On a new class of inversive pseudorandom numbers for parallelized simulation methods

Periodica Mathematica Hungarica Vol. 42 (1–2), (2001), pp. 77–87

ON A NEW CLASS OF INVERSIVE PSEUDORANDOMNUMBERS FOR PARALLELIZED SIMULATION METHODS

Harald Niederreiter and Arne Winterhof (Vienna)

Dedicated to Professor Andras Sarkozy on the occasion of his 60th birthday

Abstract

Inversive methods are attractive alternatives to the linear method for pseudo-random number generation. A particularly attractive method is the digital explicitinversive method recently introduced by the authors. We establish some new resultson the statistical properties of parallel streams of pseudorandom numbers generatedby this method. In particular, we extend the results of the first author on the statis-tical properties of pseudorandom numbers generated by the explicit inversive con-gruential method introduced by Eichenauer-Herrmann. These results demonstratethat the new method is eminently suitable for the generation of parallel streams ofpseudorandom numbers with desirable properties.

1. Introduction

Let Fq be the finite field of order q = pk with a prime p and an integerk ≥ 1. Further let {β1, . . . , βk} be an ordered basis of Fq over Fp. Define ξn,n = 0, 1, . . . , q − 1, by

ξn = n1β1 + n2β2 + . . .+ nkβk(1)

if

n = n1 + n2p+ . . .+ nkpk−1, 0 ≤ ni < p, i = 1, 2, . . . , k,

and note that ξ0, ξ1, . . . , ξq−1 run exactly through all elements of Fq. We obtainthe sequence ξ0, ξ1, . . . by extending with period q (ξn+q = ξn). Moreover, let

γ ={γ−1 if γ ∈ F ∗q ,

0 if γ = 0.

Mathematics subject classification numbers: 11K45, 11T23, 65C10.Key words and phrases: pseudorandom numbers, inversive method, random numbers

for parallel processors.

0031-5303/01/$5.00 Akademiai Kiado, Budapestc© Akademiai Kiado, Budapest Kluwer Academic Publishers, Dordrecht

78 h. niederreiter and a. winterhof

For an integer s with 1 ≤ s ≤ q, choose α1, . . . , αs ∈ F ∗q , β1, . . . , βs ∈ Fq such thatthe elements α−1

1 β1, . . . , α−1s βs of Fq are distinct. Then we put

γ(i)n = αiξn + βi for i = 1, 2, . . . , s and n = 0, 1, . . . .(2)

If

γ(i)n = c

(i)n,1β1 + c

(i)n,2β2 + . . .+ c

(i)n,kβk with all c(i)n,j ∈ Fp,(3)

then we consider the digital explicit inversive pseudorandom numbers defined in [12],

y(i)n =

k∑j=1

c(i)n,jp

−j ∈ [0, 1)

and we define explicit inversive parallel pseudorandom vectors by

yn = (y(1)n , . . . , y(s)

n ) ∈ [0, 1)s for n = 0, 1, . . . .

In the special case k = 1 we get the explicit inversive congruential pseudorandomnumbers introduced in [1] and the vectors investigated in [7].

After some auxiliary results in Section 2 we prove some new bounds for incom-plete exponential sums over finite fields in Section 3 which allow us to give nontrivialresults on the distribution of sequences of explicit inversive parallel pseudorandomvectors in Section 4. In particular, we generalize the results of [7] on the statisticalproperties over the full period and over parts of the period. Moreover, we extend therange for nontrivial results using the method of [9], [10], and [11]. In Section 5 wemention some structural properties of pseudorandom numbers generated by explicitinversive methods.

By the results of this paper the digital explicit inversive method qualifiesas one of the most promising candidates for the generation of parallel streams ofpseudorandom numbers with desirable properties.

2. Auxiliary results

Lemma 1. Let χ be a nontrivial additive character of Fq and let f/g be arational function over Fq. Let v be the number of distinct roots of the polynomialg in the algebraic closure Fq of Fq. Suppose that f/g is not of the form Ap − A,where A is a rational function over Fq. Then∣∣∣∣∣∣

∑ξ∈Fq, g(ξ)6=0

χ

(f(ξ)g(ξ)

)∣∣∣∣∣∣ ≤ (max(deg(f),deg(g)) + v∗ − 2)q1/2 + δ,

where v∗ = v and δ = 1 if deg(f) ≤ deg(g), and v∗ = v + 1 and δ = 0 otherwise.

