1 Introduction

Given an algorithm that computes a polynomial map over a field \(\mathbf {k}\) (or a family of such polynomial maps, with entries of length going to infinity), one is usually interested in the (asymptotic) cost of the algorithm. In order to understand this cost, one studies the complexity of the algorithm, i.e. the number of operations needed by the algorithm. We can for example count the number of bit operations, or the number of algebraic operations \((+, \times )\) in \(\mathbf {k}\). The latter is called the algebraic complexity and in this model it is supposed that all algebraic operations have the same cost. Nevertheless, multiplication of two variable quantities in \(\mathbf {k}\) is arguably more expensive than addition, or than multiplication of a variable by a fixed constant. In the context of the computation of bilinear maps, extensive work has been done to reduce the number of two-variable multiplications involved. Notable examples are Karatsuba’s algorithm [11] and Strassen’s algorithm [19]. Karatsuba’s algorithm is based on the fact that the bilinear map associated to the product of two polynomials of degree 1

$$ A = a_1 X + a_0\text { and }B = b_1 X + b_0 $$

can be computed with three products \(a_0b_0, (a_0+a_1)(b_0+b_1), a_1b_1\) instead of the four classic ones \(a_0b_0, a_0b_1, a_1b_0, a_1b_1\). Strassen’s algorithm exploits a similar idea in the case of \(2\times 2\) matrices: only 7 products are used instead of 8 in order to compute a matrix product. Both these algorithms have very practical consequences. The bilinear complexity \(\mu (\varPhi )\) of a bilinear map \(\varPhi \) over \(\mathbf {k}\) represents the minimum number of two-variable multiplications in a formula that computes \(\varPhi \), discarding the cost of other operations such as addition or multiplication by a constant. In particular when \(\mathcal {A}\) is a finite dimensional algebra over \(\mathbf {k}\), we define the bilinear complexity of \(\mathcal {A}\) as \(\mu (\mathcal {A}/\mathbf {k})=\mu (m_{\mathcal {A}})\) where \(m_{\mathcal {A}}:\mathcal {A}\times \mathcal {A}\rightarrow \mathcal {A}\) is the multiplication map in \(\mathcal {A}\) seen as a \(\mathbf {k}\)-bilinear map.

Let \(\mathbf {k}^{2\times 2}\) be the algebra of \(2\times 2\) matrices over \(\mathbf {k}\). We know thanks to Strassen’s algorithm that

$$ \mu (\mathbf {k}^{2\times 2}/\mathbf {k}) \le 7. $$

In fact, this is optimal, so we have exactly \(\mu (\mathbf {k}^{2\times 2}/\mathbf {k})=7\) [20, Thm. 3.1]. In general, it seems to be hard to find the bilinear complexity of a given algebra, for example the bilinear complexity of \(\mathbf {k}^{3\times 3}\) is not known. In the literature, work has been done both to algorithmically find the bilinear complexity of small algebras [5, 10] and to understand how the bilinear complexity asymptotically grows [2, 9]. Chudnovsky and Chudnovsky proved in 1988 that the bilinear complexity of an extension field \(\mathbb {F}_{q^k}/\mathbb {F}_{q}\) is linear in the degree k of the extension, using an evaluation-interpolation method on curves. As the main contribution of this article, we investigate both questions for trisymmetric bilinear complexity, and solve a certain number of the open problems stated in [2, §5.2].

When a bilinear map admits certain invariance properties, it can be interesting, both for theoretical and for practical reasons, to find formulae for it that exhibit these same properties. For symmetric bilinear maps, and in particular for commutative algebras, this leads to the notion of symmetric bilinear complexity. A further refinement, the trisymmetric bilinear complexity of \(\mathbb {F}_{q^k}\) over \(\mathbb {F}_{q}\), was first introduced in [16], and rediscovered independently in [14, App. A].

In Sect. 2 we recall the definition of symmetric and trisymmetric formulae, and discuss further generalizations such as hypersymmetric formulae for higher multilinear maps, and Galois-invariant formulae. In Sect. 3 we describe algorithms to compute trisymmetric decompositions in small dimension. In all examples we were able to compute, the trisymmetric bilinear complexity is equal to the symmetric bilinear complexity. However we found an example where the Galois-invariant trisymmetric bilinear complexity is strictly larger. Finally, in Sect. 4, we prove that for all \(q\ge 3\), the trisymmetric bilinear complexity of an extension of \(\mathbb {F}_q\) is again linear in the degree, as well as similar results for higher multiplication maps.

2 Multiplication Formulae with Symmetries

Although we are mainly interested in bilinear multiplication formulae, the notions we will consider naturally involve higher multilinear maps.

Multilinear Complexity. Let \(\varPhi :V_1\times \cdots \times V_t\rightarrow W\) be a t-multilinear map between finite dimensional vector spaces over \(\mathbf {k}\). A multilinear algorithm, or multilinear decomposition, or multilinear formula of length n for \(\varPhi \) is a collection of linear forms \((\varphi _i^{(j)})_{\begin{array}{c} 1\le i \le n\\ 1\le j\le t \end{array}}\), where \(\varphi _i^{(j)}\) is in \(V_j^\vee \), the dual vector space of \(V_j\), and elements \((w_i)_{1\le i \le n}\) in W, such that for all \(v_1,\dots ,v_t\) we have

$$ \varPhi (v_1,\dots ,v_t)=\sum _{i=1}^{n}\varphi _i^{(1)}(v_1)\cdots \varphi _i^{(t)}(v_t)w_i. $$

The multilinear complexity \(\mu (\varPhi )\) is then defined as the smallest length n of such a decomposition. Equivalently, it is the rank of the tensor in \(V_1^\vee \otimes \dots \otimes V_t^\vee \otimes W\) corresponding to \(\varPhi \).

Symmetric Multilinear Complexity. When \(V_1=\cdots =V_t=V\) and \(\varPhi \) is a symmetric multilinear map, it is natural to search for symmetric multilinear decompositions, i.e. formulae of the form

$$\begin{aligned} \varPhi (v_1,\dots ,v_t)=\sum _{i=1}^{n}\varphi _i(v_1)\cdots \varphi _i(v_t)w_i \end{aligned}$$

with \(\varphi _i^{(1)}=\dots =\varphi _i^{(t)}=\varphi _i\in V^\vee \) for all i. It is more space-efficient, since symmetric formulae admit a shorter description. From an algorithmic point of view, it should also be simpler to find symmetric formulae, because the search space is smaller. We define \(\mu ^{\text {sym}}(\varPhi )\), the symmetric multilinear complexity of \(\varPhi \), as the minimal length n of such a symmetric decomposition, if it exists (otherwise we set \(\mu ^{\text {sym}}(\varPhi )=\infty \)).

In the case \(t=2\), a symmetric bilinear map always admits a symmetric decomposition. However, when \(t\ge 3\) and \(\mathbf {k}=\mathbb {F}_q\) is a finite field, this can fail. When \(t=3\) and \(q>2\), it is shown in [16, Lemma 7] that a symmetric trilinear map \(\varPhi \) over \(\mathbb {F}_q\) always admits a symmetric algorithm, while in the remaining case \(t=3\) and \(q=2\), as observed by Cascudo, a necessary condition is that \(\varPhi \) should satisfy \(\varPhi (x,x,y)=\varPhi (x,y,y)\) for all entries xy. These results were then combined and generalized into the following necessary and sufficient criterion:

Theorem 1

([[14], Thm. A.7]). Let \(\varPhi :V^t\rightarrow W\) be a t-multilinear map between finite dimensional vector spaces over \(\mathbb {F}_q\). Then \(\varPhi \) admits a symmetric decomposition if and only if \(\varPhi \) is Frobenius-symmetric, i.e. if and only if it is symmetric and one of the following two conditions holds:

  • \(t\le q\)

  • \(t\ge q+1\) and for all \(u,v,z_1,\dots ,z_{t-q-1}\) in V,

Observe that this criterion involves the cardinality of the field, not its characteristic.

