1: \documentclass{article}
2:
3: \usepackage{amsmath,amssymb,bm}
4: %\renewcommand{\atop}[2]{\genfrac{}{}{0pt}{}{#1}{#2}}
5: \usepackage{cite,url,color}
6:
7: \usepackage[top=2.5cm,bottom=2.5cm,left=2cm,right=2cm]{geometry}
8:
9: \usepackage{longtable}%,colortbl}
10:
11: \newtheorem{definition}{Definition}
12: \newtheorem{notation}{Notation}
13: \newtheorem{theorem}{Theorem}
14: \newtheorem{lemma}{Lemma}
15: \newtheorem{corollary}{Corollary}
16: \newtheorem{conjecture}{Conjecture}
17: \newtheorem{example}{Example}
18: \newtheorem{remark}{Remark}
19: \newtheorem{problem}{Open Problem \#}
20: \newenvironment{proof}[1][Proof]{\par\noindent\textit{#1}: }{\hfill$\blacksquare$\vskip 0.5\baselineskip}
21: \newenvironment{solution}[1][Solution]{\par\noindent\textit{#1}: }{\hfill$\square$\vskip 0.5\baselineskip}
22: \newenvironment{explain}[1][Explain]{\par\noindent\textit{#1}: }{\hfill$\square$\vskip 0.5\baselineskip}
23:
24: \newcommand\lcm{\mathrm{lcm}}
25:
26: \newcommand\fproblem[1]{%
27: \begin{center}
28: \fbox{\parbox{0.95\textwidth}{%
29: \begin{problem}
30: #1
31: \end{problem}}}
32: \end{center}}
33:
34: \usepackage[normalem]{ulem}
35:
36: \usepackage{arydshln}
37:
38: \begin{document}
39:
40: \title{Permutation Polynomials modulo $m$}
41: \author{Shujun Li\\\url{http://www.hooklee.com}}
42: \date{\today}
43:
44: \maketitle
45:
46: \begin{abstract}
47: This paper mainly studies problems about so called ``permutation
48: polynomials modulo $m$", polynomials with integer
49: coefficients\footnote{In this paper, we always call them ``integer
50: polynomial" in short. Note that sometime another name ``integral
51: polynomial" is used \cite[Sec. 7.2]{HW:NumberTheory1979}. However,
52: we prefer to ``integer polynomial" to avoid confusion with the word
53: ``integral" as an adjective (see \cite{IntegerPolynomial}).} that
54: can induce bijections over $\mathbb{Z}_m=\{0,\cdots,m-1\}$. The
55: necessary and sufficient conditions of permutation polynomials are
56: given, and the number of all permutation polynomials of given degree
57: and the number induced bijections are estimated. A method is
58: proposed to determine all equivalent polynomials from the induced
59: polynomial function, which can be used to determine all equivalent
60: polynomials that induce a given bijection. A few problems have not
61: been solved yet in this paper and left for open study.
62:
63: \textit{Note: After finishing the first draft, we noticed that some
64: results obtained in this paper can be proved in other ways (see
65: Remark \ref{remark:RepeatingWork}). In this case, this work gives
66: different and independent proofs of related results.}
67: \end{abstract}
68:
69: \tableofcontents
70:
71: \setlength{\arrayrulewidth}{0.6pt} \setlength{\doublerulesep}{0pt}
72: \renewcommand\arraystretch{1.25}
73:
74: \section{Introduction}
75:
76: Integer polynomials that can induce bijections over finite fields,
77: namely permutation polynomials, are firstly studied in algebra
78: community \cite{LauschNobauer:AlgebraPoly1973,
79: LidlMullen:PermPolyI:AMM1988, LidlMullen:PermPolyII:AMM1990,
80: RMT:DicksonPoly1993, Mullen:PermPolySurvey:FFaTA1995, SunWan:FF1987,
81: Lidl:FF1997}. Permutation polynomials have been used in cryptography
82: and coding \cite{PPinRSA-Crypt83, PP-Ciphers-EuroCrypt84,
83: MI-PP-PKC-IEEEISIT83, Cryptanalysis-PP-PKC-EuroCrypt84,
84: Cade-PP-PKC-SIAM-ALA85, BreakingCade-Crypto86,
85: ModifyingCade-Crypto86, SunWan:FF1987, Mullen:PP-NFSR:IEEETIT1989,
86: PP2Coding2005}. This paper studies permutation polynomials modulo an
87: integer, i.e., permutation polynomials over integer rings
88: \cite{Mullen:PolyFun-mod:AMH1984, RMT:DicksonPoly1993,
89: Rivest:PPmod2w:FFTA2001, Sun:PPmodCoding:IEEETIT2005}. Such
90: permutation polynomials have also been used in cryptography and
91: coding recently, such as in the RC6 block cipher \cite{RC6} a simple
92: permutation polynomial $f(x)=x(2x+1)$ modulo $2^d$ is used.
93:
94: Assume $f(x)=a_nx^n+\cdots+a_1x+a_0$ is a polynomial with integer
95: coefficients of degree $n\geq 1$ modulo $m$, where $a_n\not\equiv
96: 0\pmod m$. It is possible that $f(x)$ forms a bijection over
97: $\mathbb{Z}_m=\{0,\cdots,m-1\}$, i.e., $\forall
98: x_1,x_2\in\mathbb{Z}$ and $x_1\not\equiv x_2\pmod m$,
99: $f(x_1)\not\equiv f(x_2)\pmod m$. In other words, it is true that
100: $f(\mathbb{Z})=\mathbb{Z}_m$, or a complete system of residues
101: modulo $m$ is permuted by the polynomial $f$. The most common
102: permutation polynomial modulo $m$ is $f(x)=x$. In addition, as a
103: special case, Fermat's little theorem also gives one of the simplest
104: permutation polynomials modulo a prime $p$: $f(x)=x^p$, which
105: satisfies $\forall x\in\mathbb{Z}$, $f(x)\equiv x\pmod p$.
106:
107: \iffalse In fact, permutation polynomials modulo $m=2^7$ have been
108: used in \cite{Chuang:BaseSwitchingImageEncryption:JEI97} to design
109: an image encryption scheme, though which is not secure following
110: results obtained in this paper.\fi
111:
112: It is well-known that many problems on permutation polynomials over
113: finite fields are still open \cite{LidlMullen:PermPolyI:AMM1988,
114: LidlMullen:PermPolyII:AMM1990, Mullen:PermPolySurvey:FFaTA1995}.
115: Similarly, there are a few work on permutation polynomials modulo
116: integers, both in number theory \cite{HW:NumberTheory1979,
117: Eynden:NumberTheory1987, NZM:NumberTheory1991,
118: Rosen:NumberTheory1993, Rose:NumberTheory1994,
119: Pan:ConciseNumberTheory1998} and algebra communities. In this paper,
120: we try to find answers to the following questions on permutation
121: polynomials modulo $m$, where $m$ may be a prime, a prime power, or
122: a general composite.
123: \begin{itemize}
124: \item
125: What are necessary and sufficient conditions of permutation
126: polynomials modulo $m$?
127:
128: \item
129: What is the number of distinct permutation polynomials of degree
130: $\leq n$ modulo $m$ and what is the number of distinct bijections
131: induced from these polynomials?
132:
133: \item
134: Is there a practical way to enumerate all permutation polynomials of
135: degree $n$ modulo $m$ given a bijection (or a partial bijection)
136: over $\{0,\cdots,m-1\}$?
137: \end{itemize}
138:
139: At present, the first two questions have been almost solved, but the
140: last one has not been solved at all when the degree of the
141: polynomials $n\geq p$ modulo $p^d$.
142:
143: This paper is organized as follows. In next section, we first give
144: some preliminary definitions and lemma. Sec. \ref{section:composite}
145: discusses the case of composite moduli, and concludes that
146: permutation polynomials modulo a composite can be studied via
147: permutation polynomials modulo each prime power. In Sec.
148: \ref{section:prime}, we discuss the case of prime moduli and give
149: some limited results. Then, in Sec. \ref{section:PrimePowers}, the
150: general cases modulo $p^d$ ($d\geq 1$) are studied and some useful
151: results are obtained. Two open problems are raised in Sec.
152: \ref{section:PrimePowers} for future study.
153:
154: \section{Preliminaries}
155: \label{section:preliminaries}
156:
157: This section lists a number of definitions and notations used
158: throughout in this paper. Some preliminary lemmas are also given to
159: simplify the discussions in this paper. I try to keep the
160: definitions, notations and lemmas as simple as possible. Please feel
161: free to contact me if you have some idea of making them even
162: simpler, more elegant, more beautiful, and/or more rigorous in
163: mathematics.
164:
165: \subsection{Some Simple Lemmas on Congruences}
166:
167: The following lemmas will be extensively cited in this paper without
168: explicit citations.
169:
170: \begin{lemma}\label{lemma:dvi-mod}
171: If $a\mid b$ and $a\mid m$, then $a\mid (b\bmod m)$.
172: \end{lemma}
173: \begin{proof}
174: From $a|b$, $\exists k_1\in\mathbb{Z}$, $b=ak_1$. From $a|m$,
175: $\exists k_2\in\mathbb{Z}$, $m=ak_2$. Assume $x=(b\bmod m)$, then
176: $\exists k_3\in\mathbb{Z}$, $x=mk_3+b=ak_2k_3+ak_1=a(k_1+k_2k_3)$.
177: So, $a\mid x$, which proves this lemma.
178: \end{proof}
179:
180: \begin{lemma}\label{lemma:mod}
181: If $m\mid m'$, $(a\bmod m')\equiv a \pmod m$.
182: \end{lemma}
183: \begin{proof}
184: From $m|m'$, $\exists k_1\in\mathbb{Z}$, $m'=mk_1$. Assume $x=
185: a\bmod m'$, then $\exists k_2\in\mathbb{Z}$, $x=m'k_2+a=mk_1k_2+a$.
186: Then, $(a\bmod m')\equiv mk_1k_2+a\equiv a\pmod m$. This lemma is
187: proved.
188: \end{proof}
189:
190: \begin{lemma}
191: If $a\equiv 0\pmod{m_1}$ and $b\equiv 0\pmod{m_2}$, then $ab\equiv
192: 0\pmod{m_1m_2}$.
193: \end{lemma}
194:
195: \begin{lemma}[Theorem 2.2 in \cite{NZM:NumberTheory1991}]\label{lemma:polynomial-mod}
196: Assume $f(x)=a_nx^n+\cdots+a_1x+a_0$ is an integer polynomial. If
197: $x_1\equiv x_2\pmod m$, then $f(x_1)\equiv f(x_2)\pmod m$.
198: \end{lemma}
199:
200: \begin{lemma}
201: Assume $\bm{A}$ is an $n\times n$ matrix, $\bm{X}$ is a vector of
202: $n$ unknown integers, and $\bm{B}$ is a vector of $n$ integers. If
203: $|\bm{A}|$ is relatively prime to $m$, i.e., $\gcd(|\bm{A}|,m)=1$,
204: then $\bm{A}\bm{X}\equiv\bm{B}\pmod m$ has a unique set of
205: incongruent solutions
206: $\bm{X}\equiv\overline{\Delta}(\mathrm{adj}(\bm{A}))\bm{B}\pmod m$,
207: where $\overline{\Delta}$ is an inverse of $\Delta=|\bm{A}|$ modulo
208: $m$ and $\mathrm{adj}(\bm{A})$ is the adjoint of $\bm{A}$.
209: \end{lemma}
210: \begin{proof}
211: This lemma is a direct result of Theorem 3.18 in
212: \cite{Rosen:NumberTheory1993} (see pages 151 and 152).
213: \end{proof}
214:
215: \subsection[Polynomial Congruences Modulo $m$]%
216: {Polynomial Congruences Modulo $\bm{m}$}
217:
218: The following definition is from Chap. VII of
219: \cite{HW:NumberTheory1979} and related concepts are slightly
220: extended.
221:
222: \begin{definition}
223: Given two integer polynomials of degree $n$:
224: $f(x)=a_nx^n+\cdots+a_1x+a_0$ and $g(x)=b_nx^n+\cdots+b_1x+b_0$, if
225: $\forall i=0\sim n$, $a_i\equiv b_i\pmod m$, we say \uline{$f(x)$ is
226: congruent to $g(x)$ modulo $m$}, or $f(x)$ and $g(x)$ are
227: \uline{congruent (polynomials) modulo $m$}, which is denoted by
228: $f(x)\equiv g(x)\pmod m$. On the other hand, if $\exists
229: i\in\{1,\cdots,n\}$, such that $a_i\not\equiv b_i\pmod m$, we say
230: $f(x)$ and $g(x)$ are \uline{incongruent (polynomials) modulo $m$},
231: denoted by $f(x)\not\equiv g(x)\pmod m$.
232: \end{definition}
233:
234: \begin{definition}
235: A \uline{polynomial congruence (residue) class modulo $m$} is a set
236: of all polynomials congruent to each other modulo $m$.
237: \end{definition}
238:
239: \begin{definition}
240: A set of polynomials of degree $n$ modulo $m$ is a \uline{complete
241: system of polynomial residues of degree $n$ modulo $m$}, if for
242: every polynomial of degree $n$ modulo $m$ there is one and only one
243: congruent polynomial in this set.
244: \end{definition}
245:
246: \begin{lemma}
247: The following set of polynomials is a complete system of polynomial
248: residues of degree $n$ modulo $m$:
249: \[
250: \mathbb{F}[x]=\left\{f(x)=a_nx^n+\cdots+a_1x+a_0\left|a_n\in\{1,\cdots,m-1\},a_{n-1},\cdots,a_0\in\{0,\cdots,m-1\}\right.\right\}.
251: \]
252: \end{lemma}
253: \begin{proof}
254: Assume $f(x)=a_nx^n+\cdots+a_1x+a_0$ is a polynomial of degree $n$
255: modulo $m$. Choose $a_i^*=(a_i\bmod m)\in\{0,\cdots,m-1\}$ ($i=0\sim
256: n$), then $f^*(x)=a_n^*x^n+\cdots+a_1^*x+a_0^*\in\mathbb{F}$ is
257: congruent to $f(x)$. Assume that another polynomial
258: $g(x)=b_nx^n+\cdots+b_1x+b_0\in\mathbb{F}$ is also congruent to
259: $f(x)$. Then, $\forall i=0\sim n$, $b_i\equiv a_i^*\pmod m$. Since
260: $\{0,\cdots,m-1\}$ is a complete set of residues modulo $m$,
261: $b_i=a_i^*$. This means that $g(x)=f^*(x)$. This completes the proof
262: of this lemma.
263: \end{proof}
264:
265: \begin{definition}
266: A set of polynomials of degree $\leq n$ modulo $m$ is a
267: \uline{complete system of polynomial residues of degree $\leq n$
268: modulo $m$}, if for every polynomial of degree $\leq n$ modulo $m$
269: there is one and only one congruence polynomial.
270: \end{definition}
271:
272: \begin{lemma}
273: The following set of polynomials is a complete system of polynomial
274: residues of degree $n$ modulo $m$:
275: \[
276: \mathbb{F}[x]=\left\{f(x)=a_nx^n+\cdots+a_1x+a_0\left|a_n,a_{n-1},\cdots,a_0\in\{0,\cdots,m-1\}\right.\right\}.
277: \]
278: \end{lemma}
279: \begin{proof}
280: The proof is similar to the above lemma.
281: \end{proof}
282:
283: \subsection[Polynomial Functions Modulo $m$]{Polynomial Functions
284: Modulo $\bm{m}$}
285:
286: \begin{definition}
287: If a function over $\{0,\cdots,m-1\}$ can be represented by a
288: polynomial modulo $m$, we say this function is \uline{polynomial
289: modulo $m$}.
290: \end{definition}
291:
292: \begin{lemma}\label{lemma:any-fun-poly-p}
293: Assume $p$ is a prime. Then, any function over $\{0,\cdots,p-1\}$ is
294: polynomial modulo $p$.
295: \end{lemma}
296: \begin{proof}
297: Assume $f(x)=a_nx^n+\cdots+a_1x+a_0$ is a polynomial of degree
298: $n\geq p-1$ modulo $p$. Given a function
299: $F:\{0,\cdots,p-1\}\to\{0,\cdots,p-1\}$, one has the following
300: system of congruences:
301: \[
302: \left[\begin{matrix}%
303: 1 & 0 & 0^2 & \cdots & 0^{p-1}\\
304: 1 & 1 & 1^2 & \cdots & 1^{p-1}\\
305: 1 & 2 & 2^2 & \cdots & 2^{p-1}\\
306: \vdots & \vdots & \vdots & \ddots & \vdots\\
307: 1 & p-1 & (p-1)^2 & \cdots & (p-1)^{p-1}
308: \end{matrix}\right]
309: \left[\begin{matrix}%
310: a_0\\
311: a_1\\
312: a_2\\
313: \vdots\\
314: a_{p-1}
315: \end{matrix}\right]\equiv
316: \left[\begin{matrix}%
317: F(0)\\
318: F(1)-\sum_{i=p}^na_i\\
319: F(2)-\sum_{i=p}^n2^ia_i\\
320: \vdots\\
321: F(p-1)-\sum_{i=p}^n(p-1)^ia_i
322: \end{matrix}\right]\pmod{p^d}.
323: \]
324: Since the matrix at the left side is a Vondermonde matrix, one can
325: see its determinant is relatively prime to $p$. So, for each
326: combination of $a_p,\cdots,a_n$, there is a unique set of
327: incongruent solutions of $a_0,\cdots,a_{p-1}$. Thus this lemma is
328: proved.
329: \end{proof}
330:
331: \subsection[Equivalent Polynomials Modulo $m$]{Equivalent Polynomials Modulo $\bm{m}$}
332:
333: The concept of equivalent polynomial modulo $m$ is used to describe
334: incongruent but equivalent (for any integer) polynomials modulo $m$.
335: Note that some researchers call them ``residually congruent
336: polynomials modulo $m$" \cite{Kempner:PolyResidue:TAMS1921a,
337: Kempner:PolyResidue:TAMS1921b}.
