Universal gradings of orders

For commutative rings, we introduce the notion of a {\em universal grading}, which can be viewed as the "largest possible grading". While not every commutative ring (or order) has a universal grading, we prove that every {\em reduced order} has a universal grading, and this grading is by a {\em finite} group. Examples of graded orders are provided by group rings of finite abelian groups over rings of integers in number fields. We generalize known properties of nilpotents, idempotents, and roots of unity in such group rings to the case of graded orders; this has applications to cryptography. Lattices play an important role in this paper; a novel aspect is that our proofs use that the additive group of any reduced order can in a natural way be equipped with a lattice structure.Comment: Added section 10; added to and rewrote introduction and abstract (new Theorem 1.4 and Examples 1.6 and 1.7

Algorithms on Ideal over Complex Multiplication order

We show in this paper that the Gentry-Szydlo algorithm for cyclotomic orders, previously revisited by Lenstra-Silverberg, can be extended to complex-multiplication (CM) orders, and even to a more general structure. This algorithm allows to test equality over the polarized ideal class group, and finds a generator of the polarized ideal in polynomial time. Also, the algorithm allows to solve the norm equation over CM orders and the recent reduction of principal ideals to the real suborder can also be performed in polynomial time. Furthermore, we can also compute in polynomial time a unit of an order of any number field given a (not very precise) approximation of it. Our description of the Gentry-Szydlo algorithm is different from the original and Lenstra- Silverberg's variant and we hope the simplifications made will allow a deeper understanding. Finally, we show that the well-known speed-up for enumeration and sieve algorithms for ideal lattices over power of two cyclotomics can be generalized to any number field with many roots of unity.Comment: Full version of a paper submitted to ANT

Testing isomorphism of lattices over CM-orders

A CM-order is a reduced order equipped with an involution that mimics complex conjugation. The Witt-Picard group of such an order is a certain group of ideal classes that is closely related to the "minus part" of the class group. We present a deterministic polynomial-time algorithm for the following problem, which may be viewed as a special case of the principal ideal testing problem: given a CM-order, decide whether two given elements of its Witt-Picard group are equal. In order to prevent coefficient blow-up, the algorithm operates with lattices rather than with ideals. An important ingredient is a technique introduced by Gentry and Szydlo in a cryptographic context. Our application of it to lattices over CM-orders hinges upon a novel existence theorem for auxiliary ideals, which we deduce from a result of Konyagin and Pomerance in elementary number theory.Comment: To appear in SIAM Journal on Computin

Realizing orders as group rings

An order is a commutative ring that as an abelian group is finitely generated and free. A commutative ring is reduced if it has no non-zero nilpotent elements. In this paper we use a new tool, namely, the fact that every reduced order has a universal grading, to answer questions about realizing orders as group rings. In particular, we address the Isomorphism Problem for group rings in the case where the ring is a reduced order. We prove that any non-zero reduced order $R$ can be written as a group ring in a unique ``maximal'' way, up to isomorphism. More precisely, there exist a ring $A$ and a finite abelian group $G$, both uniquely determined up to isomorphism, such that $R\cong A[G]$ as rings, and such that if $B$ is a ring and $H$ is a group, then $R\cong B[H]$ as rings if and only if there is a finite abelian group $J$ such that $B\cong A[J]$ as rings and $J\times H\cong G$ as groups. Computing $A$ and $G$ for given $R$ can be done by means of an algorithm that is not quite polynomial-time. We also give a description of the automorphism group of $R$ in terms of $A$ and $G$

Algorithms for Commutative Algebras Over the Rational Numbers

The algebras considered in this paper are commutative rings of which the additive group is a finite-dimensional vector space over the field of rational numbers. We present deterministic polynomial-time algorithms that, given such an algebra, determine its nilradical, all of its prime ideals, as well as the corresponding localizations and residue class fields, its largest separable subalgebra, and its primitive idempotents. We also solve the discrete logarithm problem in the multiplicative group of the algebra. While deterministic polynomial-time algorithms were known earlier, our approach is different from previous ones. One of our tools is a primitive element algorithm; it decides whether the algebra has a primitive element and, if so, finds one, all in polynomial time. A methodological novelty is the use of derivations to replace a Hensel–Newton iteration. It leads to an explicit formula for lifting idempotents against nilpotents that is valid in any commutative ring

Algorithms for Commutative Algebras Over the Rational Numbers

The algebras considered in this paper are commutative rings of which the additive group is a finite-dimensional vector space over the field of rational numbers. We present deterministic polynomial-time algorithms that, given such an algebra, determine its nilradical, all of its prime ideals, as well as the corresponding localizations and residue class fields, its largest separable subalgebra, and its primitive idempotents. We also solve the discrete logarithm problem in the multiplicative group of the algebra. While deterministic polynomial-time algorithms were known earlier, our approach is different from previous ones. One of our tools is a primitive element algorithm; it decides whether the algebra has a primitive element and, if so, finds one, all in polynomial time. A methodological novelty is the use of derivations to replace a Hensel–Newton iteration. It leads to an explicit formula for lifting idempotents against nilpotents that is valid in any commutative ring