Trisymmetric and Hypersymmetric Complexity. Now suppose furthermore that \(V=W\), and that this space is equipped with a non-degenerate symmetric bilinear form, written as a scalar product

$$ \begin{array}{ccc} V\times V &{}\rightarrow &{}\mathbf {k}\\ (v,w)&{}\mapsto &{}\left\langle v,w\right\rangle . \end{array} $$

This allows to identify V and \(V^\vee \), i.e. any linear form \(\varphi \in V^\vee \) is of the form \(\varphi (x)=\left\langle a,x\right\rangle \) for a uniquely determined \(a\in V\). As a consequence, a symmetric decomposition for \(\varPhi :V^t\rightarrow V\) can also be described as the data of elements \((a_i)_{1\le i\le n}\) and \((b_i)_{1\le i\le n}\) in V such that for all \(v_1,\dots ,v_t\) in V, we have \(\varPhi (v_1,\dots ,v_t)=\sum _{i=1}^{n}\left\langle a_i,v_1\right\rangle \cdots \left\langle a_i,v_t\right\rangle b_i\). In order to have an even more compact description, one could ask for \(b_i\) to be proportional to \(a_i\), leading to the following:

Definition 1

Let V be a finite dimensional \(\mathbf {k}\)-vector space equipped with a scalar product, and \(\varPhi :V^t\rightarrow V\) a symmetric t-multilinear map. Then a hypersymmetric formula for \(\varPhi \) is the data of elements \((a_i)_{1\le i\le n}\) in V and scalars \((\lambda _i)_{1\le i\le n}\) in \(\mathbf {k}\) such that, for all \(v_1,\dots ,v_t\in V\),

$$ \varPhi (v_1,\dots ,v_t)=\sum _{i=1}^{n}\lambda _i\left\langle a_i,v_1\right\rangle \cdots \left\langle a_i,v_t\right\rangle a_i. $$

The hypersymmetric complexity \(\mu ^{\text {hyp}}(\varPhi )\) is then the minimal length n of such a hypersymmetric decomposition, if it exists. Obviously we always have \(\mu ^{\text {sym}}(\varPhi )\le \mu ^{\text {hyp}}(\varPhi )\).

When \(t=2\), we will say trisymmetric for hypersymmetric, and write \(\mu ^{\text {tri}}(\varPhi )\) for \(\mu ^{\text {hyp}}(\varPhi )\).

As a further motivation, observe that to any t-multilinear map \(\varPhi :V^t\rightarrow V\) one can associate a \((t+1)\)-multilinear form \(\widetilde{\varPhi }:V^{t+1}\rightarrow \mathbf {k}\), defined by

$$ \widetilde{\varPhi }(v_1,\dots ,v_t,v_{t+1})=\left\langle \varPhi (v_1,\dots ,v_t),v_{t+1}\right\rangle . $$

We then say that \(\varPhi \) is hypersymmetric (as a t-multilinear map) if \(\widetilde{\varPhi }\) is symmetric (as a \((t+1)\)-multilinear form). It is easily seen that \(\varPhi \) hypersymmetric is a necessary condition for it to admit a hypersymmetric decomposition, and more precisely:

Lemma 1

Elements \((a_i)_{1\le i\le n}\) in V and scalars \((\lambda _i)_{1\le i\le n}\) in \(\mathbf {k}\) define a hypersymmetric formula for the t-multilinear map \(\varPhi \),

$$ \varPhi (v_1,\dots ,v_t)=\sum _{i=1}^{n}\lambda _i\left\langle a_i,v_1\right\rangle \cdots \left\langle a_i,v_t\right\rangle a_i, $$

if and only if they define a symmetric formula for the \((t+1)\)-multilinear form \(\widetilde{\varPhi }\),

$$ \widetilde{\varPhi }(v_1,\dots ,v_s,v_{t+1})=\sum _{i=1}^{n}\lambda _i\left\langle a_i,v_1\right\rangle \cdots \left\langle a_i,v_t\right\rangle \left\langle a_i,v_{t+1}\right\rangle . $$

Thus, \(\varPhi \) admits a hypersymmetric formula if and only if \(\widetilde{\varPhi }\) is Frobenius-symmetric (in the sense of Theorem 1), and we have

$$ \mu ^{\text {hyp}}(\varPhi )=\mu ^{\text {sym}}\left( \widetilde{\varPhi }\right) . $$

In particular, if \(q\ge t+1\), then any hypersymmetric t-multilinear map over \(\mathbb {F}_q\) admits a hypersymmetric formula.

Proof

For the only if part in the first assertion, take scalar product with \(v_{t+1}\). For the if part, use the fact that the scalar product is non-degenerate. The other assertions follow.    \(\square \)

Galois Invariance. Last we consider another type of symmetry. Let \(\sigma :v\mapsto v^\sigma \) be a \(\mathbf {k}\)-linear automorphism of V that respects the scalar product: \(\left\langle v^\sigma ,w^\sigma \right\rangle =\left\langle v,w\right\rangle \) for all vw in V.

Lemma 2

Let \(\varPhi :V^t\rightarrow V\) be a symmetric t-multilinear map that is compatible with \(\sigma \), i.e.

$$ \varPhi (v_1^\sigma ,\dots ,v_t^\sigma )=\varPhi (v_1,\dots ,v_t)^\sigma $$

for all \(v_1,\dots ,v_t\) in V, and let \((a_i)_{1\le i\le n}\) and \((b_i)_{1\le i\le n}\) in V define a symmetric formula for \(\varPhi \),

$$ \varPhi (v_1,\dots ,v_t)=\sum _{i=1}^{n}\left\langle a_i,v_1\right\rangle \cdots \left\langle a_i,v_t\right\rangle b_i. $$

Then \((a_i^\sigma )_{1\le i\le n}\) and \((b_i^\sigma )_{1\le i\le n}\) also define a symmetric formula for \(\varPhi \),

$$ \varPhi (v_1,\dots ,v_t)=\sum _{i=1}^{n}\left\langle a_i^\sigma ,v_1\right\rangle \cdots \left\langle a_i^\sigma ,v_t\right\rangle b_i^\sigma . $$

Proof

Write \(\varPhi (v_1,\dots ,v_t)=\varPhi (v_1^{\sigma ^{-1}},\dots ,v_t^{\sigma ^{-1}})^\sigma \) and apply the formula.    \(\square \)

We then say that the symmetric formula given by \((a_i)_{1\le i\le n}\) and \((b_i)_{1\le i\le n}\) is \(\sigma \)-invariant if it is the same as the formula given by \((a_i^\sigma )_{1\le i\le n}\) and \((b_i^\sigma )_{1\le i\le n}\), i.e. if there is a permutation \(\pi \) of \(\{1,\dots ,n\}\) such that \((a_i^\sigma ,b_i^\sigma )=(a_{\pi (i)},b_{\pi (i)})\) for all i. This applies also to hypersymmetric formulae, setting \(b_i=\lambda _i a_i\).

If G is a group of \(\mathbf {k}\)-linear automorphisms of V that respect the scalar product, and if \(\varPhi :V^t\rightarrow V\) is a symmetric t-multilinear map that is compatible with all elements in G, we then define \(\mu ^{\text {sym},G}(\varPhi )\) (resp. \(\mu ^{\text {hyp},G}(\varPhi )\)), the G-invariant symmetric (resp. hypersymmetric) multilinear complexity of \(\varPhi \), as the minimal length n of a symmetric (resp. hypersymmetric) multilinear formula for \(\varPhi \) that is G-invariant, i.e. \(\sigma \)-invariant for all \(\sigma \) in G.

