convolutions over residue classes of quadratic integers
TRANSCRIPT
IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. IT-22, NO. 4, JULY 1976 468
[121
[I31
1141
[151
Y. Sugiyama, M. Kasahara, S. Hirasawa, and T. Namekawa, “Fur- ther results on Goppa codes and their applications for constructing
[16] V. V. Rao and S. M. Reddy, “A (48,31,8) linear code,“ZEEE Trans.
[17] Inform. Theory (Corresp.), vol IT-19, pp. 709-711, Sept. 1973.
efficient binary codes,” IEEE Trans. Inform. Theory, to appear. H. T. Hsu, T. Kasami, and R. T. Chien, “Error-correcting codes for P. Piret, “Good block codes derived from cyclic codes,” Electron. a compound channel,” IEEE Trans. Inform. Theory, vol. IT-14, pp. Lett., vol. 10, pp. 391-392, Sept., 1974. 135-139, Jan. 1968. E. R. Berlekamp and J. Justesen, “Some long cyclic linear binary [18] S. Lin, An Zntroduction to Error Correcting Codes. Englewood codes are not so bad,” IEEE Trans. Inform. Theory, vol. IT-20, pp. Cliffs, NJ: Prentice-Hall, 1970. 351-356, May 1974. [19] H. T. Hsu, “A class of binary shortened cyclic codes for a compound M. Gordberg, “Augmentation techniques for a class of product channel,” Inform. Co&r., vol. 18, pp. 126-139, Mar. 1971. ;;cll IEEE Trans. Inform. Theory, vol. IT-19, pp. 666672, Sept. [20] W. W. Peterson and E. J. Weldon, Jr., Error-Correcting Codes.
Cambridge, MA. M.I.T. Press, 1972.
Convolutions over Residue C lasses of Quadratic Integers
IRVING S. REED, FELLOW, IEEE, AND T. K. TRUONG
Abstract-A Fourier-like transform is defined over a ring of quadratic integers modulo a prime number q in the quadratic field R(6), where m is a square-free integer. If q is a Fermat prime, one can utilize the fast Fourier transform (FFT) algorithm over the resulting finite fields to yield fast convolutions of quadratic integer sequences in R (6). The theory is also extended to a direct sum of such finite fields. From these results, it is shown that Fou- rier-like transforms can also be defined over the quadratic integers in R(6) modulo a nonprime Fermat number.
I. INTRODUCTION
R ADER [l] and Agarwal and Burrus [2], [3] have shown that transforms over the ring of integers, I =
(O,fl,f2, * * * 1, modulo either the Mersenne or Fermat primes, can be used to compute numerical convolutions without round-off error. An advantage of such number- theoretic transforms over the usual discrete Fourier transform is that the arithmetic operations used require only addition and bit shifting. The authors [4] extended these transforms of Rader to the complex numbers by taking transforms over the finite field of Gaussian integers modulo a prime q. If - 1 is quadratic nonresidue of q, then this finite field is isomorphic to a finite field of q2 elements similar to the complex numbers. If q is a Mersenne prime, the latter transforms can be calculated by the fast Fourier transform (FFT) algorithm.
In this paper, the above complex number-theoretic transforms are extended to residue class fields of a ring Q of quadratic integers. The ring Q of quadratic integers is by definition [5, p. 2071 the largest ring of the algebraic integers contained in the quadratic field. Let R(h) be the quadratic extension field over the field R of rational numbers. Here v’& denotes the square root of a square-
Manuscript received July 8, 1975. This work was supported in part by the U.S. Air Force Office of Scientific Research under Grant AFOSR 75-2798.
The authors are with the Department of Electrical Engineering, Uni- versity of Southern California, Los Angeles, CA 90007.
free integer m, as well as the element adjoined to field R. That is, R(v”&) = (x + yv%Ix,y E R).
It is well-known (see Theorem 1, below) that if m 3 2 mod 4 or m = 3 mod 4, then Q = I(6), where I is the set of integers. On the other hand, if m = 1 mod 4, then Q = I(p), where p = 1/2(1 + 6). Let I,(&) and Iq(p) denote the residue classes of the integer q in the rings of quadratic integers 1(v’&) and I(p), respectively. Also let (m/q) de- note the Legendre symbol. It will be shown (see Theorem 2 below) that if (m/q) 5 1, then Jr (6) and I4 (p) are fields of q elements isomorphic to GF(q). If (m/q) = -1, then L, (6) and 1, (~1 are fields of q2 elements isomorphic to GF(q 2).
In this paper, the finite fields I,(&) and IQ(p) are studied in detail for the special case, where q is a Fermat prime. If q = 22” + 1~ F,, is a Fermat prime, the FFT can be defined in both Iq (6) and 1, (p). The arithmetic op- erations for performing these transforms require only additions and bit rotations of the word.