338:
339: \begin{definition}
340: Two integer polynomials $f(x)$ and $g(x)$ are \uline{equivalent
341: (polynomials) modulo $m$} if $\forall x\in\mathbb{Z}$, $f(x)\equiv
342: g(x)\pmod m$.
343: \end{definition}
344: Note that two equivalent polynomials modulo $m$ may not be congruent
345: modulo $p$, and may have distinct degrees. As a typical example,
346: when $p$ is a prime, $f(x)=x^p$ and $g(x)=x$ are equivalent
347: polynomials modulo $p$.
348:
349: \begin{lemma}\label{lemma:equivalent-poly-degree1}
350: Two polynomials of degree 1 modulo $m$, $f(x)=a_1x+a_0$ and
351: $g(x)=b_1x+b_0$, are equivalent polynomials modulo $m$ if and only
352: if $f(x)\equiv g(x)\pmod m$, i.e., $a_1\equiv b_1\pmod m$ and
353: $a_0\equiv b_0\pmod m$.
354: \end{lemma}
355: \begin{proof}
356: The ``if" part is obvious from the definition of equivalent
357: polynomials modulo $m$, so we focus on the ``only if" part. Since
358: $f(x)$ and $g(x)$ are equivalent polynomials modulo $m$, then
359: $\forall x\in\{0,\cdots,m-1\}$,
360: $f(x)-g(x)=(a_1-b_1)x+(a_0-b_0)\equiv 0\pmod m$. Choosing $x\equiv
361: 0\pmod m$, one has $a_0\equiv b_0\pmod m$. Then, choosing $x\equiv
362: 1\pmod m$, one has $a_1\equiv b_1\pmod m$. Thus this lemma is
363: proved.
364: \end{proof}
365:
366: \begin{lemma}\label{lemma:equivalent-poly-a0}
367: Two polynomials, $f(x)=a_{n_1}x^{n_1}+\cdots+a_0$ and
368: $g(x)=b_{n_2}x^{n_2}+\cdots+b_0$, are equivalent polynomials modulo
369: $m$, then $a_0\equiv b_0\pmod m$.
370: \end{lemma}
371: \begin{proof}
372: Choosing $x=0$, one has $f(x)-g(x)=a_0-b_0\equiv 0\pmod m$. This
373: lemma is proved.
374: \end{proof}
375: \begin{corollary}
376: Two polynomials, $f(x)=a_nx^n+\cdots+a_2x^2+a_0$ and
377: $g(x)=a_nx^n+\cdots+a_2x^2+b_0$, are equivalent polynomials modulo
378: $m$ if and only if $a_0\equiv b_0\pmod m$.
379: \end{corollary}
380:
381: \begin{lemma}\label{lemma:equivalent-poly-pd}
382: Assume $p$ is a prime and $d\geq 1$. Two polynomials,
383: $f(x)=a_{p-1}x^{p-1}+\cdots+a_0$ and
384: $g(x)=b_{p-1}x^{p-1}+\cdots+b_0$, are equivalent polynomials modulo
385: $p^d$ if and only if $f(x)\equiv g(x)\pmod{p^d}$.
386: \end{lemma}
387: \begin{proof}
388: The ``if" part is obvious true, from the definition of equivalent
389: polynomials modulo $p^d$. So, we focus on the ``only if" part only.
390: From $f(x)-g(x)\equiv 0\pmod{p^d}$, choosing $x=0\sim p-1$, one can
391: get the following system of congruences in the matrix form
392: $\bm{A}\bm{X}_{a-b}\equiv \bm{B}\pmod{p^d}$:
393: \begin{equation}
394: \left[\begin{matrix}%
395: 1 & 0 & 0^2 & \cdots & 0^{p-1}\\
396: 1 & 1 & 1^2 & \cdots & 1^{p-1}\\
397: 1 & 2 & 2^2 & \cdots & 2^{p-1}\\
398: \vdots & \vdots & \vdots & \ddots & \vdots\\
399: 1 & p-1 & (p-1)^2 & \cdots & (p-1)^{p-1}
400: \end{matrix}\right]
401: \left[\begin{matrix}%
402: a_0-b_0\\
403: a_1-b_1\\
404: a_2-b_2\\
405: \vdots\\
406: a_{p-1}-b_{p-1}
407: \end{matrix}\right]\equiv
408: \left[\begin{matrix}%
409: f(0)-g(0)\\
410: f(1)-g(1)\\
411: f(2)-g(2)\\
412: \vdots\\
413: f(p-1)-g(p-1)
414: \end{matrix}\right]\equiv
415: \left[\begin{matrix}%
416: 0\\
417: 0\\
418: 0\\
419: \vdots\\
420: 0
421: \end{matrix}\right]\pmod{p^d}.\label{equation:equivalent-poly-pd}
422: \end{equation}
423: Since $\bm{A}$ is a Vandermonde sub-matrix, one can get
424: $|\bm{A}|=\prod_{0\leq i<j\leq p-1}(j-i)$
425: \cite[\S4.4]{Zhang:MatrixTheory1999}. From $p$ is a prime and
426: $1\leq(j-i)\leq p-1$, one has $\gcd(|\bm{A}|,p^d)=1$. Thus, the
427: above system of congruences has a unique set of incongruent
428: solutions. So, $\forall i=0\sim p-1$, one has $a_i\equiv
429: b_i\pmod{p^d}$. This completes the proof of this lemma.
430: \end{proof}
431: Note that in the above lemma $f(x)$ and $g(x)$ may be polynomials of
432: degree less than $p-1$ modulo $p^d$. In this case, the matrix at the
433: left side of the system of congruences may have a smaller size, but
434: its determinant is still relatively prime to $p^d$.
435:
436: \begin{corollary}
437: Assume $p$ is a prime. Two polynomials, $f(x)=a_nx^n+\cdots+a_0$ and
438: $g(x)=b_nx^n+\cdots+b_0$, are equivalent polynomials modulo $p$ if
439: and only if $(f(x)\bmod(x^p-x))\equiv(g(x)\bmod(x^p-x))\pmod p$.
440: \end{corollary}
441: \begin{proof}
442: This corollary is a direct result of the above lemma and Fermat's
443: Little Theorem.
444: \end{proof}
445:
446: \subsection[Permutation Polynomials Modulo $m$]
447: {Permutation Polynomials Modulo $\bm{m}$}
448:
449: \begin{definition}
450: Assume $f(x)=a_nx^n+\cdots+a_1x+a_0$ is a polynomial of degree
451: $n\geq 1$ modulo $m$, where $a_n\not\equiv 0\pmod m$. If
452: $f(x)=((a_nx^n+\cdots+a_1x+a_0)\bmod m)$ forms a bijection
453: $F:\{0,\cdots,m-1\}\to\{0,\cdots,m-1\}$, we say that $f(x)$ is a
454: \uline{permutation polynomial modulo $m$}, or $f(x)$ is
455: \uline{permutation modulo $m$}. The bijection $F$ is called the
456: \uline{induced bijection of the polynomial $f(x)$ modulo $m$}.
457: \end{definition}
458:
459: \begin{definition}
460: If two permutation polynomials are equivalent modulo $m$, we say
461: they are \uline{equivalent permutation polynomials modulo $m$}. It
462: is obvious that equivalent permutation polynomials modulo $m$ induce
463: the same bijection over $\{0,\cdots,m-1\}$.
464: \end{definition}
465:
466: \begin{lemma}\label{lemma:bijective}
467: A polynomial $f(x)$ is a permutation polynomial modulo $m$ if and
468: only if $g(x)=af(x)+b$ is a permutation polynomial modulo $m$, where
469: $\gcd(a,m)=1$ and $b\in\mathbb{Z}$.
470: \end{lemma}
471: \begin{proof}
472: This lemma is a direst result of Theorem 3.6 in
473: \cite{Rosen:NumberTheory1993} on a complete system of residues
474: modulo $m$.
475: \end{proof}
476: \begin{lemma}\label{lemma:bijective-poly-a0}
477: Two polynomials, $f(x)=a_{n_1}x^{n_1}+\cdots+a_1x+a_0$ and
478: $f(x)=b_{n_2}x^{n_2}+\cdots+b_1x+b_0$, is equivalent permutation
479: polynomials if and only if $f^*(x)=a_{n_1}x^{n_1}+\cdots+a_1x$ and
480: $g^*(x)=b_{n_2}x^{n_2}+\cdots+b_1x$ are equivalent permutation
481: polynomials modulo $m$ and $a_0\equiv b_0\pmod m$.
482: \end{lemma}
483: \begin{proof}
484: This lemma is a direct result of Lemmas
485: \ref{lemma:equivalent-poly-a0} and \ref{lemma:bijective}.
486: \end{proof}
487: From the above two lemmas, we can only study permutation polynomials
488: in the form $f(x)=a_nx^n+\cdots+a_1x$.
489:
490: \begin{lemma}
491: If $f(x)\equiv g(x)\pmod m$ and $f(x)$ is a permutation polynomial
492: modulo $m$, then $g(x)$ is an equivalent permutation polynomial of
493: $f(x)$ modulo $m$.
494: \end{lemma}
495: \begin{proof}
496: Since $f(x)\equiv g(x)\pmod m$, $\forall a\in\mathbb{Z}$,
497: $f(a)\equiv g(a)\pmod m\Rightarrow f(a)\bmod m=g(a)\bmod m$, i.e.,
498: $F(a)=G(a)$. So $g(x)$ generates the same bijection as $f(x)$. This
499: completes the proof.
500: \end{proof}
501:
502: \begin{theorem}\label{theorem:bijection-degree1}
503: The polynomial $f(x)=a_1x+a_0$ is a permutation polynomial modulo
504: $m$ if and only if $\gcd(a_1,m)=1$.
505: \end{theorem}
506: \begin{proof}
507: Assume $G=\langle 1\rangle$ is a cyclic group of order $m$. From
508: Theorem 3.24 in \cite{Gilbert:Algebra2005} (or Theorem 2 in \S 2.3
509: of \cite{Hu:Algebra1999}), $a_1=1^{a_1}$ is a generator of $G$ if
510: and only if $\gcd(a_1,m)=1$. Note that in group $G$ the binary
511: operator is defined as addition modulo $m$. It is obvious that $a_1$
512: is a generator of $G$ if and only if $f^*(x)=a_1x$ is a permutation
513: polynomial modulo $m$. Then from Lemma \ref{lemma:bijective}, this
514: theorem is proved.
515: \end{proof}
516:
517: \begin{corollary}\label{corollary:bijective-poly-degree1}
518: The number of congruence classes of permutation polynomials
519: $f(x)=a_1x+a_0$ of degree 1 modulo $m$ is $\phi(m)m$. The number of
520: bijections induced from these permutation polynomials is also
521: $\phi(m)m$.
522: \end{corollary}
523: \begin{proof}
524: From Theorem \ref{theorem:bijection-degree1}, $a_1$ should satisfy
525: $\gcd(a_1,m)=1$, but $a_0$ can be any integer, so The number of
526: congruence classes of permutation polynomials of degree 1 modulo $m$
527: is $\phi(m)m$. From Lemma \ref{lemma:equivalent-poly-degree1}, the
528: $\phi(m)m$ permutation polynomials are not equivalent to each other,
529: so they induce $\phi(m)m$ distinct bijections.
530: \end{proof}
531:
532: %\subsection{Sub-Bijection and Super-Bijection (New)}
533:
534: \begin{definition}
535: Given a bijection $F:\mathbb{A}\to\mathbb{A}$. If for a set
536: $\mathbb{B}\subseteq\mathbb{A}$, $F(\mathbb{B})=\mathbb{B}$, then
537: $F_\mathbb{B}=\{(a,b)|a,b\in\mathbb{B}\}\subseteq F$ is a bijection
538: over $\mathbb{B}$, and we say the bijection
539: $F_\mathbb{B}:\mathbb{B}\to\mathbb{B}$ is a \uline{sub-bijection} of
540: $F$, and $F$ is a \uline{super-bijection} of $F_\mathbb{B}$.
541: \end{definition}
542:
543: \begin{lemma}\label{lemma:sub-bijection}
544: Given a bijection $F:\mathbb{A}\to\mathbb{A}$. If
545: $F_\mathbb{B}:\mathbb{B}\to\mathbb{B}$ is a sub-bijection of $F$,
546: then
547: $F_{\mathbb{A}\backslash\mathbb{B}}:\mathbb{A}\backslash\mathbb{B}\to\mathbb{A}\backslash\mathbb{B}$
548: is also a sub-bijection of $F$.
549: \end{lemma}
550: \begin{proof}
551: Assume that $\exists a\in\mathbb{A}\backslash\mathbb{B}$,
552: $F(a)\in\mathbb{B}$. Since $F_\mathbb{B}$ is a bijection over
553: $\mathbb{B}$, then $F(a)$ has one and only one preimage in
554: $\mathbb{B}$. However, it is obvious that $a\not\in\mathbb{B}$ is
555: also the preimage of $F(a)$. We get a contradiction. So, $\forall
556: x\in\mathbb{A}\backslash\mathbb{B}$,
557: $F(x)\in\mathbb{A}\backslash\mathbb{B}$. This means that
558: $F_{\mathbb{A}\backslash\mathbb{B}}$ is a sub-bijection of $F$ over
559: $\mathbb{A}\backslash\mathbb{B}$.
560: \end{proof}
561:
562: \subsection[Null Polynomials modulo $m$]{Null Polynomials modulo $\bm{m}$}
563:
564: This concept was introduced in \cite{Li:NullPoly2005}, and also
565: studied by others without a special name
566: \cite{Kempner:PolyResidue:TAMS1921a, Kempner:PolyResidue:TAMS1921b}.
567: Here, we just give the definition and some simple lemmas on null
568: polynomials modulo $m$. For more advanced results, see
569: \cite{Li:NullPoly2005}.
570:
571: \begin{definition}
572: A polynomial $f(x)$ of degree $n\geq 0$ modulo $m$ is a \uline{null
573: polynomial of degree $n$ modulo $m$}, if $\forall x\in\mathbb{Z}$,
574: $f(x)\equiv 0\pmod m$. Specially, $f(x)=0$ is a trivial null
575: polynomial of degree 0 modulo $m$.
576: \end{definition}
577:
578: \begin{lemma}
579: If $f(x)=a_nx^n+\cdots+a_1x+a_0$ is a null polynomial modulo $m$,
580: then $a_0\equiv 0\pmod m$.
581: \end{lemma}
582:
583: \begin{lemma}
584: Given any null polynomial $f(x)$ modulo $m$, $af(x)$ will still be a
585: null polynomial modulo $m$, where $a$ is an arbitrary integer.
586: \end{lemma}
587: \begin{lemma}
588: A polynomial $f(x)$ is a null polynomial modulo $m$, if and only
589: $af(x)$ is a null polynomial modulo $m$, where $\gcd(a,m)=1$.
590: \end{lemma}
591: \begin{lemma}\label{lemma:null-poly-transitivity}
592: If $f(x)$ is a null polynomial modulo $m$ and $a\mid m$, then $f(x)$
593: is still a null polynomial modulo $a$.
594: \end{lemma}
595: The most frequently used form of the above lemma is as follows: if
596: $f(x)$ is a null polynomial modulo $p^d$, then $f(x)$ is still a
597: null polynomial modulo $p^i$ for any integer $i\leq d$.
598:
599: \begin{lemma}\label{lemma:Equ-Poly-Null-Poly}
600: Two polynomials, $f_1(x)$ and $f_2(x)$, are equivalent polynomials
601: modulo $m$ if and only if $f_1(x)-f_2(x)$ is a null polynomial
602: modulo $m$.
603: \end{lemma}
604:
605: \begin{definition}
606: Denote the least integer $n\geq 1$ such that there exists a null
607: polynomial of degree $n$ modulo $m$ by $\omega_0(m)$ and call it
608: \uline{the least null-polynomial degree modulo $m$}. Denote the
609: least integer $n\geq 1$ such that there exists a \textbf{monic} null
610: polynomial of degree $n$ modulo $m$ by $\omega_1(m)$ and call it
611: \uline{the least monic null-polynomial degree modulo $m$}. A (monic)
612: null polynomial of degree $\omega_0(m)$ or $\omega_1(m)$ is called
613: \uline{a least-degree (monic) null polynomial modulo $m$}. \iffalse
614: Sometime we use $\omega(m)$ to denote $\omega_1(m)$, since
615: $\omega_1(m)$ is much more important than $\omega_0(m)$.\fi
616: \end{definition}
617:
618: \begin{lemma}
619: Every polynomial of degree $\geq\omega_1(m)$ modulo $m$ has one
620: equivalent polynomial of degree $\leq\omega_1(m)-1$ modulo $m$.
621: \end{lemma}
622:
623: \subsection[Circular Shift of an Integer Set Modulo $m$ (New)]%
624: {Circular Shift of an Integer Set Modulo $\bm{m}$ (New)}
625:
626: \begin{definition}
627: The \uline{$k$-th circular shift} of an integer set $\mathbb{A}$
628: \uline{modulo $m$} is defined by $\{x|x=(y+k)\bmod
629: m,y\in\mathbb{A}\}$ and denoted by $[(\mathbb{A}+k)\bmod m]$ in this
630: paper.
631: \end{definition}
632:
633: \begin{lemma}\label{lemma:circular-shift}
634: If $\mathbb{A}_1,\cdots,\mathbb{A}_k$ is a partition of an integer
635: set $\mathbb{A}=\{0,\cdots,m-1\}$, then $\forall a\in\mathbb{Z}$,
636: $[(\mathbb{A}_1+a)\bmod m],\cdots,[(\mathbb{A}_k+a)\bmod m]$ is
637: still a partition of $\mathbb{A}$.