Multiplication Formulae in Algebras. Let \(\mathcal {A}\) be a finite dimensional commutative algebra over \(\mathbf {k}\). We say a linear form \(\tau :\mathcal {A}\rightarrow \mathbf {k}\) is trace-like if the symmetric bilinear form \(\mathcal {A}\times \mathcal {A}\rightarrow \mathbf {k}\), \((x,y)\mapsto \tau (xy)\) is non-degenerate. If so, we set \(\left\langle x,y\right\rangle =\tau (xy)\), which defines a scalar product on \(\mathcal {A}\). In this work we will take \(\mathbf {k}=\mathbb {F}_q\), and either:

  • \(\mathcal {A}=\mathbb {F}_{q^k}\) a finite field extension, and \(\tau =\text {Tr}_{\mathbb {F}_{q^k}/\mathbb {F}_q}\) the usual trace map; indeed it is well known that the trace bilinear form \(\left\langle x,y\right\rangle =\text {Tr}_{\mathbb {F}_{q^k}/\mathbb {F}_q}(xy)\) is non-degenerate

  • \(\mathcal {A}=\mathbb {F}_q[T]/(T^k)\) an algebra of truncated polynomials, and \(\tau \) defined by \(\tau (x)=x_{k-1}\) for \(x=x_0+x_1T+\dots +x_{k-1}T^{k-1}\) in \(\mathcal {A}\); indeed, observe that for \(x=x_0+x_1T+\dots +x_{k-1}T^{k-1}\), \(y=y_0+y_1T+\dots +y_{k-1}T^{k-1}\), we then have \(\left\langle x,y\right\rangle =\tau (xy)=x_0y_{k-1}+x_1y_{k-2}+\dots +x_{k-1}y_0\), which is non-degenerate.

Let \(\varPhi :\mathcal {A}\times \mathcal {A}\rightarrow \mathcal {A}\) be the multiplication map, \(\varPhi (x,y)=xy\). It is easily seen that \(\varPhi \) is trisymmetric. Indeed \(\widetilde{\varPhi }\) is the trilinear form \(x,y,z\mapsto \tau (xyz)\), which is symmetric. A symmetric bilinear multiplication formula for \(\mathcal {A}\) is thus the data of \((a_i)_{1\le i\le n}\) in \(\mathcal {A}\) and \((\varphi _i)_{1\le i\le n}\) in \(\mathcal {A}^\vee \) such that

$$\begin{aligned} \forall x, y\in \mathcal {A},\;xy = \sum _{i=1}^{n}\varphi _i(x)\varphi _i(y)a_i, \end{aligned}$$
(1)

and a trisymmetric formula is the data of \((a_i)_{1\le i\le n}\) in \(\mathcal {A}\) and \((\lambda _i)_{1\le i\le n}\) in \(\mathbb {F}_q\) such that

$$\begin{aligned} \forall x, y\in \mathcal {A},\;xy = \sum _{i=1}^{n}\lambda _i\left\langle a_i,x\right\rangle \left\langle a_i,y\right\rangle a_i. \end{aligned}$$
(2)

We will write \(\mu _q(k)\) (resp. \(\hat{\mu }_q(k)\)) for the bilinear complexity of multiplication in \(\mathbb {F}_{q^k}\) (resp. in \(\mathbb {F}_q[T]/(T^k)\)) over \(\mathbb {F}_q\), and we will write likewise \(\mu ^{\text {sym}}_q(k)\), \(\hat{\mu }^{\text {sym}}_q(k)\), \(\mu ^{\text {tri}}_q(k)\), \(\hat{\mu }^{\text {tri}}_q(k)\), \(\mu ^{\text {sym},G}_q(k)\), \(\hat{\mu }^{\text {sym},G}_q(k)\), \(\mu ^{\text {tri},G}_q(k)\), \(\hat{\mu }^{\text {tri},G}_q(k)\), etc. for the similar quantities with the corresponding symmetry conditions.

For \(q\ge 3\) we have \(\mu ^{\text {tri}}_q(k)<\infty \) and \(\hat{\mu }^{\text {tri}}_q(k)<\infty \) for all k, while for \(q=2\) we have \(\mu ^{\text {tri}}_2(1)=\hat{\mu }^{\text {tri}}_2(1)=1\) and \(\mu ^{\text {tri}}_2(2)=3\), but \(\mu ^{\text {tri}}_2(k)=\infty \) for \(k\ge 3\) and \(\hat{\mu }^{\text {tri}}_2(k)=\infty \) for \(k\ge 2\). This follows essentially from Theorem 1 and Lemma 1 (see also [14, Prop. A.14]).

Obviously we have \(\mu _q(k)\le \mu ^{\text {sym}}_q(k)\le \mu ^{\text {tri}}_q(k)\) and \(\hat{\mu }_q(k)\le \hat{\mu }^{\text {sym}}_q(k)\le \hat{\mu }^{\text {tri}}_q(k)\) for all q and k. But when all these quantities are finite, e.g. when \(q\ge 3\), no example of strict inequality is known.

In the other direction, when \(q\ge 4\) is not divisible by 3, [16, Thm. 2] gives \(\mu ^{\text {tri}}_q(k)\le 4\mu ^{\text {sym}}_q(k)\) and \(\hat{\mu }^{\text {tri}}_q(k)\le 4\hat{\mu }^{\text {sym}}_q(k)\). This allows to translate the many known upper bounds on symmetric complexity [2] into upper bounds on trisymmetric complexity. However the resulting upper bounds do not seem to be tight, so it would be desirable to have better estimates, and especially upper bounds that work also for q divisible by 3.

3 Finding Trisymmetric Decompositions

Algorithmic Search. Barbulescu et al. [5] and later Covanov [10] found clever ways of exhaustively searching for formulae for (symmetric) bilinear maps. Their method eliminates redundancy in the search but strongly relies on the fact that the vectors \(a_i\in \mathcal {A}\) in the symmetric formulae (1) can be chosen independently of the linear forms \(\varphi _i\in \mathcal {A}^\vee \), which is no longer the case when searching for trisymmetric decompositions. For this reason, we use another method that is once again a variant of an exhaustive search and thus still leads to an exponential complexity algorithm. Let \(\varPhi \) be the two-variable product in \(\mathcal {A}\). Recall that we are looking for a trisymmetric decomposition:

$$ \forall x, y\in \mathcal {A},\,\varPhi (x, y) = xy = \sum _{i=1}^{n}\lambda _i\left\langle x,a_i\right\rangle \left\langle y,a_i\right\rangle a_i, $$

with \(a_i\in \mathcal {A}\) and \(\lambda _i\in \mathbf {k}\) for all \(1\le i \le n\). Because we are allowed to use scalars \(\lambda _i\in \mathbf {k}\), we can limit our search to “normalized” elements in \(\mathcal {A}\), as follows. Choose a basis of \(\mathcal {A}\), which gives an identification \(\mathcal {A}\simeq \mathbf {k}^k\) as vector spaces. Then for all \(1\le i\le k\), let

$$ \mathcal {E}_i=\left\{ x=(x_1, \dots , x_k)\in \mathcal {A}\simeq \mathbf {k}^k \,|\, \forall j\le i-1,\,x_j=0\text { and }x_i=1 \right\} $$

and

$$ \mathcal {E}= \bigcup _{i=1}^k\mathcal {E}_i. $$

We search for elements \(a_i\) in \(\mathcal {E}\) instead of \(\mathcal {A}\). We further use the vector space structure of \(\mathcal {A}\) by searching for solutions on each coordinate. Let

$$ xy = (\pi _1(x, y), \dots , \pi _k(x, y))\in \mathcal {A}\simeq \mathbf {k}^k, $$

where, for all \(1\le i\le k\), \(\pi _i\) is the bilinear form corresponding to the i-th coordinate of the product in \(\mathbb {F}_{p^k}\). In other words,

$$ \varPhi = (\pi _1, \dots , \pi _k). $$

We let \(\mathcal {B}\) be the space of bilinear forms on \(\mathcal {A}\) and we let \(f\) be the application mapping an element in \(\mathcal {A}\) to its associated bilinear symmetric form:

$$ \begin{array}{cccc} f: &{} \mathcal {A}&{} \rightarrow &{} \mathcal {B}\\ &{} a &{} \mapsto &{} (x, y)\mapsto \left\langle x,a\right\rangle \left\langle y,a\right\rangle . \end{array} $$

