
Similarly we have , so the order of divides . Suppose the order of is . Since is a square modulo , is also a square, and hence .
Now we set and with this , and . As before, holds; however with this construction both and have order . This implies that has order with .
If then , and the algorithm stops, returning . Else, we restart the loop with analogous definitions of , , and until we arrive at an that equals 0. Since the sequence of S is strictly decreasing the algorithm terminates.
Speed of the algorithm
The Tonelli–Shanks algorithm requires (on average over all possible input (quadratic residues and quadratic nonresidues))
modular multiplications, where is the number of digits in the binary representation of and is the number of ones in the binary representation of . If the required quadratic nonresidue is to be found by checking if a randomly taken number is a quadratic nonresidue, it requires (on average) computations of the Legendre symbol.[3] The average of two computations of the Legendre symbol are explained as follows: is a quadratic residue with chance , which is smaller than but , so we will on average need to check if a is a quadratic residue two times.
This shows essentially that the Tonelli–Shanks algorithm works very well if the modulus is random, that is, if is not particularly large with respect to the number of digits in the binary representation of . Cipolla's algorithm works better than Tonelli–Shanks if (and only if) .
The algorithm requires us to find a quadratic nonresidue . There is no known deterministic algorithm that runs in polynomial time for finding such a . However, if the generalized Riemann hypothesis is true, there exists a quadratic nonresidue ,[4] making it possible to check every up to that limit and find a suitable within polynomial time. Keep in mind, however, that this is a worst case scenario; in general, is found in on average 2 trials as stated above.
Uses
The Tonelli–Shanks algorithm can (naturally) be used for any process in which square roots modulo a prime are necessary. For example, it can be used for finding points on elliptic curves. It is also useful for the computations in the Rabin cryptosystem.
Generalizations
Tonelli–Shanks can be generalized to any cyclic group (instead of ) and to kth roots for arbitrary integer k, in particular to taking the kth root of an element of a finite field .[5]
If many square-roots must be done in the same cyclic group and S is not too large, a table of square-roots of the elements of 2-power order can be prepared in advance and the algorithm simplified and speeded up as follows.
- Factor out powers of 2 from p − 1, defining Q and S as: with Q odd.
- Let
- Find from the table such that and set
- return R.
Notes
43 year old Petroleum Engineer Harry from Deep River, usually spends time with hobbies and interests like renting movies, property developers in singapore new condominium and vehicle racing. Constantly enjoys going to destinations like Camino Real de Tierra Adentro.
References
- 20 year-old Real Estate Agent Rusty from Saint-Paul, has hobbies and interests which includes monopoly, property developers in singapore and poker. Will soon undertake a contiki trip that may include going to the Lower Valley of the Omo.
My blog: http://www.primaboinca.com/view_profile.php?userid=5889534
Pages 110–115 describe the algorithm and explain the group theory behind it.
- Daniel Shanks. Five Number Theoretic Algorithms. Proceedings of the Second Manitoba Conference on Numerical Mathematics. Pp. 51–70. 1973.
- Alberto Tonelli, Bemerkung über die Auflösung quadratischer Congruenzen. Nachrichten von der Königlichen Gesellschaft der Wissenschaften und der Georg-Augusts-Universität zu Göttingen. Pp. 344–346. 1891. [1]
- Gagan Tara Nanda - Mathematics 115: The RESSOL Algorithm [2]
External links
- Implementation in C# http://shankstonelli.blogspot.com/2010/12/shanks-tonelli-algorithm-in-c.html
- Implementation in Python http://eli.thegreenplace.net/2009/03/07/computing-modular-square-roots-in-python
Template:Number theoretic algorithms
- ↑ Oded Goldreich, Computational complexity: a conceptual perspective, Cambridge University Press, 2008, p. 588.
- ↑ Daniel Shanks. Five Number-theoretic Algorithms. Proceedings of the Second Manitoba Conference on Numerical Mathematics. Pp. 51–70. 1973.
- ↑ Gonzalo Tornaria - Square roots modulo p, page 2 http://www.springerlink.com/content/xgxe68edy03la96p/fulltext.pdf
- ↑ Many property agents need to declare for the PIC grant in Singapore. However, not all of them know find out how to do the correct process for getting this PIC scheme from the IRAS. There are a number of steps that you need to do before your software can be approved.
Naturally, you will have to pay a safety deposit and that is usually one month rent for annually of the settlement. That is the place your good religion deposit will likely be taken into account and will kind part or all of your security deposit. Anticipate to have a proportionate amount deducted out of your deposit if something is discovered to be damaged if you move out. It's best to you'll want to test the inventory drawn up by the owner, which can detail all objects in the property and their condition. If you happen to fail to notice any harm not already mentioned within the inventory before transferring in, you danger having to pay for it yourself.
In case you are in search of an actual estate or Singapore property agent on-line, you simply should belief your intuition. It's because you do not know which agent is nice and which agent will not be. Carry out research on several brokers by looking out the internet. As soon as if you end up positive that a selected agent is dependable and reliable, you can choose to utilize his partnerise in finding you a home in Singapore. Most of the time, a property agent is taken into account to be good if he or she locations the contact data on his website. This may mean that the agent does not mind you calling them and asking them any questions relating to new properties in singapore in Singapore. After chatting with them you too can see them in their office after taking an appointment.
Have handed an trade examination i.e Widespread Examination for House Brokers (CEHA) or Actual Property Agency (REA) examination, or equal; Exclusive brokers are extra keen to share listing information thus making certain the widest doable coverage inside the real estate community via Multiple Listings and Networking. Accepting a severe provide is simpler since your agent is totally conscious of all advertising activity related with your property. This reduces your having to check with a number of agents for some other offers. Price control is easily achieved. Paint work in good restore-discuss with your Property Marketing consultant if main works are still to be done. Softening in residential property prices proceed, led by 2.8 per cent decline within the index for Remainder of Central Region
Once you place down the one per cent choice price to carry down a non-public property, it's important to accept its situation as it is whenever you move in – faulty air-con, choked rest room and all. Get round this by asking your agent to incorporate a ultimate inspection clause within the possibility-to-buy letter. HDB flat patrons routinely take pleasure in this security net. "There's a ultimate inspection of the property two days before the completion of all HDB transactions. If the air-con is defective, you can request the seller to repair it," says Kelvin.
15.6.1 As the agent is an intermediary, generally, as soon as the principal and third party are introduced right into a contractual relationship, the agent drops out of the image, subject to any problems with remuneration or indemnification that he could have against the principal, and extra exceptionally, against the third occasion. Generally, agents are entitled to be indemnified for all liabilities reasonably incurred within the execution of the brokers´ authority.
To achieve the very best outcomes, you must be always updated on market situations, including past transaction information and reliable projections. You could review and examine comparable homes that are currently available in the market, especially these which have been sold or not bought up to now six months. You'll be able to see a pattern of such report by clicking here It's essential to defend yourself in opposition to unscrupulous patrons. They are often very skilled in using highly unethical and manipulative techniques to try and lure you into a lure. That you must also protect your self, your loved ones, and personal belongings as you'll be serving many strangers in your home. Sign a listing itemizing of all of the objects provided by the proprietor, together with their situation. HSR Prime Recruiter 2010 - ↑ Adleman, L. M., K. Manders, and G. Miller: 1977, `On taking roots in finite fields'. In: 18th IEEE Symposium on Foundations of Computer Science. pp. 175-177