638: \end{lemma}
639: \begin{proof}
640: From $\mathbb{A}_1,\cdots,\mathbb{A}_k$ is a partition of
641: $\mathbb{A}$, one has
642: $\bigcup_{i=1}^k\mathbb{A}_i=\{0,\cdots,m-1\}$. Then,
643: $\bigcup_{i=1}^k[(\mathbb{A}_i+a)\bmod
644: m]=\bigcup_{i=1}^k\{x|x=(y+a)\bmod
645: m,y\in\mathbb{A}_i\}=\left\{x|x=(y+a)\bmod
646: m,y\in\bigcup_{i=1}^k\mathbb{A}_i\right\}=\{x|x=(y+a)\bmod
647: m,y\in\mathbb{A}\}$. From $\mathbb{A}$ is a complete system of
648: residues modulo $m$, $\forall x_0\in\mathbb{A}$ and $\forall
649: a\in\mathbb{Z}$, $\exists y_0\in\mathbb{A}$, $x_0-a\equiv y_0\pmod
650: m\Leftrightarrow x_0\equiv y_0+a\pmod m$. Since $x_0\in\mathbb{A}$,
651: i.e., $0\leq x_0\leq m-1$, one has $x_0=(y_0+a)\bmod m$. This means
652: $\forall x_0\in\bigcup_{i=1}^k[(\mathbb{A}_i+a)\bmod
653: m]=\{x|x=(y+a)\bmod m,y\in\mathbb{A}\}$. So
654: $\bigcup_{i=1}^k[(\mathbb{A}_i+a)\bmod m]=\mathbb{A}$.
655:
656: On the other hand, since $\mathbb{A}_1,\cdots,\mathbb{A}_k$ is a
657: partition of $\mathbb{A}$, $\forall y_1\in\mathbb{A}_i$ and $\forall
658: y_2\in\mathbb{A}_j$ ($i\neq j$), one has $y_1\neq y_2$. Considering
659: $\mathbb{A}$ is a complete system of residues modulo $m$, one
660: immediately gets $y_1\not\equiv y_2\pmod m
661: \Leftrightarrow(y_1+a)\not\equiv (y_2+a)\pmod m \Leftrightarrow
662: (y_1+a)\bmod m\neq (y_2+a)\bmod m$. This means
663: $\mathbb{A}_i\cap\mathbb{A}_j=\varnothing$.
664:
665: The above two results proves this lemma.
666: \end{proof}
667:
668: \subsection[Base-$p$ Resolution (New)]{Base-$\bm{p}$ Resolution (New)}
669:
670: \begin{definition}
671: The \uline{base-$p$ resolution} of an integer $a$ is an integer
672: $i\geq 0$ such that $p^i\parallel a$, i.e., $p^i\mid a$ but
673: $p^{i+1}\nmid a$. Specially, define the base-$p$ resolution of 0 as
674: $+\infty$. When $p=2$, the base-$p$ resolution is also called the
675: \uline{binary resolution}.
676: \end{definition}
677:
678: \begin{notation}
679: The set of all integers of base-$p$ resolution $i$ is denoted by
680: $\mathbb{Z}(i|_p)$. The set of all elements in $\mathbb{A}$ of
681: base-$p$ resolution $i$ is denoted by $\mathbb{A}(i|_p)$. The set of
682: all elements in $\mathbb{A}$ of base-$p$ resolution $i\geq a$ is
683: denoted by $\mathbb{A}(\geq a|_p)$; similarly, we can define
684: $\mathbb{A}(\leq a|_p)$ and $\mathbb{A}(\neq a|_p)$. The set of all
685: elements in $\mathbb{A}$ of base-$p$ resolution $a\leq i\leq b$ is
686: denoted by $\mathbb{A}(a\mapsto b|_p)$. The set of all elements in
687: $\mathbb{A}$ of base-$p$ resolution $i\in\{i_1,\cdots,i_k\}$ is
688: denoted by $\mathbb{A}(i_1,\cdots,i_k|_p)$. In the above notations,
689: the subscription ``$p$" denotes the base (radix) of the resolution.
690: \end{notation}
691: Apparently, $a\in\mathbb{Z}(\geq i|_p)\Leftrightarrow
692: p^i|a\Leftrightarrow a\equiv 0\pmod{p^i}$.
693:
694: \begin{definition}
695: The \uline{base-$p$ multi-resolution partition} of the integer set
696: $\mathbb{Z}$ is a collection of the following sets:
697: $\{\mathbb{Z}(i|_p)\}_{i=0}^{+\infty}$. The \uline{base-$p$
698: multi-resolution partition} of an integer set $\mathbb{A}$ is a
699: collection of the following $(k_{\max}-k_{\min}+2)$ sets:
700: $\mathbb{A}(k_{\min}|_p),\cdots,\mathbb{A}(k_{\max}|_p)$ and
701: $\mathbb{A}(+\infty|_p)=\{0\}$, where $k_{\min}$ and $k_{\max}$
702: denote the minimal and the maximal base-$p$ resolution of all
703: non-zero integers in $\mathbb{A}$.
704: \end{definition}
705: Specially, the base-$p$ multi-resolution partition of
706: $\mathbb{A}=\{0,\cdots,p^d-1\}$ is a collection of the following
707: $d+1$ sets: $\mathbb{A}(0|_p),\cdots,\mathbb{A}(d-1|_p)$ and
708: $\mathbb{A}(+\infty|_p)=\{0\}$.
709:
710: \iffalse The circular shifts of $\mathbb{Z}(i|_2)$ have some special
711: properties.
712:
713: \begin{lemma}
714: Assume $m=2^d$ and $\mathbb{A}=\{0,\cdots,m-1\}$. If
715: $\mathbb{A}_1,\cdots,\mathbb{A}_k$ is a partition of
716: $\mathbb{A}(0|_2)$, then 1) $\forall a\in\mathbb{Z}(0|_2)$,
717: $[(\mathbb{A}_1+a)\bmod m],\cdots,[(\mathbb{A}_k+a)\bmod m]$ is a
718: partition of $\mathbb{A}(\geq 1|_2)$; 2) $\forall
719: a\in\mathbb{Z}(\geq 1|_2)$, $[(\mathbb{A}_1+a)\bmod
720: m],\cdots,[(\mathbb{A}_k+a)\bmod m]$ is still a partition of
721: $\mathbb{A}(0|_2)$.
722: \end{lemma}
723: \begin{lemma}
724: Assume $m=2^d$ and $\mathbb{A}=\{0,\cdots,m-1\}$. If
725: $\mathbb{A}_1,\cdots,\mathbb{A}_k$ is a partition of
726: $\mathbb{A}(\geq 1|_2)$, then 1) $\forall a\in\mathbb{Z}(0|_2)$,
727: $[(\mathbb{A}_1+a)\bmod m],\cdots,[(\mathbb{A}_k+a)\bmod m]$ is a
728: partition of $\mathbb{A}(0|_2)$; 2) $\forall a\in\mathbb{Z}(\geq
729: 1|_2)$, $[(\mathbb{A}_1+a)\bmod m],\cdots,[(\mathbb{A}_k+a)\bmod m]$
730: is still a partition of $\mathbb{A}(\geq 1|_2)$.
731: \end{lemma}
732: The proofs of the above two lemmas are simple, so they are omitted
733: here. A special case of the above two lemmas (when $k=1$) can be
734: described as the following lemma. The three lemmas will be
735: frequently cited in the following context without explicitly
736: quotations.
737:
738: \begin{lemma}
739: Assume $m=2^d$ and $\mathbb{A}=\{0,\cdots,m-1\}$. When
740: $a\in\mathbb{Z}(0|_2)$, $[(\mathbb{A}(0|_2)+a)\bmod
741: m]=\mathbb{A}(\geq 1|_2)$ and $[(\mathbb{A}(\geq 1|_2)+a)\bmod
742: m]=\mathbb{A}(0|_2)$. When $a\in\mathbb{Z}(\geq 1|_2)$,
743: $[(\mathbb{A}(0|_2)+a)\bmod m]=\mathbb{A}(0|_2)$ and
744: $[(\mathbb{A}(\geq 1|_2)+a)\bmod m]=\mathbb{A}(\geq 1|_2)$.
745: \end{lemma}
746: \fi
747:
748: \begin{definition}
749: Assume the base-$p$ resolution of an integer $a\neq 0$ is $i\geq 0$,
750: then the \uline{base-$p$ representation of $a$} is a sequence of $i$
751: integers $a_0,\cdots,a_i$, such that $a=\sum_{j=0}^ia_jp^j$ and
752: $a_j\in\{0,\cdots,p-1\}$. It is denoted by $a=(a_i\cdots a_0)_p$.
753: Specially, the base-$p$ representation of 0 is $(0)_p$. The $j$-th
754: integer in the base-$p$ representation of $a$ is called \uline{the
755: $j$-th base-$p$ digit} or \uline{the $j$-th digit of base $p$} or
756: \uline{the $j$-th digit} in short if the base is well defined in the
757: context.
758: \end{definition}
759: It is obvious that the base-$p$ resolution of an integer is unique
760: and $a_j=\lfloor a/p^j\rfloor\bmod p$.
761:
762: \subsection{Determinants of Some Special Matrices}
763:
764: \begin{lemma}\label{lemma:det-powers}
765: Assume $m\geq 1$. Given a $2m\times 2m$ matrix
766: $\bm{A}=\left[\begin{matrix}\bm{A}_1\\\bm{A}_2\end{matrix}\right]$,
767: where $\bm{A}_1=[X_j^{i-1}]_{1\leq j\leq m \atop 1\leq i\leq 2m}$
768: and $\bm{A}_2=[iX_j^{i-1}]_{1\leq j\leq m \atop 1\leq i\leq 2m}$,
769: i.e.,
770: \[
771: \bm{A}=\left[\begin{array}{cccc:ccc}%
772: 1 & X_1 & \cdots & X_1^{m-1} & X_1^m & \cdots & X_1^{2m-1}\\
773: 1 & X_2 & \cdots & X_2^{m-1} & X_2^m & \cdots & X_2^{2m-1}\\
774: \vdots & \vdots & \ddots & \vdots & \vdots & \ddots & \vdots\\
775: 1 & X_m & \cdots & X_m^{m-1} & X_m^m & \cdots & X_m^{2m-1}\\
776: \hdashline
777: 1 & 2X_1 & \cdots & mX_1^{m-1} & (m+1)X_1^m & \cdots & 2mX_1^{2m-1}\\
778: 1 & 2X_2 & \cdots & mX_2^{m-1} & (m+1)X_2^m &
779: \cdots & 2mX_2^{2m-1}\\
780: \vdots & \vdots & \ddots & \vdots & \vdots & \ddots & \vdots\\
781: 1 & 2X_m & \cdots & mX_m^{m-1} & (m+1)X_m^m & \cdots & 2mX_m^{2m-1}
782: \end{array}\right].
783: \]
784: Then, $|\bm{A}|=(-1)^{\frac{m(m-1)}{2}}\prod_{j=1}^mX_j\prod_{1\leq
785: i<j\leq m}(X_j-X_i)^4$.
786: \end{lemma}
787: \begin{proof}
788: A proof can be found in \cite{Li:Determinants2005}, or in
789: \cite{ADC1999} (as a special case of Theorem 20).
790: \end{proof}
791: \begin{corollary}\label{corollary:det-powers}
792: Assume $m\geq 1$. Given a $2m\times 2m$ matrix
793: $\bm{A}=\left[\begin{matrix}\bm{A}_1\\\bm{A}_2\end{matrix}\right]$,
794: where $\bm{A}_1=[X_i^{j+1}]_{1\leq i\leq m \atop 1\leq j\leq 2m}$
795: and $\bm{A}_2=[(j+1)X_i^j]_{1\leq i\leq m \atop 1\leq j\leq 2m}$.
796: Then,
797: $|\bm{A}|=(-1)^{\frac{m(m-1)}{2}}\prod_{i=1}^mX_i^4\prod_{1\leq
798: i<j\leq m}(X_j-X_i)^4$.
799: \end{corollary}
800:
801: \begin{lemma}\label{lemma:det-binom-powers}
802: Assume $m\geq 1,n\geq l\geq 1$ and $\bm{A}$ is a block-wise
803: $ml\times ml$ matrix as follows:
804: \[
805: \bm{A}=\left[\begin{matrix}%
806: \bm{A}_1\\
807: \bm{A}_2\\
808: \vdots\\
809: \bm{A}_m
810: \end{matrix}\right],
811: \]
812: where for $i=1\sim m$,
813: \[
814: \bm{A}_i=\left[\binom{n+j-1}{k-1}X_i^{j-1}\right]_{1\leq
815: j\leq ml \atop 1\leq k\leq l}=\left[\begin{matrix}%
816: \binom{n}{0} & \binom{n+1}{0}X_i & \cdots &
817: \binom{n+(ml-1)}{0}X_i^{ml-1}\\
818: \binom{n}{1} & \binom{n+1}{1}X_i & \cdots &
819: \binom{n+(ml-1)}{1}X_i^{ml-1}\\
820: \vdots & \vdots & \ddots & \vdots\\
821: \binom{n}{l-1} & \binom{n+1}{l-1}X_i & \cdots &
822: \binom{n+(ml-1)}{l-1}X_i^{ml-1}
823: \end{matrix}\right]_{ml\times l}.
824: \]
825: Then, $|\bm{A}|=\prod_{i=1}^mX_i^{\frac{l(l-1)}{2}}\prod_{1\leq
826: i<j\leq m}(X_j-X_i)^{l^2}$.
827: \end{lemma}
828: \iffalse
829: \begin{corollary}\label{corollary:det-binom}
830: When $0\leq m\leq n-1$, the determinant of the $(m+1)\times (m+1)$
831: matrix $\bm{A}_{n,m}=\left[\binom{j}{i}\right]_{n\leq j\leq n+m
832: \atop 0\leq i\leq m}$ is always equal to 1.
833: \end{corollary}\fi
834:
835: \section{Permutation Polynomials modulo $\bm{m=p_1^{d_1}\cdots p_r^{d_r}}$}
836: \label{section:composite}
837:
838: The theorems given in this section says that we can focus our study
839: on permutation polynomials modulo prime and prime powers.
840:
841: \begin{theorem}\label{theorem:bijective-poly-composite}
842: Assume $p_1$, $\cdots$, $p_r$ are $r$ distinct prime numbers and
843: $d_1$, $\cdots$, $d_r\geq 1$. A polynomial $f(x)$ is a permutation
844: polynomial modulo $m=\prod_{i=1}^rp_i^{d_i}$, if and only if
845: $\forall i=1\sim r$, $f(x)$ is a permutation polynomial modulo
846: $p_i^{d_i}$.
847: \end{theorem}
848: \begin{proof}
849: To simplify the following proof, $\forall i=1\sim r$, assume
850: $P_i=p_i^{d_i}$ and $\overline{P_i}=m/P_i$. Since $p_1,\cdots,p_r$
851: are all primes, it is obvious that $\gcd(P_i,\overline{P_i})=1$. In
852: addition, assume $\mathbb{M}=\{0,\cdots,m-1\}$, and $\forall i=1\sim
853: r$, $\mathbb{M}_i=\{0,\cdots,P_i-1\}$ and
854: $\mathbb{M}_i^*=\{0,\cdots,\overline{P_i}-1\}$.
855:
856: First, $\forall i=1\sim r$, let us prove the ``only if" part.
857: $\forall a\in\mathbb{M}_i^*$, assume
858: $\mathbb{A}=\{x|x\in\mathbb{M},x\equiv
859: a\pmod{\overline{P_i}}\}=\{\overline{P_i}y+a|y\in\mathbb{M}_i\}$.
860: Since $f(x)$ is a permutation polynomial modulo
861: $m=P_i\overline{P_i}$, $\forall y_1,y_2\in\mathbb{A}$ and $y_1\neq
862: y_2$, one has $f(y_1)\not\equiv f(y_2)\pmod{P_i}$ or
863: $f(y_1)\not\equiv f(y_2)\pmod{\overline{P_i}}$, otherwise it
864: conflicts with part 3) of Theorem 2.3 in \cite{NZM:NumberTheory1991}
865: (i.e., Property IX in \S15 of \cite{Pan:ConciseNumberTheory1998}).
866: Since $f(y_1)\equiv f(y_2)\equiv a\pmod{\overline{P_i}}$, one
867: immediately knows $f(y_1)\not\equiv f(y_2)\pmod{P_i}$. From Lemma
868: \ref{theorem:bijection-degree1}, since $\gcd(\overline{P_i},P_i)=1$,
869: $g(y)=\overline{P_i}y+a$ is a permutation polynomial modulo $P_i$.
870: This means that $\mathbb{A}$ is a complete system of residues modulo
871: $P_i$. This leads to the result that $f(x)$ is a permutation
872: polynomial modulo $P_i$.
873:
874: Next, we prove the ``if" part. Given $r$ integers as follows:
875: $a_1\in\mathbb{M}_1$, $\cdots$, $a_r\in\mathbb{M}_r$, construct the
876: system of $r$ simultaneous congruences, $i=1\sim r:f(x)\equiv
877: a_i\pmod{P_i}$. From the Chinese Remainder Theorem, there is exactly
878: one solution of $f(x)$ in each complete system of residues modulo
879: $m$. Since $f(x)$ is a permutation polynomial modulo each $P_i$, we
880: can construct $m=\prod_{i=1}^rp_i^{d_i}$ systems of $r$ simultaneous
881: congruences, and get $m$ distinct solutions of $f(x)$ in each
882: complete system of residues modulo $m$. Considering there are only
883: $m$ elements in each complete system of residues modulo $m$, one can
884: immediately deduce that $f(x)$ is also a permutation polynomial
885: modulo $m$.
886: \end{proof}
887:
888: \begin{theorem}
889: Assume $p_1$, $\cdots$, $p_r$ are $r$ distinct prime numbers, $d_1$,
890: $\cdots$, $d_r\geq 1$ and $m=\prod_{i=1}^rp_i^{d_i}$. If $f_1(x)$,
891: $\cdots$, $f_r(x)$ are permutation polynomials modulo $p_1^{d_1}$,
892: $\cdots$, $p_r^{d_r}$, respectively, then there exists one and only
893: one permutation polynomial $f(x)$ modulo $m$ in each complete system
894: of polynomial residues modulo $m$, such that $f(x)\equiv
895: f_i(x)\pmod{p_i^{d_i}}$ holds for $i\in\{1,\cdots,r\}$.
