eng
Schloss Dagstuhl – Leibniz-Zentrum für Informatik
Leibniz International Proceedings in Informatics
1868-8969
2024-07-15
25:1
25:14
10.4230/LIPIcs.CCC.2024.25
article
On the Degree of Polynomials Computing Square Roots Mod p
Kedlaya, Kiran S.
1
2
https://orcid.org/0000-0001-8700-8758
Kopparty, Swastik
3
https://orcid.org/0000-0003-2704-8808
Department of Mathematics, University of California San Diego, La Jolla, CA, USA
School of Mathematics of the Institute for Advanced Study (2023-24 academic year), Princeton, NJ, USA
Department of Mathematics and Department of Computer Science, University of Toronto, Canada
For an odd prime p, we say f(X) ∈ F_p[X] computes square roots in F_p if, for all nonzero perfect squares a ∈ F_p, we have f(a)² = a.
When p ≡ 3 mod 4, it is well known that f(X) = X^{(p+1)/4} computes square roots. This degree is surprisingly low (and in fact lowest possible), since we have specified (p-1)/2 evaluations (up to sign) of the polynomial f(X). On the other hand, for p ≡ 1 mod 4 there was previously no nontrivial bound known on the lowest degree of a polynomial computing square roots in F_p.
We show that for all p ≡ 1 mod 4, the degree of a polynomial computing square roots has degree at least p/3. Our main new ingredient is a general lemma which may be of independent interest: powers of a low degree polynomial cannot have too many consecutive zero coefficients. The proof method also yields a robust version: any polynomial that computes square roots for 99% of the squares also has degree almost p/3.
In the other direction, Agou, Deliglése, and Nicolas [Agou et al., 2003] showed that for infinitely many p ≡ 1 mod 4, the degree of a polynomial computing square roots can be as small as 3p/8.
https://drops.dagstuhl.de/storage/00lipics/lipics-vol300-ccc2024/LIPIcs.CCC.2024.25/LIPIcs.CCC.2024.25.pdf
Algebraic Computation
Polynomials
Computing Square roots
Reed-Solomon Codes