 # An Efficient Version of the Bombieri-Vaaler Lemma

In their celebrated paper "On Siegel's Lemma", Bombieri and Vaaler found an upper bound on the height of integer solutions of systems of linear Diophantine equations. Calculating the bound directly, however, requires exponential time. In this paper, we present the bound in a different form that can be computed in polynomial time. We also give an elementary (and arguably simpler) proof for the bound.

## Authors

##### This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

## 1. Introduction

Solving Diophantine equations is at the heart of mathematics. It has applications in many branches of mathematics and computer science. The basic problem in the Diophantine theory is to solve a system of linear Diophantine equations.

###### Definition 1.1.

The system of linear Diophantine equations with integer coefficient matrix is

 (1.1.1) AXT=0

where

is the transpose of the vector

of variables. The goal is to find solutions in the ring of integers.

The system obviously has the zero solution . The fundamental problem in the Diophantine approximation theory [Ca] asks how small a nonzero integer solution can be. It is also related to the shortest vector problem (SVP) in computational lattice theory [MG]. Siegel showed the following bound.

###### Theorem 1.2 ([Si29]).

System 1.1.1 has a nonzero integer solution such that

 maxi|xi|≤1+(na)kn−k,

where is an upper bound for absolute coefficients in .

Working on the adèles, Bombieri and Vaaler applied the techniques from Geometry of Numbers, and improved Siegel’s bound.

###### Theorem 1.3 ([Bv83]).

Suppose that has full row rank . System 1.1.1 has a nonzero integer solution such that

 maxi|xi|≤(D−1√det(A⋅AT))1n−k,

where is the greatest common divisor (G.C.D.) of determinants of all minors of .

They also proved a stronger version of Theorem 1.3, similar to Minkowski’s second theorem for successive minima.

###### Theorem 1.4 ([Bv83]).

With the same hypotheses in Theorem 1.3, System 1.1.1 has linear independent integer solutions such that

 ∏1≤j≤n−kmaxi|xj,i|≤D−1√det(A⋅AT),

where is the G.C.D. of determinants of all minors of .

To compute directly, one has to find determinants of all square matrices which would take exponential time, e.g., when . In this paper, we will prove an efficient verison of Bombieri and Vaaler’s bounds. We work on lattices generated by and the corresponding kernel lattice, and resort only to the basic facts in linear algebra.

###### Definition 1.5.

An (integer) lattice is an additive subgroup of . A family of vectors is called a basis of the lattice if every vector has the unique representation

 v=k∑i=1civi,for someci∈Z.

Here, we call and the rank and the dimension of the lattice respectively. We also say that the lattice is generated by , and call the matrix with rows a basis matrix for .

The determinant of a lattice plays an important role in the lattice theory. It is an invariant of a lattice independently of the choices of basis matrices.

###### Definition 1.6.

Let be a lattice with a basis matrix . The determinant of the lattice is defined to be

 det(Λ)=√det(A⋅AT).

It is also called the volume of the lattice.

## 2. Our results

We now define the kernel lattice. One can contrast it with the better-known dual lattice.

###### Definition 2.1.

The integer solutions of System 1.1.1 forms an additive group. It is called the kernel lattice of , and it is denoted by .

It is well known that the determinant of the dual lattice equals to the inverse of the determinant of the original lattice. Furthermore if we take the dual of a dual lattice, we will get back to the original lattice. However, it is not true for kernel lattices. In the other words, may not be equal to . For example, consider the lattice in generated by the vector . Its kernel lattice is generated by the vector , whose kernel lattice is generated by . Nevertheless it is always true that for any integer lattice ,

 Λ0=((Λ0)0)0.

First we introduce some notations:

###### Notation 2.2.

Let be an integer matrix. Denote the lattices generated by rows and columns of by and , respectively.

So the basis matrix of the lattice is if rows of are linear independent over . To study the determinant of the kernel lattice, we define

###### Definition 2.3.

Let be the lattice with a basis matrix . The normalized determinant of , denoted by , is defined to be

 (2.3.1) NormDet(Λ)=det(LR(A))det(LC(A)).

It is easy to see that the definition of normalized determination is independent of the choices of basis matrix . Furthermore, the definition can be extended to with coefficients in rational numbers . The main contribution of this paper is to relate the determinant of kernel lattice with the normalized determinant.

###### Theorem 2.4.

Let be an integer lattice and be its kernel lattice. Then

 (2.4.1) det(Λ0)=NormDet(Λ).

So the normalized determinant can be viewed as the determinant of its kernel lattice. The following theorem shows that the normalized determinant is invariant under the kernel operation.

###### Theorem 2.5.

Let and be two integer matrices of full row rank such that . Then we have

 NormDet(LR(A))=NormDet(LR(B)).