Finally, in the last two sections of this paper, it is shown that the dynamic range and transform length of the above transforms can be extended by defining transforms over a direct sum of finite fields of the form Iq (6) or I4 (p). Such transforms are developed in detail when q is a prime of form k - 2n + 1. Since the factors of the Fermat numbers F,, for n 15 are primes of this form, the above results can be used to develop transforms over the quadratic integers modulo an arbitrary Fermat number F,.
II. TRANSFORMS OVER QUADRATIC INTEGERS MODULO A PRIME IN R (6)
A quadratic field R(r) [5, p. 2041 is defined as the col- lection of numbers of the form ac + a I{, where {is a root of an irreducible quadratic polynomial over the rational field R and where aa and a 1 are rational numbers. Since [ = (a’ + b’v”%)lc’, where a’, b’, and c’ are integers, any
&ED AND.TRUONG: RESIDUE CLASSES 0~ QUADRATIC INTEGERS 469
element a of R (0 has the form Case II: If m = 1 mod 4, let
a=e+f a’ + b’6 a +-bz/;; =
c’ (1) & (P) = la + pb ] a,b E GF(q) and p = i/2( 1 + v’&)) c
where a, b, and c are integers. It is assumed that c # 0 and where p = l/2(1 + 6). If (m/q) = 1, then 19(p) is a field
that m has no square factor. Thus we see that R ({) = R ((a isomorphic to GF(q). If (m/q) = -1, th,en Ip(p) is a field
+ b&)/c) = R(v”&). of qs elements isomorphic to GF(q2). Eiement p = l/2(1 +
Definition 1: A number a is called an algebraic number v’X) satisfies the manic quadratic equation
if it satisfies an algebraic equation, i.e., x2 +x - l/4(rn - 1) = 0 aOxn + alxn-l +. . . + a, = 0
where ao,al, . . ., a, are integers, not all zero. From (l), we have
a+b& >(
a-b& a- a-
c c >
= c2a2 - 2aca + a2 - b2m = 0. (2)
Thus, by Definition 1, every element in R(6) is an al- gebraic number.
Definition 2: A number (Y is called an algebraic integer if it satisfies a manic algebraic equation, i.e.,
xn + blxn-l + . . . + b, = 0,
with integral coefficients. The quadratic integers in R(6) can now be found.
these results are summarized in the following well-known theorem.
Theorem1:Ifm~2mod4orm~3mod4andifmis a square-free integer, then
I(&) = (a + bv’%ja,b E I)
is the set of quadratic integers associated with the square root of m, where I = (0, fl,f2,. . a]. If m = 1 mod 4 and if m is a square-free integer, then the set of quadratic integers associated with v’% is
I(p) = {m + pnlm,n E I and p = i/2(1 + 6)).
For a proof of this theorem, see, for example, [5, p. 2071 or [6, p. 2771.
Consider now the residue classes of I(&) and I(p)
with coefficients in Iq. This equation is irreducible over I, if (m/q) = -1.
Proof: By Euler’s theorem [7, p. 151,
If (m/q) = 1, then x2 = m mod q has solution in GF(q); let v”& denote a solution of this equation in GF(q). If (m/q) = -1, then x2 z m mod q has no solution in GF(q); let fi denote a solution of this equation in some extension field of GF(q).
Case I: If m = 2 mod 4 or m = 3 mod 4, then, by Theorem 1,/3=c+d<, h m w ere c and d are in GF(q), is an algebraic integer mod q in I,(G). If (m/q) = 1, then
/js = (c + dv’%)q = cq + (v’&$dq
s c + d[m(q-1)/2]& E c + 0
111 d& 4
zc+dfizpmodq
for all /3 E I4 + &I, = I,. Here I, + v”&I, denotes the set sum of I, and v’%Iq. Thus I4 (6) = I, and I4 (6) is isomorphic to GF(q).
If (m/q) = -1, then
where 6 is the conjugate of /3. This implies that
flq = p mod q.
where q is a prime. Hence Theorem 2: Let q be a prime such that (q,m) = 1
where m is a square-free integer. @)q = 0~’ = fl mod q.
CaseI:Ifm=2mod4orm-3mod4,let Since there are q2 such elements, I,(&) is isomorphic to GF(q2).
