Embed Size (px)
Citation preview
Finite Fields and Their Applications 8, 491–503 (2002)
doi:10.1006/ffta.2002.0358
On the Average Distribution of Inversive PseudorandomNumbers
Harald Niederreiter
Department of Mathematics, National University of Singapore, 2 Science Drive 2,
Singapore 117543, Republic of Singapore
E-mail: [email protected]
and
Igor E. Shparlinski
Department of Computing, Macquarie University, NSW 2109, Australia
E-mail: [email protected]
Communicated by Peter Jau-Shyong Shiue
Received August 13, 2001; revised February 17, 2002; published online May 28, 2002
The inversive congruential method is an attractive alternative to the classical linear
congruential method for pseudorandom number generation. The authors have
recently introduced a new method for obtaining nontrivial upper bounds on the
multidimensional discrepancy of inversive congruential pseudorandom numbers in
parts of the period. This method has also been used to study the multidimensional
distribution of several other similar families of pseudorandom numbers. Here we
apply this method to show that, ‘‘on average’’ over all initial values, much stronger
results than those known for ‘‘individual’’ sequences can be obtained. # 2002 Elsevier
Science (USA)
Key Words: pseudorandom numbers; discrepancy; inversive congruential gen-
erator; digital inversive generator.
1. INTRODUCTION
Let q be a (large) prime power and let Fq be the field of q elements. Forgiven a 2 F*
q ; b 2 Fq, let c be the permutation of Fq defined by
cðgÞ ¼ag�1 þ b if g=0;
b if g ¼ 0:
(ð1Þ
4911071-5797/02 $35.00
# 2002 Elsevier Science (USA)
All rights reserved.
NIEDERREITER AND I.E. SHPARLINSKI492
Let u0ðWÞ; u1ðWÞ; . . . be the sequence of elements of Fq obtained by therecurrence relation
unþ1ðWÞ ¼ cðunðWÞÞ; n ¼ 0; 1; . . . ; ð2Þ
where u0ðWÞ ¼ W is the initial value. It is obvious that the sequence (2) ispurely periodic with some least period t� q. It is known when suchsequences achieve the largest possible period t ¼ q (see [1, 9, 21]).
Two types of sequences of pseudorandom numbers can be derived fromthe sequence (2): inversive congruential pseudorandom numbers (see Section3) where q is a prime p and digital inversive pseudorandom numbers (seeSection 4) where q is a power of a small prime.
The inversive congruential generator provides a very attractive alternativeto linear congruential generators and has been extensively studied in theliterature. For sequences of inversive congruential pseudorandom numbersof period t ¼ p, a number of results about the distribution and statisticalalmost-independence of inversive congruential pseudorandom numbers overthe full period have been established, starting with the paper [18]. Many ofthese results are essentially best possible. We refer to [5–7, 17–20, 22, 23] formore details and references to original papers.
In [27], we introduced a method which allowed us to give the firstnontrivial bounds on the one-dimensional discrepancy of an individualsequence of inversive congruential pseudorandom numbers in parts of theperiod. In [14], this method was extended to the multidimensionaldiscrepancy. In [24], similar results were obtained for sequences satisfyingthe relation unþ1ðWÞ ¼ f ðunðWÞÞ with a polynomial f ðX Þ 2 Fp½X . In the seriesof papers [12–14, 23, 25, 26, 29–31], this method was successfully applied tomany other similar generators; see also the recent survey [28] and the paper[2] where the method is analyzed in the more general setting of arbitraryfinite abelian groups.
In the very special but important case for cryptographic applicationswhere f ðX Þ ¼ Xe, that is, for the power generator, alternative approacheshave been proposed in [10, 11]. These approaches, although they haveproduced quite strong results for the power generator, cannot be extendedto other nonlinear generators.
In this paper we show that our method can also be used to produce newresults on the multidimensional distribution of inversive congruential anddigital inversive pseudorandom numbers for all initial segments of length N ,starting with very small values of N , when the initial value of the generator isselected at random.
Throughout the paper, the implied constants in the symbols ‘‘O’’ and‘‘’’ may occasionally, where obvious, depend on some integer parameter
INVERSIVE PSEUDORANDOM NUMBERS 493
s� 1 and are absolute otherwise (we recall that AB is equivalent toA ¼ OðBÞ).
