| Bill Allombert on Mon, 11 May 2009 16:06:19 +0200 | 
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: Another problem with matrix inversion | 
On Mon, May 11, 2009 at 05:55:18AM +0200, Lorenz Minder wrote: > Hi, > > There's another problem with matrix inversion that I noticed. In > GP/PARI if you want to invert a matrix modulo some non-prime integer m, > then things will not generally work out nicely. Example: > > parisize = 4000000, primelimit = 500000 > ? A = [ Mod(9, 10), Mod(1, 10), Mod(9, 10); Mod(6, 10), Mod(9, 10), Mod(7, 10); Mod(4, 10), Mod(0, 10), Mod(1, 10)]; > ? 1/A > *** impossible inverse modulo: Mod(5, 10). PARI only know perform polynomial and linear algebra over a field, so it assumes that moduli are prime. > ? B = chinese(1/Mod(A, 2), 1/Mod(A, 5)) > %2 = > [Mod(1, 10) Mod(1, 10) Mod(4, 10)] > > [Mod(8, 10) Mod(7, 10) Mod(9, 10)] > > [Mod(6, 10) Mod(6, 10) Mod(5, 10)] > > ? A*B > %3 = > [Mod(1, 10) Mod(0, 10) Mod(0, 10)] > > [Mod(0, 10) Mod(1, 10) Mod(0, 10)] > > [Mod(0, 10) Mod(0, 10) Mod(1, 10)] > > So while A has an inverse in this case, it is not found. The workaround > using chinese remaindering works if the factorization is known, so this > is going to be a problem if the modulus is an RSA modulus, for example. > It would be better to try to run the algorithm as is, and as soon as a > nonzero non-invertible remainder is found, to split into two instances > with the now known partial factorization and continue. That way, matrix > inversion would still be n^3*O(poly(log(m))), where m is the > modulus. > > This would make it possible to compute inverses of matrices mod m if m has > no square factors. Yes, we are doing something similar in the round4 implementation. Cheers, Bill.