I,(&) = (a + v’&b(a,b E Iq) Case II: If m = 1 mod 4, then, by Theorem 1, CY is an al- gebraic integer if and only if a= a + bp for some integers
where I, is the set of integer representatives, let us say aj b E I, where p = 1/2(1+ 6). The conjugate of p is P = w,2, - * -, q - l), of the field GF(q) of residue classes mo- i/2(I - 6). p satisfies the manic quadratic equation dulo q and v’% is the square root of the integer m. If (m/q) = 1, then v’& exists as an element of this field i e 1 . 1, the X2 + (p + p)x + pp = x2 + x - 1/4(m - 1) = 0. (3) manic quadratic equation x2 - m = 0 is reducible over I, and I4 (v”& is a field with q elements isomorphic to If (m/q) s -I, then the polynomial in (3) is irreducible over GF(q). If (m/q) = -1, then x2 - m = 0 is irreducible over Iq. NOW consider
I9 and I,(&) is a field of q2 elements isomorphic to %,I = 2(a + bp) = 2[a + bYs(1 + v’K)] GF(q2). =2a+b+bfirc+dv’&modq
470 IEEE TRANSACTIONS O N INFORMATION THEORY, JULY 1976
where c = 2a + b mod q and d = b mod q and c, d E Iq. Since both d = 2k, for 1 I h I 2n in (5), and d = 2”, for 1 Then 5 h I 2n + 1 in (6), are factors oft, the FFT algorithm can
,2a = (2c~)4 s (c + dv”%i)q = cq + (v’G)qdq be used to compute transforms of the type, given by (4), over IF,(&) and IFS. If d = 2k is the transform length
= c + m(q-1)/2d& = c + 0
“2 dfi mod q. and (Y is the generator of the multiplication groups of either 4 GF(F,) or GF(F$, the generator of Gd is either y = a2n-k
Tf (m/n\ = 1 then ‘INq z 3~ mncl n whirh imnlim Nq E cy of GF(F,) or y = cx22n~1-~(22n-1 + 1) of GF(Fz).
mod q. By an argument similar to Case I, the set I4 can be shown to be isomorphic to GF(q). If (m/q) = -1, then 2aq = 201 mod q which implies aQ = 6 mod q and Gq E a mod q. Thus cyq2 = a mod q, for all a E Iq (p), and I,(p) is iso- morphic to GF(q 2).
Q .E.D.
III. DISCRETEFOURIERTRANSFORMOVER I,(v”$ AND Is(p) WHEN q Is FERMATPRIME
Let Iq (6) and I,(p), as defined in Theorem 2, be the finite fields of residue classes of quadratic integers modulo q in the quadratic field R(6). These finite fields are isomorphic to GF(q) or GF(q2), depending on whether m is a quadratic residue or quadratic nonresidue, respec- tively. Let the integer d divide the order of the multipli- cative group of one of these finite fields. Also, suppose that y E I, (6) or that Iq (p) generates a cyclic subgroup Gd of d elements in the multiplicative group of either I,(&) or I,(p). Then a transform over this subgroup Gd and its inverse t.ransform can be defined by
d-l
Ak = c a,ykn, forO(hId-1 (4) n=O
and d-l
a, = (d)-l kgo &ymkn, forO<nId-1
where d divides q - 1 or q2 - 1, where a,, and Ak are in I, (v’&) or Iq (p), where (d) denotes the residue of d mod q, and where (d)-l is the inverse of (d) (see [4, p. 2081). By a previous result [4, eq. (5)], the circular convolution of two finite sequences of quadratic integers in R(6) can be obtained as the inverse transform of the product of their transforms as defined by (4).
Now suppose q to be a Fermat prime, i.e., F, = 22” + 1. If (m/F,) = 1, then, by Theorem 2, the fields I~~(v%z) and Ipn(p) are isomorphic to GF(F,). The order t of the mul- tiplicative group with generator a of GF(F,) is given by
t = F, - 1 = 22”. (5)
If (m/F,) = -1, then, by Theorem 2, the fields IF,(&) and IF,(P) are isomorphic to GF(FfJ. Thus the order t of the multiplicative group of GF(Fz), with generator GJ of GF(Fz), factors as t = F; - 1 = (22” + 1)2 - 1
= (22”)2 + 2.22” = 22n+q22n-1 + 1)
= p”+qp”-l + 1).
IV. ALGORITHMFORFINDINGTHEGENERATOROF d ELEMENTMULTIPLICATIVESUBGROUPIN IF,(~)
AND IF,(P)
Let q be a Fermat prime. In order to perform the dis- crete Fourier transform defined by (4), it is necessary to find a generator of the d element subgroup Gd in both I, (did and Iq (PI.
CaseI:Ifm=2mod4orm~3mod4andifa,bEI, then a = a + v’i’iib is an element in I(6). If (m/F,) = 1, then, by Theorem 2, IF, (6) is isomorphic to the finite field GF(F,).
It is known [7, p. lo] that 3 is a primitive root of a Fermat prime. To show this by Fermat’s theorem, 322n = 1 mod F,. Since 22” + 1~ (-1)2” + 1~ 2 mod 3, one has, by the qua- dratic reciprocity theorem [8, p. 671,
(3 = (5) (-1)((3-1)/2)((22”+1-1)/2)
E (-1)(3’-1)/8 s -1 mod F,.
Hence, by Euler’s theorem,
= -1 mod F,.
Thus, by [4, theorem l], 3 is an element of order 22” in GF(F,), for n = 1,2,3,4. Since 22” + 1~ 0 mod F,, 22” = -1 mod F,. Also by [4, theorem 1],2 is an element of order 2n+1 in GF(F,).