2. AUXILIARY RESULTS
Let us consider the following sequence of rational functions over Fq:
R0ðX Þ ¼ X ; RiðX Þ ¼ Ri�1ðaX�1 þ bÞ; i ¼ 1; 2; . . . :
It is obvious that this sequence is purely periodic. Denote by T the leastperiod. Obviously T � t. It follows from [26, Lemma 1] that there existelements e1; . . . ; eT�1 2 Fq, such that
RiðX Þ ¼ðb� eiÞX þ a
X � eifor 1 � i� T � 1:
It suffices to observe that in that lemma we must have ri=0 for1 � i� T � 1. This implies that for 1 � i� T � 1 we have
ciðgÞ ¼ðb� eiÞgþ a
g� eifor g 2 Fq\fe1; . . . ; eig; ð3Þ
where ci denotes the ith iterate of the permutation c given by (1).We write
emðzÞ ¼ expð2piz=mÞ
for a positive integer m and any integer z. Let w denote the canonical additivecharacter of Fq, which is given by
wðgÞ ¼ epðTrðgÞÞ for all g 2 Fq;
where p is the characteristic of Fq and Tr is the trace function from Fq to Fp.For a vector h ¼ ðm0; . . . ;ms�1Þ 2 Fsq and integers c;M ;N with M � 1 and
N � 1, we define
Vh;cðM ;N Þ ¼XW2Fq
XN�1
n¼0
wXs�1
j¼0
mjcnþjðWÞ
!eM ðcnÞ
����������2
:
Lemma 1. For any prime power q, integers c;M ;N with M � 1 and
1 � N � T and any nonzero vector h ¼ ðm0; . . . ;ms�1g 2 Fsq we have
Vh;cðM ;N Þ AðN ; qÞ;
NIEDERREITER AND I.E. SHPARLINSKI494
where
AðN ; qÞ ¼Nq if N � q1=2;
N2q1=2 if N > q1=2:
(
Proof. We have
Vh;cðM ;N Þ ¼XN�1
k;l¼0
eM ðcðk � lÞÞXW2Fq
wXs�1
j¼0
mjðckþjðWÞ � clþjðWÞÞ
!
�XN�1
k;l¼0
XW2Fq
wXs�1
j¼0
mjðckþjðWÞ � clþjðWÞÞ
!������������:
Since c is a permutation, the absolute value of the sum over W depends,as a function of k and l, only on d ¼ jk � lj. If d ¼ 0, then the sum over W isequal to q. Therefore,
Vh;cðM ;N Þ�Nqþ 2XN�1
d¼1
ðN � dÞXW2Fq
wXs�1
j¼0
mjðcdþjðWÞ � cjðWÞÞ
!������������:
The last sum over W was already considered in [26, Eq. (6)]. Therefore, bythe inequality at the bottom of p. 194 in [26] and noting (3), we obtain
XW2Fq
wXs�1
j¼0
mjðcdþjðWÞ � cjðWÞÞ
!������������� ð4s� 2Þq1=2 þ 2ðd þ s� 1Þ
provided that d � T � s. Since d � N � 1 � T � 1, there are at most s� 1remaining values of d for which we use the trivial bound q for the abovecharacter sum. Hence,
Vh;cðM ;N Þ Nqþ q1=2XN�1
d¼1
ðN � dÞ þXN�1
d¼1
ðN � dÞðd þ s� 1Þ;
and after simple calculations we obtain
Vh;cðM ;N Þ Nqþ N 2q1=2 þ N3: ð4Þ
We note that the second term in the bound (4) never dominates; thus, we have
Vh;cðM ;N Þ Nqþ N3:
INVERSIVE PSEUDORANDOM NUMBERS 495
We also remark that because c is a permutation, we get for any integer L,
XW2Fq
XLþN�1
n¼L
wXs�1
j¼0
mjcnþjðWÞ
!eM ðcnÞ
����������2
¼XW2Fq
XN�1
n¼0
wXs�1
j¼0
mjcnþjðcLðWÞÞ
!eM ðcnÞ
����������2
¼ Vh;cðM ;N Þ:
Therefore, separating the inner sum into at most N=K þ 1 subsums of lengthat most K, for any integer 1 � K � N we have
Vh;cðM ;N Þ ðKqþ K3ÞN 2K�2 ¼ N2ðqK�1 þ KÞ:
Thus, selecting K ¼ minfN ;�q1=2
�g and taking into account that qN�1 � N
for N � q1=2, we obtain the desired result. &
We also need the obvious identity
Xm�1
a¼0
emðabÞ ¼0 if bc0 ðmodmÞ;
m if b � 0 ðmodmÞ:
(ð5Þ
For integers m� 1 and c, let us define
jjcjjm ¼ minb2Z
jc� bmj:
Then we have the easily established inequality
XLþQr¼Lþ1
emðcrÞ
����������� m
maxf1; 2jjcjjmgð6Þ
which holds for any integers c; L, and m� Q� 1.For a sequence of N points
G ¼ ðg1;n; . . . ; gs;nÞNn¼1 ð7Þ
of the half-open interval ½0; 1Þs, denote by DG its discrepancy, that is,
DG ¼ supB�½0;1Þs
TGðBÞN
� jBj
��������;
where TGðBÞ is the number of points of the sequence G which hit the box
B ¼ ½a1;b1Þ � � � � � ½as;bsÞ � ½0; 1Þs
and the supremum is taken over all such boxes.