We then search for elements \(a_1, \dots , a_{n_1}\) in \(\mathcal {E}_1\) and \(\lambda _1, \dots , \lambda _{n_1}\) in \(\mathbf {k}\) such that

$$\begin{aligned} \pi _1 = \sum _{j=1}^{n_1}\lambda _jf(a_j), \end{aligned}$$
(3)

and we obtain

$$ \varPhi -\sum _{j=1}^{n_1}\lambda _jf(a_j)a_j = (0, \pi _2', \dots , \pi _k'), $$

where for \(2\le i \le k\), \(\pi _i'\) is some other bilinear form. We then continue the operation with \(\pi _2'\) and elements \(a_{n_1+1}, \dots , a_{n_2}\) in \(\mathcal {E}_2\), then with \(\pi _3''\) and elements in \(\mathcal {E}_3\), and so on. In the end, we have n elements \(a_1, \dots , a_n\in \mathcal {E}\) and \(\lambda _1, \dots , \lambda _n\in \mathbf {k}\) such that

$$ \varPhi = \sum _{j=1}^{n}\lambda _jf(a_j)a_j. $$

Now, there is left to see how we compute the elements \(a_1, \dots , a_{n_1}\in \mathcal {E}_1\) and \(\lambda _1, \dots , \lambda _{n_1}\in \mathbf {k}\) in order to obtain (3). Let \(r_1\) be the rank of \(\pi _1\). We know that the number \(n_1\) of elements in \(\mathcal {E}_1\) such that we have (3) is at least \(r_1\), but there also exist some trisymmetric decompositions where we need more than \(r_1\) elements. To find these elements, we search through elements \(a_1\in \mathcal {E}_1\) such that there exists \(\lambda _1\in \mathbf {k}\) with

$$ \text {rank}(\pi _1-\lambda _1f(a_1))<\text {rank}(\pi _1), $$

then, for each such \(a_1\in \mathcal {E}_1\), we search through elements \(a_2\in \mathcal {E}_1\) such that there exists \(\lambda _2\) with

$$ \text {rank}(\pi _1-\lambda _1f(a_1)-\lambda _2f(a_2))<\text {rank}(\pi _1-\lambda _1f(a_1)), $$

and so on, eliminating a lot of unsuitable elements along the way. This method allows us to find decompositions of \(\pi _1\) into a sum of exactly \(r_1\) bilinear forms of rank 1. In order to find decompositions containing \(r_1+m_1\) bilinear forms, we repeat the same process, except that we allow the rank not to decrease \(m_1\) times. Let \(m_j\) be the number of times we allow the rank not to decrease when dealing with the j-th coordinate in the algorithm. We let \(\mathcal {M}=(m_1, \dots , m_k)\) and we call margin this k-tuple. This strategy was implemented in the Julia programming language [1] and a package searching for trisymmetric decompositions is available onlineFootnote 1, along with the source code.

This allowed us to compute \(\mu ^{\text {tri}}_3(3)=6\), \(\mu ^{\text {tri}}_p(3)=5\) for all primes \(5\le p\le 257\), \(\mu ^{\text {tri}}_3(4)=9\), \(\mu ^{\text {tri}}_5(4)=8\), and \(\mu ^{\text {tri}}_p(4)=7\) for all primes \(7\le p\le 23\). Details about the computation can be found in Table 1, while examples of formulae obtained via our algorithm are given in Table 2 (actually the formulae in this table are normalized in the sense of [14, Def. A.16], i.e. they satisfy all \(\lambda _i=1\)).

Table 1. Algorithmic results with various degrees, base fields and margins.
Full size table

Galois Invariant Formulae. Let \(\mathcal {A}=\mathbb {F}_{q^k}\) and G be the cyclic group generated by \(\sigma \), the Frobenius automorphism over \(\mathbb {F}_{q}\). In order to find G-invariant decompositions, we exhaustively search through orbits in \(\mathbb {F}_{q^k}\), which is fast because the search space is smaller. This allows us to find Galois invariant trisymmetric formulae of length 11 for \(\mathbb {F}_{3^5}\), and of length 10 for \(\mathbb {F}_{5^5}\) and \(\mathbb {F}_{7^5}\). Joint with the obvious inequalities \(\mu _q(k)\le \mu ^{\text {sym}}_q(k)\le \mu ^{\text {tri}}_q(k)\le \mu ^{\text {tri},G}_q(k)\) and with known lower bounds from [2, Thm. 2.2] and [5], this gives \(10\le \mu _3(5)\le \mu ^{\text {sym}}_3(5)=\mu ^{\text {tri}}_3(5)=\mu ^{\text {tri},G}_3(5)=11\), \(\mu _5(5)=\mu ^{\text {sym}}_5(5)=\mu ^{\text {tri}}_5(5)=\mu ^{\text {tri},G}_5(5)=10\), and \(\mu _7(5)=\mu ^{\text {sym}}_7(5)=\mu ^{\text {tri}}_7(5)=\mu ^{\text {tri},G}_7(5)=10\). Some examples of Galois invariant formulae can be found in Table 2.

For \(q\ge 3\) we know no example where one of the inequalities in \(\mu _q(k)\le \mu ^{\text {sym}}_q(k)\le \mu ^{\text {tri}}_q(k)\) is strict. However, it turns out that the inequality with \(\mu ^{\text {tri},G}_q(k)\) can be strict. Indeed, let \(q=3\) and \(k=7\). In this setting our exhaustive search found no G-invariant decomposition of length up to 15. Since all orbits are of length 7, except the trivial orbit of length 1, the minimal length for a G-invariant decomposition is congruent to 0 or 1 modulo 7, so we deduce that it is at least 21. Furthermore, we know [2, table 2] that \(\mu ^{\text {sym}}_3(7)\le 19\), so we have

$$\begin{aligned} \mu _3(7)\le \mu ^{\text {sym}}_3(7)\le 19<21\le \mu ^{\text {tri},G}_3(7). \end{aligned}$$
Table 2. Examples of trisymmetric multiplication formulae (the first three are Galois invariant).
Full size table

Universal Formulae. As mentioned in Sect. 2, for \(q\ge 3\), we do not know any example of algebra \(\mathcal {A}=\mathbb {F}_{q^k}\) or \(\mathcal {A}=\mathbb {F}_{q}[T]/(T^k)\) where the bilinear complexity and the trisymmetric bilinear complexity are different. We can even prove that these quantities are the same in small dimension, by exhibiting trisymmetric universal formulae, i.e. trisymmetric decompositions that are true for (almost) any choice of \(q\ge 3\). In order to obtain such formulae, it is useful to change our point of view on the problem. Assume we want to compute a trisymmetric decomposition of the product \(\varPhi \) in \(\mathcal {A}\), a commutative algebra of degree k. After the choice of a basis of \(\mathcal {A}\) and a basis of the space \(\mathcal {B}\) of the bilinear forms on \(\mathcal {A}\), we can represent

$$ \varPhi =(\pi _1, \dots , \pi _k) $$

as a column vector B of length \(k^3\). The first \(k^2\) coordinates corresponding to \(\pi _1\), the next \(k^2\) coordinates corresponding to \(\pi _2\) and so on up to \(\pi _k\). Now, for each \(a\in \mathcal {E}\), we note

$$ \mathbf {f}(a) = a\otimes f(a), $$

where a is the column vector of length k corresponding to a in the basis of \(\mathcal {A}\), \(f(a)\) is the column vector of length \(k^2\) corresponding to \(f(a)\in \mathcal {B}\), and \(\otimes \) is the Kronecker product. With these notations, finding a trisymmetric decomposition of the product in \(\mathcal {A}\) is the same as finding elements \(a_1\dots , a_n\in \mathcal {E}\) and \(\lambda _1, \dots , \lambda _n\in \mathbf {k}\) with

$$ B = \sum _{j=1}^n \lambda _j\mathbf {f}(a). $$

Let A be the matrix which columns are the \(\mathbf {f}(a)\) for all \(a\in \mathcal {E}\), then the problem is to find a solution X of

$$ AX = B $$

with the smallest possible number of nonzero entries in X.