896: \end{theorem}
897: \begin{proof}
898: Applying the Chinese remainder theorem on each coefficients of the
899: polynomials, one can immediately prove this theorem.
900: \end{proof}
901:
902: \section{Permutation Polynomials modulo $\bm{p}$}
903: \label{section:prime}
904:
905: It is natural to connect Fermat's Little Theorem with permutation
906: polynomials, since this theorem actually says that there always
907: exists a permutation polynomial $f(x)=x^p$ of degree $p$ modulo a
908: prime $p$ such that $\forall x\in\mathbb{Z}$, $f(x)\equiv x\pmod p$.
909: However, the original Fermat's Little Theorem say nothing about how
910: many permutation polynomials there are and how to calculate other
911: permutation polynomials (if any). We have an enhanced version to
912: answer this question.
913:
914: \begin{theorem}\label{theorem:Fermat-enhanced}
915: Assume $p$ is a prime. There exist $(p-1)p!$ congruence classes of
916: permutation polynomials of degree $p$ modulo $p$. For each given
917: bijection over $\{0,\cdots,p-1\}$, there exist $p-1$ congruence
918: classes of permutation polynomial of degree $p$ modulo $p$.
919: Specially, there exists a permutation polynomial $f(x)=x^p$, such
920: that $\forall x\in\mathbb{Z}$, $f(x)\equiv x\pmod p$.
921: \end{theorem}
922: \begin{proof}
923: Assume $f(x)=a_px_p+a_{p-1}x^{p-1}+\cdots+a_1x+a_0$, where
924: $a_p\not\equiv 0\pmod p$. Choosing $x=0,\cdots,p-1$, respectively,
925: one can get the following $p$ congruences modulo $p$.
926: \begin{eqnarray*}
927: a_p\cdot 0^p+a_{p-1}\cdot 0^{p-1}+\cdots a_1\cdot 0+a_0 & \equiv &
928: f(0)\pmod p\\
929: a_p\cdot 1^p+a_{p-1}\cdot 1^{p-1}+\cdots a_1\cdot 1+a_0 & \equiv &
930: f(1)\pmod p\\
931: & \vdots\\
932: a_p\cdot (p-1)^p+a_{p-1}\cdot (p-1)^{p-1}+\cdots a_1\cdot(p-1)+a_0 &
933: \equiv & f(p-1)\pmod p
934: \end{eqnarray*}
935: Fixing $a_p$, rewrite the above system of congruences as the
936: following matrix form $\bm{A}\bm{X}_a\equiv \bm{B}\pmod p$.
937: \begin{equation}
938: \left[\begin{matrix}%
939: 1 & 0 & 0 & \cdots & 0\\
940: 1 & 1 & 1 & \cdots & 1\\
941: 1 & 2 & 2^2 & \cdots & 2^p\\
942: \vdots & \vdots & \vdots & \ddots & \vdots\\
943: 1 & p-1 & (p-1)^2 & \cdots & (p-1)^p
944: \end{matrix}\right]
945: \left[\begin{matrix}%
946: a_0\\
947: a_1\\
948: a_2\\
949: \vdots\\
950: a_{p-1}
951: \end{matrix}\right]\equiv
952: \left[\begin{matrix}%
953: f(0)\\
954: f(1)-a_p\\
955: f(2)-2^pa_p\\
956: \vdots\\
957: f(p-1)-(p-1)^pa^p
958: \end{matrix}\right]\pmod p\label{equation:Fermat-enhanced}
959: \end{equation}
960: Apparently, $\bm{A}$ is a Vandermonde matrix, so its determinant can
961: be calculated as $|\bm{A}|=\prod_{0\leq i<j\leq p-1}(j-i)$
962: \cite[\S4.4]{Zhang:MatrixTheory1999}. Since $p$ is a prime and
963: $0\leq(j-i)\leq p-1$, one has $\gcd(|\bm{A}|,p)=1$. Thus, the above
964: system of congruence has a unique (i.e., one and only one) solution
965: modulo $p$, for each combination of the values of
966: $f(0),\cdots,f(p-1)$ and $a_p$. For each possible value of $a_p$,
967: the number of all possible combinations of the values of
968: $f(0),\cdots,f(p-1)$ is $p!$. Since $a_p$ has $p-1$ congruence
969: classes modulo $p$, one immediately deduces that there exists
970: $(p-1)p!$ congruence classes of permutation polynomials of degree
971: $p$ modulo $p$. For each bijection over $\{0,\cdots,p-1\}$, i.e.,
972: for each combination of the values of $f(0),\cdots,f(p-1)$, there
973: are $p-1$ distinct congruence classes of permutation polynomials of
974: degree $p$ modulo $p$, each of which corresponds to one possible
975: value of $a_p$ modulo $p$.
976:
977: When $a_p=1$, choosing $f(i)=i$ for $i=0\sim p-1$, one can get a
978: special solution: $a_0\equiv a_1\equiv \cdots\equiv a_{p-1}\equiv
979: 0\pmod p$. This leads to $f(x)=x^p\equiv x\pmod p$, which is the
980: permutation polynomial of degree $p$ modulo $p$ as mentioned in the
981: Fermat's little theorem.
982: \end{proof}
983:
984: From the above theorem, one can get some more results on the number
985: of permutation polynomials and induced bijections modulo $p$.
986:
987: \begin{notation}
988: Assume $p$ is a prime. Denote the number of distinct permutation
989: polynomials and the number of all distinct polynomials in a complete
990: system of polynomial resides of degree $\leq n$ modulo $p$ by
991: $N_{pp}(\leq n,p)$ and $N_p(\leq n,p)$ respectively. Here, the
992: subscript ``pp" means ``permutation polynomial" and ``p" denotes
993: ``polynomial". Similar functions will be defined later.
994: \end{notation}
995:
996: \begin{corollary}\label{corollary:count-bijective-poly-p}
997: Assume $p$ is a prime. The following is true: when $n\geq p-1$,
998: $\dfrac{N_{pp}(\leq n,p)}{N_p(\leq n,p)}=\dfrac{(p-1)!}{p^{p-1}}$.
999: \end{corollary}
1000: \begin{proof}
1001: Recall the proof of Theorem \ref{theorem:Fermat-enhanced}, when
1002: $n\geq p-1$, changing the degree of the polynomial from $p$ to $n$
1003: and moving $a_p,\cdots,a_n$ to the right side, Eq.
1004: (\ref{equation:Fermat-enhanced}) has a unique set of incongruent
1005: solutions to the values of $f(0),\cdots,f(p-1),a_p,\cdots,a_n$.
1006: Since $f(0),\cdots,f(p-1)$ forms a complete permutation modulo $p$,
1007: one immediately has $N_{pp}(\leq n)/N_p(\leq
1008: n)=p!/p^p=(p-1)!/p^{p-1}$.
1009: \end{proof}
1010:
1011: \begin{corollary}\label{corollary:count-bijection-p}
1012: Assume $p$ is a prime and $n\geq p-1$. The number of bijections
1013: induced from permutation polynomials of degree $\leq n$ modulo $p$
1014: is $p!$.
1015: \end{corollary}
1016: \begin{proof}
1017: This corollary can be proved in the same way as the above corollary,
1018: due to the fact that each permutation of
1019: $f(0),\cdots,f(p-1),a_p,\cdots,a_n$ corresponds to a unique set of
1020: incongruent solutions to $a_0,\cdots,a_{p-1}$.
1021: \end{proof}
1022:
1023: \begin{corollary}[A special case of Lemma \ref{lemma:equivalent-poly-pd}]
1024: Assume $p$ is a prime. Two permutation polynomials of degree $\leq
1025: p-1$ modulo $p$, $f_1(x)$ and $f_2(x)$, are equivalent if and only
1026: if they are congruence polynomials modulo $p$, i.e., $f_1(x)\equiv
1027: f_2(x)\pmod p$.
1028: \end{corollary}
1029: \begin{proof}
1030: The ``if" part is obvious. Let us see the ``only if" part. From the
1031: above two corollaries, the number of permutation polynomials of
1032: degree $\leq p-1$ modulo $p$ and the number of bijections induced
1033: from these polynomials are both $p!$. This immediately leads to the
1034: fact that any two equivalent permutation polynomials are congruent
1035: polynomials, otherwise the number of bijections will be less than
1036: $p!$. Thus, this corollary is true.
1037: \end{proof}
1038:
1039: \begin{corollary}
1040: Assume $p$ is a prime and $f(x)=a_nx^n+\cdots+a_1x+a_0$ is a
1041: permutation polynomial of degree $n\geq p$ modulo $p$. Then $f(x)$
1042: has exactly $p^{n-p}$ equivalent polynomials of degree $\leq n$
1043: modulo $p$ (including itself).
1044: \end{corollary}
1045: \begin{proof}
1046: This corollary can be proved in a similar way to the above
1047: corollaries.
1048: \end{proof}
1049:
1050: \section{Permutation Polynomials modulo $\bm{p^d}$ ($\bm{d\geq 1}$)}
1051: \label{section:PrimePowers}
1052:
1053: \subsection{Hierarchy Theorem}
1054:
1055: This theorem shows the hierarchical structure of the bijection
1056: induced from a permutation polynomial modulo $p^d$.
1057:
1058: \begin{theorem}[Hierarchy Theorem]\label{theorem:hierarchy-pd}
1059: Assume $p$ is a prime and $f(x)=a_nx^n+\cdots+a_1x$ is a permutation
1060: polynomial of degree $n$ modulo $m=p^d$ and
1061: $\mathbb{A}=\{0,\cdots,p^d-1\}$. The following results are true.
1062: \begin{enumerate}
1063: \item
1064: The induced bijection $F:\mathbb{A}\to\mathbb{A}$ is composed of two
1065: sub-bijections, $F_1:\mathbb{A}(\geq 1|_p)\to\mathbb{A}(\geq 1|_p)$
1066: and $F_0:\mathbb{A}\backslash\mathbb{A}(\geq
1067: 1|_p)\to\mathbb{A}\backslash\mathbb{A}(\geq 1|_p)$.
1068:
1069: \item
1070: The sub-bijection $F_0$ is composed of $p-1$ sub-bijections,
1071: $\forall i=1\sim p-1$, $F_{0,i}:[(\mathbb{A}(\geq 1|_p)+i)\bmod
1072: m]\to\left[\left(\mathbb{A}(\geq
1073: 1|_p)+\sum_{k=1}^ni^ka_k\right)\bmod m\right]$.
1074:
1075: \item
1076: When $d\geq 2$, each of the $p$ sub-bijections, $F_1$ and
1077: $F_{0,1},\cdots,F_{0,p-1}$, corresponds to a permutation polynomial
1078: of degree $\leq d-1$ modulo $p^{d-1}$ in the following form:
1079: $f^*(z)=\sum_{i=d-1}^1b_ip^{i-1}z^i=b_{d-1}p^{d-2}z^{d-1}+\cdots+b_2pz+b_1z$.
1080:
1081: \item
1082: When $d\geq 2$, $F_1$ has is composed of $d$ sub-bijections:
1083: $i=1\sim d-1$, $F_{1,i}:\mathbb{A}(i|_p)\to\mathbb{A}(i|_p)$, and
1084: $F_{1,d}:\mathbb{A}(+\infty|_p)\to\mathbb{A}(+\infty|_p)$. Each of
1085: $F_{0,1},\cdots,F_{0,p-1}$ is also composed of $d$ sub-bijections of
1086: this kind.
1087:
1088: \item
1089: When $d\geq 1$, $\forall i,j\in\{0,\cdots,p-1\}$ and $i\neq j$,
1090: $\sum_{k=1}^na_k(j^k-i^k)=a_1(j-i)+a_2(j^2-i^2)+\cdots+a_n(j^n-i^n)\not\equiv
1091: 0\pmod p$.
1092:
1093: \item
1094: When $d\geq 2$, $\forall i\in\{0,\cdots,p-1\}$,
1095: $\sum_{k=1}^nki^{k-1}a_k=a_1+2\cdot i^1\cdot a_2+\cdots+n\cdot
1096: i^{n-1}\cdot a_n\not\equiv 0\pmod p$.
1097: \end{enumerate}
1098: \end{theorem}
1099: \begin{proof}
1100: We prove all the results one by one. Note that $\mathbb{A}(\geq
1101: 1|_p)$, $[(\mathbb{A}(\geq 1|_p)+1)\bmod m],\cdots,[(\mathbb{A}(\geq
1102: 1|_p)+p-1)\bmod m]$ forms a partition of $\mathbb{A}$.
1103:
1104: 1. $\forall x\in\mathbb{A}(\geq 1|_p)$, then $p\mid x$. Since $x\mid
1105: f(x)$, so $p\mid f(x)$. This means that $f(x)$ forms a sub-bijection
1106: $F_1:\mathbb{A}(\geq 1|_p)\to\mathbb{A}(\geq 1|_p)$. From Lemma
1107: \ref{lemma:sub-bijection}, there exists another sub-bijection
1108: $F_0:\mathbb{A}\backslash\mathbb{A}(\geq
1109: 1|_p)\to\mathbb{A}\backslash\mathbb{A}(\geq 1|_p)$.
1110:
1111: 2 \& 5. $\forall i=1\sim p-1$ and $\forall x\in[(\mathbb{A}(\geq
1112: 1|_p)+i)\bmod p]$, one has $x\equiv i\mod p$. Assume $x=y+i$, where
1113: $y\in\mathbb{A}(\geq 1|_p)$, and one can get a new polynomial as
1114: follows:
1115: \[
1116: f_{0,i}^*(y)=f(y+i)=a_n(y+i)^n+\cdots+a_1(y+i)=f_{0,i}^{**}(y)+\sum_{k=1}^ni^ka_k,
1117: \]
1118: where
1119: $f_{0,i}^{**}(y)=\sum_{l=n}^1\left(\sum_{k=l}^n\binom{k}{l}i^{k-l}a_ky^l\right)$.
1120: Applying the first result on $f_{0,i}^{**}(y)$, one knows it forms a
1121: sub-bijection over $\mathbb{A}(\geq 1|_p)$. So, $f(x)$ forms a
1122: sub-bijection $F_{0,i}:[(\mathbb{A}(\geq 1|_p)+i)\bmod
1123: p]\to\left[\left(\mathbb{A}(\geq
1124: 1|_p)+\sum_{k=1}^ni^ka_k\right)\bmod m\right]$. This proves the 2nd
1125: result of this theorem. Since $f(x)$ is a permutation polynomial
1126: modulo $p^d$, $\forall i\neq j$, the ranges of
1127: $F_{0,1},\cdots,F_{0,p-1}$ should form a partition of
1128: $\mathbb{A}\backslash\mathbb{A}(\geq 1|_p)$. This means that
1129: $\forall i,j\in\{0,\cdots,p-1\}$ and $i\neq j$,
1130: $\sum_{k=1}^ni^ka_k\not\equiv \sum_{k=1}^nj^ka_k\pmod p$. This leads
1131: to the 5th result of this theorem.
1132:
1133: 3. For $F_1$, since $p\mid x$, let us assume $x=pz$, where
1134: $z\in\{0,\cdots,p^{d-1}-1\}$. Substitute $x=pz$ into $f(x)$, we have
1135: another polynomial
1136: $f_1(z)=f(pz)=a_n(pz)^n+\cdots+a_1(pz)=pf_1^*(z)$, where
1137: $f_1^*(z)=a_np^{n-1}z^n+\cdots+a_1z$. Apparently, over
1138: $\mathbb{A}(\geq |_p)$, $f(x)$ is uniquely determined by the
1139: polynomial $f_1^*(z)$ modulo $p^{d-1}$. This means that $f_1^*(z)$
1140: is a permutation polynomial modulo $p^{d-1}$. When $n\geq d$,
1141: $p^{d-1}\mid a_np^{n-1}z^n+\cdots+a_dp^{d-1}z^d$, so $f_1^*(z)\equiv
1142: a_{d-1}p^{d-2}z^{d-1}+\cdots+a_1z\pmod{p^{d-1}}$. As a result, the
1143: degree of $f_1^*(z)$ modulo $p^{d-1}$ is always not greater than
1144: $d-1$. For $F_{0,1},\cdots,F_{0,p-1}$, applying the same analysis on
1145: $f_{0,1}^{**}(y),\cdots,f_{0,p-1}^{**}(y)$, one can get a similar
1146: result.
1147:
1148: 4 \& 6. When $x\in\mathbb{A}(+\infty|_p)=\{0\}$, $f(x)=f(0)=0$, so
1149: there exists a sub-bijection
1150: $F_{1,d}:\mathbb{A}(+\infty|_p)\to\mathbb{A}(+\infty|_p)$. $\forall
1151: i=1\sim d-1$ and $\forall x\in\mathbb{A}(i|_p)$, then $\exists
1152: k_1,k_2\in\mathbb{Z}$ and $k_2\not\equiv 0\pmod p$, such that
1153: $x=p^i(k_1p+k_2)$. Then,
1154: $x^2=p^{2i}(k_1p+k_2)^2=p^{i+1}p^{i-1}(k_1p+k_2)^2$, so $p^{i+1}\mid
1155: x^2$. As a result, $f(x)\equiv a_1x=a_1p^i(k_1p+k_2)\pmod{p^{i+1}}$.
1156: Assume $a_1\equiv 0\pmod p$, one has $f(x)\equiv 0\pmod{p^{i+1}}$.
1157: This means that $f(x)\in\mathbb{A}(\geq i+1|_p)\backslash\{0\}$.