If (m/F,) = -1, IF,(~) is isomorphic to the field GF(F$. Let y = a + v”%b be an elei-nent of order d = 22’+l in GF(F,f). Then
(a + v’%b)22”+’ q 1 mod F,.
However, by [4, theorem 11,
(a + v”%ib)22” = -1 mod F n
Thus (a + v”%b)2”” factors as
(a + v’%ib)22” = (a + v’kb)-l(a + v%ib)22”f1.
Employing the binomial theorem, one gets
(a + v”%ib)22”+1 = (a + (6)2”“+1b) mod F,.
However,
(42 2zn+1 = _ mFrJ2 E &(m)W’n-I)/2
(6) - -GmodF,
REED AND TRUONG: RESIDUE CLASSES OF QUADRATIC INTEGERS 471
so that
(a + v%-ib)2”” = (a + vzb)-l(a - fib) = -1 mod F,. (7)
Thus
a-fib--a-&ibmodF,
or
which implies
2a=OmodF,
a -OmodF,.
Thus y = v’&b is a solution of (7) for any b, b * 0. Since there results no loss in generality, choose b = 1. Thus d = 22n+1 is the smallest positive integer such that
(da 22n+1 = 1 mod F,, for n = 1,2,3,4.
Case II: If m = 1 mod 4, then
IF,(~) = (a + pbla,b E GF(F,) and p = l/2(1 + fi)).
If (m/q) = 1, then, by Theorem 2, IF,(~) is isomorphic to GF(F,). By the above argument, 3 is a primitive root of a Fermat prime and 2 is an element of order 2n+1 in GF(Fn 1.
If (m/F,) = -1 then, by Theorem 2, IF,(P) is isomorphic to GF(F,$. Assume y = a + pb is an element of order d = 22”+1 in GF(Fz). Then
(a + pb)22n+1 = 1 mod F,.
By [4, theorem 11,
(a + pb)2”” = (a + pb)-l(u + pb)22n+1 = (a + pb)-l(a + p 22n+1b) = -1 mod F,.
However
E 1 + fi(m)fFn-l)/2 E 1 + 6 ( >
F n
- l -6s2pmodF,
which implies
pq = p mod F,.
Thus
(a + pb)2”” = (a + pb)-l(u + pb) = -1 mod F,.
Hence
(a + pb) = -(a + pb) mod F,
or
2u + (p + p)b = 2a + b = 0 mod F,.
A solution of this congruence is a = - 1 and b = 2. Thus (- 1 + p2) is an element of order 22n+1 in GF(Fz).
Example: Consider the quadratic field R(G), for m = f2,f3,f5, and let F, = 22” + 1 be a Fermat prime for n
= 1,2,3,4. Exhibit the finite fields IF,(&) and IF,(P), where p = Y2(l + fi). Compute the primitive element in the subgroup Gd of order d of the mu ltiplicative subgroups of IF,(&) and IF,(P).
If m = f2, by the quadratic reciprocity theorem,
(3 = (3 (k, = (&1)(22”+1-1)/2 2
( > F,
= (-1)((22n+1)2-l)18 = (-1)(22”+‘+22”)/8
=- 1, if n = 1; +l, if n = 2,3,4.
Thus, by Case I of Theorem 2, IF,(&) = (a + v’%b la,b E GF(F,)J, where m = f2, is a field isomorphic to GF(F,), for n = 2,3,4. By the above, 2 is an element of order 2n+1 in IF,(~), for m = f2. However, (a)2n+1 = (*2)2” = -1 mod F,. Thus ~‘2 and a are the elements of order 2n+2 in IF,(~) and IF,(~), respectively. This fact was first observed by Agarwal and Burrus [2] who used it to extend the transform lengths of Rader’s transforms by a factor of 2.
If m = f3, then
2 = - 0 3 = (-I)@-O/8 = -1, for n = 1,2,3,4.
If m = 3, by Case I of Theorem 2, IF,(*) = {a + fib lu,b E GF(F,)J is a field isomorphic to GF(Fz). By an argu- ment similar to that used above, we conclude that ~6 is an element of order d = 22”+1 in IF,(~). If m = -3, by Case II of Theorem 2, IF,(P) = {a + pb la,b E GF(F,) and p = i/2(1 + v’$) is a field isomorphic to GF(FE). In this case, (-1 + 263) is an element of order d = 22n+1 in IF,(P). If m = f5, then
(E) = (;) = (;) = (-1)(5’-U/B
= -1 f for m = 1,2,3,4.
Using a procedure similar to the case for m = f3, IF,(-) = (a + -\/-5b lu,b E GF(F,)) and IF,(P) = (a + pb la,b E GF(F,) and p = %(l + 6)) are fields isomorphic to GF(F,$. Also -and (-1 + 2p) are elements of order 22n+1 in IF,(-) and IF,(P), respectively.