We first consider the case \(\mathcal {A}=\mathbb {F}_{q^2}\) over \(\mathbf {k}=\mathbb {F}_q\), where the characteristic of \(\mathbf {k}\) is not 2.

Proposition 1

For any odd q we have

$$ \mu _q(2) = \mu ^{\text {tri}}_q(2) = 3. $$

Proof

That \(\mu _q(2)=3\) follows e.g. from [2, Thm. 2.2]. In order to prove that \(\mu ^{\text {tri}}_q(2) = 3\), we find an universal trisymmetric formula of length 3. We know that we can find a non-square element \(\zeta \) in \(\mathbb {F}_q\), we can then define

$$ \mathbb {F}_{q^2}\cong \mathbb {F}_q[T]/(T^2-\zeta )=\mathbb {F}_{q}(\alpha ), $$

where \(\alpha =\bar{T}\) is the canonical generator of \(\mathbb {F}_{q^2}\). Let \(x = x_0 + x_1\alpha \) and \(y = y_0 + y_1\alpha \) be two elements of \(\mathbb {F}_{q^2}\), we have

$$ xy = (x_0+x_1\alpha )(y_0+y_1\alpha )=x_0y_0+\zeta x_1y_1 +(x_0y_1+x_1y_0)\alpha . $$

We can lift the matrix B coming from the multiplication formula, that has coefficients in \(\mathbb {F}_{q}\), to a matrix with coefficients in \(\mathbb {Q}(\zeta )\), where \(\zeta \) is an indeterminate. We can also lift the matrix A, because the map \(f\) (and therefore \(\mathbf {f}\)) has the same expression for all q not divisible by 2. Indeed, one can check that the map \(f\) is given by

$$ f(x_0+x_1\alpha )= \left( S \begin{bmatrix} x_0 \\ x_1 \end{bmatrix}\right) \left( S \begin{bmatrix} x_0 \\ x_1 \end{bmatrix}\right) ^\intercal = 4\begin{bmatrix} x_0^2 &{} \zeta x_0x_1 \\ \zeta x_0 x_1 &{} \zeta ^2 x_1^2 \end{bmatrix}. $$

where

$$ S = \begin{bmatrix} \left\langle \alpha ^i,\alpha ^j\right\rangle \end{bmatrix}_{0\le i, j\le 1} = \begin{bmatrix} \text {Tr}(\alpha ^{i+j}) \end{bmatrix}_{0\le i, j\le 1} = \begin{bmatrix} 2 &{} 0 \\ 0 &{} 2\zeta \end{bmatrix}. $$

We can then solve \(AX=B\) over \(\mathbb {Q}(\zeta )\) and finally check that

$$ B = (1-\zeta ^{-1})4^{-1}\mathbf {f}(1) + (8\zeta )^{-1}\mathbf {f}(1+\alpha )+(8\zeta )^{-1}\mathbf {f}(1-\alpha ), $$

so that the trisymmetric bilinear complexity of \(\mathbb {F}_{q^2}/\mathbb {F}_{q}\) is 3.    \(\square \)

Using the same strategy, we can also find universal formulae for another type of algebra \(\mathcal {A}= \mathbb {F}_{q}[T]/(T^k)\), namely the truncated polynomials. In that context, we first observe that we have

$$\begin{aligned} \hat{\mu }^{\text {tri}}_q(k)\ge \hat{\mu }_q(k)\ge 2k-1 \end{aligned}$$

for all q and k. Indeed this is a special case of [21, Thm. 4], which holds for any polynomial that is a power of an irreducible polynomial. Conversely we are able to find formulae for \(2\le k \le 4\) that match this lower bound.

Proposition 2

For any odd q we have

$$ \hat{\mu }^{\text {tri}}_q(2) = 3. $$

Proof

Let \(\mathcal {A}= \mathbb {F}_{q}[T]/(T^2) = \mathbb {F}_q[\alpha ]\) with \(\alpha =\bar{T}\), so \(\alpha ^2=0\). If \(x = x_0 + x_1\alpha \) and \(y = y_0 + y_1\alpha \) are two elements of \(\mathcal {A}\), we have

$$ xy = (x_0+x_1\alpha )(y_0+y_1\alpha )=x_0y_0+ (x_0y_1+x_1y_0)\alpha . $$

We can again construct the matrix B and A, and solve \(AX=B\), this time simply over \(\mathbb {Q}\). We obtain

$$ B = -\mathbf {f}(1) + 2^{-1}\mathbf {f}(1+\alpha )+2^{-1}\mathbf {f}(1-\alpha ) $$

so that the trisymmetric bilinear complexity of \(\mathcal {A}=\mathbb {F}_q[T]/(T^2)\) is at least 3, which concludes.    \(\square \)

Proposition 3

For any q not divisible by 2 nor 3 we have

$$ \hat{\mu }^{\text {tri}}_q(3) = 5\qquad \text {and}\qquad \hat{\mu }^{\text {tri}}_q(4) = 7. $$

Proof

We use the same notations as before. For \(\mathcal {A}=\mathbb {F}_{q}[T]/(T^3)\), we obtain

$$ B = -\mathbf {f}(1-\alpha -\alpha ^2)+3^{-1}\mathbf {f}(\alpha +2\alpha ^2) +2^{-1}\mathbf {f}(1-\alpha -2\alpha ^2) - 3^{-1}\mathbf {f}(\alpha -\alpha ^2) +2^{-1}\mathbf {f}(1-\alpha ). $$

Therefore the trisymmetric bilinear complexity of \(\mathcal {A}=\mathbb {F}_q[T]/(T^3)\) is 5.

Finally, for \(\mathcal {A}=\mathbb {F}_{q}[T]/(T^4)\), we obtain

The trisymmetric bilinear complexity of \(\mathcal {A}=\mathbb {F}_q[T]/(T^4)\) is then 7.    \(\square \)

4 Asymptotic Bounds

In this section, we work with \(\mathcal {A}=\mathbb {F}_{q^k}\) or \(\mathbb {F}_q[T]/(T^k)\), seen as an algebra over \(\mathbf {k}=\mathbb {F}_q\), and equipped with the trace-like linear form \(\tau \) introduced at the end of Sect. 2. Our aim is to show that the trisymmetric bilinear complexities \(\mu ^{\text {tri}}_q(k)\) and \(\hat{\mu }^{\text {tri}}_q(k)\) grow linearly as \(k\rightarrow \infty \). Our proof will involve higher multilinear maps, and in turn, give results for them as well.

For any t we define the t-multilinear multiplication map in \(\mathcal {A}\) over \(\mathbf {k}\)

$$ \begin{array}{cccc} m_t:&{}\mathcal {A}^t&{}\rightarrow &{}\mathcal {A}\\ &{}(x_1,\dots ,x_t)&{}\mapsto &{}x_1\cdots x_t \end{array} $$

and the t-multilinear trace form

$$ \begin{array}{cccc} \tau _t=\tau \circ m_t:&{}\mathcal {A}^t&{}\rightarrow &{}\mathcal {A}\\ &{}(x_1,\dots ,x_t)&{}\mapsto &{}\tau (x_1\cdots x_t). \end{array} $$

If needed, we will write \({m_t}^{\mathcal {A}/\mathbf {k}}\) or \({\tau _t}^{\mathcal {A}/\mathbf {k}}\) to keep \(\mathcal {A}\) and \(\mathbf {k}\) explicit.

The (symmetric) multilinear complexity of \(m_t\) has been considered in [7] in relation with the theory of testers.