NIEDERREITER AND I.E. SHPARLINSKI496
For an integer vector a ¼ ða1; . . . ; asÞ 2 Zs we put
jaj ¼ maxj¼1;...;s
jajj; rðaÞ ¼Ysj¼1
maxfjajj; 1g: ð8Þ
We need the Erd .oos–Tur !aan–Koksma inequality (see [3, Theorem 1.21]) forthe discrepancy of a sequence of points of the s-dimensional unit cube,which we present in the following form.
Lemma 2. For any integer G� 1, the discrepancy DG of a sequence of
points (7) satisfies
DG 1
Gþ
1
N
X05jaj�G
1
rðaÞ
XNn¼1
exp 2piXsj¼1
ajgj;n
!����������;
where jaj; rðaÞ are defined by (8) and the sum is taken over all integer vectors
a ¼ ða1; . . . ; asÞ 2 Zs
with 05jaj � G.
3. DISCREPANCY BOUND FOR INVERSIVE CONGRUENTIALPSEUDORANDOM NUMBERS
For the generation of inversive congruential pseudorandom numberswe let q be a (large) prime number p and identify the finite field Fp with theleast residue system modulo p. If u0ðWÞ; u1ðWÞ; . . . is the sequence of elementsof Fp generated by (1) and (2) with the initial value u0ðWÞ ¼ W 2 Fp, then thenumbers u0ðWÞ=p; u1ðWÞ=p; . . . in the interval ½0; 1Þ form a sequence ofinversive congruential pseudorandom numbers. These pseudorandom num-bers were introduced by Eichenauer and Lehn [4].
Let s� 1 be an integer. We denote by DðsÞN ðWÞ the s-dimensional
discrepancy of the s-tuples
unðWÞp
;unþ1ðWÞp
; . . . ;unþs�1ðWÞ
p
; 0 � n� N � 1:
We use log to denote the logarithm to the base 2. The number T is definedas in the beginning of Section 2. Let
BðN ;p; T Þ ¼N�1=2ðlog N þ 1Þsþ1 log ðT þ 1Þ if N � p1=2;
p�1=4ðlog N þ 1Þsþ1 log ðT þ 1Þ if N > p1=2:
(
INVERSIVE PSEUDORANDOM NUMBERS 497
Theorem 3. Let s� 1 be an integer and 05e51 . Then for all
initial values W ¼ 0; 1; . . . ;p � 1, except at most OðepÞ of them,the discrepancy DðsÞ
N ðWÞ of inversive congruential pseudorandom numbers
satisfies
DðsÞN ðWÞ e�1BðN ;p; T Þ for 1 � N � T :
Proof. Without loss of generality we can assume that N � 2. FromLemma 2 with G ¼ bN=2c we derive
DðsÞN ðWÞ
1
Nþ
1
N
X05jaj�N=2
1
rðaÞ
XN�1
n¼0
epXsj¼1
ajunþj�1ðWÞ
!����������:
Let mn ¼ 2n; n ¼ 0; 1; . . . ; and define k � 1 by the condition mk�15N �mk. From (5) we derive
XN�1
n¼0
epXsj¼1
ajunþj�1ðWÞ
!