Proof. [5, Theorem 2]. �

a new class of inversive pseudorandom numbers 79

Lemma 2. Let f/g be a rational function over Fq such that g is not divisibleby the pth power of a nonconstant polynomial over Fq, f 6= 0, and deg(f)−deg(g) 6≡0 mod p or deg(f) < deg(g). Then f/g is not of the form Ap − A, where A is arational function over Fq.

Proof. [12, Lemma 2]. �

Lemma 3. Let χ be a nontrivial additive character of Fq, N be an integerwith 1 ≤ N ≤ q, and ξn be defined as in (1) for n = 0, . . . , N − 1. Then we have∑

µ∈F∗q

∣∣∣∣∣N−1∑n=0

χ(µξn)

∣∣∣∣∣ ≤ ql(

4π2 log p+ 1.38

)+N(pk−l − 1),

where l =⌈

logNlog p

⌉.


Let C(p) denote the set of integers h with −p/2 < h ≤ p/2 and let Ck(p)be the set of k-dimensional points (h1, . . . , hk) with hj ∈ C(p) for 1 ≤ j ≤ k. For(h1, . . . , hk) ∈ Ck(p) we put Qp(h1, . . . , hk) = 1 if (h1, . . . , hk) = 0 and

Qp(h1, . . . , hk) = p−dcscπ

p|hd| if (h1, . . . , hk) 6= 0,

where d = d(h1, . . . , hk) is the largest j with hj 6= 0. Let C∗s×k(p) be the set of allnonzero s× k matrices with entries in C(p). For H = (hij) ∈ C∗s×k(p) we define

Wp(H) =s∏i=1

Qp(hi1, . . . , hik).

The following lemma is obtained by using [6, Lemma 3.13] for p = 2 and aninequality in the proof of [8, Theorem 2] for p > 2.

Lemma 4. For any s ≥ 1 and k ≥ 1 we have∑H∈C∗s×k(2)

W2(H) <(k

2+ 1)s

,

∑H∈C∗s×k(p)

Wp(H) <(

2πk log p+

25k + 1

)sif p > 2.

The following lemma is needed in the proof of Theorem 3 in Section 3. Fornonnegative integers n and i we define n⊕ i by

n⊕ i = j ⇐⇒ ξn + ξi = ξj ; 0 ≤ j < q.(4)


Lemma 5. For given integers L and m with 0 ≤ L,m < q, the number ofintegers n with 0 ≤ n ≤ L for which n ⊕m > L is at most m. Furthermore, thenumber of integers n with 0 ≤ n ≤ L which are not of the form r ⊕ m for some0 ≤ r ≤ L is at most m.


3. Bounds for exponential sums

For n = 0, 1, . . . let (γ(1)n , γ

(2)n , . . . , γ

(s)n ) be the vector of elements of Fq gener-

ated by (1) and (2). For a nontrivial additive character χ of Fq, for µ1, µ2, . . . , µs ∈Fq, and for an integer N with 1 ≤ N ≤ q we consider the exponential sums

SN =N−1∑n=0

χ

(s∑i=1

µiγ(i)n

).

Theorem 1. If µ1, µ2, . . . , µs are not all 0, then we have

|Sq| ≤ (2s− 2)q1/2 + s+ 1.

Proof. We have

|Sq| =

∣∣∣∣∣∣∑ξ∈Fq

χ

(s∑i=1

µiαiξ + βi

)∣∣∣∣∣∣ ≤ s+

∣∣∣∣∣∣∑

ξ∈Fq,g(ξ)6=0

χ

(f(ξ)g(ξ)

)∣∣∣∣∣∣ ,where

f(x) =s∑i=1

µi

s∏j=1,j 6=i

(αjx+ βj)

and

g(x) =s∏j=1

(αjx+ βj).

Since α−11 β1, . . . , α

−1s βs are distinct, g is squarefree. Since at least one µi is nonzero,

the uniqueness of the partial fraction decomposition for rational functions impliesthat f 6= 0. Since deg(f) < deg(g), Lemma 1 and Lemma 2 yield the result. �


|SN | < s(2q1/2 + 1)(

4π2 log pl + 1.38l+ 1

)for 1 ≤ N < q,


where l =⌈

logNlog p

⌉.

