Arithmetic Algorithms, Part 1 DPV Chapter 1 Jim Royer EECS - PowerPoint PPT Presentation

Arithmetic Algorithms, Part 1 DPV Chapter 1 Jim Royer EECS January 18, 2019 Royer Arithmetic Algorithms, Part 1 1/ 15

Multiplication ` a la Franc ¸ais function multiply( a , b ) // input: two n -bit integers a and b with b ≥ 0 Correctness // output: a · b A proof by induction on b . if b = 0 then return 0 Base Case: b = 0. c ← multiply( a , ⌊ b /2 ⌋ ) Then multiply ( a , b ) = 0, which is correct. if b is even then return ( 2 · c ) else return ( a + 2 · c ) Induction Step: b > 0. (IH = Induction Hypothesis) IH: multiply ( a , b ′ ) = a · b ′ for b ′ = 0, . . . , b − 1. By the IH, c = a · ⌊ b /2 ⌋ Case: b is even. Then: Case: b is odd. Then: ( 2 · c ) = 2 · ( a · ( b /2 )) ( a + 2 · c ) = a + 2 · ( a · ⌊ b /2 ⌋ ) = a · ( 2 · ( b /2 )) . = a · ( 2 ⌊ b /2 ⌋ + 1 ) = a · b . = a · b . Royer Arithmetic Algorithms, Part 1 2/ 15

Multiplication ` a la Franc ¸ais, Continued function multiply( a , b ) // input: two n -bit integers a and b with b ≥ 0 // output: a · b if b = 0 then return 0 c ← multiply( a , ⌊ b /2 ⌋ ) if b is even then return ( 2 · c ) else return ( a + 2 · c ) Run-time analysis n recursive calls ( b drops by 1-bit in each call). O ( n ) cost of each step on the recursion. (Why?) n · O ( n ) = O ( n 2 ) . Royer Arithmetic Algorithms, Part 1 3/ 15

Division function divide(a,b) two n -bit integers a and b with a ≥ 0 and b > 0 // input: // output: ( q , r ) where a = q · b + r and 0 ≤ r < b if a = 0 then return ( 0, 0 ) ( q ′ , r ′ ) ← divide( ⌊ a /2 ⌋ , b ) q ← 2 · q ′ r ← 2 · r ′ if a is odd then r ← r + 1 if r ≥ b then r ← r − b ; q ← q + 1 return ( q , r ) Correctness Case a = 0: . . . On the board. Case a even and > 0: . . . On the board. Case a odd: . . . Exercise for the reader. Run-time analysis: Homework problem. Royer Arithmetic Algorithms, Part 1 4/ 15

Division Arithmetic Algorithms, Part 1 function divide(a,b) // input: two n -bit integers a and b with a ≥ 0 and b > 0 2019-01-18 // output: ( q , r ) where a = q · b + r and 0 ≤ r < b if a = 0 then return ( 0, 0 ) ( q ′ , r ′ ) ← divide( ⌊ a /2 ⌋ , b ) q ← 2 · q ′ r ← 2 · r ′ if a is odd then r ← r + 1 if r ≥ b then r ← r − b ; q ← q + 1 return ( q , r ) Correctness Division Case a = 0: . . . On the board. Case a even and > 0: . . . On the board. Case a odd: . . . Exercise for the reader. Run-time analysis: Homework problem. Case a = 0 . Then q = r = 0 and a = 0 = 0 · b + 0 = q · b + r and 0 = r ≤ b . Case a > 0 and a is even. Then q = 2 q ′ and r = 2 r ′ where ( q ′ , r ′ ) = divide ( ⌊ a /2 ⌋ , b ) . IH: For a ∗ ∈ { 0, . . . , a − 1 } , ( q ∗ , r ∗ ) = divide ( a ∗ , b ) is such that a ∗ = q ∗ · b + r ∗ and 0 ≤ r ∗ < b . Since ⌊ a /2 ⌋ < a , the IH applies with a ∗ = ⌊ a /2 ⌋ . Hence, ⌊ a /2 ⌋ = q ′ · b + r ′ and 0 ≤ r ′ < b . Since 2 ⌊ a /2 ⌋ = a , a = 2 ⌊ a /2 ⌋ = 2 q ′ · b + 2 r ′ 0 ≤ 2 r ′ < 2 b and S UBCASE : 2 r ′ < b : Then q = 2 q ′ and r = 2 r ′ and we are done. S UBCASE : 2 r ′ ≥ b : Then q = 2 q ′ + 1 and r = 2 r ′ − b and we are done.