¼1
mk
Xmk�1
n¼0
epXsj¼1
ajunþj�1ðWÞ
!Xmk�1
c¼0
XN�1
r¼0
emk ðcðn� rÞÞ:
Therefore, from (6) we obtain
XN�1
n¼0
epXsj¼1
ajunþj�1ðWÞ
!����������
�Xmk�1
c¼0
1
maxf1; 2jjcjjmkg
Xmk�1
n¼0
epXsj¼1
ajunþj�1ðWÞ
!emk ðcnÞ
����������:
It follows that
DðsÞN ðWÞ DðsÞ
k ðWÞ; ð9Þ
where
DðsÞk ðWÞ ¼
1
Nþ
1
mk
X05jaj�mk�1
1
rðaÞ
Xmk�1
c¼0
1
maxf1; jjcjjmkg
Xmk�1
n¼0
epXs�1
j¼0
ajþ1unþjðWÞ
!emk ðcnÞ
����������:
NIEDERREITER AND I.E. SHPARLINSKI498
Now,
Xp�1
W¼0
DðsÞk ðWÞ ¼
pNþ
1
mk
X05jaj�mk�1
1
rðaÞ
Xmk�1
c¼0
1
maxf1; jjcjjmkg
�Xp�1
W¼0
Xmk�1
n¼0
epXs�1
j¼0
ajþ1unþjðWÞ
!emk ðcnÞ
����������
¼pNþ
1
mk
X05jaj�mk�1
1
rðaÞ
Xmk�1
c¼0
1
maxf1; jjcjjmkg
�Xp�1
W¼0
Xmk�1
n¼0
epXs�1
j¼0
ajþ1cnþjðWÞ
!emk ðcnÞ
����������:
Applying the Cauchy–Schwarz inequality, from Lemma 1 we derive
Xp�1
W¼0
Xmk�1
n¼0
epXs�1
j¼0
ajþ1cnþjðWÞ
!emk ðcnÞ
���������� p1=2Aðmk ;pÞ
1=2:
Therefore,
Xp�1
W¼0
DðsÞk ðWÞ
pNþp1=2Aðmk ;pÞ
1=2
mk
X05jaj�mk�1
1
rðaÞ
Xmk�1
c¼0
1
maxf1; jjcjjmkg
p1=2Aðmk ;pÞ
1=2ðlogmkÞsþ1
mk;
where we used the standard bound for partial sums of the harmonic seriesin the last step. Thus, for each k ¼ 1; . . . ; dlog T e, the inequality
DðsÞk ðWÞ �
Aðmk ;pÞ1=2ðlogmkÞ
sþ1 log Temkp1=2
¼ e�1Bðmk ;p; T Þ ð10Þ
can hold for at most Oðep=log T Þ values of W ¼ 0; 1; . . . ;p � 1. Therefore,the number of W ¼ 0; 1; . . . ;p � 1 for which (10) holds for at least onek ¼ 1; . . . ; dlog T e is OðepÞ. For all other W, we get from (9),
DðsÞN ðWÞ DðsÞ
k ðWÞ5e�1Bðmk ;p; T Þ e�1BðN ;p; T Þ
for 1 � N � T , where we used mk ¼ 2mk�152N in the last step. &
INVERSIVE PSEUDORANDOM NUMBERS 499
4. DISCREPANCY BOUND FOR DIGITAL INVERSIVEPSEUDORANDOM NUMBERS
For the generation of digital inversive pseudorandom numbers, we letq ¼ pr with a (small) prime p and an integer r� 2. Let u0ðWÞ; u1ðWÞ; . . . bethe sequence of elements of Fq generated by (1) and (2) with the initial valueu0ðWÞ ¼ W 2 Fq. Then we view Fq as an r-dimensional vector space over Fpand we again identify Fp with the least residue system modulo p. For n ¼0; 1; . . . let
ðcð1Þn ðWÞ; . . . ; cðrÞn ðWÞÞ 2 Frp
be the coordinate vector of unðWÞ 2 Fq relative to a given ordered basis of Fqover Fp. Now a sequence x0ðWÞ; x1ðWÞ; . . . of digital inversive pseudorandom
numbers in the interval ½0; 1Þ is defined by
xnðWÞ ¼Xrj¼1
cðjÞn ðWÞp�j for n ¼ 0; 1; . . . :
These pseudorandom numbers were introduced by Eichenauer-Herrmannand Niederreiter [8]. It is obvious that if t is the least period of the sequenceu0ðWÞ; u1ðWÞ; . . . ; then the sequence x0ðWÞ; x1ðWÞ; . . . is purely periodic withleast period t.