V. CONVOLUTIONSOVERADIRECTSUMOFFINITE FIELDSOFTYPEI~(V'%)ORI~(P)
In the previous two sections, transforms were developed pver the fields of residue classes of quadratic integers modu lo F,, in R(6), where F, is a Fermat prime. Also presented were algorithms for finding elements of order d in both IF,(&) and IF,(~). An advantage of these transforms over the usual discrete Fourier transform is that mu ltiplication by powers of the primitive element in Gd is quite simple. However, Fermat primes Fn exist only for n 5 4 and are not sufficiently large for many applica- tions. Hence the dynamic range and transform lengths of
472 IEEE TRANSACTIONS ON INFORMATION THEORY, JULY 1976
such transforms are severely constrained. In this section, transforms are defined over a finite ring which is a direct sum of fields of the form either GF(q) or GF(q2), where q is a prime. Such transforms can be utilized to compute convolutions with considerably improved dynamic range and transform length.
Theorem 3: Let h = 41. q2. .. q,. be the product of primes qk such that (qi,m) = 1, for i = 1,2, - . * ,r, where m is a square-free integer. Also, let Ih be the ring of residues of integers modulo h.
CaseI:Ifm=2mod4orm=3mod4,let
Ih(v%) = (a + v%b)u,b E Ih)
where v’% is the square root of integer m. If (m/qi) = 1, for i = 1,2, . . . ,r, then Ih (6) is a ring with h elements isomorphic to Ih, i.e., a direct sum of finite fields GF(qi), for i = 1,2, ... ,r. ~5 exists as an element of this ring. If (mlqi) = -1, for i = 1,2, * a s ,r, then Ih (6) is a ring of h2 elements isomorphic to a direct sum of finite fields GF(q,?), i.e., I,,(G), where qi is a prime such that (mlqi) = -1, for i = 1,2, s -. ,r.
Case II: If m = 1 mod 4, let
Ih(p) = (a + pblu,b E Ih and p = Ml f 6)).
If (mlqi) = 1, for i = 1,2, - - - ,r, then Ih(p) is a ring iso- morphic to Ih. If (m/qi) = -1, for i = 1,2, - s. ,r, then Ih(p) is a ring of h2 elements isomorphic to a direct sum of finite fields &(p), where qi is a prime such that (mlqi) = -1, for i = 1,2,. . . ,r. Element p = l/2(1 + 6) satisfies the manic quadratic equation
x2+x - 1/4(m - 1) = 0
over Ih if (mlqi) = -1, for i = 1,2,. -. ,r.
Proof-Case I: If m = 2 mod 4 or m = 3 mod 4, then a + v’%b is an element in Ih(v’%). If (mlqi) = 1, for i = 1,2, * * . ,r, then v’% = 1 E Ih. Hence a + v’&b = a + lb EIh which implies Ih (6) C Ih. Now let c E Ih. Then c + v”k. OEIh (fi) which implies Ih C lh (6). Thus Ih = Ih(&) = (a + v’%b la, b E Ih). By [9, theorem 29, p. 1201, Ih is isomorphic to a direct sum of finite fields GF(qi), for i = 1,2,. . . ,r. If (mlqi) = -1, for i = 1,2, s.. ,r, it is straightforward to show that Ih (6) is a ring. If (m/qi) = -1, for i = 1,2, . . . ,r, the direct sum of the finite fields Iq,(4iLIq2(d& - - - ,I,,(vGi), i.e.,
is a ring of qf - qg.. . q: = (41. q2.s. q,)2 = h2 elements. If (a + 67) E Ih(&), then let cp be the mapping
cp : a + V’GT - ((a + 67) mod ql,(a + 4%~) mod q2,
- - - ,(a + 67) mod q,.).
Since fi is the solution of x2 = m, it is identically the solution of x: 2 = m mod qi, for i = 1,2, - - . ,r. Thus the res- idue (c)~~ + v’%(~>~~ of (a + fi7) mod qi is an element of Iqi(v5), for i = 1,2, s.. ,r. Hence cp is a mapping of Ih(fi) into the ring ShZ, i.e.,
$9 (a t Ari7) = (u*I+ v%7q1,u42 + v5i7q2, - * - ,uq, t %GFzTqr).
However, this implies
u = uqi mod qi @a)
and
7 = 7qi mod qi @b)
for i = 1,2,. . . ,r. Since the integers ql,q2, . . - ,q,. are rela- tively prime, by the Chinese remainder theorem [8, p. 301, there exist unique solutions, let us say a and 7, to systems (8a) and (8b), respectively. Thus cp is a one-to-one mapping ofIh(~)OntOShZ.Ifu=crt~~andu=crt~~are arbitrary elements in Ih (v’%), then it is evident that
Pb + u) = cph) •t P(U) and
Hence lh (6) is isomorphic to a direct sum of finite fields Iqi(vS), for i = 1,2,. . . ,r. As a consequence, Ih (6) iS
a ring of h2 elements. For a similar proof, see [lo, theorem 21.