Lemma 3

The map \(m_t\) is hypersymmetric, and we have

$$ \mu ^{\text {hyp}}(m_t)=\mu ^{\text {sym}}(\tau _{t+1})\le \mu ^{\text {sym}}(m_{t+1}). $$

Proof

Indeed we have \(\widetilde{m}_t=\tau _{t+1}\), and the equality on the left is a special case of Lemma 1. For the inequality on the right, take a symmetric formula for \(m_{t+1}\) and apply \(\tau \).    \(\square \)

When studying the variation with the degree of the extension field \(\mathbb {F}_{q^k}\) over \(\mathbb {F}_q\), we will write \(\mu ^{\text {sym}}_q(k,m_t)\) for \(\mu ^{\text {sym}}\left( {m_t}^{\mathbb {F}_{q^k}/\mathbb {F}_q}\right) \), and we will also use the similar notations \(\mu ^{\text {hyp}}_q(k,m_t)\), \(\mu ^{\text {sym}}_q(k,\tau _t)\), etc. In particular for \(t=2\) we have

$$ \mu ^{\text {tri}}_q(k)=\mu ^{\text {tri}}_q(k,m_2)=\mu ^{\text {sym}}_q(k,\tau _3). $$

When working in \(\mathbb {F}_q[T]/(T^k)\) over \(\mathbb {F}_q\), we will write likewise \(\hat{\mu }^{\text {sym}}_q(k,m_t)\), \(\hat{\mu }^{\text {hyp}}_q(k,m_t)\), etc.

Our aim is, for fixed q and t with \(q\ge t+1\), to show that \(\mu ^{\text {hyp}}_q(k,m_t)\) and \(\hat{\mu }^{\text {hyp}}_q(k,m_t)\) grow linearly with \(k\rightarrow \infty \). Thanks to Lemma 3, it suffices to show that \(\mu ^{\text {sym}}_q(k,m_{t+1})\) and \(\hat{\mu }^{\text {sym}}_q(k,m_{t+1})\) grow linearly with \(k\rightarrow \infty \). To ease notations we will set

$$\begin{aligned} M^{\text {sym}}_{q,t}=\limsup _{k\rightarrow \infty }\frac{1}{k}\mu ^{\text {sym}}_q(k,m_t),\qquad M^{\text {hyp}}_{q,t}=\limsup _{k\rightarrow \infty }\frac{1}{k}\mu ^{\text {hyp}}_q(k,m_t), \end{aligned}$$
$$\begin{aligned} M^{\text {tri}}_q=\limsup _{k\rightarrow \infty }\frac{1}{k}\mu ^{\text {tri}}_q(k)=M^{\text {hyp}}_{q,2}, \end{aligned}$$

and likewise for \(\hat{M}^{\text {sym}}_{q,t}\), \(\hat{M}^{\text {hyp}}_{q,t}\), \(\hat{M}^{\text {tri}}_q\), etc.

Evaluation-Interpolation Method. We use the function field terminology and notations presented in [18]. Let \(F/\mathbb {F}_q\) be an algebraic function field of one variable over \(\mathbb {F}_{q}\) and let \(\mathbb {P}_F\) be the set of places of F. Let \(\mathcal {D}_F\) the set of divisors on F, and if \(D\in \mathcal {D}_F\) is a divisor on F, we denote by L(D) its Riemann-Roch space and \(\ell (D)=\dim L(D)\).

Proposition 4

Assume there exist a place \(Q\in \mathbb {P}_{F}\) of F of degree k, \(P_1, \dots , P_n\in \mathbb {P}_F\) places of F of degree 1, and a divisor \(D\in \mathcal {D}_F\) of F such that the places Q and \(P_1, \dots , P_n\) are not in the support of D and such that the following conditions hold.

  1. (i)

    The evaluation map

    $$ \begin{array}{cccc} \text {ev}_{Q, D}: &{} L(D) &{} \rightarrow &{} \mathbb {F}_{q^k}\\ &{} f &{} \mapsto &{} f(Q) \end{array} $$

    is surjective.

  2. (ii)

    The evaluation map

    $$ \begin{array}{cccc} \text {ev}_{\mathcal {P}, tD}: &{} L(tD) &{} \rightarrow &{} (\mathbb {F}_{q})^n\\ &{} h &{} \mapsto &{} (h(P_1), \dots , h(P_n)) \end{array} $$

    is injective.

Then \({m_t}^{\mathbb {F}_{q^k}/\mathbb {F}_q}\) admits a symmetric formula of length n, i.e. we have \(\mu ^{\text {sym}}_q(k,m_t)\le n\).

Proof

Since the map \(\text {ev}_{Q, D}\) is surjective, it admits a right inverse, i.e. a linear map \(s: \mathbb {F}_{q^k} \rightarrow L(D)\) such that \(\text {ev}_{Q, D}\circ s = \text {Id}_{\mathbb {F}_{q^k}}\). For all \(x\in \mathbb {F}_{q^k}\), we denote \(s(x)\in L(D)\) by \(f_x\), so the map \(x\mapsto f_x\) is linear, and \(f_x(Q)=x\). We also let

$$ \begin{array}{cccc} a: &{} \mathbb {F}_{q^k} &{} \rightarrow &{} (\mathbb {F}_{q})^n \\ &{} x &{} \mapsto &{} (f_x(P_1), \dots , f_x(P_n)) \end{array} $$

be the composite map \(a = \text {ev}_{\mathcal {P}, D}\circ s\). The situation is sumed up in the following drawing.

figure a

Observe that a is linear, so we can write

$$\begin{aligned} a(x) = (\varphi _1(x), \dots , \varphi _n(x)) \end{aligned}$$

where \(\varphi _i:\mathbb {F}_{q^k}\rightarrow \mathbb {F}_{q}\) is a linear form, namely \(\varphi _i(x)=f_x(P_i)\).

Similarly, since the map \(\text {ev}_{\mathcal {P}, tD}\) is injective, it admits a left inverse, i.e. a linear map \(r: (\mathbb {F}_{q})^n \rightarrow L(tD)\) such that \(r\circ \text {ev}_{\mathcal {P}, tD} = \text {Id}_{L(tD)}\). We also let \(b: (\mathbb {F}_{q})^n \rightarrow \mathbb {F}_{q^k}\) be the composite map \(b = \text {ev}_{Q, tD}\circ r\). The situation is sumed up in the following drawing.

figure b

The map b is linear, so there are \(b_1, \dots , b_n\) in \(\mathbb {F}_{q^k}\) such that, for all \(y=(y_1, \dots , y_n)\in (\mathbb {F}_{q})^n\),

$$ b(y) = \sum _{i=1}^n y_i b_i. $$

Now for \(x,\dots ,x_t\in \mathbb {F}_{q^k}\), let

$$ p = (p_1,\dots ,p_n) = ((\prod _{j=1}^tf_{x_j})(P_1), \dots , (\prod _{j=1}^tf_{x_j})(P_n)) $$

in \((\mathbb {F}_{q})^n\) be the coordinatewise product of the vectors \(a(x_1)\), ..., \(a(x_t)\). Then

$$ h = r(p) $$

is an element of L(tD) such that \(h(P_i) = p_i = (\prod _{j=1}^tf_{x_j})(P_i)\) for all i. Since the map \(\text {ev}_{\mathcal {P}, tD}\) is injective, this forces

$$ h = \prod _{j=1}^tf_{x_j}. $$

Then, we have

$$\begin{aligned} b(p) = \text {ev}_{Q, tD}(r(p)) = \text {ev}_{Q, tD}(h) = h(Q) = \prod _{j=1}^t f_{x_j}(Q) = \prod _{j=1}^t x_j. \end{aligned}$$

But we also have

$$ b(p) = \sum _{i=1}^np_ib_i=\sum _{i=1}^n(\prod _{j=1}^tf_{x_j}(P_i))b_i=\sum _{i=1}^n(\prod _{j=1}^t\varphi _i(x_j))b_i $$

and finally we get a symmetric formula for \(m_t\):

$$ \prod _{j=1}^t x_j = \sum _{i=1}^n(\prod _{j=1}^t\varphi _i(x_j))b_i. $$

   \(\square \)

Proposition 5

Let \(F/\mathbb {F}_{q}\) be an algebraic function field of genus g. Assume that F admits a place Q of degree k, and a set \(\mathcal {S}\) of places of degree 1 of cardinality

$$ |\mathcal {S}|\ge (k+g-1)t+1. $$

Then we have

$$\begin{aligned} \mu ^{\text {sym}}_q(k,m_t)\le kt+(g-1)(t-1). \end{aligned}$$

Proof

Set \(n=kt+(g-1)(t-1)\). We will show that there are places \(P_1,\dots ,P_n\) in \(\mathcal {S}\), and a divisor D on F, such that Proposition 4 applies, which gives \(\mu ^{\text {sym}}_q(k,m_t)\le n\) as desired.

