A binary algorithm for the Jacobi symbol

R(u; v) = R(u=2; v=2) and v is odd, and when
uloisg2o(dud=2an+dvv=2is)
evelong. 2(u
+
v).
A
similar
inequality
holds
when
u
is
even
Finally, assume both u and v are odd. Then if u v, the algorithm performs a subtraction step
particularly e cient implementation on binary digital computers, where division by 2 can be done
quickly by using a \shift". Although it is not surprising that it is possible to adapt Stein's algorithm
found on symbolic algebra systems such as Mathematica and Maple.
Several e cient algorithms modeled on Euclid's algorithm for computing the greatest common di-
and replaces u with (u ? v)=2. Hence we have
R(u; v) = 1 + R((u ? v)=2; v) 1 + log2((u ? v)=2 + v) = 1 + log2((u + v)=2) = log2(u + v):
The same thing occurs if u < v.
method in C++, and our results show that the new algorithm runs approximately 7{25% faster than
the traditional methods.
Supported in part by a grant from NSERC. ySupported in part by a Butler University Fellowship and NSF grant CCR-9204414.
n 2.
Proof.
Observe that u 2n?1, for otherwise by the lemma we have R(u; v) < n. But u cannot equal 2n?1, for then the rst step performed is to divide u by 2, and subsequent processing cannot result in more than n?1 subtraction steps. Thus u 2n?1+1. It is easy to see that R(2n?1+1; 2n?1?1) = n for n 2. It remains to see that if n 3, then R(2n?1 + 1; v) < n for all v with 1 v < 2n?1 ? 1. It su ces to consider the case where v is odd, for when v is even, the next step of the algorithm changes v to v=2. Hence assume v is odd, and 1 v < 2n?1 ? 1. After one subtraction step we are left with the pair ((2n?1 + 1 ? v)=2; v), and by the lemma above we have R((2n?1 + 1 ? v)=2; v) blog2(2n?1 ? 1)c n ? 2. Hence R(2n?1 + 1; v) n ? 1.
brvpeiiuststoueorlpt?(enga7rc]ad,itn)iitohOinassv(p,(eoblobsugsetieabnt)lhe(pil(sorsogeipsenon)s1)oe]t)bditlatioknoecdployaemrntapoatuliybtozeene?sudnasu;ess(feiufneolg,rifn0tohr<peerx\aaancm<taiicpvnele.e),aurs1iit2nh,gm3O,e8(t](i.clo"Ignmdneo)e(dldeo,lg.itlUoigssipnno)g2s(sSliobchgleolotnoghlcaooggmen's-))
We note that a similar, though weaker, result has been given by D. E. Knuth 5, Exercise 4.5.2.28]. For heuristic average-case analysis of the binary algorithm, see Brent 2].
We now determine the worst case of this algorithm, that is, the lexicographically least pair (u; v) that forces the algorithm to perform n subtraction steps. (We say a pair (u; v) is lexicographically less than a pair (u0; v0) if u < u0, or if u = u0 and v < v0.)
Stein 11] proposed a \binary" algorithm for computing gcd(u; v); this algorithm is based on the
binary expansion of the numbers, and performs no divisions (other than divisions by 2). It has a
2
Theorem 2 Let u > v > 0, and let (u; v) be the lexicographically least pair such that Stein's binary gcd algorithm performs n subtraction steps on input (u; v). Then u = 2n?1 + 1, v = 2n?1 ? 1 for
1 Introduction
E cient computation of primality test of Solovay
the and
SJtarcaosbseinsy9m].bAollg?onarithismasnfoirmcpoomrtpaunttincgotmhpeoJnaecnotbiofsytmheboMl coanntealCsoarbloe
Jonathan Sorensony Department of Mathematics and Computer Science
Butler University 4600 Sunset Avenue Indianapolis, IN 46208 USA
sorenson@butleru.bitnet
ulo+g2v(u.
+ It
v); from this the result follows, is clearly true if u = v = 1, for
since R(u; v) is an then the algorithm
performs one subtraction step. Otherwise, we proceed by induction. If both u and v are even, then
In an environment which supports bit-shifting operations, division and multiplication by 2 are relatively inexpensive operations, compared to step (1). We call an execution of step (1) a subtraction step.
Lemma 1 Let R(u; v) denote the number of subtraction steps performed by Binary Gcd on input (u; v). Then R(u; v) blog2(u + v)c.
Proof.
It su integer.
ces to prove that R(u; v) The proof is by induction on
A Binary Algorithm for the Jacobi Symbol
Je rey Shallit Department of Computer Science
University of Waterloo Waterloo, Ontario, Canada N2L 3G1
shallit@graceland.uwaterloo.ca
2 Stein's binary gcd algorithm
We rst present Stein's binary gcd algorithm:
Binary Gcd(u,v) /* inputs are integers u, v > 0 */ g := 1;
while (u mod 2 = 0) and (v mod 2 = 0) do u := u/2; v := v/2; g := 2*g;
Appeared in SIGSAM Bulletin, 27(1):4{11, January 1993
Abstract
We present a new algorithm to compute the Jacobi symbol, based on Stein's binary algorithm for the greatest common divisor, and we determine the worst-case behavior of this algorithm. Our implementation of the algorithm runs approximately 7{25% faster than traditional methods on inputs of size 100{1000 decimal digits.
1
This paper is organized as follows: rst, we present Stein's binary algorithm and determine its worst-case behavior. Next, we present pseudo-code for two familiar algorithms for computing the Jacobi symbol, and our new binary Jacobi symbol algorithm. We determine the worst case of the binary Jacobi symbol algorithm. Finally, we present our timing results.
to compute the Jacobi symbol, it does not seem to have been remarked before that this method is
actually simpler and more e cient in practice than familiar methods. We have implemented this
while (u <> 0) do

if (u mod 2 = 0) then u := u/2
else if (v mod 2 = 0) then v := v/2
else
(1)
t := abs((u-v)/2);
if (u >= v) then u := t else v := t;
return(g*v).