Case II: If m = 1 mod 4, then CY t pp is an element in Ih(p) = (a + pb(a,b E Ih and p = i&l + v’%)]. If (m/qi) = 1, for i = 1,2, . . . ,r, then 6 = 1 E Ih. Thus
2(u + pb) = 2u + b(1 f v’%) = 2u t b(1 + 1) E Ih
for 2(a t pb) E Ih(p). Hence Ih(p) C Ih. If c E Ih, then c t p . OEIh (p) which implies Ih C Ih(p). Thus Ih = Ih(p). If (mlqi) = -1, for i = 1,2, . - s ,r, then, by a proof similar to Case I, Ih (p) is isomorphic to a direct sum of finite fields Iqi(p), for i = 1,2, . a. ,r. It is evident that p is a root of the manic quadratic equation
x2 t x - lj(rn - 1) = 0
over Ih if (??Z/qi) = -1, for i = 1,2, - - - ,r.
Q.E.D. where addition is defined by Lucas [see 2, p. 911 showed that every prime factor of a
(QQ2, * - * 7%) + u31,P2, * * * ,Pr)
Fermat number F, is of the form qi = ki2n+2 + 1. If m = 2, then 2/(ki2”+2 + 1) = 1, for i = 1,2,. -. ,r. By Theorem
= (al+ Pl,W + 02, -** ,ayP + 0,) 3, IF,(*) is a ring of F,, elements. Since (~6)~“+’ = -1 mod F,, then, by the same procedure used in the proof of
and multiplication is defined by [4, theorem 1],2/2 is an element of order 2n+2 in IF,(~). Thus, for n = 5,6, . . . , transforms over the 2n+2 element
(%,Q2, * * - 4%) * (Pd32, - * * ,P,) = k4w2P21 * - - ,4%), subgroup with generator ~5 in IF,,(~) N IF, can be used
REED AND TRUONG: RESIDUE CLASSES OF QUADRATIC INTEGERS 473
TABLE I ELEMENT OF ORDER 2s IN ZF~ (6) OR IF&) FOR DIFFERENT m
m = 15
m = -17
m = -15
n-l= 17
Yl y2
I (J;;;,, ql 5641 91
I f&i,, q2=6700417 42
225m 6453826Ji?-
Y 3
IF 5
t&i), F5 =22 tl=qI.q2
4006602775fi
289Jr 2804257m 3286D08587J-17
I (p). p = +wJ;;;, 91
I (F),P = f(l+,fi) 92
IF (P), p = f(lt.ha 5
546 tp51 4220976 tp389813 1357705210
tp2533147439
613 + ~175 3627818 tp1359966 231441996
t P1723367135
to compute the convolutions of two sequences of integers in IF,.
If m/(ki2”+2 t 1) = -1, for i = 1,2,. . . ,r, then, by Theorem 3, ring IF,(~), for m = 2 mod 4 or m = 3 mod 4 and ring IFS, for m = 1 mod 4 are isomorphic to the direct sum of finite fields I4 ,(fi) o Iq2(fi) @ . . . $ I,,(G) and Iql(p) @ I,,(p) 8 . . . @ Iqr(p), respectively. It should be noted here that the order of the mu ltiplicative
.group with generator y of 19;(&) or Iqi(p) is given by t = q; - 1 = (ki2n+2 + 1)2 - 1 = k;222(n+2) + ki2n+3
= 2n+3(ki2n+l t hi), for i = 1,2, * *. ,r.
Since d = 2”, for 1 I k I n t 3 is a factor oft, the FFT algorithm can be used to compute transforms of the type defined by (4).
In order to compute a primitive element in the subgroup with order 2n+3 in r,,(G), assume an element y = (a + v”hb)k; is of order 2n+3 in I,J&). Then, by [4, theorem 11,
((a + v’%b)ki)2n+2 = -1 mod (ki2”+2 t 1). (9) It follows from (9) that
(u + &&)Wn+2 e -1 mod (ki2n+2 t 1).
Using the procedure for finding primitive elements in GF(Fi) described in the previous section, we find that an element y = (6) kt = m(ki-1)‘2 v’% mod (ki2”+2 t 1) is of order d = 2n+3 in I,;(G), for i = 1,2,. * * ,r. Similarly an element y = (-1 + 2p)“i mod (hi . 2n+2 t 1) is of order d = 2n+3 in Is;(p), for i = 1,2, s.. ,r.
Suppose y is an element of order 2n+2 in I,;(G) or Iqi(p). Let cp be the one-to-one mapp ing of I~(v’%) onto Iq,b4G) a3 I,,bG) 8 - * - 8 Iqr(fi) or Ih (p) Onto Iq l(p) @ I”.?(P) d . . . @ I,-(D). Then. bv an argument similar to
that used in [lo, theorems 3 and 41, there exists an element y E Ih(&) such that y - (71, ~2, . . . ,r,.), where yi is a dth root of unity in I,,(&) or Iqi(p), for i = 1,2, s.. ,r. The direct sum of the d-point transforms, with generators yi on I,;(&) or Ipi( corresponds with a d-point transform (4) on Ih(&) with generator y. Such a direct sum rep- resentation of transform (4) is usually the most useful for purposes of computation.