1158: However, since $p\geq 2$, the cardinality of $\mathbb{A}(\geq
1159: i+1|_p)\backslash\{0\}$ is always smaller than the cardinality of
1160: $\mathbb{A}(i|_p)$, which conflicts with the fact that $f(x)$ is a
1161: permutation polynomial modulo $p^d$. So one immediately has
1162: $a_1\not\equiv 0\pmod p$ and $f(x)\in\mathbb{A}(i|_p)$, i.e., $f(x)$
1163: forms a sub-bijection over $\mathbb{A}(i|_p)$. For $i=1\sim p-1$,
1164: applying the same analysis for $f_{0,i}^{**}(y)$, we can get similar
1165: results: $\sum_{k=1}^nki^{k-1}a_k\not\equiv 0\pmod p$ and
1166: $f(x)_{0,i}^{**}(y)\in\mathbb{A}(i|_p)$. Thus the 4th and the 6th
1167: results have been proved.
1168: \end{proof}
1169:
1170: \subsection{Necessary and Sufficient Conditions for Permutation Polynomials}
1171:
1172: \iffalse
1173: \begin{lemma}
1174: Assume $p$ is a prime. The polynomial $f(x)=a_nx^n+\cdots+a_1x$ is a
1175: permutation polynomial modulo $p$ if and only if $\forall
1176: i,j\in\{0,\cdots,p-1\}$ and $i\neq j$,
1177: $\sum_{k=1}^na_k(j^k-i^k)=a_1(j-i)+a_2(j^2-i^2)+\cdots+a_n(j^n-i^n)\not\equiv
1178: 0\pmod p$.
1179: \end{lemma}
1180: \begin{proof}
1181: Since $f(j)-f(i)=\sum_{k=1}^na_k(j^k-i^k)$, this lemma is true from
1182: the definition of a bijection.
1183: \end{proof}
1184: \fi
1185:
1186: \begin{theorem}\label{theorem:bijective-poly-NSC-pd}
1187: Assume $p$ is a prime and $d\geq 2$. The polynomial
1188: $f(x)=a_nx^n+\cdots+a_1x$ is a permutation polynomial modulo $p^d$
1189: if and only if the following two conditions are true simultaneously:
1190: \begin{enumerate}
1191: \item
1192: $f(x)$ is a permutation polynomial modulo $p$, i.e., $\forall
1193: i,j\in\{0,\cdots,p-1\}$ and $i\neq j$,
1194: $f(j)-f(i)=\sum_{k=1}^na_k(j^k-i^k)=a_1(j-i)+a_2(j^2-i^2)+\cdots+a_n(j^n-i^n)\not\equiv
1195: 0\pmod p$.
1196:
1197: \item
1198: $\forall i\in\{0,\cdots,p-1\}$,
1199: $\sum_{k=1}^nki^{k-1}a_k=a_1+2ia_2+\cdots+ni^{n-1}a_n\not\equiv
1200: 0\pmod p$.
1201: \end{enumerate}
1202: \end{theorem}
1203: \begin{proof}
1204: The ``only if" part of this theorem has been proved in Theorem
1205: \ref{theorem:hierarchy-pd}, so we only focus on the ``if" part. Let
1206: us use mathematical induction on $d$ to prove this part.
1207:
1208: 1) When $d=2$, consider the $p$ sub-bijections, $F_1$,
1209: $F_{0,1},\cdots,F_{0,p-1}$, separately.
1210:
1211: When $x\in\mathbb{A}(\geq 1|_p)$, assume $x=pz$, where
1212: $z\in\{0,\cdots,p-1\}$, so $f(x)=a_nx^n+\cdots+a_2x^2+a_1x\equiv
1213: p\cdot a_1z\pmod{p^2}$. Apparently, $f(x)$ is uniquely determined by
1214: the polynomial $f_1^*(z)=a_1z$ modulo $p$. Choosing $i=0$, the
1215: second necessary and sufficient condition becomes $a_1\not\equiv
1216: 0\pmod p$, which means $\gcd(a_1,p)=1$. Then, from Lemma
1217: \ref{theorem:bijection-degree1}, $f_1^*(z)=a_1z$ forms a bijection
1218: over $\{0,\cdots,p-1\}$. This means $f(x)$ forms a bijection $F_1$
1219: over $\mathbb{A}(\geq 1|_p)$.
1220:
1221: $\forall i=1\sim p-1$ and $\forall x\in[(\mathbb{A}(\geq
1222: 1|_p)+i)\bmod p]$, assume $x=y+i$, where $y\in\mathbb{A}(\geq
1223: 1|_p)$. Substitute $x=y+i$ into $f(x)$, one has
1224: $f_{0,i}^*(y)=f_{0,i}^{**}(y)+\sum_{k=1}^ni^ka_k$, where
1225: $f_{0,i}^{**}(y)=\sum_{l=n}^1\left(\sum_{k=l}^n\binom{k}{l}i^{k-l}a_ky^l\right)$.
1226: Assume $y=pz$, where $z\in\{0,\cdots,p-1\}$, due to the same reason
1227: in the case of $x\in\mathbb{A}(\geq 1|_p)$, $f_{0,i}^{**}(y)\equiv
1228: \sum_{k=1}^nki^{k-1}a_ky\equiv p\sum_{k=1}^nki^{k-1}a_kz\pmod{p^2}$.
1229: The second necessary and sufficient condition ensure that
1230: $\gcd\left(\sum_{k=1}^nki^{k-1}a_k,p\right)=1$, so
1231: $\sum_{k=1}^nki^{k-1}a_kz$ forms a bijection over $\{0,\cdots,p-1\}$
1232: and thus $f_{0,i}^{**}(y)$ forms a bijection over $\mathbb{A}(\geq
1233: 1|_p)$. This further leads to the fact that $f(x)$ forms a bijection
1234: $F_{0,i}:[(\mathbb{A}(\geq 1|_p)+i)\bmod
1235: p]\to\left[\left(\mathbb{A}(\geq
1236: 1|_p)+\sum_{k=1}^ni^ka_k\right)\bmod p\right]$.
1237:
1238: In addition, the first necessary and sufficient condition ensures
1239: that the range of $F_{0,0},\cdots,F_{0,p-1}$ forms a partition of
1240: $\mathbb{A}\backslash\mathbb{A}(\geq 1|_p)$. This means that there
1241: exists a super-bijection $F_0$ over
1242: $\mathbb{A}\backslash\mathbb{A}(\geq 1|_p)$.
1243:
1244: The above analyses show that $f(x)$ forms a bijection over
1245: $\mathbb{A}$.
1246:
1247: 2) Assume the ``if" part is true for $2,\cdots,d-1$. Let us prove
1248: the case of $d\geq 3$. Similarly, let us consider the $p$
1249: sub-bijections, $F_1$, $F_{0,1},\cdots,F_{0,p-1}$, separately.
1250:
1251: When $x\in\mathbb{A}(\geq 1|_p)$, assume $x=pz$, where
1252: $z\in\{0,\cdots,p^{d-1}-1\}$, so
1253: $f(x)=a_nx^n+\cdots+a_2x^2+a_1x\equiv
1254: p(a_np^{n-1}x^n+\cdots+a_2pz+a_1z)\pmod{p^d}$. Apparently, $f(x)$ is
1255: uniquely determined by the polynomial
1256: $f_1^*(z)=b_nz^n+\cdots+b_1z=a_np^{n-1}x^n+\cdots+a_2pz+a_1z$ modulo
1257: $p^{d-1}$. Since $b_i\equiv 0\pmod p$ when $i\geq 2$, one can easily
1258: verify that $f_1^*(z)$ satisfies the two necessary and sufficient
1259: conditions, so from the previous assumption, $f_1^*(z)$ is a
1260: permutation polynomial modulo $p^{d-1}$. This means that $f(x)$
1261: forms a bijection over $\mathbb{A}(\geq 1|_p)$.
1262:
1263: $\forall i=1\sim p-1$ and $\forall x\in[(\mathbb{A}(\geq
1264: 1|_p)+i)\bmod p]$, assume $x=y+i$, where $y\in\mathbb{A}(\geq
1265: 1|_p)$. Substitute $x=y+i$ into $f(x)$, one has
1266: $f_{0,i}^*(y)=f_{0,i}^{**}(y)+\sum_{k=1}^ni^ka_k$, where
1267: $f_{0,i}^{**}(y)=\sum_{l=n}^1\left(\sum_{k=l}^n\binom{k}{l}i^{k-l}a_ky^l\right)$.
1268: Assume $y=pz$, where $z\in\{0,\cdots,p-1\}$, one has
1269: $f_{0,i}^{**}(y)=\sum_{l=n}^1\left(\sum_{k=l}^n\binom{k}{l}i^{k-l}a_kp^lz^l\right)
1270: =p\sum_{l=n}^1\left(\sum_{k=l}^n\binom{k}{l}i^{k-l}a_kp^{l-1}z^l\right)$.
1271: Apparently, $f_{0,i}^{**}(y)$ is uniquely determined by the
1272: polynomial
1273: $f_{0,i}^{***}(z)=b_nz^n+\cdots+b_1z=\sum_{l=n}^2\left(\sum_{k=l}^n\binom{k}{l}i^{k-l}a_kp^{l-1}z^l\right)+
1274: \sum_{k=1}^nki^{k-1}a_kz$ modulo $p^{d-1}$. Similarly, since
1275: $b_k\equiv 0\pmod p$ when $k\geq 2$, $\forall
1276: i,j\in\{0,\cdots,p-1\}$ and $i\neq j$, one has
1277: $\sum_{k=1}^nki^{k-1}b_k\equiv b_1=\sum_{k=1}^nki^{k-1}a_k\not\equiv
1278: 0\pmod p$ and $\sum_{k=1}^nb_k(j^k-i^k)\equiv
1279: b_1(j-i)=(j-i)\sum_{k=1}^nki^{k-1}a_k\not\equiv 0\pmod p$, where
1280: note that $j-i\not\equiv 0\pmod p$. That is, the two necessary and
1281: sufficient conditions hold for $f_{0,i}^{***}(z)$, so from the
1282: previous assumption, $f_{0,i}^{***}(z)$ is a permutation polynomial
1283: modulo $p^{d-1}$, i.e., $f_{0,i}^{**}(y)$ forms a bijection over
1284: $\mathbb{A}(\geq 1|_p)$ and $f(x)$ forms a bijection
1285: $F_{0,i}:[(\mathbb{A}(\geq 1|_p)+i)\bmod
1286: p]\to\left[\left(\mathbb{A}(\geq
1287: 1|_p)+\sum_{k=1}^ni^ka_k\right)\bmod p\right]$.
1288:
1289: In addition, the first necessary and sufficient condition ensures
1290: that the range of $F_{0,0},\cdots,F_{0,p-1}$ forms a partition of
1291: $\mathbb{A}\backslash\mathbb{A}(\geq 1|_p)$. This means that there
1292: exists a super-bijection $F_0$ over
1293: $\mathbb{A}\backslash\mathbb{A}(\geq 1|_p)$.
1294:
1295: The above analyses show that $f(x)$ forms a bijection over
1296: $\mathbb{A}$. Thus this theorem is proved.
1297: \end{proof}
1298:
1299: \begin{corollary}\label{corollary:bijective-poly-NSC-2d}
1300: The polynomial $f(x)=a_nx^n+\cdots+a_1x$ is a permutation polynomial
1301: modulo $2^d$ if and only if the following two conditions are true
1302: simultaneously: $a_1\equiv 1\pmod 2$, $a_2+a_4+\cdots\equiv
1303: a_3+a_5+\cdots\equiv 0\pmod 2$.
1304: \end{corollary}
1305: \begin{proof}
1306: From Theorem \ref{theorem:bijective-poly-NSC-pd}, choosing $p=2$,
1307: one has the following necessary and sufficient conditions:
1308: $\sum_{i=1}^na_i\not\equiv 0\pmod 2$, $a_1\not\equiv 0\pmod 2$ and
1309: $\sum_{i=1}^nia_i\not\equiv 0\pmod 2$. These conditions can be
1310: simplified to be: $a_1\equiv 1\pmod 2$, $\sum_{i=2}^na_i\equiv
1311: \sum_{i=2}^nia_i\equiv 0\pmod 2$. Removing even terms from
1312: $\sum_{i=2}^nia_i\equiv 0\pmod 2$, one has $a_3+a_5+\cdots\equiv
1313: 0\pmod 2$. Then, subtracting $a_3+a_5+\cdots$ from
1314: $\sum_{i=2}^na_i$, one has $a_2+a_4+\cdots\equiv 0\pmod 2$. This
1315: corollary is thus proved.
1316: \end{proof}
1317:
1318: \begin{corollary}\label{corollary:bijective-poly-NSC-all-degrees}
1319: Assume $p$ is a prime and $d\geq 2$. If $f(x)$ is a permutation
1320: polynomial modulo $p^d$, then $\forall i\geq 1$, it is still a
1321: permutation polynomial modulo $p^i$.
1322: \end{corollary}
1323: \begin{proof}
1324: This corollary is a direct result of Theorem
1325: \ref{theorem:bijective-poly-NSC-pd}.
1326: \end{proof}
1327:
1328: \iffalse
1329: \begin{corollary}\label{corollary:equivalent-special-poly-NSC}
1330: Assume $p$ is a prime and $d\geq 1$. A polynomial
1331: $f(x)=\sum_{i=n}^1a_ip^{i-1}x^i=a_np^{n-1}x^n+\cdots+a_2px^2+a_1x$
1332: is a permutation polynomial modulo $p^d$ if and only if
1333: $a_1\not\equiv 0\pmod p$.
1334: \end{corollary}
1335: \begin{proof}
1336: From Theorem \ref{theorem:bijective-poly-NSC-pd}, substitute the
1337: coefficients into the necessary and sufficient conditions. Since
1338: only the lowest coefficients are not congruent to 0 modulo $p$, one
1339: can get the following conditions: for $i=1\sim p-1$, $ia_1\not\equiv
1340: 0\pmod p$. This immediately leads to $a_1\not\equiv 0\pmod p$ and
1341: completes the proof of this corollary.
1342: \end{proof}
1343: The above corollary will be used later to estimate an upper bound of
1344: the number of bijections induced from all permutation polynomials
1345: modulo $p^d$.\fi
1346:
1347: \begin{theorem}\label{theorem:bijective-poly-NSC-pd-degree2}
1348: Assume $p$ is a prime and $d\geq 1$. A binomial $f(x)=a_2x^2+a_1x$
1349: is a permutation polynomial modulo $p^d$ if and only if
1350: $a_1\not\equiv 0\pmod p$ and $a_2\equiv 0\pmod p$.
1351: \end{theorem}
1352: \begin{proof}
1353: The ``if" part can be easily verified by checking the necessary and
1354: sufficient conditions in Theorem
1355: \ref{theorem:bijective-poly-NSC-pd}. We focus on the ``only if"
1356: part.
1357:
1358: When $p=2$, one can verify the result is true. Let us consider the
1359: case of $p>2$. From Theorem \ref{theorem:bijective-poly-NSC-pd},
1360: $a_1(1-(p-1))+a_2(1^2-(p-1)^2)\equiv 2a_1\not\equiv 0\pmod p$, which
1361: immediately leads to $a_1\not\equiv 0\pmod p$. Again, from Theorem
1362: \ref{theorem:bijective-poly-NSC-pd}, the following conditions hold:
1363: $\forall i=1\sim p-1$, $ia_1+i^2a_2\not\equiv 0\pmod p$. Since $p$
1364: is a prime, each integer in $\{1,\cdots,p-1\}$ has an inverse modulo
1365: $p$. Multiplying the inverse of $i$ at both sides of each condition,
1366: one gets $a_1+ia_2\not\equiv 0\pmod p$, so $a_2\not\equiv
1367: -a_1\bar{i}\pmod p$, where $\bar{i}$ is the inverse of $i$ modulo
1368: $p$. Since $\{i\}$ forms a reduced system of residues modulo $p$,
1369: $\{-a_1\bar{i}\}=\{-a_1,\cdots,-a_1(p-1)\}$ still forms a reduced
1370: system of residues modulo $p$. Thus $a_2\equiv 0\pmod p$.
1371: \end{proof}
1372: \begin{remark}
1373: Note that Theorem \ref{theorem:bijective-poly-NSC-pd-degree2}
1374: actually says that the first group of the necessary and sufficient
1375: conditions covers the second group of conditions when the degree is
1376: 1 or 2 modulo $p^d$.
1377: \end{remark}
1378: \begin{corollary}
1379: Assume $p$ is a prime and $d\geq 1$. If $f(x)$ is a permutation
1380: polynomial of degree 1 modulo $p^d$, then $\forall i\geq 1$, it is
1381: still a permutation polynomial modulo $p^i$.
1382: \end{corollary}
1383: \begin{proof}
1384: This corollary is a direct result of Theorem
1385: \ref{theorem:bijective-poly-NSC-pd-degree2}.
1386: \end{proof}
1387:
1388: \fproblem{When $3\leq n\leq p-1$, is it possible to get further
1389: simplified necessary and sufficient conditions?}
1390:
1391: \begin{remark}\label{remark:RepeatingWork}
1392: After finishing the first draft of this paper, we noticed Rivest's
1393: paper \cite{Rivest:PPmod2w:FFTA2001} and found Corollary
1394: \ref{corollary:bijective-poly-NSC-2d} was proved by the author in
1395: 2002. Through \cite{Rivest:PPmod2w:FFTA2001}, we further noticed
1396: Mullen's paper \cite{Mullen:PolyFun-mod:AMH1984} and realized that
1397: Theorem \ref{theorem:bijective-poly-NSC-pd} can also be derived from
1398: Theorem 123 in \cite{HW:NumberTheory1979}, where the second
1399: condition becomes that $f'(x)\not\equiv 0\pmod p$ holds for any
1400: integer $x$. In addition, recently we found yet another paper
1401: \cite{Sun:PPmodCoding:IEEETIT2005}, in which Theorem
1402: \ref{theorem:bijective-poly-NSC-pd-degree2} was also obtained in a
1403: similar way (Corollary 2.4). Furthermore, we also noticed Lemma 4.2
1404: in Chap. 4 of \cite{RMT:DicksonPoly1993} gives a more general form
1405: of Theorem \ref{theorem:bijective-poly-NSC-pd}. Considering the fact
1406: that our proof of Theorem \ref{theorem:bijective-poly-NSC-pd} is
1407: independent of Theorem 123 in \cite{HW:NumberTheory1979}, it can be
1408: considered as a different proof of this result.