Modular Arithmetic Definition Suppose a , b , N ∈ N . a | b ⇐ ⇒ def a divides b , i.e., b = k · a for some k ∈ N . (i) a ≡ b ( mod N ) ⇐ ⇒ def N | ( a − b ) ⇐ ⇒ a − b = k · N for some integer k . (ii) The substitution rule Suppose a ≡ a ′ ( mod N ) and b ≡ b ′ ( mod N ) . Then a + b ≡ a ′ + b ′ ( mod N ) and a · b ≡ a ′ · b ′ ( mod N ) . Modular addition, subtraction, and multiplication Suppose N is n bits long and 0 ≤ a , b < N . Then computing ( a + b ) mod N and ( a − b ) mod N can be done in Θ ( n ) time. ( a · b ) mod N can be done in Θ ( n 2 ) time. Royer Arithmetic Algorithms, Part 1 5/ 15

Modular Exponentiation Exponentiation via repeated squaring  if b = 0; 1,  a b =  Example: x 1000 via 15 multiplies ( a ⌊ b /2 ⌋ ) 2 , if b > 0 and even;  a · ( a ⌊ b /2 ⌋ ) 2 , if b is odd.  x 1000 = ( x 500 ) 2 x 500 = ( x 250 ) 2 x 250 = x · ( x 125 ) 2 x 125 = x · ( x 62 ) 2 function modExp( a , b , N ) // input: a , b , and N :: three n -bit integers x 62 = ( x 31 ) 2 x 31 = x · ( x 15 ) 2 // with 0 ≤ a , b and 1 < N // output: a b mod N x 15 = x · ( x 7 ) 2 x 7 = x · ( x 3 ) 2 if b = 0 then return 1 x 3 = x · ( x ) 2 c ← modExp( a , ⌊ b /2 ⌋ , N ) if b is even then return c 2 mod N else return ( a · c 2 ) mod N Royer Arithmetic Algorithms, Part 1 6/ 15

Modular Exponentiation, Continued function modExp( a , b , N ) // input: a , b , and N :: three n -bit integers with 0 ≤ a , b and 1 < N // output: a b mod N if b = 0 then return 1 c ← modExp( a , ⌊ b /2 ⌋ , N ) if b is even then return c 2 mod N else return ( a · c 2 ) mod N Correctness: Easy. Runtime: Let n = the number of bits in max ( a , b , N ) . At most n -many recursive calls. Why? In each call, two or three n -bit numbers are multiplied at cost Θ ( n 2 ) . Why? ∴ n × Θ ( n 2 ) = Θ ( n 3 ) . Royer Arithmetic Algorithms, Part 1 7/ 15

Euclid’s algorithm for greatest common divisor Definition The greatest common divisor of a and b ∈ N is the largest d ∈ N such that d divides both a and b . I.E.: gcd ( a , b ) = max { d d | a & d | b } . Example 1035 = 3 2 · 5 · 23 & 759 = 3 · 11 · 23. ∴ gcd ( 1035, 759 ) = 3 · 23 = 69. For a > 0, gcd ( 0, a ) = a . gcd ( 0, 0 ) = 0 by convention. Euclid’s Rule Suppose a , b ∈ N + . Then gcd ( a , b ) = gcd ( b , a mod b ) . Proof on next page Royer Arithmetic Algorithms, Part 1 8/ 15

Euclid’s Rule: Suppose a , b ∈ N + . Then gcd ( a , b ) = gcd ( b , a mod b ) . Proof. Recall: gcd ( u , v ) = def max ( { d d | u & d | v } ) . � � Claim 1. If d | a & d | b , then ( ∀ x , y ∈ Z ) d | ( x · a + y · b ) . [Proof on Board] Observe: a = ⌊ a a mod b = 1 · a + ( −⌊ a b ⌋ · b + 1 · ( a mod b ) b ⌋ ) · b (a) (b) By (a) & Claim 1, gcd ( b , a mod b ) | a . By (b) & Claim 1, gcd ( a , b ) | ( a mod b ) . Since gcd ( b , a mod b ) | b , we have: Since gcd ( a , b ) | b , we have: gcd ( b , a mod b ) ≤ gcd ( a , b ) . (Why?) gcd ( a , b ) ≤ gcd ( b , a mod b ) . (Why?) ∴ gcd ( a , b ) = gcd ( b , a mod b ) . Royer Arithmetic Algorithms, Part 1 9/ 15