Let s� 1 be an integer. We denote by DðsÞN ðWÞ the s-dimensional
discrepancy of the s-tuples
ðxnðWÞ; xnþ1ðWÞ; . . . ; xnþs�1ðWÞÞ; 0 � n� N � 1:
We define the number T as in the beginning of Section 2 and put
CðN ; q; T Þ ¼N�1=2ðlog qÞsðlog N þ 1Þ log ðT þ 1Þ if N � q1=2;
q�1=4ðlog qÞsðlog N þ 1Þ log ðT þ 1Þ if N > q1=2:
(
Theorem 4. Let s� 1 be an integer and 05e51. Then for all initial
values W 2 Fq, except at most OðeqÞ of them, the discrepancy DðsÞN ðWÞ of digital
inversive pseudorandom numbers satisfies
DðsÞN ðWÞ e�1CðN ; q; T Þ for 1 � N � T :
Proof. We can again assume that N � 2. For any initial value W 2 Fq,we first proceed as in the proof of [26, Theorem 7]. Let C *
s�rðpÞ be the set ofall nonzero s� r matrices whose entries are integers from the interval
NIEDERREITER AND I.E. SHPARLINSKI500
ð�p=2;p=2. For H 2 C *s�rðpÞ, let the positive weight WpðH Þ be defined as on
p. 197 of [26]. Then by [26, Eq. (13)] we have
DðsÞN ðWÞ
1
qþ
1
N
XH2C *
s�rðpÞ
WpðH ÞjSN ðH ;WÞj
with
SN ðH ;WÞ ¼XN�1
n¼0
wXsj¼1
mjcnþj�1ðWÞ
!;
where m1; . . . ; ms 2 Fq depend on H and are not all 0. Now we proceed inanalogy with the proof of Theorem 3. Let mn ¼ 2n; n ¼ 0; 1; . . . ; and definek � 1 by the condition mk�15N � mk. Then, as in the proof of Theorem 3we obtain
jSN ðH ; WÞj4Xmk�1
c¼0
1
maxf1; 2jjcjjmkg
Xmk�1
n¼0
wXsj¼1
mjcnþj�1ðWÞ
!emk ðcnÞ
����������:
It follows that
DðsÞN ðWÞ DðsÞ
k ðWÞ;
where
DðsÞk ðWÞ ¼
1
qþ
1
mk
XH2C *
s�rðpÞ
WpðH ÞXmk�1
c¼0
1
maxf1; jjcjjmkg
�Xmk�1
n¼0
wXs�1
j¼0
mjþ1cnþjðWÞ
!emk ðcnÞ
����������:
Now,
XW2Fq
DðsÞk ðWÞ ¼ 1þ
1
mk
XH2C *
s�rðpÞ
WpðH ÞXmk�1
c¼0
1
maxf1; jjcjjmkg
�XW2Fq
Xmk�1
n¼0
wXs�1
j¼0
mjþ1cnþjðWÞ
!emk ðcnÞ
����������:
From the Cauchy–Schwarz inequality and Lemma 1 we obtain
XW2Fq
Xmk�1
n¼0
wXs�1
j¼0
mjþ1cnþjðWÞ
!emk ðcnÞ
���������� q1=2Aðmk ; qÞ
1=2:
INVERSIVE PSEUDORANDOM NUMBERS 501
If we note also that XH2C *
s�rðpÞ
WpðH Þ ðlog qÞs
by [26, Lemma 6], then we getXW2Fq
DðsÞk ðWÞ
q1=2Aðmk ; qÞ1=2ðlog qÞs logmkmk
:
The proof is now completed as in Theorem 3. &
5. REMARKS
Theorems 3 and 4 yield a nontrivial discrepancy bound whenever N is atleast of the order of magnitude ðlog pÞ2sþ2þy, respectively ðlog qÞ2sþ2þy, forsome y > 0. We remark that the bound in [14] for inversive congruentialpseudorandom numbers, namely
DðsÞN ðWÞ N�1=2p1=4ðlog pÞs;
which holds for all initial values W and 1 � N � t where t� T is the periodof the corresponding sequence, is nontrivial only for N at least of the orderof magnitude p1=2ðlog pÞ2sþy. A similar statement holds with regard to thebound
DðsÞN ðWÞ N�1=2q1=4ðlog qÞs
in [26] for digital inversive pseudorandom numbers. In the case of greatestpractical interest, namely when t ¼ p in the inversive congruential methodand t ¼ q in the digital inversive method, Theorems 3 and 4 can also beinterpreted as discrepancy bounds for ‘‘almost all’’ segments of length N in agiven sequence of inversive congruential, respectively digital inversive,pseudorandom numbers.
