## Abstract

We consider the problem of finding a sparse multiple of a polynomial. Given *f*∈F[*x*] of degree *d* over a field F, and a desired sparsity *t*, our goal is to determine if there exists a multiple *h*∈F[*x*] of *f* such that *h* has at most *t* non-zero terms, and if so, to find such an *h*. When F=ℚ and *t* is constant, we give an algorithm which requires polynomial-time in *d* and the size of coefficients in *h*. When F is a finite field, we show that the problem is at least as hard as determining the multiplicative order of elements in an extension field of F (a problem thought to have complexity similar to that of factoring integers), and this lower bound is tight when *t*=2.

## Keywords

Sparse polynomial Sparsest multiple## Notes

### Acknowledgements

The authors would like to thank John May, Arne Storjohann, and the anonymous referees for their careful reading and useful observations on earlier versions of this work.

## References

- 1.Adleman, L.M., McCurley, K.S.: Open problems in number-theoretic complexity. II. In: Algorithmic Number Theory, Ithaca, NY, 1994. Lecture Notes in Computer Science, vol. 877, pp. 291–322. Springer, Berlin (1994) CrossRefGoogle Scholar
- 2.Ajtai, M., Kumar, R., Sivakumar, D.: A sieve algorithm for the shortest lattice vector problem. In: Symposium on the Theory of Computing (STOC’01), pp. 601–610 (2001) Google Scholar
- 3.Aumasson, J.P., Finiasz, M., Meier, W., Vaudenay, S.: TCHo: a hardware-oriented trapdoor cipher. In: ACISP’07: Proceedings of the 12th Australasian Conference on Information Security and Privacy, pp. 184–199. Springer, Berlin/Heidelberg (2007) Google Scholar
- 4.Berlekamp, E.R., McEliece, R.J., van Tilborg, H.C.: On the inherent intractability of certain coding problems. IEEE Trans. Inf. Theory
**24**(3), 384–386 (1978) zbMATHCrossRefGoogle Scholar - 5.Brent, R.P., Zimmermann, P.: Algorithms for finding almost irreducible and almost primitive trinomials. In: Primes and Misdemeanours: Lectures in Honour of the Sixtieth Birthday of Hugh Cowie Williams, p. 212. Fields Institute (2003) Google Scholar
- 6.Didier, F., Laigle-Chapuy, Y.: Finding low-weight polynomial multiples using discrete logarithm. In: Proc. IEEE International Symposium on Information Theory (ISIT 2007), pp. 1036–1040 (2007) CrossRefGoogle Scholar
- 7.Egner, S., Minkwitz, T.: Sparsification of rectangular matrices. J. Symb. Comput.
**26**(2), 135–149 (1998) MathSciNetzbMATHCrossRefGoogle Scholar - 8.El Aimani, L., von zur Gathen, J.: Finding low weight polynomial multiples using lattices. Cryptology ePrint Archive, Report 2007/423 (2007). http://eprint.iacr.org/2007/423.pdf
- 9.Emiris, I.Z., Kotsireas, I.S.: Implicitization exploiting sparseness. In: Geometric and Algorithmic Aspects of Computer-Aided Design and Manufacturing. DIMACS Ser. Discrete Math. Theoret. Comput. Sci., vol. 67, pp. 281–297 (2005) Google Scholar
- 10.Giesbrecht, M., Roche, D.S., Tilak, H.: Computing sparse multiples of polynomials. In: Cheong, O., Chwa, K.Y., Park, K. (eds.) Algorithms and Computation. Lecture Notes in Computer Science, vol. 6506, pp. 266–278. Springer, Berlin/Heidelberg (2010) CrossRefGoogle Scholar
- 11.Guruswami, V., Vardy, A.: Maximum-likelihood decoding of Reed-Solomon codes is NP-hard. IEEE Trans. Inf. Theory
**51**(7), 2249–2256 (2005) MathSciNetCrossRefGoogle Scholar - 12.Herrmann, M., Leander, G.: A practical key recovery attack on basic TCHo. In: Public Key Cryptography, pp. 411–424 (2009) Google Scholar
- 13.Lenstra, A.K., Lenstra, H.W. Jr., Lovász, L.: Factoring polynomials with rational coefficients. Math. Ann.
**261**(4), 515–534 (1982) MathSciNetzbMATHCrossRefGoogle Scholar - 14.Lenstra, H.W. Jr.: Finding small degree factors of lacunary polynomials. In: Number Theory in Progress, vol. 1, Zakopane-Kościelisko, 1997, pp. 267–276. de Gruyter, Berlin (1999) Google Scholar
- 15.Meijer, A.R.: Groups, factoring, and cryptography. Math. Mag.
**69**(2), 103–109 (1996) MathSciNetzbMATHGoogle Scholar - 16.Regev, O.: A simply exponential algorithm for SVP (Ajtai-Kumar-Sivakumar). Lecture notes: http://www.cs.tau.ac.il/~odedr/teaching/lattices_fall_2004/, Scribe: Michael Khanevsky (2004)
- 17.Risman, L.J.: On the order and degree of solutions to pure equations. Proc. Am. Math. Soc.
**55**(2), 261–266 (1976) MathSciNetzbMATHCrossRefGoogle Scholar - 18.Rosser, J.B., Schoenfeld, L.: Approximate formulas for some functions of prime numbers. Ill. J. Math.
**6**, 64–94 (1962) MathSciNetzbMATHGoogle Scholar - 19.Sadjadpour, H., Sloane, N., Salehi, M., Nebe, G.: Interleaver design for turbo codes. IEEE J. Sel. Areas Commun.
**19**(5), 831–837 (2001) CrossRefGoogle Scholar - 20.Shoup, V.: Searching for primitive roots in finite fields. Math. Comput.
**58**(197), 369–380 (1992) MathSciNetzbMATHCrossRefGoogle Scholar - 21.Storjohann, A.: Algorithms for matrix canonical forms. PhD thesis, Swiss Federal Institute of Technology Zürich (2000) Google Scholar
- 22.Tilak, H.: Computing sparse multiples of polynomials. Master’s thesis, University of Waterloo (2010) Google Scholar
- 23.Vardy, A.: The intractability of computing the minimum distance of a code. IEEE Trans. Inf. Theory
**43**(6), 1757–1766 (1997) MathSciNetzbMATHCrossRefGoogle Scholar - 24.von zur Gathen, J., Gerhard, J.: Modern Computer Algebra, Chap. 14, pp. 367–380. Cambridge University Press, New York (2003) Google Scholar
- 25.von zur Gathen, J., Shparlinski, I.: Constructing elements of large order in finite fields. In: Fossorier, M., Imai, H., Lin, S., Poli, A. (eds.) Applied Algebra, Algebraic Algorithms and Error-Correcting Codes. Lecture Notes in Computer Science, vol. 1719, p. 730. Springer, Berlin/Heidelberg (1999) Google Scholar
- 26.Wang, Y.: On the least primitive root of a prime. Acta Math. Sin.
**9**, 432–441 (1959) zbMATHGoogle Scholar