Solve x^6=7 in F19: 6 Solutions

[MikeD2]

Hi there,

I've been asked to solve $x^6=7$ in $\mathbb{F}_{19}$

As $gcd(6,18)= 6$ I know there are 6 solutions. I also know from trial and error that theses solutions are 2, 3 ,5 , 14, 16 and 17. I'm trying to work = out a better way of finding these rather than t+e. I assume it is something to do with taking logs. I've tried this with $ind_{2} (x)$ and find $ind_{2} (7)=14$ so I have $6ind_{2}(x)=14$ (I think?) then not sure what to do from here though think it may be as I'm just missing something simple...

 

[Deveno]

the only thing that occurs to me is this: if $2^6 = 7$ then $8^2 = 7$ since $8 = 2^3$. that is, 8 is a square root of 7. it stands to reason, therefore, that -8 = 11 is the other square root of 7. so now we are trying to solve:

$x^3 = 8$
$x^3 = 11$

2 and 3 are clearly 2 of the 3 possible roots for the first equation. the point being, cubes are easier to calculate than 6th powers. we also see from $2^6 = 7$ that $4^3 = 7$, so a square root of 4 will be a sixth root of 7. we've already found 2, but we can now add -2 = 17 to our list. a short caclulation shows that 17 is a cube root of 11.

now $x^3 - 8 = (x - 2)(x^2 + 2x + 4)$, and we know that x - 3 is a factor, so the other factor must be $x - 4(3^{-1}) = x - 14$. so 14 is a cube root of 8, and thus a sixth root of 7.

but then -14 = 5 is a cube root of - 8 = 11. finally, since 3 is a cube root of 8, -3 = 16 is a cube root of -8 = 11.

it's not...elegant, but it reduces the trial and error of finding all 6 roots, to just finding two (2 and 3), and leveraging arithmetic in $\mathbb{F}_{19}$ to find the other 4.

 

[kuklops]

Hello,

Please excuse that I won't use LaTeX and can't post links properly; I'm having some issues with the new forum; but I'm happy to see that MHF (Math Help Forum) has both risen from the ashes and gotten a clone. :)

It's not clear to what extent you need to solve this "manually" vs. using, say, built-in functions of a CAS. Typing "factormod(x^6-7,19)" in pari/gp will give the answer instantly. I'm not familiar with the internals of factormod(), but the program is open source, and might have intelligible comments. (I'm not suggesting you try to read the source; it's more just an interesting side note, since pari/gp probably does it using the most efficient known algorithms.)

Without thinking about it much I did a google search and found this (forums.xkcd.com/viewtopic.php?f=17&t=73708) xkcd forum thread on the subject. You may find it useful to read the entire thread there, but mainly what I wanted to bring up is that your idea of using discrete log can work, but keep in mind that discrete log is itself a hard problem. How were you computing it? In fact, ind_2(7) is 6, not 14. We have used that 2 is a primitive root. Pari/gp has some functions for these things,

? znprimroot(19)
%1 = Mod(2, 19)
? znlog(Mod(7,19),Mod(2,19))
%2 = 6

Finding a primitive root manually is not too hard; info is on Wikipedia (en.wikipedia.org/wiki/Primitive_root_modulo_n#Finding_primitive_roots). As to discrete log, the algorithms are a bit involved. But let's just assume you have a discrete log function readily available and it's not a problem.

So now we can do:

x^6 ≡ 7 (mod 19)
x^6 ≡ 2^6 (mod 19)
(2^m)^6 ≡ 2^6 (mod 19)
2^(6m) ≡ 2^6 (mod 19)
6m ≡ 6 (mod phi(19))
6m ≡ 6 (mod 18)

This worked out very nicely; this is just m ≡ 1 (mod 3), so the solution set is {1, 4, 7, 10, 13, 16}. Recover solutions for x by taking 2^1, 2^4, 2^7, 2^10, 2^13, 2^16 (mod 19).

Edit: Regarding involved algorithms for discrete log, I purposely excluded a very simple algorithm, namely trial multiplication, because the (worst-case) time complexity for it is horrible. I figured trial multiplication would defeat the purpose, because then you might as well just use brute force on the original problem. For completeness, though, I probably should have mentioned it. In your post you didn't give any indication that you knew discrete logs are much harder to compute than ordinary logs, which is a little strange. Now I'm really curious to know how you approached that sub-problem.

 

[Deveno]

i concur that considering the additive problem mod φ(n) may well be easier than the multiplicative problem mod(n).

 

[kuklops]

i concur that considering the additive problem mod f(n) may well be easier than the multiplicative problem mod(n).

Interesting, I didn't even notice that

$$x^6 \equiv 7 \pmod{19}$$

has a similar structure to

$$m\cdot 6 \equiv 6 \pmod{18}$$

It is in fact a non-trivial reduction; we can apply the extended Euclidean algorithm directly to the second congruence but not the first. The fact that the numbers worked out so nicely in the problem that we didn't even need the extended Euclidean algorithm was just a nice bonus.