It should be of interest to apply our technique to some other similarinversive generators such as those of [23, 26, 29–31]; see also the survey [28].Unfortunately, for another important class of pseudorandom numbergenerators, namely for polynomial generators, our method does not giveany significant improvement on the ‘‘individual’’ results of [24].
We remark that our method works for generators modulo a compositenumber as well. But one should expect weaker results because instead of thevery powerful Weil bound which is implicit in the proof of Lemma 1, onewill have to use bounds on exponential sums with composite denominatorwhich are essentially weaker; see [15, 16, 32].
NIEDERREITER AND I.E. SHPARLINSKI502
REFERENCES
1. W.-S. Chou, The period lengths of inversive pseudorandom vector generations, Finite Fields
Appl. 1 (1995), 126–132.
2. S. D. Cohen, H. Niederreiter, I. E. Shparlinski, and M. Zieve, Incomplete character sums
and a special class of permutations, J. Th!eeorie des Nombres Bordeaux 13 (2001), 53–63.
3. M. Drmota and R. F. Tichy, ‘‘Sequences, Discrepancies and Applications,’’ Lecture Notes
in Mathematics, Vol. 1651, Springer-Verlag, Berlin, 1997.
4. J. Eichenauer and J. Lehn, A non-linear congruential pseudo random number generator,
Statist. Papers 27 (1986), 315–326.
5. J. Eichenauer-Herrmann and F. Emmerich, Compound inversive congruential pseudoran-
dom numbers: An average-case analysis, Math. Comput. 65 (1996), 215–225.
6. J. Eichenauer-Herrmann, F. Emmerich, and G. Larcher, Average discrepancy, hyperplanes,
and compound pseudorandom numbers, Finite Fields Appl. 3 (1997), 203–218.
7. J. Eichenauer-Herrmann, E. Herrmann, and S. Wegenkittl, A survey of quadratic and
inversive congruential pseudorandom numbers, in ‘‘Monte Carlo and Quasi-Monte Carlo
Methods 1996’’ (H. Niederreiter et al., Eds.), Lecture Notes in Statistics, Vol. 127, pp. 66–
97, Springer-Verlag, New York, 1998.
8. J. Eichenauer-Herrmann and H. Niederreiter, Digital inversive pseudorandom numbers,
ACM Trans. Model. Comput. Simul. 4 (1994), 339–349.
9. M. Flahive and H. Niederreiter, On inversive congruential generators for pseudorandom
numbers, in ‘‘Finite Fields, Coding Theory, and Advances in Communications and
Computing’’ (G.L. Mullen and P.J.-S. Shiue, Eds.), pp. 75–80, Marcel Dekker, New York,
1993.
10. J. B. Friedlander, D. Lieman, and I. E. Shparlinski, On the distribution of the RSA
generator, in ‘‘Sequences and Their Applications’’ (C. Ding, T. Helleseth, and H.
Niederreiter, Eds.), pp. 205–212, Springer-Verlag, London, 1999.
11. J. B. Friedlander and I. E. Shparlinski, On the distribution of the power generator, Math.
Comput. 70 (2001), 1575–1589.
12. F. Griffin, H. Niederreiter, and I. E. Shparlinski, On the distribution of nonlinear recursive
congruential pseudorandom numbers of higher orders, in ‘‘Applied Algebra, Algebraic
Algorithms and Error-Correcting Codes’’ (M. Fossorier et al., Eds.), Lecture Notes in
Computer Science, Vol. 1719, pp. 87–93, Springer-Verlag, Berlin, 1999.
13. J. Gutierrez and D. Gomez-Perez, Iterations of multivariate polynomials and discrepancy
of pseudorandom numbers, in ‘‘Proceedings of the 14th Symp. on Applied Algebra,
Algebraic Algorithms and Error-Correcting Codes, 2001, Melbourne,’’ Lecture Notes in
Computer Science, Vol. 2227, pp. 192–199, Springer-Verlag, Berlin, 2001.