Euclid’s algorithm, continued Euclid’s Rule Suppose a , b ∈ N + . Then gcd ( a , b ) = gcd ( b , a mod b ) . function Euclid( a , b ) // Input: integers a and b with a ≥ b ≥ 0 . // Output: the g.c.d. of a and b . if b = 0 then return a else return Euclid( b , a mod b ) . Correctness. Easy. Royer Arithmetic Algorithms, Part 1 10/ 15

Euclid’s algorithm, Runtime analysis function Euclid( a , b ) // Input: integers a and b with a ≥ b ≥ 0 . Output: the g.c.d. of a and b . if b = 0 then return a else return Euclid( b , a mod b ) . Lemma Suppose a ≥ b > 0 . Then ( a mod b ) < a /2 . Proof. Case: b ≤ a /2. Then: ( a mod b ) < b ≤ a /2. Case: b > a /2. Then: ( a mod b ) = ( a − b ) ≤ ( a − a /2 ) = a /2. Since Euclid( a , b ) = Euclid( b , a mod b ) = Euclid( a mod b , b mod ( a mod b )) (generally), every two steps the a and b values are at least halved. ∴ On n -bit numbers, Euclid stops after 2 n recursions. On n -bit numbers, mod (i.e., a division) costs O ( n 2 ) ∴ 2 n × O ( n 2 ) = O ( n 3 ) . Royer Arithmetic Algorithms, Part 1 11/ 15

The extended Euclid algorithm Lemma Suppose d | a & d | b & d = xa + yb for some x , y ∈ Z . Then d = gcd ( a , b ) . Proof. Royer Arithmetic Algorithms, Part 1 12/ 15

The extended Euclid algorithm Lemma Suppose d | a & d | b & d = xa + yb for some x , y ∈ Z . Then d = gcd ( a , b ) . Proof. Since d | a and d | b , then d ≤ gcd ( a , b ) . Royer Arithmetic Algorithms, Part 1 12/ 15

The extended Euclid algorithm Lemma Suppose d | a & d | b & d = xa + yb for some x , y ∈ Z . Then d = gcd ( a , b ) . Proof. Since d | a and d | b , then d ≤ gcd ( a , b ) . Since gcd ( a , b ) | a & gcd ( a , b ) | b , Royer Arithmetic Algorithms, Part 1 12/ 15

The extended Euclid algorithm Lemma Suppose d | a & d | b & d = xa + yb for some x , y ∈ Z . Then d = gcd ( a , b ) . Proof. Since d | a and d | b , then d ≤ gcd ( a , b ) . Since gcd ( a , b ) | a & gcd ( a , b ) | b , then gcd ( a , b ) | ( xa + yb ) , Royer Arithmetic Algorithms, Part 1 12/ 15

The extended Euclid algorithm Lemma Suppose d | a & d | b & d = xa + yb for some x , y ∈ Z . Then d = gcd ( a , b ) . Proof. Since d | a and d | b , then d ≤ gcd ( a , b ) . Since gcd ( a , b ) | a & gcd ( a , b ) | b , then gcd ( a , b ) | ( xa + yb ) , i.e., gcd ( a , b ) | d . Royer Arithmetic Algorithms, Part 1 12/ 15

The extended Euclid algorithm Lemma Suppose d | a & d | b & d = xa + yb for some x , y ∈ Z . Then d = gcd ( a , b ) . Proof. Since d | a and d | b , then d ≤ gcd ( a , b ) . Since gcd ( a , b ) | a & gcd ( a , b ) | b , then gcd ( a , b ) | ( xa + yb ) , i.e., gcd ( a , b ) | d . Therefore, gcd ( a , b ) ≤ d . Royer Arithmetic Algorithms, Part 1 12/ 15