Proof. With σn =∑si=1 µiγ

(i)n we have

SN =q−1∑n=0

χ(σn)N−1∑t=0

1q

∑µ∈Fq

χ(µ(ξn − ξt))

=1q

∑µ∈Fq

(N−1∑t=0

χ(−µξt))(

q−1∑n=0

χ(σn + µξn)

)

=N

q

q−1∑n=0

χ(σn) +1q

∑µ∈F∗q

(N−1∑t=0

χ(−µξt))(

q−1∑n=0

χ(σn + µξn)

),

and so

|SN | ≤N

q|Sq|+

1q

∑µ∈F∗q

∣∣∣∣∣N−1∑t=0

χ(µξt)

∣∣∣∣∣∣∣∣∣∣q−1∑n=0

χ(σn + µξn)

∣∣∣∣∣ .For µ ∈ F ∗q we have∣∣∣∣∣

q−1∑n=0

χ(σn + µξn)

∣∣∣∣∣ =

∣∣∣∣∣∣∑ξ∈Fq

χ

(s∑i=1

µiαiξ + βi + µξ

)∣∣∣∣∣∣≤ s+

∣∣∣∣∣∣∑

ξ∈Fq,g(ξ)6=0

χ

(f(ξ)g(ξ)

)∣∣∣∣∣∣ ,where

f(x) = µxs∏j=1

(αjx+ βj) +s∑i=1

µi

s∏j=1,j 6=i

(αjx+ βj)

and

g(x) =s∏j=1

(αjx+ βj).

Lemmas 1, 2, and 3 yield

∑µ∈F∗q

∣∣∣∣∣N−1∑t=0

χ(µξt)

∣∣∣∣∣∣∣∣∣∣q−1∑n=0

χ(σn + µξn)

∣∣∣∣∣ ≤ s(2q1/2 + 1)∑µ∈F∗q

∣∣∣∣∣N−1∑t=0

χ(µξt)

∣∣∣∣∣≤ s(2q1/2 + 1)

(ql

(4π2 log p+ 1.38

)+N(pk−l − 1)

),


where l =⌈

logNlog p

⌉. Hence we obtain by Theorem 1,

|SN | ≤N

q((2s− 2)q1/2 + s+ 1)

+s(2q1/2 + 1)(

4π2 log pl + 1.38l+N(p−l − p−k)

).

Simple calculations yield the theorem. �

Theorem 2 is nontrivial only if N is at least of the order of magnitudesq1/2 log q. Now we prove a bound which is nontrivial for N at least of the or-der of magnitude sq1/2.


|SN | <√

5s1/2N1/2q1/4 + q1/2 for 1 ≤ N < q.

Proof. We can assume that 2s + 1 ≤ 2q1/2 since otherwise the result istrivial. With σn =

∑si=1 µiγ

(i)n and any integer m with 0 ≤ m < q we have by

Lemma 5, ∣∣∣∣∣SN −N−1∑n=0

χ (σn⊕m)

∣∣∣∣∣ ≤ 2m.

For an integer M with 1≤M ≤ q we use the above inequality for m = 0, 1, . . . ,M−1and we get

M |SN | ≤W +M(M − 1),(5)

where

W =

∣∣∣∣∣N−1∑n=0

M−1∑m=0

χ(σn⊕m)

∣∣∣∣∣ ≤N−1∑n=0

∣∣∣∣∣M−1∑m=0

χ (σn⊕m)

∣∣∣∣∣ .By the Cauchy-Schwarz inequality we obtain

W 2 ≤ NN−1∑n=0

∣∣∣∣∣M−1∑m=0

χ (σn⊕m)

∣∣∣∣∣2

≤ N∑ξ∈Fq

∣∣∣∣∣M−1∑m=0

χ

(s∑i=1

µiαi(ξ + ξm) + βi

)∣∣∣∣∣2

= NM−1∑

m1,m2=0

∑ξ∈Fq

χ

(s∑i=1

µi

(αi(ξ + ξm1) + βi − αi(ξ + ξm2) + βi

)).

If m1 = m2, then the sum over ξ is equal to q. For m1 6= m2 let

f(x) = (ξm2 − ξm1)s∑i=1

µiαi

s∏j=1,j 6=i

(αj(x+ ξm1) + βj)(αj(x+ ξm2) + βj)


and

g(x) =s∏j=1

(αj(x+ ξm1) + βj)(αj(x+ ξm2) + βj).

Then ∣∣∣∣∣∣∑ξ∈Fq

χ

(s∑i=1

µi(αi(ξ + ξm1) + βi − αi(ξ + ξm2) + βi

))∣∣∣∣∣∣≤ 2s+

∣∣∣∣∣∣∑

ξ∈Fq,g∗(ξ)6=0

χ

(f∗(ξ)g∗(ξ)

)∣∣∣∣∣∣ ,where f∗ = f

(f,g) and g∗ = g(f,g) . For the application of Lemmas 1 and 2 we need

that g∗ is squarefree and f∗ 6= 0.In g(x) we can have repetition of factors only if there exist 1 ≤ i, j ≤ s with

i 6= j such thatαi(x+ ξm1) + βi = αj(x+ ξm2) + βj .