1409: \end{remark}
1410:
1411: \subsection{Counting Permutation Polynomials and Induced Permutations}
1412:
1413: The case of $n\geq p-1$ modulo $p$ has been solved in Corollary
1414: \ref{corollary:count-bijective-poly-p}. This subsection discusses
1415: other cases modulo $p^d$ ($d\geq 1$).
1416:
1417: \begin{notation}
1418: Assume $p$ is a prime and $d\geq 1$. Denote the number of
1419: permutation polynomials and the number of all polynomials in a
1420: complete system of polynomial resides of degree $\leq n$ modulo
1421: $p^d$ by $N_{pp}(\leq n,p^d)$ and $N_p(\leq n,p^d)$, respectively.
1422: \end{notation}
1423:
1424: \begin{remark}
1425: Note that the number of permutation polynomials of degree $n$ modulo
1426: $p^d$ can be easily calculated to be $N_{pp}(\leq n,p^d)-N_{pp}(\leq
1427: n-1,p^d)$. So this paper only focuses on the number of permutation
1428: polynomials of degree $\leq n$ modulo $p^d$.
1429: \end{remark}
1430:
1431: \begin{theorem}
1432: For any prime $p$ and $d\geq 1$, $\dfrac{N_{pp}(\leq
1433: 1,p^d)}{N_p(\leq 1,p^d)}=\dfrac{p-1}{p}$ and $\dfrac{N_{pp}(\leq
1434: 2,p^d)}{N_p(\leq 2,p^d)}=\dfrac{p-1}{p^2}$.
1435: \end{theorem}
1436: \begin{proof}
1437: This theorem is a direct result of Theorems
1438: \ref{theorem:bijection-degree1} and
1439: \ref{theorem:bijective-poly-NSC-pd-degree2}.
1440: \end{proof}
1441:
1442: \begin{theorem}\label{theorem:count-bijective-poly-pd}
1443: For any prime $p$ and $d\geq 2$, $\dfrac{N_{pp}(\leq
1444: n,p^d)}{N_p(\leq n,p^d)}=\dfrac{(p-1)^p(p-1)!}{p^{2p-1}}$ when
1445: $n\geq 2p-1$.
1446: \end{theorem}
1447: \begin{proof}
1448: From Theorem \ref{theorem:bijective-poly-NSC-pd}, a bijective
1449: polynomial should satisfy the following conditions:
1450: \begin{itemize}
1451: \item
1452: $\binom{p}{2}=\frac{p(p-1)}{2}$ conditions: $\forall
1453: i,j\in\{0,\cdots,p-1\}$ and $i\neq j$,
1454: $\sum_{k=1}^na_k(i^k-j^k)=a_1(i-j)+\cdots+a_n(i^n-j^n)\not\equiv
1455: 0\pmod p$;
1456:
1457: \item
1458: $p$ conditions: $\forall i\in\{0,\cdots,p-1\}$,
1459: $\sum_{k=1}^nki^{k-1}a_k=a_1+2ia_2+\cdots+ni^{n-1}a_n\not\equiv
1460: 0\pmod p$.
1461: \end{itemize}
1462: Among the above $\binom{p}{2}+p=\frac{p(p+1)}{2}$ conditions, choose
1463: the following $2p-1$ conditions:
1464: \begin{itemize}
1465: \item
1466: $p-1$ conditions: $\forall i\in\{1,\cdots,p-1\}$ and $j=0$,
1467: $\sum_{k=1}^na_ki^k=a_1i+\cdots+a_ni^n\equiv b_i\pmod p$, where
1468: $b_i\not\equiv 0\pmod p$;
1469:
1470: \item
1471: $p$ conditions: $\forall i\in\{0,\cdots,p-1\}$,
1472: $\sum_{k=1}^nki^{k-1}a_k=a_1+2ia_2+\cdots+ni^{n-1}a_n\equiv
1473: b_{p+i}\pmod p$, where $b_{p+i}\not\equiv 0\pmod p$.
1474: \end{itemize}
1475: Rewrite the above $2p-1$ condition as a system of congruences:
1476: \[
1477: \left[\begin{matrix}%
1478: 1 & 1 & 1 & \cdots & 1\\
1479: 2 & 2^2 & 2^3 & \cdots & 2^n\\
1480: \vdots & \vdots & \vdots & \ddots & \vdots\\
1481: (p-1) & (p-1)^2 & (p-1)^3 & \cdots & (p-1)^n\\
1482: 1 & 0 & 0 & \cdots & 0\\
1483: 1 & 2 & 3 & \cdots & n\\
1484: 1 & 2\cdot 2 & 3\cdot 2^2 & \cdots & n\cdot 2^{n-1}\\
1485: \vdots & \vdots & \vdots & \ddots & \vdots\\
1486: 1 & 2\cdot(p-1) & 3\cdot(p-1)^2 & \cdots & n\cdot(p-1)^{n-1}
1487: \end{matrix}\right]
1488: \left[\begin{matrix}%
1489: a_1\\a_2\\a_3\\a_4\\\vdots\\a_{n-3}\\a_{n-2}\\a_{n-1}\\a_n
1490: \end{matrix}\right]\equiv
1491: \left[\begin{matrix}%
1492: b_1\\
1493: b_2\\
1494: \vdots\\
1495: b_{p-1}\\
1496: b_p\\
1497: b_{p+1}\\
1498: b_{p+2}\\
1499: \vdots\\
1500: b_{2p-1}
1501: \end{matrix}\right]\pmod p.
1502: \]
1503: If we only consider $a_1,\cdots,a_{2p-1}$ as unknown variables, the
1504: above system can be reduced to be the following system:\small
1505: \[
1506: \left[\begin{matrix}%
1507: 1 & 1 & 1 & \cdots & 1\\
1508: 2 & 2^2 & 2^3 & \cdots & 2^{2p-1}\\
1509: \vdots & \vdots & \vdots & \ddots & \vdots\\
1510: (p-1) & (p-1)^2 & (p-1)^3 & \cdots & (p-1)^{2p-1}\\
1511: 1 & 0 & 0 & \cdots & 0\\
1512: 1 & 2 & 3 & \cdots & 2p-1\\
1513: 1 & 2\cdot 2 & 3\cdot 2^2 & \cdots & (2p-1)\cdot 2^{2p-2}\\
1514: \vdots & \vdots & \vdots & \ddots & \vdots\\
1515: 1 & 2\cdot(p-1) & 3\cdot(p-1)^2 & \cdots & (2p-1)\cdot(p-1)^{2p-2}
1516: \end{matrix}\right]
1517: \left[\begin{matrix}%
1518: a_1\\a_2\\\vdots\\a_{p-1}\\a_p\\a_{p+1}\\a_{p+2}\\\vdots\\a_{2p-1}
1519: \end{matrix}\right]\equiv
1520: \left[\begin{matrix}%
1521: b_1-\sum_{k=2p}^na_i\\
1522: b_2-\sum_{k=2p}^na_i2^k\\
1523: \vdots\\
1524: b_{p-1}-\sum_{k=2p}^na_i(p-1)^k\\
1525: b_p\\
1526: b_{p+1}-\sum_{k=2p}^nka_i\\
1527: b_{p+2}-\sum_{k=2p}^nk2^{k-1}a_i\\
1528: \vdots\\
1529: b_{2p-1}-\sum_{k=2p}^nk(p-1)^{k-1}a_i
1530: \end{matrix}\right]\pmod p.
1531: \]\normalsize
1532: Denoting the above system by $\bm{A}\bm{X}\equiv\bm{B}\pmod p$, from
1533: Corollary \ref{corollary:det-powers}, one has
1534: \[
1535: |\bm{A}|=(-1)^{\frac{(p-1)(p-2)}{2}}\prod_{i=1}^{p-1}i^4\prod_{1\leq
1536: i<j\leq p-1}(j-i)^4.
1537: \]
1538: Since all factors of $|\bm{A}|$ are in $\{1,\cdots,p-1\}$ and $p$ is
1539: a prime, $\gcd(|\bm{A}|,p)=1$. Then, for each valid combination of
1540: $(b_1,\cdots,b_{2p-1},a_{2p},\cdots,a_n)$, the above system of
1541: congruences has a unique set of incongruent solutions.
1542:
1543: Next, let us count the number of all valid combinations of
1544: $(b_1,\cdots,b_{2p-1},a_{2p},\cdots,a_n)$. It is obvious that
1545: $\{a_{2p},\cdots,a_n\}$ can be any value and $b_p,\cdots,b_{2p-1}$
1546: can be any nonzero value modulo $p$. However, $b_1,\cdots,b_{p-1}$
1547: are also constrained by the following conditions: $\forall
1548: i,j\in\{1,\cdots,p-1\}$ and $i\neq j$,
1549: $\sum_{k=1}^na_k(i^k-j^k)\equiv b_i-b_j\not\equiv 0\pmod p$. That
1550: is, $\{b_i\bmod p\}_{i=1}^{p-1}$ forms a complete permutation over
1551: $\{1,\cdots,p-1\}$, so the number of possible values of
1552: $(b_1,\cdots,b_{p-1})$ is $(p-1)!$ in total $p^{p-1}$ combinations
1553: of the $p-1$ values. Combining the above fact, one immediately gets
1554: $N_{pp}(\leq n,p^d)/N_p(\leq n,p^d)=(1-1/p)^p\cdot
1555: (p-1)!/p^{p-1}=(p-1)^p(p-1)!/p^{2p-1}$.
1556:
1557: Thus this theorem is proved.
1558: \end{proof}
1559:
1560: \begin{theorem}
1561: For any prime $p$ and $d\geq 2$, the following inequalities hold:
1562: \begin{enumerate}
1563: \item
1564: when $3\leq n\leq p$, $\dfrac{N_{pp}(\leq n,p^d)}{N_p(\leq
1565: n,p^d)}\leq\dfrac{(p-1)P(p-1,n-1)}{p^n}=\dfrac{(p-1)(n-1)!\binom{p-1}{n-1}}{p^n}$;
1566:
1567: \item
1568: when $p+1\leq n\leq 2p-2$, $\dfrac{N_{pp}(\leq n,p^d)}{N_p(\leq
1569: n,p^d)}\leq\dfrac{(p-1)!}{p^{p-1}}\left(\dfrac{p-1}{p}\right)^n$.
1570: \end{enumerate}
1571: \end{theorem}
1572: \begin{proof}
1573: When $3\leq n\geq 2p-2$, the matrix in the proof of Theorem
1574: \ref{theorem:count-bijective-poly-pd} has at most $n$ free
1575: congruences and other $2p-1-n$ congruences are actually linear
1576: combinations of the $n$ free ones. This means that there exists an
1577: upper bound of $\frac{N_{pp}(\leq n,p^d)}{N_p(\leq n,p^d)}$. Note
1578: that the values of $b_1,\cdots,b_{p-1}$ should form a permutation
1579: over $\{1,\cdots,p-1\}$, so we consider the following two
1580: conditions, respectively.
1581:
1582: 1) When $3\leq n\leq p$, $b_p$ has $(p-1)$ possible values and the
1583: $n-1$ left free variables have $P(p-1,n-1)=(n-1)!\binom{p-1}{n-1}$
1584: combinations, so $\dfrac{N_{pp}(\leq n,p^d)}{N_p(\leq
1585: n,p^d)}\leq\dfrac{(p-1)P(p-1,n-1)}{p^n}=\dfrac{(p-1)(n-1)!\binom{p-1}{n-1}}{p^n}$.
1586:
1587: 2) When $p+1\leq n\leq 2p-2$, $p-1$ free variables form the
1588: permutation over $\{1,\cdots,p-1\}$ and other $n-(p-1)$ variables
1589: are totally free, so the number of possibilities of the $n$ free
1590: variables is $(p-1)!(p-1)^{n-(p-1)}$. Thus, $\dfrac{N_{pp}(\leq
1591: n,p^d)}{N_p(\leq
1592: n,p^d)}\leq\dfrac{(p-1)!(p-1)^{n-(p-1)}}{p^n}=\dfrac{(p-1)!}{p^{p-1}}\left(\dfrac{p-1}{p}\right)^n$.
1593: \end{proof}
1594:
1595: \begin{theorem}
1596: For any prime $p$ and $3\leq n\leq p-2$, the following inequality
1597: hold:
1598: \[
1599: \dfrac{N_{pp}(\leq n,p)}{N_p(\leq
1600: n,p)}\leq\dfrac{P(p-1,n-1)}{p^n}=\dfrac{(n-1)!\binom{p-1}{n-1}}{p^n}.
1601: \]
1602: \end{theorem}
1603: \begin{proof}
1604: When $d=1$, the second group of necessary and sufficient conditions
1605: disappear. Then, following the similar idea of proving the above
1606: theorem, this theorem is proved.
1607: \end{proof}
1608:
1609: \fproblem{When $3\leq n\leq 2p-2$, it is still possible to get a
1610: close form of the \textbf{exact} value of $\dfrac{N_{pp}(\leq
1611: n,p^d)}{N_p(\leq n,p^d)}$?}
1612:
1613: \begin{example}
1614: When $d\geq 2$,
1615: \[
1616: \frac{N_{pp}(\leq n,2^d)}{N_p(\leq n,2^d)}=1/2^{\min(n,3)}=\begin{cases}%
1617: 1/2, & n=1,\\
1618: 1/2^2, & n=2,\\
1619: 1/2^3, & n\geq 3.
1620: \end{cases}
1621: \]
1622: \end{example}
1623: \begin{solution}
1624: When $n=1$, from Lemma \ref{theorem:bijection-degree1}, a polynomial
1625: is a permutation polynomial modulo $2^d$ if and only if
1626: $\gcd(a_1,2^d)=1$. So, $a_1\equiv 1\pmod 2$, which means
1627: $\frac{N_{pp}(\leq 1,2^d)}{N_p(\leq 1,2^d)}=1/2$.
1628:
1629: When $n=2$, assume $f(x)=a_2x^2+a_1x$. From Theorem
1630: \ref{theorem:bijective-poly-NSC-pd-degree2}, the necessary and
1631: sufficient conditions are $a_1\equiv 1\pmod 2$ and $a_2\equiv 0\pmod
1632: 2$. Thus, $\frac{N_{pp}(\leq 2,2^d)}{N_p(\leq 2,2^d)}=1/2^2$.
1633:
1634: When $n\geq 2p-1=3$, from Theorem
1635: \ref{theorem:count-bijective-poly-pd}, one has $\frac{N_{pp}(\leq
1636: n,2^d)}{N_p(\leq n,2^d)}=(2-1)^3\cdot(2-1)!/2^{2\cdot 2-1}=1/2^3$.
1637:
1638: Computer experiments have been made to verify the above results.
1639: \end{solution}
1640:
1641: \begin{example}
1642: When $d\geq 2$,
1643: \[
1644: \frac{N_{pp}(\leq n,3^d)}{N_p(\leq n,3^d)}=\begin{cases}%
1645: 2/3, & n=1,\\
1646: 2/3^2, & n=2,\\
1647: 4/3^n, & n=3,4,\\
1648: 16/3^5, & n\geq 5.
1649: \end{cases}
1650: \]
1651: \end{example}
1652: \begin{solution}
1653: When $n=1$, from Lemma \ref{theorem:bijection-degree1}, a polynomial
1654: is a permutation polynomial modulo $3^d$ if and only if
1655: $\gcd(a_1,3^d)=1$. So, $a_1\equiv 1,2\pmod 3$, which means
1656: $\frac{N_{pp}(\leq 1,3^d)}{N_p(\leq 1,3^d)}=2/3$.
1657:
1658: When $n=2$, assume $f(x)=a_2x^2+a_1x$. From Theorem
1659: \ref{theorem:bijective-poly-NSC-pd-degree2}, the necessary and
1660: sufficient conditions are $a_1\not\equiv 0\pmod 3$ and $a_2\equiv
1661: 0\pmod 3$. This means that $\frac{N_{pp}(\leq 2,3^d)}{N_p(\leq
1662: 2,3^d)}=2/3^2$.
1663:
1664: When $n=3$, from Theorem \ref{theorem:bijective-poly-NSC-pd}, the
1665: necessary and sufficient conditions are as follows:
1666: $a_1+a_2+a_3\not\equiv 0\pmod 3$, $2a_1+4a_2+8a_3\not\equiv 0\pmod
1667: 3$, $(2-1)a_1+(4-1)a_2+(8-1)a_3\not\equiv 0\pmod 3$, $a_1\not\equiv
1668: 0\pmod 3$, $a_1+2a_2+3a_3\not\equiv 0\pmod 3$ and
1669: $a_1+4a_2+12a_3\not\equiv 0\pmod 3$. These conditions can be further
1670: simplified as $a_1\not\equiv 0\pmod 3$, $a_2\equiv 0\pmod 3$ and
1671: $a_1+a_3\not\equiv 0\pmod 3$. So, the possible values of
1672: $(a_1,a_2,a_3)$ modulo 3 are $(1,0,0)$, $(1,0,1)$, $(2,0,0)$ and
1673: $(2,0,2)$. Thus, $\frac{N_{pp}(\leq 3,3^d)}{N_p(\leq 3,3^d)}=4/3^3$.
1674: In the same way, one can deduce the results when $n=4$.
1675:
1676: When $n\geq 2p-1=5$, from Theorem
1677: \ref{theorem:count-bijective-poly-pd}, one has $\frac{N_{pp}(\leq
1678: n,3^d)}{N_p(\leq n,3^d)}=(3-1)^3\cdot(3-1)!/3^{2\cdot 3-1}=16/3^5$.
1679:
1680: Computer experiments have been made to verify the above results.