Using e.g. [3, Lemma 2.1] we know F admits a non-special divisor R of degree \(g-1\). By the strong approximation theorem [18, Thm. 1.6.5] we can then find a divisor D linearly equivalent to \(R+Q\) and of support disjoint from Q and \(\mathcal {S}\).

Then \(D-Q\) and D are non-special, with \(\ell (D-Q)=0\) and \(\ell (D)=k\). We thus find

$$ \text {Ker}(\text {ev}_{Q, D}:L(D)\rightarrow \mathbb {F}_{q^k}) = L(D-Q) = 0, $$

so \(\text {ev}_{Q, D}\) is injective, hence also surjective by equality of dimensions, i.e. the surjectivity condition (i) in Proposition 4 is satisfied.

Likewise, tD is non-special, with \(\deg (tD)=(k+g-1)t\) and \(\ell (tD)=kt+(g-1)(t-1)\). Then the evaluation map

$$ \begin{array}{cccc} \text {ev}_{\mathcal {S}, tD}: &{} L(tD) &{} \rightarrow &{} (\mathbb {F}_{q})^{|\mathcal {S}|}\\ &{} h &{} \mapsto &{} (h(P))_{P\in \mathcal {S}} \end{array} $$

has kernel \(L(tD-\sum _{P\in \mathcal {S}}P)=0\), because \(\deg (tD-\sum _{P\in \mathcal {S}}P)=(k+g-1)t-|\mathcal {S}|<0\). So \(\text {ev}_{\mathcal {S}, tD}\) is injective, with image of dimension \(\dim \text {Im}(\text {ev}_{\mathcal {S}, tD})=\ell (tD)=n\). Then we can find a subset \(\mathcal {P}=\{P_1,\dots ,P_n\}\subset \mathcal {S}\) of cardinality n, such that \(\text {ev}_{\mathcal {P}, tD}: L(tD) \rightarrow (\mathbb {F}_{q})^n\) is an isomorphism, and the injectivity condition (ii) in Proposition 4 is also satisfied.    \(\square \)

Choice of the Curves for q a Large Enough Square

Proposition 6

Let t be given, and assume q is a square, \(q\ge (t+2)^2\). Then we have

$$ M^{\text {sym}}_{q,t}\le (1+\epsilon _t(q))t $$

with \(\epsilon _t(q)=\frac{t-1}{\sqrt{q}-t-1}\).

Proof

We know [17] that there exists a family of function fields \(F_i/\mathbb {F}_q\) of genus \(g_i\rightarrow \infty \) such that

  1. (i)

    \(\frac{g_{i+1}}{g_i}\rightarrow 1\)

  2. (ii)

    \(N_i\sim (\sqrt{q} - 1)g_i\)

where \(N_i = \text {Card}\left\{ P\in \mathbb {P}_{F_i}\,|\,\deg P = 1 \right\} \) is the number of places of degree 1 of \(F_i\). We can also assume that the sequence \(g_i\) is increasing.

For any k let i(k) be the smallest index such that

$$\begin{aligned} N_{i(k)} \ge (k + g_{i(k)}-1)t +1. \end{aligned}$$

Such an i(k) always exists since by (ii) we have \(N_i\sim (\sqrt{q} - 1)g_i\), with \(\sqrt{q} - 1>t\).

By definition we thus have

$$\begin{aligned} N_{i(k)} \ge (k + g_{i(k)}-1)t +1> (k + g_{i(k)-1}-1)t +1 > N_{i(k)-1}. \end{aligned}$$

As \(k\rightarrow \infty \) we have \(i(k)\rightarrow \infty \), and by (i) we get \(g_{i(k)}\sim g_{i(k)-1}\), so by (ii) we also get \(N_{i(k)}\sim N_{i(k)-1}\). This then gives

$$\begin{aligned} \begin{aligned} N_{i(k)}&\sim (k + g_{i(k)}-1)t +1\\ {}&\sim (k + g_{i(k)})t \end{aligned} \end{aligned}$$

while by (ii),

$$\begin{aligned} N_{i(k)} \sim (\sqrt{q} - 1)g_{i(k)}. \end{aligned}$$

From these two relations we deduce

$$\begin{aligned} g_{i(k)} \sim \frac{t}{\sqrt{q}-1-t}k. \end{aligned}$$

For k large enough this implies in particular \(2g_{i(k)} +1 \le q^{(k-1)/2}(\sqrt{q}-1)\), so \(F_{i(k)}\) admits a place of degree k by [18, Cor. 5.2.10].

From this we are allowed to apply Proposition 5 to \(F_{i(k)}\), which gives

$$\begin{aligned} \mu ^{\text {sym}}_q(k,m_t)\;\le \; kt+(g_{i(k)}-1)(t-1)\;\sim \; kt+g_{i(k)}(t-1)\;\sim \; kt(1+\epsilon _t(q)) \end{aligned}$$

as desired.    \(\square \)

Corollary 1

For q a square, \(q\ge (t+3)^2\) we have

$$ M^{\text {hyp}}_{q,t}\le (1+\epsilon _{t+1}(q))(t+1), $$

and in particular we have

$$\begin{aligned} M^{\text {tri}}_q\le 3\left( 1+\frac{2}{\sqrt{q}-4}\right) \end{aligned}$$

for q a square, \(q\ge 25\).

Conclusion for Arbitrary q

Lemma 4

Let q be a prime power. Then for any integers tdk we have

$$\begin{aligned} \mu ^{\text {sym}}_q(k,m_t)\le \mu ^{\text {sym}}_q(dk,m_t)\le \mu ^{\text {sym}}_q(d,m_t)\mu ^{\text {sym}}_{q^d}(k,m_t). \end{aligned}$$

Proof

For the inequality on the left, there is nothing to prove if \(\mu ^{\text {sym}}_q(dk,m_t)=\infty \). So let us assume \(m_t^{\mathbb {F}_{q^{dk}}/\mathbb {F}_{q}}\) admits a symmetric multiplication formula of length \(n=\mu ^{\text {sym}}_q(dk,m_t)\), i.e.

$$\begin{aligned} \forall x_1,\dots ,x_t\in \mathbb {F}_{q^{dk}},\quad x_1\cdots x_t = \sum _{i=1}^{n}\varphi _i(x_1)\cdots \varphi _i(x_t)a_i \end{aligned}$$

for linear forms \(\varphi _i:\mathbb {F}_{q^{dk}}\rightarrow \mathbb {F}_{q}\) and elements \(a_i\in \mathbb {F}_{q^{dk}}\). Choose a linear projection

$$\begin{aligned} p:\mathbb {F}_{q^{dk}}\rightarrow \mathbb {F}_{q^{k}} \end{aligned}$$

left inverse for the inclusion \(\mathbb {F}_{q^{k}}\subseteq \mathbb {F}_{q^{dk}}\). Then we get

$$\begin{aligned} \forall x_1,\dots ,x_t\in \mathbb {F}_{q^{k}},\quad x_1\cdots x_t = p(x_1,\dots ,x_t) = \sum _{i=1}^{n}\varphi _i(x_1)\cdots \varphi _i(x_t)p(a_i) \end{aligned}$$

which is a symmetric multiplication formula of length n for \(m_t^{\mathbb {F}_{q^{k}}/\mathbb {F}_{q}}\).