Then αi(x+ ξm1) + βi is a common factor of f and g. Hence g∗ is squarefree.Suppose we have f∗ = 0. Let i be an index with µi 6= 0. Then

0 = f∗(−α−1i βi − ξm1) = f(−α−1

i βi − ξm1)

= (ξm2 − ξm1)µis∏

j=1,j 6=i(αiβj − αjβi)(αj(−α−1

i βi + ξm2 − ξm1) + βj).

Since α−11 β1, . . . , α

−1s βs are distinct there exists 1 ≤ j ≤ s, i 6= j, satisfying

αj(−α−1i βi + ξm2 − ξm1) + βj = 0.(6)

There are at most s− 1 possible indices m2 6= m1 satisfying (6) for given m1 and i.For these m2 we estimate trivially.

By Lemmas 1 and 2 we obtain

W 2 ≤ N(Msq +M2((4s− 2)q1/2 + 2s+ 1)) ≤ N(Msq + 4M2sq1/2).

Choosing M =⌈q1/2

⌉we get

W 2

M2 ≤ 5sNq1/2,

and thus|SN | <

√5s1/2N1/2q1/4 + q1/2

by (5). �


4. Statistical independence properties

We use the bounds for exponential sums obtained in the previous section toderive results on the distribution of sequences of explicit inversive parallel pseudo-random vectors over the full period and in parts of the period.

Given s sequences y(i)0 , y

(i)1 , . . . (1 ≤ i ≤ s) of digital explicit inversive pseudo-

random numbers with the conditions in Section 1, we consider the explicit inversiveparallel pseudorandom vectors

yn = (y(1)n , y(2)

n , . . . , y(s)n ) ∈ [0, 1)s for n = 0, 1, . . . .

Then for any integer N with 1 ≤ N ≤ q we define the star discrepancy

D∗(s)N = sup

J|FN (J)− V (J)|,

where the supremum is extended over all subintervals J of [0, 1)s containing theorigin, FN (J) is N−1 times the number of points among y0,y1, . . . ,yN−1 fallinginto J , and V (J) denotes the s-dimensional volume of J . In the following weestablish an upper bound for D∗(s)N .

Theorem 4. For any sequence of s-dimensional explicit inversive parallelpseudorandom vectors and for any 1 ≤ N < q the star discrepancy D∗(s)N satisfies

D∗(s)N = O(min(N−1q1/2 log q,N−1/2q1/4)(log q)s).

Proof. For H = (hij) ∈ C∗s×k(p) we define the exponential sum

SN (H) =N−1∑n=0

e

1p

s∑i=1

k∑j=1

hijc(i)n,j

,

where e(u) = exp(2π√−1u) for all real u and the c(i)n,j ∈ Fp are as in (3). Then

by a general discrepancy bound in [2, Theorem 1(ii) and Lemma 3(iii)] (see also [6,Theorem 3.12] for a slightly weaker version) we obtain

D∗(s)N ≤ 1−

(1− 1

q

)s+

1N

∑H∈C∗s×k(p)

Wp(H)|SN (H)|.(7)

Let {δ1, . . . , δk} be the dual basis of the given ordered basis {β1, . . . , βk} of Fq overFp. Then by a well-known principle (see [3, p.55]) we have

c(i)n,j = Tr(δjγ(i)

n ) for 1 ≤ i ≤ s, 1 ≤ j ≤ k, and n ≥ 0,

where Tr denotes the trace function from Fq to Fp. Therefore

SN (H) =N−1∑n=0

e

1p

s∑i=1

k∑j=1

hijTr(δjγ(i)n )


=N−1∑n=0

e

1p

Tr

s∑i=1

k∑j=1

hijδjγ(i)n

=N−1∑n=0

χ

(s∑i=1

µiγ(i)n

),

where χ is the canonical additive character of Fq and

µi =k∑j=1

hijδj ∈ Fq for 1 ≤ i ≤ s.

Since H is not the zero matrix and {δ1, . . . , δk} is a basis of Fq over Fp, it followsthat µ1, . . . , µs are not all 0. Hence we may apply the results of Section 3.