Now applying Vaaler’s cube slicing inequality [Va] and Minkowski’s theorems [Da] on the integer solution lattice of Diophantine System 1.1.1,

###### Theorem 2.6.

Suppose that has full row rank and is the lattice generated by rows of . System 1.1.1 has a nonzero integer solution such that

 maxi|xi|≤NormDet(Λ)1n−k.

Moreover, System 1.1.1 has linear independent integer solutions such that

 ∏jmaxi|xj,i|≤NormDet(Λ).

Finally, to recover Bombieri and Vaaler’s theorems 1.3 and 1.4, we only need to show that

###### Theorem 2.7.

Suppose that has full row rank . Denote by the G.C.D. of determinants of all minors of . Then we have

 det(LC(A))=D.
###### Remark 2.8.

From the computational aspect, there is a polynomial time algorithm to compute , while computing takes exponential time as one needs to compute determinants of -minors of and then take the G.C.D.. Using G.C.D. of determinants of all full-rank minors of to bound the solution of 1.1.1 was rediscovered in [BR], which extends the special case where the G.C.D is one in [HB].

## 3. Proofs

In this section, we give proofs of Theorems 2.5 and 2.7. We first review the definition of the Hermite Normal Form and prove a simple technical lemma.

###### Definition 3.1.

For any matrix , there is a square unimodular matrix such that is of the form:

• is lower triangle, i.e., for all .

• The leading coefficient of a nonzero column is positive and for all .

• Zero columns are arranged on the right.

We call is the column Hermite Normal Form (HNF) of .

###### Lemma 3.2.

Let be the lattice with a basis matrix and be its kernel lattice. Suppose that columns of has the HNF , i.e.,

 A⋅U=(HA|0k×(n−k))

for some unimodular matrix , where denotes the zero matrix and blocks , respectively. Then we have

1. The determinant of column lattice is

 det(LC(A))=det(HA).

Moreover, it is invariant under multiplication by an invertible integer matrix on the left of . So, it is independent of the choices of basis matrices for .

2. The matrix is a basis matrix of the kernel lattice of , and

 NormDet(Λ)=det((Λ0)0).
3. Rows of form a basis for the lattice .

###### Remark 3.3.

We call the normalized lattice of , whose basis matrix can be calculated as .

###### Proof.

(1) From the definition of HNF, it is clear that columns of form a basis for the column lattice . So it follows the equality . For the later statement, one can deduce it from Theorem 2.7.

(2) One proof uses dual lattice, which explains where comes from. Since rows of form an -basis for the kernel space of , the kernel lattice of is

 Span(A)∩Zn,

where denotes the -vector space generated by rows of . To determine the kernel lattice of , it only needs to decide which vector satisfies

 (y1,⋯,yk)⋅A∈Zn.

The set of such vectors ’s forms the dual lattice of column lattice . And we know that columns in is a basis for . So by the formula for basis of dual lattice [MG], is a basis matrix for the dual lattice. Hence, is a basis matrix of the kernel lattice of , and

 det((Λ0)0)=det(LR(H−1A⋅A))=√det(H−1AA⋅(H−1A⋅A)T) = √det(H−1AA⋅AT⋅(H−1A)T)=√det(A⋅AT)det(HA).

Another proof is more direct. Since , we have

 H−1A⋅A=(Ik|0k×(n−k))⋅U−1∈Zk×n,

where is the identity matrix. As is unimodular, rows of form a subset of a basis for lattice , which is called primitive in [Ca]. The lattice generated by rows of can not be a proper sublattice of another (integer) lattice in the kernel space of . So rows of form a basis of the kernel lattice of .

(3) Diophantine System 1.1.1 is equivalent to

 (A⋅U)⋅(U−1⋅XT)=0,

or

 (HA|0k×(n−k))⋅(U−1⋅XT)=0.

Therefore, we get a -basis matrix for the solution space of

 C=(0(n−k)×k|In−k)⋅UT=(UT2,1,UT2,2),

where denotes the identity matrix. Using the same argument in the proof of the statement (2), one can prove that

 C=(UT2,1,UT2,2)

indeed form a basis matrix for the lattice . ∎

Now, we prove Theorems 2.4,  2.5 and 2.7.

###### Proof of Theorem 2.4.

Without loss of generality, we may assume the first columns of are linearly independent. Suppose that is the column HNF of and is the unimodular transformation matrix. That is,

 {A1⋅U1,1+A2⋅U1,2=HAA1⋅U2,1+A2⋅U2,2=0k×(n−k).

By Lemma 3.2(3) we get a basis matrix for the kernel lattice

 C=(UT2,1,UT2,2).