Likewise, for the inequality on the right, there is nothing to prove if \(\mu ^{\text {sym}}_q(d,m_t)=\infty \) or \(\mu ^{\text {sym}}_{q^d}(k,m_t)=\infty \). So let us assume \(m_t^{\mathbb {F}_{q^{d}}/\mathbb {F}_{q}}\) and \(m_t^{\mathbb {F}_{q^{dk}}/\mathbb {F}_{q^{d}}}\) admit symmetric multiplication formulae of length \(r=\mu ^{\text {sym}}_q(d,m_t)\) and \(s=\mu ^{\text {sym}}_{q^d}(k,m_t)\) respectively, so

$$\begin{aligned} \forall y_1,\dots ,y_t\in \mathbb {F}_{q^{d}},\quad y_1\cdots y_t = \sum _{u=1}^{r}\psi _u(y_1)\cdots \psi _u(y_t)b_u \end{aligned}$$
$$\begin{aligned} \forall z_1,\dots ,z_t\in \mathbb {F}_{q^{dk}},\quad z_1\cdots z_t = \sum _{v=1}^{s}\chi _v(z_1)\cdots \chi _v(z_t)c_v \end{aligned}$$

for linear forms \(\psi _u:\mathbb {F}_{q^{d}}\rightarrow \mathbb {F}_{q}\), \(\chi _v:\mathbb {F}_{q^{dk}}\rightarrow \mathbb {F}_{q^{d}}\) and elements \(b_u\in \mathbb {F}_{q^{d}}\), \(c_v\in \mathbb {F}_{q^{dk}}\). Then setting \(y_1=\chi _v(z_1)\), ..., \(y_t=\chi _v(z_t)\) we find

$$\begin{aligned} \forall z_1,\dots ,z_t\in \mathbb {F}_{q^{dk}},\quad z_1\cdots z_t = \sum _{v=1}^{s}\sum _{u=1}^{r}(\psi _u\circ \chi _v)(z_1)\cdots (\psi _u\circ \chi _v)(z_t)\cdot (b_uc_v) \end{aligned}$$

which is a symmetric multiplication formula of length rs for \(m_t^{\mathbb {F}_{q^{dk}}/\mathbb {F}_{q}}\).    \(\square \)

Theorem 2

Let \(t\ge 2\) be an integer and q a prime power. If \(q<t\), then \(\mu ^{\text {sym}}_q(k,m_t)=\infty \) for all \(k\ge 2\).

On the other hand, if \(q\ge t\), then \(\mu ^{\text {sym}}_q(k,m_t)\) grows at most linearly with k, i.e. we have

$$ M^{\text {sym}}_{q,t}\le C_t(q) $$

for some real constant \(C_t(q)<\infty \).

Proof

If \(q<t\) and \(k\ge 2\), then \(\mu ^{\text {sym}}_q(k,m_t)=\infty \) follows from Theorem 1.

On the other hand, for \(q\ge t\), we have \(\mu ^{\text {sym}}_q(d,m_t)<\infty \) for any integer d. Choose d such that \(q^d\) is a square, \(q^d\ge (t+2)^2\). Then Proposition 6 shows \(\mu ^{\text {sym}}_{q^d}(k,m_t)\) grows linearly with k. The Theorem then follows thanks to Lemma 4, with \(C_t(q)=\mu ^{\text {sym}}_q(d,m_t)(1+\epsilon _t(q^d))t\).    \(\square \)

Corollary 2

For \(q\ge t+1\) we have

$$ M^{\text {hyp}}_{q,t}\le C_{t+1}(q) $$

and in particular for \(q\ge 3\) we have

$$ M^{\text {tri}}_q\le C_{3}(q). $$

Further Remarks and Possible Improvements

  1. 1.

    When \(q\ge 4\) is not divisible by 3, [16, Thm. 2] gives \(\mu ^{\text {tri}}_q(k)\le 4\mu ^{\text {sym}}_q(k)\). On the other hand, [9] shows that \(\mu ^{\text {sym}}_q(k)\) grows linearly with k (the result is stated for \(\mu _q(k)\), but it is easily seen that the proof works for \(\mu ^{\text {sym}}_q(k)\)). Taken together, these results show that \(\mu ^{\text {tri}}_q(k)\) grows linearly with k when \(q\ge 4\) is not divisible by 3. One advantage of our method is that it works for all \(q\ge 3\). Moreover it gives sharper bounds. For instance, when q is a square and large enough, joining [16, Thm. 2] with the best asymptotic upper bound known on \(\mu ^{\text {sym}}_q(k)\) [12, Thm. 6.4] gives \(M^{\text {tri}}_q\le 8\left( 1+\frac{1}{\sqrt{q}-2}\right) \), which is not as good as \(M^{\text {tri}}_q\le 3\left( 1+\frac{2}{\sqrt{q}-4}\right) \) from Corollary 1.

  2. 2.

    Open question: Lemma 3 reduces (upper) bounds on \(\mu ^{\text {hyp}}(m_t)\) to bounds on \(\mu ^{\text {sym}}(m_{t+1})\), and in particular it reduces bounds on \(M^{\text {tri}}_q\) to bounds on \(M^{\text {hyp}}_{q,3}\), which does not seem optimal. Indeed we know no example where the inequality \(\mu ^{\text {sym}}_q(k)\le \mu ^{\text {tri}}_q(k)\) is strict. So, for instance for q square, \(q\rightarrow \infty \), our method gives \(M^{\text {tri}}_q\le 3(1+o(1))\), but one could ask whether it is possible to get a bound of the form \(M^{\text {tri}}_q\le 2(1+o(1))\), as given by [12, Thm. 6.4] for \(M^{\text {sym}}_q\).

  3. 3.

    Open question: The condition \(|\mathcal {S}|\ge (k+g-1)t+1\) in Proposition 5 does not seem optimal since in the end we do evaluation-interpolation at only \(kt+(g-1)(t-1)\) places. If one could relax this condition to \(|\mathcal {S}|\ge kt+(g-1)(t-1)\), this would improve Proposition 6 to \(M^{\text {sym}}_{q,t}\le (1+\epsilon '_t(q))t\) for q square, \(q\ge (t+1)^2\), with \(\epsilon '_t(q)=\frac{t-1}{\sqrt{q}-t}\). For \(t=2\) this is done in [12, 15] using techniques from [13]. However, as observed at the end of [13], a generalization to \(t\ge 3\) would require new arguments.

  4. 4.

    Lemma 4, which generalizes [17, Lemma 1.2], is clearly not optimal. When deriving upper bounds on \(\mu ^{\text {sym}}_q(k,m_t)\) for non-square q, it might be better to use evaluation-interpolation at places of higher degree, as first introduced in [4], and further developped e.g. in [8, 12]. To do this in an optimal way one needs function fields \(F_i\) defined over \(\mathbb {F}_q\), of genus \(g_i\rightarrow \infty \), with \(\frac{g_{i+1}}{g_i}\rightarrow 1\) and \(N_i^{(d)}\sim \frac{q^{d/2}-1}{d}g_i\) where \(N_i^{(d)}\) is the number of places of degree d in \(F_i\), for a convenient d. This improves the bound on \(M^{\text {sym}}_{q,t}\) by a factor \(\frac{1}{d}\). The existence of these function fields was first claimed in [8], but unfortunately with an incorrect proof. A corrected construction, based on Drinfeld modular curves, will be found in [6].

  5. 5.

    All our bounds for multiplication in extension fields also hold for truncated polynomials. For instance we have \(\hat{M}^{\text {sym}}_{q,t}\le (1+\epsilon _t(q))t\) for q square, \(q\ge (t+2)^2\), and \(\hat{M}^{\text {sym}}_{q,t}\le C_t(q)\) for all \(q\ge t\). This requires only minor changes in our constructions. In Proposition 4, instead of evaluation at a place Q of degree k, one uses evaluation at order k at an extra place \(P_0\) of degree 1. Likewise in Proposition 5, one needs one more place of degree 1, but one does not need Q (then the proof of Proposition 6 is slightly simplified since one does not need to invoke [18, Cor. 5.2.10] anymore).