1681: \end{solution}
1682: \iffalse Some experimental data on the number of permutation
1683: polynomials are listed in Table \ref{table:counting-power-p}. One
1684: can see that the theoretical results agree well with the
1685: experimental data.\fi
1686:
1687: After getting the number of permutation polynomials of degree $\leq
1688: n$ modulo $p^d$, one can easily calculate the number of distinct
1689: permutations induced by the permutation polynomials of degree $\leq
1690: n$ modulo $p^d$, by using Lemma \ref{lemma:Equ-Poly-Null-Poly} and
1691: the results on null polynomials modulo $p^d$ given in
1692: \cite{Li:NullPoly2005}. We have the following theorem.
1693:
1694: \begin{theorem}
1695: Assume $p$ is a prime, $d\geq 1$ and $N_{np}(\leq n,p^d)$ denotes
1696: the number of null polynomials of degree $\leq n$ modulo $p^d$.
1697: Then, the number of distinct permutations induced from polynomials
1698: of degree $\leq n$ modulo $p^d$ is $N_{pp}(\leq n,p^d)/N_{np}(\leq
1699: n,p^d)$.
1700: \end{theorem}
1701: \begin{proof}
1702: It is obvious since each polynomial has $N_{np}(\leq n,p^d)$
1703: equivalent polynomials from Lemma \ref{lemma:Equ-Poly-Null-Poly}.
1704: \end{proof}
1705:
1706: \begin{remark}
1707: Note that Corollary 4.1 of \cite{KO:CountingPF:DMJ1968} gives a
1708: different proof of Theorem \ref{theorem:count-bijective-poly-pd}.
1709: However, \cite{KO:CountingPF:DMJ1968} mainly focuses on the total
1710: number of non-equivalent polynomial functions of arbitrary degree
1711: modulo $p^d$ and does not study the case when the degree is also
1712: given. So, the results given in this paper are more complete.
1713: \end{remark}
1714:
1715: \subsection{Determining (Permutation) Polynomials from Induced Bijection}
1716:
1717: In this subsection, we study the problem of determining all
1718: equivalent polynomials when the induced polynomial function is (or
1719: partially) known. Note that the following results are also valid for
1720: polynomials that induce any polynomial functions (maybe not
1721: bijections).
1722:
1723: Following Lemma \ref{lemma:Equ-Poly-Null-Poly} and the results
1724: obtained in \cite{Li:NullPoly2005}, once we get one permutation
1725: polynomials inducing the given bijection, we can determine all
1726: equivalent permutation polynomials. So, it is sufficient to derive
1727: only one equivalent polynomial as a seed.
1728:
1729: \begin{theorem}\label{theorem:solving-poly-small-n}
1730: Assume $p$ is a prime, $d\geq 1$ and $f(x)=a_nx^n+\cdots+a_1x+a_0$
1731: is a polynomial of degree $n\leq p-1$ modulo $p^d$. Given
1732: $x_0,\cdots,x_n\in\mathbb{Z}$, if $\forall i,j\in\{0,\cdots,n\}$ and
1733: $i\neq j$, $x_i\not\equiv x_j\pmod p$, then $f(x)$ can be uniquely
1734: determined by solving the following system of congruence:
1735: \begin{equation}
1736: \left[\begin{matrix}%
1737: 1 & x_0 & x_0^2 & \cdots & x_0^n\\
1738: 1 & x_1 & x_1^2 & \cdots & x_1^n\\
1739: \vdots & \vdots & \vdots & \ddots & \vdots\\
1740: 1 & x_n & x_n^2 & \cdots & x_n^n
1741: \end{matrix}\right]%
1742: \left[\begin{matrix}%
1743: a_0\\a_1\\\vdots\\a_n
1744: \end{matrix}\right]\equiv
1745: \left[\begin{matrix}%
1746: f(x_0)\\f(x_1)\\\vdots\\f(x_n)
1747: \end{matrix}\right]\pmod{p^d}.\label{equation:solve-PP-nLessp}
1748: \end{equation}
1749: \end{theorem}
1750: \begin{proof}
1751: Denote the system of congruences by
1752: $\bm{A}_x\bm{X}_a\equiv\bm{B}_f\pmod{p^d}$. Since $\bm{A}_x$ is a
1753: Vondermonde matrix, $|\bm{A}_x|=\prod_{0\leq i<j\leq n}(x_j-x_i)$.
1754: From $x_i\not\equiv x_j\pmod p$, $\gcd(x_j-x_i,p)=1$, so
1755: $\gcd(|\bm{A}_x|,p^d)=1$. Thus, the system of congruences has a
1756: unique set of incongruent solutions and this theorem is proved.
1757: \end{proof}
1758: \begin{remark}
1759: When $n=p-1$, it is obvious that $x_0,\cdots,x_n$ form a complete
1760: system of residues modulo $p$. When $n<p-1$, $x_0,\cdots,x_n$ form
1761: an incomplete system of residues modulo $p$. The simplest choice of
1762: the $n+1$ values is: $\{x_i=i\}_{i=0}^n=\{0,\cdots,n\}$.
1763: \end{remark}
1764: \begin{corollary}\label{corollary:solving-poly-small-n}
1765: Assume $p$ is a prime, $d\geq 1$ and $f(x)=a_nx^n+\cdots+a_1x$ is a
1766: polynomial of degree $n\leq p-1$ modulo $p^d$. Given
1767: $x_1,\cdots,x_n\not\equiv 0\pmod p$, if $\forall
1768: i,j\in\{1,\cdots,n\}$ and $i\neq j$, $x_i\not\equiv x_j\pmod p$,
1769: then $f(x)$ can be uniquely determined by solving the following
1770: system of congruence:
1771: \begin{equation}
1772: \left[\begin{matrix}%
1773: x_1 & x_1^2 & \cdots & x_1^n\\
1774: x_2 & x_2^2 & \cdots & x_2^n\\
1775: \vdots & \vdots & \ddots & \vdots\\
1776: x_n & x_n^2 & \cdots & x_n^n
1777: \end{matrix}\right]%
1778: \left[\begin{matrix}%
1779: a_1\\a_2\\\vdots\\a_n
1780: \end{matrix}\right]\equiv
1781: \left[\begin{matrix}%
1782: f(x_1)\\f(x_2)\\\vdots\\f(x_n)
1783: \end{matrix}\right]\pmod{p^d}.
1784: \end{equation}
1785: \end{corollary}
1786: \begin{proof}
1787: This corollary is a special case of Theorem
1788: \ref{theorem:solving-poly-small-n}. For $i=1\sim n$, factoring out
1789: $x_i$ from row $i$ of the matrix, one immediately has
1790: $|\bm{A}|=\prod_{i=1}^nx_i\prod_{1\leq i<j\leq n}(x_j-x_i)$. From
1791: the conditions of $\{x_i\}_{i=1}^n$, $|\bm{A}|$ is relatively prime
1792: to $p$ and the system of congruences has a unique set of incongruent
1793: solutions, thus this corollary is proved.
1794: \end{proof}
1795:
1796: When $n\geq p$ or the value of $n$ is unknown, the above method
1797: cannot be directly used to determine polynomials that induce the
1798: given polynomial function. If we can find a way to reduce the degree
1799: of polynomials, then the above method can be employed to determine
1800: the coefficients. In the following, we give a way to achieve this
1801: task.
1802:
1803: \begin{lemma}\label{lemma:determine-PP-dLessp}
1804: Assume $p$ is a prime and $2\leq d\leq p$. If
1805: $f(x)=a_nx^n+\cdots+a_1x+a_0$ is a polynomial of degree $n\leq pd-1$
1806: modulo $p^d$, then all its equivalent polynomials $\leq pd-1$ modulo
1807: $p^d$ can be determined from the induced polynomial function over
1808: $\{0,\cdots,p^d-1\}$.
1809: \end{lemma}
1810: \begin{proof}
1811: Choosing $x=py_1+b_0$, i.e., $y_1=\lfloor x/y\rfloor$ and
1812: $b_0=(x\bmod p)\in\{0,\cdots,p-1\}$, we have $p$ sub-polynomials:
1813: \[
1814: f_{b_0}(y_1)=\begin{cases}%
1815: \sum_{k=n}^0p^ka_ky_1^k, & \mbox{when }b_0=0,\\
1816: \sum_{k=n}^0\left(\sum_{l=n}^ka_l\binom{l}{k}p^ky_1^kb_0^{l-k}\right),
1817: & \mbox{when }b_0\in\{1,\cdots,p-1\}.
1818: \end{cases}
1819: \]
1820: Apparently, they have a uniform form:
1821: $f_{b_0}(y_1)=\sum_{k=n}^0p^ka_k^{(b_0)}y_1^k$, where
1822: $a_k^{(0)}=a_k$ and
1823: $a_k^{(b_0)}=\sum_{l=n}^ka_l\binom{l}{k}b_0^{l-k}$ when
1824: $b_0\in\{1,\cdots,p-1\}$. Note that $f_{b_0}(y_1)\equiv
1825: f_{b_0}^*(y_1)=\sum_{k=d-1}^0p^ka_k^{(b_0)}y_1^k\pmod{p^d}$, so we
1826: can focus on $f_{b_0}^*(y_1)$ only. Since $d\leq p$, each
1827: sub-polynomial $f_{b_0}^*(y_1)$ is of degree less than $p$ modulo
1828: $p^d$, so all the coefficients can be uniquely solved modulo $p^d$,
1829: i.e. the value of each $a_k^{(b_0)}$, can be uniquely solved modulo
1830: $p^{d-k}$. It is obvious that the $p^k$ distinct valid values of
1831: $a_k^{(b_0)}$ modulo $p^d$ are equivalent for $f_{b_0}(y_1)$ and so
1832: equivalent for $f(x)$.
1833:
1834: For each set of the valid values of all coefficients modulo $p^d$,
1835: one has a system of congruences in the form
1836: $\bm{A}\bm{X}_a\equiv\bm{B}\pmod{p^d}$:
1837: \begin{equation}
1838: \left[\begin{matrix}%
1839: \bm{A}_0\\\bm{A}_1\\\vdots\\\bm{A}_{p-1}
1840: \end{matrix}\right]
1841: \left[\begin{matrix}%
1842: a_0\\a_1\\\vdots\\a_{pd-1}
1843: \end{matrix}\right]\equiv
1844: \left[\begin{matrix}%
1845: \bm{B}_0\\\bm{B}_1\\\vdots\\\bm{B}_{p-1}
1846: \end{matrix}\right]\pmod{p^d},\label{equation:solve-PP-pd}
1847: \end{equation}
1848: where
1849: \[
1850: \bm{A}_0=\left[\begin{matrix}%
1851: \bm{I}_{d\times d} & \bm{0}_{d \times d(p-1)}\end{matrix}\right]
1852: =\left[\begin{array}{ccccc:ccccc}%
1853: 1 & 0 & 0 & \cdots & 0 & 0 & 0 & 0 & \cdots & 0\\
1854: 0 & 1 & 0 & \cdots & 0 & 0 & 0 & 0 & \cdots & 0\\
1855: 0 & 0 & 1 & \cdots & 0 & 0 & 0 & 0 & \cdots & 0\\
1856: \vdots & \vdots & \vdots & \ddots & \vdots & \vdots & \vdots &
1857: \vdots & \ddots & \vdots\\
1858: 0 & 0 & 0 & \cdots & 1 & 0 & 0 & 0 & \cdots & 0
1859: \end{array}\right]_{d\times pd},
1860: \]
1861: for $b_0=1\sim p-1$,
1862: \[
1863: \bm{A}_{b_0}=\left[\begin{matrix}%
1864: \bm{A}_{b_0}^{(L)} & \bm{A}_{b_0}^{(R)}\end{matrix}\right]=
1865: \left[\begin{array}{ccccc:ccc}%
1866: 1 & b_0 & b_0^2 & \cdots & b_0^{d-1} & b_0^d & \cdots & b_0^{pd}\\
1867: 0 & 1 & 2b_0 & \cdots & (d-1)b_0^{d-2} & db_0^{d-1} & \cdots & (pd-1)b_0^{pd-1}\\
1868: 0 & 0 & \binom{2}{2} & \cdots & \binom{d-1}{2}b_0^{d-3} &
1869: \binom{d}{2}b_0^{d-2} & \cdots & \binom{pd-1}{2}b_0^{pd-2}\\
1870: \vdots & \vdots & \vdots & \ddots & \vdots & \vdots & \ddots & \vdots\\
1871: 0 & 0 & 0 & \cdots & \binom{d-1}{d-1} & \binom{d}{d-1}b_0 & \cdots &
1872: \binom{pd-1}{d-1}b_0^{pd-(d-1)}
1873: \end{array}\right]_{d\times pd},
1874: \]
1875: and for $b_0=0\sim p-1$,
1876: $\bm{B}_{b_0}=\left[\begin{matrix}a_0^{(b_0)} & a_1^{(b_0)} &
1877: a_{d-1}^{(b_0)}\end{matrix}\right]^T$. From Lemma
1878: \ref{lemma:det-binom-powers}, one can see $|\bm{A}|$ is relatively
1879: prime to $p$. Thus, for each valid set of the values of the
1880: coefficients $\left\{a_k^{(b_0)}\right\}_{0\leq k\leq p-1 \atop
1881: 0\leq b_0\leq p-1}$, the above system of congruences has a unique
1882: set of solutions modulo $p^d$. One can easily verify that each set
1883: of solutions corresponds to an equivalent of the polynomial $f(x)$.
1884: Thus this lemma is proved.
1885: \end{proof}
1886: \begin{remark}
1887: In fact, in the proof of the above lemma, we can also calculate the
1888: number of equivalent polynomials of $f(x)$ of degree $\leq pd-1$
1889: modulo $p^d$. It is $p^{(1+\cdots+(d-1))p}=p^{\frac{d(d-1)p}{2}}$.
1890: From Lemma \ref{lemma:Equ-Poly-Null-Poly}, this number should be
1891: equal to the number of null polynomials of degree $\leq pd-1$ modulo
1892: $p^d$. Clearly, $p^{\frac{d(d-1)p}{2}}$ agrees with the results
1893: (Lemma 34 and Theorem 43) obtained in \cite{Li:NullPoly2005}.
1894: \end{remark}
1895:
1896: \begin{corollary}
1897: Assume $p$ is a prime and $2\leq d\leq p$. If
1898: $f(x)=a_nx^n+\cdots+a_1x+a_0$ is a polynomial modulo $p^d$, then all
1899: its equivalent polynomials modulo $p^d$ an be determined from the
1900: induced polynomial function over $\{0,\cdots,p^d-1\}$.
1901: \end{corollary}
1902: \begin{proof}
1903: When $n\geq pd$, one can move $a_{pd},\cdots,a_n$ to the right side
1904: of the matrix in the proof of the above lemma. Then,
1905: $a_{pd},\cdots,a_n$ become free variables, so each set of their
1906: values corresponds to $p^{\frac{d(d-1)p}{2}}$ equivalent polynomials
1907: modulo $p^d$. That is, in total we have
1908: $p^{d(n-pd+1)\frac{d(d-1)p}{2}}$ equivalent polynomials. Thus this
1909: corollary is also true.
1910: \end{proof}
1911:
1912: \begin{theorem}
1913: Assume $p$ is a prime and $d\geq 2$. If
1914: $f(x)=a_nx^n+\cdots+a_1x+a_0$ is a polynomial modulo $p^d$, then all
1915: its equivalent polynomials modulo $p^d$ an be determined from the
1916: induced polynomial function over $\{0,\cdots,p^d-1\}$.
1917: \end{theorem}
1918: \begin{proof}
1919: We use induction on $d$ to prove this theorem. The case of $2\leq
1920: d\leq p$ has been proved above. Let us prove the case of $d>p$ under
1921: the assumption that this theorem is true for any integer less than
1922: $d$.
1923:
1924: Using the same way in the proof of Lemma
1925: \ref{lemma:determine-PP-dLessp}, we can get $p$ sub-polynomials
1926: $f_{b_0}^*(y_1)$, which uniquely determine the induced bijection.
1927: Since the degree of $f_{b_0}^*(y_1)$ modulo $p^d$ is not less than
1928: $p$, the coefficients cannot be uniquely solved, let us try to
1929: further decompose each sub-polynomial in the same way.
1930:
1931: At first, note that the value of $a_0^{(b_0)}$ modulo $p^d$ can
1932: always be uniquely solved by choosing $y_1\equiv 0\pmod{p^d}$. Then,
1933: for $b_0\in\{1,\cdots,p-1\}$, subtracting $a_0^{(b_0)}$ from
1934: $f_{b_0}^*(y_1)$, one has
1935: $f_{b_0}^*(y_1)-a_0^{(b_0)}=p\left(\sum_{k=d-1}^1p^{k-1}a_k^{(b_0)}y_1^k\right)=pf_{b_0}^{**}(y_1)$.
1936: For $b_0=0$, one can make the similar operation to get
1937: $f_{0}(x)-a_0^{(0)}=p\left(\sum_{k=d-1}^1p^{k-1}a_ky_1^k\right)=pf_0^{**}(y_1)$.
1938: Apparently, $f_{b_0}(x)$ is uniquely determined by $a_0^{(b_0)}$
1939: modulo $p^d$ and $f_{b_0}^{**}(y_1)$ modulo $p^{d-1}$. Applying the
1940: hypothesis on $f_{b_0}^{**}(y_1)$, all equivalent polynomials of
1941: $f_{b_0}^{**}(y_1)$ can be determined modulo $p^{d-1}$. Then, with
1942: each valid\footnote{Note that not all equivalent polynomials of
1943: $f_{b_0}^{**}(y_1)$ are valid, due to the existence of some power of
1944: $p$ in each coefficient.} equivalent polynomial of
1945: $f_{b_0}^{**}(y_1)$ and the value of $a_0^{(b_0)}$, one can further
1946: uniquely determine all coefficients of $f(x)$ modulo $p^d$ in the
1947: same way given in the proof of Lemma
1948: \ref{lemma:determine-PP-dLessp}. Thus this theorem is proved.
1949: \end{proof}
1950:
1951: The above theorem tells us that all equivalent polynomials that
1952: induce a given polynomial function modulo $p^d$ can be determined
1953: via a recursive manner. Considering the complexity of solving Eq.