14. J. Gutierrez, H. Niederreiter, and I. E. Shparlinski, On the multidimensional distribution of
inversive congruential pseudorandom numbers in parts of the period, Monatsh. Math. 129
(2000), 31–36.
15. D. Ismoilov, Estimates for complete trigonometric sums, Trudy Mat. Inst. Steklov.
207 (1994), 153–171 (in Russian).
16. D. Ismoilov, On a method of Hua Loo-Keng of estimating complete trigonometric sums,
Adv. in Math. (China) 23 (1994), 31–49.
17. R. Lidl and H. Niederreiter, Finite fields and their applications, in ‘‘Handbook of Algebra’’
(M. Hazewinkel, Ed.), Vol. 1, pp. 321–363, Elsevier, Amsterdam, 1996.
18. H. Niederreiter, The serial test for congruential pseudorandom numbers generated by
inversions, Math. Comput. 52 (1989), 135–144.
INVERSIVE PSEUDORANDOM NUMBERS 503
19. H. Niederreiter, ‘‘Random Number Generation and Quasi-Monte Carlo Methods,’’ SIAM,
Philadelphia, 1992.
20. H. Niederreiter, Finite fields, pseudorandom numbers, and quasirandom points, in ‘‘Finite
Fields, Coding Theory, and Advances in Communications and Computing’’ (G. L. Mullen
and P.J.-S. Shiue, Eds.), pp. 375–394, Marcel Dekker, New York, 1993.
21. H. Niederreiter, Pseudorandom vector generation by the inversive method, ACM Trans.
Model. Comput. Simul. 4 (1994), 191–212.
22. H. Niederreiter, New developments in uniform pseudorandom number and vector
generation, in ‘‘Monte Carlo and Quasi-Monte Carlo Methods in Scientific Computing’’
(H. Niederreiter and P. J.-S. Shiue, Eds.), Lecture Notes in Statistics, Vol. 106, pp. 87–120,
Springer-Verlag, New York, 1995.
23. H. Niederreiter, Design and analysis of nonlinear pseudorandom number generators,
in ‘‘Monte Carlo Simulation’’ (G. I. Schu.eeller and P. D. Spanos, Eds.), pp. 3–9,
A. A. Balkema Publishers, Rotterdam, 2001.
24. H. Niederreiter and I. E. Shparlinski, On the distribution and lattice structure of nonlinear
congruential pseudorandom numbers, Finite Fields Appl. 5 (1999), 246–253.
25. H. Niederreiter and I. E. Shparlinski, Exponential sums and the distribution of inversive
congruential pseudorandom numbers with prime-power modulus, Acta Arith. 92 (2000),
89–98.
26. H. Niederreiter and I. E. Shparlinski, On the distribution of pseudorandom numbers and
vectors generated by inversive methods, Appl. Algebra Eng. Comm. Comput. 10 (2000), 189–
202.
27. H. Niederreiter and I. E. Shparlinski, On the distribution of inversive congruential
pseudorandom numbers in parts of the period, Math. Comput. 70 (2001), 1569–1574.
28. H. Niederreiter and I. E. Shparlinski, Recent advances in the theory of nonlinear
pseudorandom number generators, in ‘‘Monte Carlo and Quasi-Monte Carlo Methods
2000’’ (K.-T. Fang, F. J. Hickernell, and H. Niederreiter, Eds.), pp. 86–102, Springer-
Verlag, Berlin, 2002.
29. H. Niederreiter and A. Winterhof, Incomplete exponential sums over finite fields and their
applications to new inversive pseudorandom number generators, Acta Arith. 93 (2000),
387–399.
30. H. Niederreiter and A. Winterhof, On the distribution of compound inversive congruential
pseudorandom numbers, Monatsh. Math. 132 (2001), 35–48.
31. H. Niederreiter and A. Winterhof, On a new class of inversive pseudorandom numbers for
parallelized simulation methods, Period. Math. Hungar. 42 (2001), 77–87.
32. S. B. Ste$cckin, An estimate of a complete rational trigonometric sum, Trudy Mat. Inst.
Steklov. 143 (1977), 188–207 (in Russian).