For most applications to digital filters, the two most important Fermat numbers are F5 and Fe - F5 = 91. q2 = (5 X 27 + 1) - (52347 X 27 + 1) = 641 X 6700417. Consider a sequence, *l, f2,. . . , of the possible m, and find the first numbers in this sequence such that (m/641) = -1 and (m/6700417) = -1, for some m. By elementary number theory, one finds m = &15, f17 to be the first values of m for which m is a quadratic nonresidue for both q1 and q2. Thus, by using the results given above, three elements yi ys, and y of order 28 in fields I, 1( v’%), 1, &v’&), and ring IFS = (a t v’%b ] a, b E FJ of Fi elements, respec- tively, for m = 15,-17 can be found. Similarly, three ele- ments yi,ys, and y of order 28 in fields Iq,(p), Iq2(p), and ring Ip5(p) = (a t pb lu,b E IF5 and p = l/2(1 t 6)) of FE elements, respectively, for m = -15,17 can also be found. These are shown in Table I. Using the same procedure for F6 = q1 - q2 = (1071 X 28 - 1) . (262814145745 X 28 + 1) = 274177 X 67280421310721, one finds that yi,ys, and y are elements of order 2g in fields I,,(v%),~,,(v%), and ring IFS = (a + fib la,b E 1~~) of Fg elements for m = 15, respectively. Also yi, ys, and y are elements of order 2g in fields Iql(p), Iqz(p), and ring IF&p) = (a t pb lu,b E IF, and p = s/z(l + v’%)l of Fi elements for m = -15, respectively. These are shown in Table II.
To compute the circular convolution unambiguously over a ring of type rh (6) or rh (p), it is sufficient to con-
474 IEEE TRANSACTIONS O N INFORMATION THEORY, JULY 1976
TABLE II ELEMENTOFORDER~~INZ~~(V%~ORZ&)FORDIFFERENT~
Yl y2 Y
I (fi), ql =274177 26
91 I (&?),q2=67280421310721 I
92 F6 C&i,, F6 = 2 tl=ql.q2
In=15 67569JF 601,052,254,091,71,/~ 893,611,380,653,094,772m
I (P), P = tc1tm 91
I (P), P= h(hm IF (P). P = ac1t.m 92 6
r-n I-15 77384 to231432 344,722,049,236,05
tp424,871,000,313,03
991,582,296,497,898,458,5
+p393,392,872,113,788,817,3
strain the two d-point sequences of numbers a, and b, to and be within some dynamic range A and B, respectively, in d-l d-l
order to keep the circular convolution cP = z,d;,’ a,b@-,) I ( c %Yn + Pnxn >I
< c in the interval n=O n=O (&Gzl IYnl
+ 4Pnl lXnl) 5 % . (10)
where (p - n) denotes the residue of (p - n) modulo d. If (mlqi) = 1, for i = 1,2, - -a ,r , then, by Theorem 3,1h (6) and Ih(p) are isomorphic to Ih. Thus it is sufficient that
d-l h-l C (max I%])(max ]b@-,,I) = dA .B 5 - n=O 2
where A and B are upper bounds on the integers 1 a, 1 and 1 b, 1, respectively. If A = B, then the largest value of A is given by
A=[&$]
where [x] deontes the greatest integer less than or equal tox.
If (mlqi) = -1, for i = 1,2, - . * ,r, then, again by Theorem 3, I~(v”&) and I h p ( ) are isomorphic to a direct sum of fi- nite fields Iqi(v%) and Iqi(p), for i = 1,2, - - - ,r, respec- tively. We distinguish two cases.
Case I: If m SE 1 mod 4, then a, = CY, + v%& and b, = x, + V&Y, are arbitrary numbers in Ih(v”%). For computing a convolution without aliasing error, it is suf- ficient to require that the final convolution lie in the same dynamic range as the input numbers a, and b, [4, p. 2121. That is, let
I d-l
I
d-l c (G&n + MzYrJ n=O
+ mlPnl - Iynl) 5 y (11)
IfA = B, wheremax(Ia,I,I&I) =Aandmax(lx,),]y,I) = B, then, by (II), the largest value of A is given by
A=[ds]. (12)
Case II: If m = 1 mod 4, then a,, = a,, + pp, and b, = x, + pyn, where p = i/2(1 + fi) are arbitrary numbers in I(p). By an argument similar to the above, the largest value of A is found to be
A convolution program for numbers in Ih(v’&) was written in Fortran, with subroutines in assembly language, for the Fermat number h = F,, = 225 + 1. For a simple ex- ample, the rectangular pulse train defined by ’
a(t) =
r
2, 05t120 0, .20 < t <44
2, 44 I t 5 64 0, 64 <t I127
is convolved with another rectangular pulse train defined by
1% O ltllo b(t) = I 0, 10 < t < 50
2, 50 -< t I60 0, 60 < t.5 127.