So

 det(Λ0)2=det(C⋅CT)=det(UT2,1⋅U2,1+UT2,2⋅U2,2).

From the assumption that , we have

 U2,1=−A−11⋅A2⋅U2,2.

So

 det(Λ0)2 =det(UT2,2(A−11⋅A2)T⋅A−11⋅A2⋅U2,2+UT2,2⋅U2,2) =det(U2,2)2det(In−k+(A−11⋅A2)T⋅A−11⋅A2) (3.3.1) =det(U2,2)2det(Ik+A−11⋅A2⋅(A−11⋅A2)T) =det(U2,2)2det(Ik+A−11⋅A2⋅AT2⋅(AT1)−1) =det(U2,2)2det(A1)2det(A1⋅AT1+A2⋅AT2) =det(U2,2)2det(A1)2det(A⋅AT) (3.3.2) =det(A⋅AT)det(HA)2 (3.3.3) =NormDet(Λ)2.

Equality 3.3.1 follows from Sylvester’s determinant identity (see Remark 3.4). Equality 3.3.2 follows from taking determinants of both sides of the equality:

 (A1A20In−k)(U1,1U2,1U1,2U2,2)=(HA0U1,2U2,2),

and is unimodular. And Equality 3.3.3 follows from the definition and Lemma 3.2(1). ∎

###### Remark 3.4.

The Sylvester’s determinant identity states that for any matrices and

 det(Is+A⋅B)=det(It+B⋅A).

The proof can be found in many places, e.g. [AAM].

###### Proof of Theorem 2.5.

Denote . By Theorem 2.4,

 NormDet(LR(B))=det((LR(B))0)=det((Λ0)0).

On the other hand, we have already showed that equals the determinant of the kernel lattice of by statements (1) and (2) of Lemma 3.2, i.e.,

 NormDet(Λ)=det((Λ0)0).

So

 NormDet(LR(A))=NormDet(LR(B)).

###### Proof of Theorem 2.7.

For any integer matrix , let denote the G.C.D of the determinants of all minors. We claim that if an integer matrix is the result of an integer elementary column operation from , then . It is obviously true if the operation is a column switching, or a column multiplication (by an integer). The remaining case is a column addition. In this case, the determinant of a minor of is an integral linear combination of determinants of some minors of . So again we have .

For an integer matrix , after a sequence of invertible integer column operations, we can obtain of a matrix of form We have , and

 D(A)|D((HA|0k×(n−k)))\ and\ D((HA|0k×(n−k)))|D(A).

So . ∎

## Acknowledgment

Jun Zhang is supported by the National Natural Science Foundation of China No. 11601350, by Scientific Research Project of Beijing Municipal Education Commission under Grant No. KM201710028001, by Beijing outstanding talent training program No.2014000020124G140 and by China Scholarship Council. He would like to thank University of Oklahoma for the hospitality during his visit. Qi Cheng is supported by China 973 program No. 2013CB834201 and by US NSF No. CCF-1409294.

## References

• [AAM] A.G. Akritas, E.K. Akritas and G.I. Malaschonok, Various proofs of Sylvester’s (determinant) identity, Mathematics and Computers in Simulation 42(4), 585-593, 1996.
• [BV] E. Bombieri and J. Vaaler, On Siegel’s lemma, Inventiones Mathematicae 73, 11-32, 1983.
• [BR] J. Brüdern and R. Dietmann, Random Diophantine equations, I, Advances in Mathematics 256, 18-45, 2014.
• [Ca] J. Cassels, An introduction to Diophantine approximation, Cambridge Tracts in Mathematics and Mathematical Physics, No. 45, Cambridge University Press, New York, 1957.
• [Da] H. Davenport, Minkowski’s inequality for the minima associated with a convex body, Quarterly Journal of Mathematics Oxford 10, 119-121, 1939.
• [HB] D.R. Heath-Brown, Diophantine approximation with square-free numbers, Mathematische Zeitschrift 187(3), 335-44, 1984.
• [MG] D. Micciancio, S. Goldwasser, Complexity of Lattice Problems: A Cryptographic Perspective, Kluwer Academic Publishers, Boston, Massachusetts, 2002.
• [MW] D. Micciancio and B. Warinschi, A linear space algorithm for computing the hermite normal form. In Proceedings of the 2001 International Symposium on Symbolic and Algebraic Computation (ISSAC ’01), ACM, New York, NY, USA, 231-236, 2001.
• [Si] C.L. Siegel, Über einige Anwendungen diophantischer Approximationen. Abhandlungen der Preußischen Akademie der Wissenschaften. Physikalisch-mathematische Klasse 1929, Nr.1.
• [Va] J. Vaaler, A geometric inequality with applications to linear forms, Pacific Journal of Mathematics 83, 543-553, 1979.