We have by (7), Theorem 2, Theorem 3, and Lemma 4,

D∗(s)N <

s

q+

1N

(k

2+ 1)s×

min(s(2q1/2 + 1)

(4π2 log pl + 1.38l+ 1

),√

5s1/2N1/2q1/4 + q1/2)

if p = 2, and

D∗(s)N <

s

q+

1N

(2π

log q +25k + 1

)s×

min(s(2q1/2 + 1)

(4π2 log pl + 1.38l+ 1

),√

5s1/2N1/2q1/4 + q1/2)

if p > 2. �

Theorem 5. For any sequence of s-dimensional explicit inversive parallelpseudorandom vectors the star discrepancy D∗(s)q satisfies

D∗(s)q = O(q−1/2(log q)s).

Proof. The theorem follows by (7), Theorem 1, and Lemma 4 with the samearguments as in the proof of the previous theorem. �

5. Structural Properties

For given s ≥ 1 we say that a generator η0, η1, . . . over Fq passes the s-dimensional lattice test if the vectors yn − y0, n = 0, 1, . . . , span F sq , where

yn = (ηn, ηn⊕1, . . . , ηn⊕(s−1)) ∈ F sq for n = 0, 1, . . .

and ⊕ is defined in (4). For congruential generators modulo a prime p this latticetest was proposed by Marsaglia [4].

It was mentioned in [7, Section 3] that an explicit inversive congruential gen-erator modulo p passes the s-dimensional lattice test if and only if s ≤ p−2. In [13]


it was proved that an explicit inversive generator over Fq passes the s-dimensionallattice test if and only if s ≤ q − q

p − 1.Moreover, the explicit inversive parallel pseudorandom vectors possess an op-

timal nonlinearity property expressed in the next theorem.

Theorem 6. Every hyperplane in F sq contains at most s of the points

(γ(1)n , . . . , γ

(s)n ), n = 0, 1, . . . , q − 1, with γ

(1)n · · ·γ(s)

n 6= 0. If the hyperplanepasses through the origin of F sq , then it contains at most s − 1 of these points

(γ(1)n , . . . , γ

(s)n ).

Proof. The theorem is a direct extension of [7, Theorem 1]. �

REFERENCES

[1] J. Eichenauer-Herrmann, Statistical independence of a new class of inversive con-gruential pseudorandom numbers, Math. Comp. 60 (1993), 375–384.

[2] P. Hellekalek, General discrepancy estimates: the Walsh function system, ActaArith. 67 (1994), 209–218.

[3] R. Lidl and H. Niederreiter, Introduction to Finite Fields and Their Applications,revised ed., Cambridge University Press, Cambridge, 1994.

[4] G. Marsaglia, The structure of linear congruential sequences, in Applications ofNumber Theory to Numerical Analysis (S. K. Zaremba, Ed.), 249–285, AcademicPress, New York, 1972.

[5] C. J. Moreno and O. Moreno, Exponential sums and Goppa codes: I, Proc. Amer.Math. Soc. 111 (1991), 523–531.

[6] H. Niederreiter, Random Number Generation and Quasi-Monte Carlo Methods,SIAM, Philadelphia, 1992.

[7] H. Niederreiter, On a new class of pseudorandom numbers for simulation methods,J. Comp. Appl. Math. 56 (1994), 159–167.

[8] H. Niederreiter, Improved bounds in the multiple-recursive matrix method forpseudorandom number and vector generation, Finite Fields Appl. 2 (1996), 225–240.

[9] H. Niederreiter and I. E. Shparlinski, On the distribution of inversive congru-ential pseudorandom numbers in parts of the period, Math. Comp., to appear.

[10] H. Niederreiter and I. E. Shparlinski, On the distribution and lattice structureof nonlinear congruential pseudorandom numbers, Finite Fields Appl. 5 (1999), 246–253.

[11] H. Niederreiter and I. E. Shparlinski, On the distribution of pseudorandomnumbers and vectors generated by inversive methods, Appl. Algebra Engrg. Comm.Comput. 10 (2000), 189–202.

[12] H. Niederreiter and A. Winterhof, Incomplete exponential sums over finite fieldsand their applications to new inversive pseudorandom number generators, Acta Arith.93 (2000), 387–399.

[13] H. Niederreiter and A. Winterhof, On the lattice structure of pseudorandomnumbers generated over arbitrary finite fields, Preprint, 1999.


(Received: December 28, 1999)

H. Niederreiter and A. Winterhof

Institute of Discrete Mathematics

Austrian Academy of Sciences

Sonnenfelsgasse 19

A–1010 Vienna

Austria

E-mail: [email protected], [email protected]

Documents

On a new class of inversive pseudorandom numbers for parallelized simulation methods