CORRESPONDENCE
0 20 40 60 80 100 120 140
Time, t
Fig. 1. Convolution of two different rectangular trains in ZF~(&%).
This convolution is shown in Fig. 1. The elements
y1 = mkl f 1552347 E 5854673 mod q1 = hl. 2n+2 + 1 = 6700417
and
y2 = rnkz = 155 = 431 mod q2 = k2 - 2n+2 + 1 = 641
were the primitive elements of the subgroups G27 C GF(52347 X 27 -I- I), G27 C GF(5 X 27 + l), respectively, used in computing this convolution.
475
ACKNOWLEDGMENT
The authors wish to thank Mr. Y. S. Kowh for his help in computer programming.
(11
M
131 141
[51 bl [71 [81
PI [lOI
REFERENCES
C. M. Rader, “Discrete convolution via mersenne transforms,” IEEE Trans. Comput., vol. C-21, pp. 1269-1273, Dee 1972. R. C. Agarwal and C. S. Burrus, “Fast convolution using fermat number transforms with application to digital filtering,” IEEE Trans. on Acoustics, Speech, and Signal Processing, vol. ASSP-22, Apr. 1974. -- “Number theoretic transforms to implement fast digital convblution,” Proc. IEEE, vol. 63, Apr., 1975. I. S. Reed and T. K. Truong, “The use of finite field to compute conpolutions,” IEEE Trans. Inform. Theory, vol. IT-21, pp. 208-213, Mar. 1975. G. H. Haidy and E. M. Wright., An Zntroduction to the Theory of Numbers, 4tli ed. Oxford: Clarendon Press, 1960. P. Ribenboim, Algebraic Numbers. New York: Wiley-Interscience, 1972. B. A. Venkov, Elementary Number Theory. Groningen, The Netherlands: Wolter-Noordhoff Publishing, 1970. I. Niven and H. S. Zuckerman, An Introduction to the Theory of Numbers. New York: Wiley, 1972. N. H. McCoy, Ring and Ideals. Menasha, WI: George Banta Company, Inc., 1948. I. S. Reed and T. K. Truong, “Complex integers convolutions over a direct sum of Galois field,” IEEE Trans. Inform. Theory, vol. IT-21, pp. 657-661, Nov., 1975.
Correspondence
Product-Sum Use of Parallel Channels
YASUICHI HORIBE
Abstract-Some potential merits of a product-sum use of parallel channels are discussed via simple examples with emphasis on the functional dependence of the capacity on the capacities of the component channels.
Let K1, KP, and KS be noiseless channels with binary input alphabets. If they are used simultaneously in parallel, then log 2” = 3 bits can be transmitted per use. However, only two parallel channels K1, KS are sufficient to send 3 bits, since there are eight distinguishable letters available,
where (al, bl), (~2, bz) are the input alphabets for K1 and Kz, re- spectively, and zero denotes “don’t use” of the corresponding channel. We assume that this quiescent “letter” zero plays its role only when it is combined, as above, with (“active”) letters of the channel alphabets, and we also assume that zero is noiseless in
Manuscript received May 7,1975; revised November 20,1975. The author is with the Department of Information Sciences, Faculty
of Engineering, Shizuoka University, Johoku, Hamamatsu, Japan.
that the decoder knows with certainty when the corresponding channel has not been used. Although it is well known that a “don’t use letter” generally increases capacity, our interest centers on the natural role of the “don’t use letter” concept in parallel channels and on the functional dependence of the total capacity on the capacities of the component channels.
The sum of two discrete memoryless channels K1 and K2 with respective input alphabets Al and AZ is the channel (written K1 + K2) with input alphabet Al + AZ (set sum): to send a E Al + AZ, use K1 if a 6 A1 but use Ka if a E AZ. The product of K1 and Ka is the channel (written KlKa) with input alphabet Al X A2 (set product): use K1, Kx simultaneously in parallel (see [l, pp. 8-91).
Let CK denote the capacity of the channel K. Then it is seen that zCK1+K2 = 2CK1+ 2CK~, zCK1K2 = 2CK~2CK~ (i.e., the map K - 2c~ is homomorphic.)
As is stated in [l], channel multiplication and addition in the above manner are both associative and commutative, and the product distributes over a sum. Hence algebraic manipulations on the set of channels become possible once we introduce the trivial channel I with a single input letter that plays a role of the identity. For example, Ckl = log k, k = 1,2 . . * , and K2 + 2K = K(K + 2I), and so on.
Given n. discrete memoryless channels K1, . . . ,K,, we can form 2n-1differentproductsKi,,...,Ki,,1~il<...<ik~rz,k= 1,a.e ,n. A product-sum use of K1, . . . ,K, is the use of a channel which is a sum of any number of product channels thus formed.