Square root computation over even extension fields

This paper presents a comprehensive study of the computation of square roots over finite extension fields. We propose two novel algorithms for computing square roots over even field extensions of the form \F_{q^{2}}, with $q=p^n,$ $p$ an odd prime and $n\geq 1$. Both algorithms have an associate computational cost roughly equivalent to one exponentiation in \F_{q^{2}}. The first algorithm is devoted to the case when $q\equiv 1 \bmod 4$, whereas the second one handles the case when $q\equiv 3 \bmod 4$. Numerical comparisons show that the two algorithms presented in this paper are competitive and in some cases more efficient than the square root methods previously known

Gauge-theoretic invariants for topological insulators: A bridge between Berry, Wess-Zumino, and Fu-Kane-Mele

We establish a connection between two recently-proposed approaches to the understanding of the geometric origin of the Fu-Kane-Mele invariant $\mathrm{FKM} \in \mathbb{Z}_2$, arising in the context of 2-dimensional time-reversal symmetric topological insulators. On the one hand, the $\mathbb{Z}_2$ invariant can be formulated in terms of the Berry connection and the Berry curvature of the Bloch bundle of occupied states over the Brillouin torus. On the other, using techniques from the theory of bundle gerbes it is possible to provide an expression for $\mathrm{FKM}$ containing the square root of the Wess-Zumino amplitude for a certain $U(N)$-valued field over the Brillouin torus. We link the two formulas by showing directly the equality between the above mentioned Wess-Zumino amplitude and the Berry phase, as well as between their square roots. An essential tool of independent interest is an equivariant version of the adjoint Polyakov-Wiegmann formula for fields $\mathbb{T}^2 \to U(N)$, of which we provide a proof employing only basic homotopy theory and circumventing the language of bundle gerbes.Comment: 23 pages, 1 figure. To appear in Letters in Mathematical Physic

Polynomial-Time Algorithms for Quadratic Isomorphism of Polynomials: The Regular Case

Let $\mathbf{f}=(f\_1,\ldots,f\_m)$ and $\mathbf{g}=(g\_1,\ldots,g\_m)$ be two sets of $m\geq 1$ nonlinear polynomials over $\mathbb{K}[x\_1,\ldots,x\_n]$ ($\mathbb{K}$ being a field). We consider the computational problem of finding -- if any -- an invertible transformation on the variables mapping $\mathbf{f}$ to $\mathbf{g}$. The corresponding equivalence problem is known as {\tt Isomorphism of Polynomials with one Secret} ({\tt IP1S}) and is a fundamental problem in multivariate cryptography. The main result is a randomized polynomial-time algorithm for solving {\tt IP1S} for quadratic instances, a particular case of importance in cryptography and somewhat justifying {\it a posteriori} the fact that {\it Graph Isomorphism} reduces to only cubic instances of {\tt IP1S} (Agrawal and Saxena). To this end, we show that {\tt IP1S} for quadratic polynomials can be reduced to a variant of the classical module isomorphism problem in representation theory, which involves to test the orthogonal simultaneous conjugacy of symmetric matrices. We show that we can essentially {\it linearize} the problem by reducing quadratic-{\tt IP1S} to test the orthogonal simultaneous similarity of symmetric matrices; this latter problem was shown by Chistov, Ivanyos and Karpinski to be equivalent to finding an invertible matrix in the linear space $\mathbb{K}^{n \times n}$ of $n \times n$ matrices over $\mathbb{K}$ and to compute the square root in a matrix algebra. While computing square roots of matrices can be done efficiently using numerical methods, it seems difficult to control the bit complexity of such methods. However, we present exact and polynomial-time algorithms for computing the square root in $\mathbb{K}^{n \times n}$ for various fields (including finite fields). We then consider \\#{\tt IP1S}, the counting version of {\tt IP1S} for quadratic instances. In particular, we provide a (complete) characterization of the automorphism group of homogeneous quadratic polynomials. Finally, we also consider the more general {\it Isomorphism of Polynomials} ({\tt IP}) problem where we allow an invertible linear transformation on the variables \emph{and} on the set of polynomials. A randomized polynomial-time algorithm for solving {\tt IP} when $\mathbf{f}=(x\_1^d,\ldots,x\_n^d)$ is presented. From an algorithmic point of view, the problem boils down to factoring the determinant of a linear matrix (\emph{i.e.}\ a matrix whose components are linear polynomials). This extends to {\tt IP} a result of Kayal obtained for {\tt PolyProj}.Comment: Published in Journal of Complexity, Elsevier, 2015, pp.3

Notes on the Parity Conjecture

This is an expository article, based on a lecture course given at CRM Barcelona in December 2009. The purpose of these notes is to prove, in a reasonably self-contained way, that finiteness of the Tate-Shafarevich group implies the parity conjecture for elliptic curves over number fields. Along the way, we review local and global root numbers of elliptic curves and their classification, and discuss some peculiar consequences of the parity conjecture.Comment: minor corrections, to appear in a CRM Advanced Courses volume "Elliptic curves, Hilbert modular forms and Galois deformations"; 43 page

Construction of self-dual normal bases and their complexity

Recent work of Pickett has given a construction of self-dual normal bases for extensions of finite fields, whenever they exist. In this article we present these results in an explicit and constructive manner and apply them, through computer search, to identify the lowest complexity of self-dual normal bases for extensions of low degree. Comparisons to similar searches amongst normal bases show that the lowest complexity is often achieved from a self-dual normal basis

On fast multiplication of a matrix by its transpose

We present a non-commutative algorithm for the multiplication of a 2x2-block-matrix by its transpose using 5 block products (3 recursive calls and 2 general products) over C or any finite field.We use geometric considerations on the space of bilinear forms describing 2x2 matrix products to obtain this algorithm and we show how to reduce the number of involved additions.The resulting algorithm for arbitrary dimensions is a reduction of multiplication of a matrix by its transpose to general matrix product, improving by a constant factor previously known reductions.Finally we propose schedules with low memory footprint that support a fast and memory efficient practical implementation over a finite field.To conclude, we show how to use our result in LDLT factorization.Comment: ISSAC 2020, Jul 2020, Kalamata, Greec

Nonisomorphic curves that become isomorphic over extensions of coprime degrees

We show that one can find two nonisomorphic curves over a field K that become isomorphic to one another over two finite extensions of K whose degrees over K are coprime to one another. More specifically, let K_0 be an arbitrary prime field and let r and s be integers greater than 1 that are coprime to one another. We show that one can find a finite extension K of K_0, a degree-r extension L of K, a degree-s extension M of K, and two curves C and D over K such that C and D become isomorphic to one another over L and over M, but not over any proper subextensions of L/K or M/K. We show that such C and D can never have genus 0, and that if K is finite, C and D can have genus 1 if and only if {r,s} = {2,3} and K is an odd-degree extension of F_3. On the other hand, when {r,s}={2,3} we show that genus-2 examples occur in every characteristic other than 3. Our detailed analysis of the case {r,s} = {2,3} shows that over every finite field K there exist nonisomorphic curves C and D that become isomorphic to one another over the quadratic and cubic extensions of K. Most of our proofs rely on Galois cohomology. Without using Galois cohomology, we show that two nonisomorphic genus-0 curves over an arbitrary field remain nonisomorphic over every odd-degree extension of the base field.Comment: LaTeX, 32 pages. Further references added to the discussion in Section 1