1954: (\ref{equation:solve-PP-nLessp}) is $O(p^3)$ and the complexity of
1955: solving Eq. (\ref{equation:solve-PP-pd}) is $O((pd)^3)$, the total
1956: complexity of deriving one equivalent polynomial via the recursive
1957: procedure is
1958: \begin{equation}
1959: O\left((pd)^3+(p(d-1))^3p+\cdots+\left(p\left(d-(d-p))\right)^3p^{d-p}\right)+p^3p^{d-p+1}\right)=O\left(p^{d-p+6}\right).
1960: \label{equation:solve-PP-complexity1}
1961: \end{equation}
1962: In fact, this complexity can be further reduced, due to the
1963: existence of a power of $p$ in each coefficient (except
1964: $a_0^{(b_0)}$) of each sub-polynomial $f_{b_0}^*(y_1)$, which will
1965: make more coefficients disappear as the value of $d$ decreases. In
1966: the following, let us study what will happen when the sub-polynomial
1967: and its derivatives are further decomposed.
1968:
1969: At first, let us see the decomposition of the $p$ sub-polynomials
1970: $\left\{f_{b_0}^*(y_1)=\sum_{k=d-1}^1p^{k-1}y_1^k\right\}_{b_0=0}^{p-1}$.
1971: Similarly, choosing $y_1=py_2+b_1$, i.e., $y_2=\lfloor
1972: y_1/p\rfloor=\lfloor x/p^2\rfloor$ and $b_1=(y_1\bmod
1973: p)\in\{0,\cdots,p-1\}$, we have $p^2$ sub-polynomials as follows:
1974: $\forall b_0,b_1\in\{0,\cdots,p-1\}$,
1975: \[
1976: f_{b_1,b_0}^*(y_2)=\begin{cases}%
1977: \sum_{k=d-1}^1p^{2k-1}a_k^{(b_0)}y_2^k, & \mbox{when }b_1=0,\\
1978: \sum_{k=d-1}^1\left(\sum_{l=d-1}^kp^{l-1}a_l^{(b_0)}\binom{l}{k}b_1^{l-k}p^ky_2^k\right)+\sum_{l=d-1}^1p^{l-1}a_l^{(b_0)},
1979: & \mbox{when }b_1\in\{1,\cdots,p-1\}.
1980: \end{cases}
1981: \]
1982: The above polynomial can be rewritten in the following form:
1983: \[
1984: f_{b_1,b_0}^*(y_2)=\begin{cases}%
1985: \sum_{k=d-1}^1p^{2k-1}a_k^{(b_1,b_0)}y_2^k, & \mbox{when }b_1=0,\\
1986: \sum_{k=d-1}^1p^{2k-1}a_k^{(b_1,b_0)}y_2^k+a_0^{(b_1,b_0)}, &
1987: \mbox{when }b_1\in\{1,\cdots,p-1\},
1988: \end{cases}
1989: \]
1990: where $a_k^{(0,b_0)}=a_k^{(b_0)}$ and
1991: $a_k^{(b_1,b_0)}=\sum_{l=d-1}^kp^{l-k}a_l^{(b_0)}\binom{l}{k}b_1^{l-k}$
1992: for $1\leq k\leq d-1$ and $1\leq b_1\leq p-1$. Then, solving
1993: $a_0^{(b_1,b_0)}$ and subtracting it from the involved polynomial,
1994: one can get $p^2$ polynomials modulo $p^{d-2}$ as follows:
1995: \[
1996: \left\{f_{b_1,b_0}^{**}(y_2)=\sum_{k=d-2}^1p^{2(k-1)}a_k^{(b_1,b_0)}y_2^k\right\}_{0\leq
1997: b_0,b_1\leq p-1}.
1998: \]
1999:
2000: Repeat the above procedure for $i$ times, where $1\leq i\leq d-2$,
2001: one can get $p^{i+1}$ polynomials modulo $p^{d-i}$: $\forall
2002: b_0,\cdots,b_i\in\{0,\cdots,p-1\}$,
2003: \[
2004: f_{b_i,\cdots,b_0}^*(y_{i+1})=\begin{cases}%
2005: \sum_{k=d-i}^1p^{i(k-1)+1}a_k^{(b_i,\cdots,b_0)}y_{i+1}^k, & \mbox{when }b_i=0,\\
2006: \sum_{k=d-i}^1p^{i(k-1)+1}a_k^{(b_i,\cdots,b_0)}y_{i+1}^k+a_0^{(b_i,\cdots,b_0)},
2007: & \mbox{when }b_i\in\{1,\cdots,p-1\},
2008: \end{cases}
2009: \]
2010: and $p^{i+1}$ polynomials modulo $p^{d-i-1}$
2011: \[
2012: \left\{f_{b_i,\cdots,b_0}^{**}(y_{i+1})=\sum_{k=d-i-1}^1p^{i(k-1)}a_k^{(b_i,\cdots,b_0)}y_{i+1}^k\right\}_{0\leq
2013: b_0,\cdots,b_i\leq p-1},
2014: \]
2015: where $y_{i+1}=\lfloor y_i/p\rfloor=\lfloor x/p^{i+1}\rfloor$ and
2016: $b_i=(y_i\bmod p)\in\{0,\cdots,p-1\}$. Observing the above
2017: polynomials, one can see that some higher coefficients disappear
2018: modulo $p^{d-i}$ or modulo $p^{d-i-1}$ due to the existence of
2019: powers of $p$. Assume $p^{i(k-1)+1}<p^{d-i}$ or
2020: $p^{i(k-1)}<p^{d-i-1}$, one has $k<\frac{d-1}{i}$, so
2021: $a_k^{(b_i,\cdots,b_0)}$ is valid only when
2022: $k\leq\left\lceil\frac{d-1}{i}\right\rceil-1$. When
2023: $i\geq\left\lceil\frac{d-1}{p}\right\rceil$, one has
2024: $i\geq\frac{d-1}{p}\Rightarrow\frac{d-1}{i}\leq
2025: p\Rightarrow\left\lceil\frac{d-1}{i}\right\rceil\leq p\Rightarrow
2026: \left\lceil\frac{d-1}{i}\right\rceil-1\leq p-1$, so the coefficients
2027: of $f_{b_i,\cdots,b_0}^*(y_{i+1})$ can be uniquely determined. This
2028: means that the complexity of deriving one equivalent polynomial via
2029: the procedure is reduced to be
2030: \[
2031: O\left((pd)^3+(p(d-1))^3p+\cdots+
2032: \left(p\left(d-\left\lceil\frac{d-1}{p}\right\rceil\right)\right)^3p^{\left\lceil\frac{d-1}{p}\right\rceil}
2033: +p^3p^{\left\lceil\frac{d-1}{p}\right\rceil+1}\right)\approx
2034: O\left(d^3p^{\left\lceil\frac{d-1}{p}\right\rceil+3}\right),
2035: \]
2036: which is much smaller than Eq. (\ref{equation:solve-PP-complexity1})
2037: when $d\gg p$.
2038:
2039: \begin{remark}
2040: From Theorem \ref{theorem:solving-poly-small-n}, solving the
2041: coefficients of a polynomial of degree $\leq p$ needs only $p$
2042: input-output values of the polynomial function. This means that it
2043: is still possible to determine the polynomials if the induced
2044: polynomial function is partially known. For the polynomials of
2045: arbitrary degree modulo $p^d$, only
2046: $p^{\left\lceil\frac{d-1}{p}\right\rceil+1}$ input-output values are
2047: needed. Note that the needed input-output values should satisfy some
2048: certain distribution modulo $p^d$, so the number of required
2049: input-output values will be larger if the values are observed in a
2050: random process\footnote{For example, if they are collected in a
2051: known-plaintext attack to an encryption procedure based on a
2052: permutation polynomials.}.
2053: \end{remark}
2054:
2055: \iffalse
2056: \section{Conclusions}
2057:
2058: This paper studies some typical problems about permutation
2059: polynomials modulo $m$. Some problems have not been solved and open
2060: for future research, especially about enumerating equivalent
2061: polynomials of a given permutation polynomial modulo $p^d$ and
2062: counting the number of bijections induced from permutation
2063: polynomials modulo $p^d$. \fi
2064:
2065: %\section*{Acknowledgments}
2066:
2067: \bibliographystyle{unsrt}
2068: \bibliography{BPC}
2069:
2070: \iffalse
2071: \section*{Appendix}
2072:
2073: In the appendix, we give some experimental data on the number of
2074: permutation polynomials modulo $p^d$.
2075:
2076: \begin{longtable}[c]{c|c|c|c|c|c}
2077: \caption{The number of all permutation polynomials of degree $\leq
2078: n$
2079: modulo $2^d$ (exhaustively enumerated via a computer program).}\label{table:counting-power2}\\
2080:
2081: \hline\hline \multicolumn{1}{c|}{$m=2^d$} & \multicolumn{1}{c|}{$n$}
2082: & \multicolumn{1}{c|}{$N_b$} & \multicolumn{1}{c|}{$N_b'$}
2083: & \multicolumn{1}{c|}{$N=m^n=2^{nd}$} & \multicolumn{1}{c}{$N_b/N$}\\
2084: \hline\hline
2085: \endfirsthead
2086:
2087: \multicolumn{6}{c}%
2088: {{\bfseries \tablename\ \thetable{} -- continued from previous page}} \\
2089: \hline\hline \multicolumn{1}{c|}{$m=2^d$} & \multicolumn{1}{c|}{$n$}
2090: & \multicolumn{1}{c|}{$N_b$} & \multicolumn{1}{c|}{$N_b'$}
2091: & \multicolumn{1}{c|}{$N=m^n=2^{nd}$} & \multicolumn{1}{c}{$N_b/N$}\\
2092: \hline
2093: \endhead
2094:
2095: \hline\multicolumn{6}{r}{{Continued on next page}} \\
2096: \hline\hline
2097: \endfoot
2098:
2099: \hline\hline
2100: \endlastfoot
2101:
2102: $2^1=2$ & 1 & 1 & 1 & 2 & 1/2\\
2103: \cline{2-6} & 2 & 2 & 2 & $2^2$ & $1/2$\\
2104: \cline{2-6} & 3 & 4 & 4 & $2^3$ & $1/2$\\
2105: \cline{2-6} & 4 & 8 & 8 & $2^4$ & $1/2$\\
2106: \cline{2-6} & 5 & 16 & 16 & $2^5$ & $1/2$\\
2107: \hline $2^2=4$ & 1 & 2 & 2 & 4 & $1/2$\\
2108: \cline{2-6} & 2 & 4 & 4 & $4^2$ & $1/2^2$\\
2109: \cline{2-6} & 3 & 8 & 8 & $4^3$ & $1/2^3$\\
2110: \cline{2-6} & 4 & 32 & 32 & $4^4$ & $1/2^3$\\
2111: \cline{2-6} & 5 & 128 & 128 & $4^5$ & $1/2^3$\\
2112: \hline $2^3=8$ & 1 & 4 & 4 & 8 & $1/2$\\
2113: \cline{2-6} & 2 & 16 & 16 & $8^2$ & $1/2^2$\\
2114: \cline{2-6} & 3 & 64 & 64 & $8^3$ & $1/2^3$\\
2115: \cline{2-6} & 4 & 512 & 512 & $8^4$ & $1/2^3$\\
2116: \cline{2-6} & 5 & 4096 & 4096 & $8^5$ & $1/2^3$\\
2117: \hline $2^4=16$ & 1 & 8 & 8 & 16 & $1/2$\\
2118: \cline{2-6} & 2 & 64 & 64 & $16^2$ & $1/2^2$\\
2119: \cline{2-6} & 3 & 512 & 512 & $16^3$ & $1/2^3$\\
2120: \cline{2-6} & 4 & 8192 & 8192 & $16^4$ & $1/2^3$\\
2121: \cline{2-6} & 5 & 131072 & 131072 & $16^5$ & $1/2^3$\\
2122: \hline $2^5=32$ & 1 & 16 & 16 & 32 & $1/2$\\
2123: \cline{2-6} & 2 & 256 & 256 & $32^2$ & $1/2^2$\\
2124: \cline{2-6} & 3 & 4096 & 4096 & $32^3$ & $1/2^3$\\
2125: \cline{2-6} & 4 & 131072 & 131072 & $32^4$ & $1/2^3$\\
2126: \cline{2-6} & 5 & 4194304 & 4194304 & $32^5$ & $1/2^3$\\
2127: \hline $2^6=64$ & 1 & 32 & 32 & 64 & $1/2$\\
2128: \cline{2-6} & 2 & 1024 & 1024 & $64^2$ & $1/2^2$\\
2129: \cline{2-6} & 3 & 32768 & 32768 & $64^3$ & $1/2^3$\\
2130: \cline{2-6} & 4 & 2097152 & 2097152 & $64^4$ & $1/2^3$\\
2131: \cline{2-6} & 5 & 134217728 & 134217728 & $64^5$ & $1/2^3$\\
2132: \hline $2^7=128$ & 1 & 64 & 64 & 128 & $1/2$\\
2133: \cline{2-6} & 2 & 4096 & 4096 & $128^2$ & $1/2^2$\\
2134: \cline{2-6} & 3 & 262144 & 262144 & $128^3$ & $1/2^3$\\
2135: \cline{2-6} & 4 & 33554432 & 33554432 & $128^4$ & $1/2^3$
2136: \end{longtable}
2137:
2138: \begin{longtable}[c]{c|c|c|c|c}
2139: \caption{The number of real permutation polynomials of degree $\leq
2140: n$ modulo $p^d$): experimental data.}\label{table:counting-power-p}\\
2141:
2142: \hline \multicolumn{1}{c|}{$q$} & \multicolumn{1}{c|}{$n$} &
2143: \multicolumn{1}{c|}{$N_b$}
2144: & \multicolumn{1}{c|}{$N=q^n$} & \multicolumn{1}{c}{$N_b/N$}\\
2145: \hline\hline
2146: \endfirsthead
2147:
2148: \multicolumn{5}{c}%
2149: {{\bfseries \tablename\ \thetable{} -- continued from previous page}} \\
2150: \hline \multicolumn{1}{c|}{$q$} & \multicolumn{1}{c|}{$n$} &
2151: \multicolumn{1}{c|}{$N_b$}
2152: & \multicolumn{1}{c|}{$N=q^n$} & \multicolumn{1}{c}{$N_b/N$}\\
2153: \hline\hline
2154: \endhead
2155:
2156: \hline \multicolumn{5}{r}{{Continued on next page}} \\ \hline
2157: \endfoot
2158:
2159: \hline
2160: \endlastfoot
2161:
2162: \multicolumn{5}{l}{$q=3^\alpha$ ($\alpha\geq 1$)}\\
2163: \hline 3 & 1 & 2 & 3 & $2/3$\\
2164: \cline{2-5} & $\geq 2$ & $2\times 3^{n-2}$ & $3^n$ & $2/3^2$\\
2165: \hline $3^2=9$ & 1 & 6 & 9 & $2/3$\\
2166: \cline{2-5} & 2 & 18 & $9^2$ & $2/3^2$\\
2167: \cline{2-5} & 3 & 108 & $9^3$ & $4/3^3$\\
2168: \cline{2-5} & 4 & 324 & $9^4$ & $4/3^4$\\
2169: \cline{2-5} & 5 & 3888 & $9^5$ & $16/3^5$\\
2170: \cline{2-5} & 6 & 34992 & $9^6$ & $16/3^5$\\
2171: \hline $3^3=27$ & 1 & 18 & 27 & $2/3$\\
2172: \cline{2-5} & 2 & 162 & $27^2$ & $2/3^2$\\
2173: \cline{2-5} & 3 & 2916 & $27^3$ & $4/3^3$\\
2174: \cline{2-5} & 4 & 26244 & $27^4$ & $4/3^4$\\
2175: \cline{2-5} & 5 & 944784 & $27^5$ & $16/3^5$\\
2176: \hline $3^4=81$ & 1 & 54 & 81 & $2/3$\\
2177: \cline{2-5} & 2 & 1458 & $81^2$ & $2/3^2$\\
2178: \cline{2-5} & 3 & 78732 & $81^3$ & $4/3^3$\\
2179: \cline{2-5} & 4 & 2125764 & $81^4$ & $4/3^4$\\
2180: \cline{2-5} & 5 & 229582512 & $81^5$ & $16/3^5$\\
2181: \hline $3^5=243$ & 1 & 162 & 243 & $2/3$\\
2182: \cline{2-5} & 2 & 13122 & $243^2$ & $2/3^2$\\
2183: \cline{2-5} & 3 & 2125764 & $243^3$ & $4/3^3$\\
2184: \cline{2-5} & 4 & 172186884 & $243^4$ & $4/3^4$\\
2185: \hdashline random test & 5 & (276632) & (4194304) & $\approx 16/3^5$\\
2186: \iffalse
2187: \hline\hline\multicolumn{5}{l}{$q=5^\alpha$ ($\alpha\geq 1$)}\\
2188: \hline 5 & 1 & 4 & 5 & $4/5$\\
2189: \cline{2-5} & 2 & 4 & $5^2$ & $4/5^2$\\
2190: \cline{2-5} & 3 & 24 & $5^3$ & $24/5^3$\\
2191: \cline{2-5} & $\geq 4$ & $24\times 5^{n-4}$ & $5^n$ & $24/5^4$\\
2192: \hline\hline\multicolumn{5}{l}{$q=7^\alpha$ ($\alpha\geq 1$)}\\
2193: \hline 7 & 1 & 6 & 7 & $6/7$\\
2194: \cline{2-5} & 2 & 6 & $7^2$ & $6/7^2$\\
2195: \cline{2-5} & 3 & 6 & $7^3$ & $6/7^3$\\
2196: \cline{2-5} & 4 & 90 & $7^4$ & $90/7^4$\\
2197: \cline{2-5} & 5 & 720 & $7^5$ & $720/7^5$\\
2198: \cline{2-5} & $\geq 6$ & $720\times 7^{n-6}$ & $7^n$ &
2199: $720/7^6$\\\fi\hline
2200: \end{longtable}
2201: \fi
2202:
2203: \end{document}
2204: