Low-Complexity Polynomial Algorithms

Updated 9 February 2026

Low-complexity polynomial algorithms are efficient methods that reduce computation time for polynomial evaluations and system solving by leveraging structural, algebraic, and probabilistic techniques.
They improve on traditional methods like Horner’s rule and standard matrix inversion, achieving significant speedups and cost reductions in various computational tasks.
These algorithms drive advancements in cryptography, coding, signal processing, and hardware-optimized communications by minimizing operational complexity.

A low-complexity polynomial algorithm is any algorithm for a fundamental polynomial computation or associated algebraic problem whose computational complexity is polynomial (or nearly so) in the size of the problem, and which achieves concrete improvements—often via structural, algebraic, or probabilistic techniques—over standard textbook approaches. These algorithms are essential in computational algebra, coding theory, signal processing, cryptography, control, and wireless communications, where both the ambient problem sizes and hardware constraints demand polynomial, and often strongly subcubic, resource requirements.

1. Definitional Scope and Core Motivation

Low-complexity polynomial algorithms are designed for tasks such as polynomial evaluation, multiplication, modular reduction, system solving, decoding, and related symbolic-algebraic operations, where classical techniques (Horner’s rule, standard matrix inversion, brute-force enumeration) are suboptimal for moderate to large problem sizes. “Low complexity” here means that the number of required arithmetic (or bit) operations, and often the algorithmic memory usage, is polynomial in relevant input parameters (e.g., polynomial degree $d$ , system dimension $n$ ), and improved constants or exponents are a key goal.

A typical hallmark is that, for certain structured inputs or problem instances, the complexity is reduced below traditional bounds through one or more of the following techniques:

Recursive decomposition exploiting algebraic symmetries (e.g., automorphisms, ring structure)
Fast matrix or graph algorithms
Probabilistically correct verification with minimal operations
Exploiting sparsity or other input profiles
Adaptation to hardware-friendly (e.g., no sorting, low memory access) workflows

2. Key Algorithms and Methodological Advances

Polynomial Evaluation and Product Computation

Horner’s Rule ( $O(d)$ ) is standard for evaluating a degree- $d$ polynomial. However, several low-complexity alternatives yield sublinear or lower-complexity evaluation for large $d$ :

Automorphic Evaluation over Finite Fields: By recursively expressing $P(x)$ over $\mathbb F_p$ in terms of $p$ -ary digits and leveraging Frobenius automorphisms, one achieves $O(\sqrt{d})$ multiplications at the optimal recursion depth, outperforming Horner’s as soon as $d > 4(p-1)$ (Elia et al., 2011).
Fast Evaluation via Concave Envelope (“FPE”): Over $\mathbb C$ , for high-precision or massive-degree evaluation, preconditioning with a minimal concave envelope $E(k)$ allows identification of an interval $I$ of “active” monomials. Each evaluation costs $O(\sqrt{d(p + \log d)})$ in expectation (with respect to the Riemann-sphere measure on input values), drastically less than $O(d)$ for large $d$ and fixed bit-precision $p$ . Error analysis shows output matches Horner’s up to unavoidable leading-term cancellation. Benchmarks confirm $3\times$ – $10\times$ speedups in practical settings (Anton et al., 2022).

Modular Multiplication and Verification

Efficient Modular Multiplication using NTT: For $\mathbb Z_q[x]/(x^n + 1)$ , the fast Number Theoretic Transform (NTT) and its low-complexity variants yield $O(n \log n)$ multiplication. The LC-NWC (Low-Complexity Negative Wrapped Convolution) method incorporates twiddle factors and sign corrections directly into butterflies, saving up to $50\%$ of costly modular multipliers over naive $2n$-length NTT-based approaches (Chiu et al., 2023).
Probabilistic Product Verification: The verification of $H = F \cdot G$ modulo a sparse divisor $D$ can be achieved in $O(n \# D)$ (dense case) or $O(T \# D^{1/(1-y)})$ with $T$ the input sparsity, by random evaluation or related probabilistic techniques, improving on previous linearithmic or quadratic approaches. In the bit complexity model, true linear or quasi-linear algorithms are achieved over $\mathbb Z$ and $\mathbb F_q$ (Giorgi et al., 2021).

Low-Weight Polynomial Multiple (Cryptographic Applications)

Discrete Logarithm Approaches: For finding low-weight multiples of binary (irreducible or composite) polynomials, crucial in stream cipher attacks, discrete-log algorithms can replace birthday-based combinatorial ones. For weights $w = 3, 4$ and degree $n$ , such algorithms find a nonzero multiple of weight $w$ and degree $\approx 2^{n/(w-1)}$ in $O(2^{n/2})$ time and $O(1)$ memory—matching best possible time but with far less storage. These rely on explicit field factorizations and Zech’s logarithms, with CRT reconciliation for composed factors (Peterlongo et al., 2014).

Polynomial System Solving and Gröbner Basis Computation

Fast Linear Algebra for PoSSo: For dense zero-dimensional radical systems of $n$ variables and degree bound $d$ , standard algorithms compute lex Gröbner bases in $\widetilde{O}(d^{3n})$ operations. The fast linear algebra approach achieves $\widetilde{O}(d^{\omega n})$ (with matrix multiplication exponent $\omega < 2.373$ ), and exploits block computations of multiplication matrices, Macaulay matrices, and batch FGLM transformation (Faugère et al., 2013).
Low-Complexity S-Polynomial Reduction: Novel lookahead in reduction (next-term minimization) in Gröbner basis computation reduces the practical and asymptotic cost from $O(N^5)$ (Buchberger’s) or $O(N^6)$ (F5) down to $O(m n N^4)$ for $N$ monomials, $n$ variables, $m$ equations (Kim et al., 2015).

Channel Estimation and Signal Processing

PEACH Channel Estimation (Massive MIMO): MMSE channel estimation in massive MIMO systems typically requires $O(M^3)$ for $M$ -dimensional covariance inversion. The PEACH polynomial expansion approach approximates inverses via order- $L$ matrix polynomials, reducing per-block complexity to $O(L M^2)$ , with $L \ll M$ often sufficient for near-optimal mean square error. The polynomial coefficients can be adaptively estimated or fixed from eigenvalue bounds (Shariati et al., 2013, Shariati et al., 2014).

3. Complexity Comparison and Algorithmic Trends

The following table summarizes core algorithms and their leading-term computational complexity:

Task	Classical Bound	Low-Complexity Polynomial Algorithm	Reference
Polynomial evaluation ( $\deg d$ )	$O(d)$	$O(\sqrt{d})$ or $O(\sqrt{d(p+\log d)})$	(Elia et al., 2011, Anton et al., 2022)
Modular multiplication ( $n$ -vars)	$O(n \log n \log \log n)$	$O(n \log n)$ with reduced constants (LC-NWC)	(Chiu et al., 2023)
Product verification (dense, bit model)	$O(n \log C \log \log C)$	$O(n \log C)$ (linear)	(Giorgi et al., 2021)
Low-weight multiple (wt $w$ , deg $n$ )	Birthday: $O(2^{n/2})$	Discrete logarithm: $O(2^{n/2})$ w/ $O(1)$ memory	(Peterlongo et al., 2014)
Gröbner basis (dense, $n$ , $d$ )	$\widetilde{O}(d^{3n})$	$\widetilde{O}(d^{\omega n})$	(Faugère et al., 2013)
Gröbner S-polynomial reduction ( $N$ monoms)	$O(N^5 - N^6)$	$O(m n N^4)$	(Kim et al., 2015)
MMSE channel estimation ( $M$ )	$O(M^3)$	$O(L M^2)$ ( $L \ll M$ )	(Shariati et al., 2013, Shariati et al., 2014)

This reflects a persistent trend: exploiting algebraic and problem-specific structure can remove at least one exponent from the generic complexity and frequently yields order-of-magnitude empirical speedups.

4. Application Domains and System-level Impact

The reach of low-complexity polynomial algorithms spans:

Cryptography & Coding: Efficient field and ring arithmetic, syndrome calculation, error-locator computation, and low-weight parity searches directly impact decoding and attack efficiency (e.g., (Elia et al., 2011, Peterlongo et al., 2014)).
Wireless Communications: Massively scalable MIMO systems, non-coherent data detection, and uplink scheduling now require algorithms whose complexity tracks system scaling ( $O(N)$ , $O(N^2)$ , etc.) rather than being bottlenecked by combinatorial or cubic operations (Alshamary et al., 2014, Bodas et al., 2013).
Symbolic Computation: Polynomial system solvers, fast modular verification, and Gröbner basis computation receive polynomial or subcubic runtime reductions, often enabling operations on input sizes or parameter regimes previously unreachable (Faugère et al., 2013, Giorgi et al., 2021).
Homomorphic Encryption: Efficient $O(n \log n)$ polynomial modular multipliers based on NTT are central to high-throughput implementations of RLWE-based schemes (Chiu et al., 2023).

5. Architectural and Hardware Considerations

Many advances explicitly target not only algorithmic but microarchitectural constraints:

Sorting elimination and memory footprint reduction (e.g., sort-free projection for LP decoding (Gensheimer et al., 2019))
Merge of preconditioning factors into NTT butterflies to minimize runtime multipliers and on-chip table sizes (see LC-NWC (Chiu et al., 2023))
Streamlining for pipelined, high-throughput hardware—especially critical in cryptographic coprocessors and real-time DSP (Anton et al., 2022, Shariati et al., 2014)

6. Limitations and Open Problems

Despite significant progress, certain obstacles remain:

Many “low-complexity” algorithms are optimal only for specific parameter regimes, structured inputs, or under probabilistic correctness.
For sparse polynomial systems, the fastest available verification is quasi-linear in the combined bit-length rather than strictly linear (Giorgi et al., 2021).
Some applications (e.g., polynomial modular multiplication for arbitrary divisors or fields of small characteristic) still lack truly linear-time solutions.
For polynomial system solving outside the generic-radical or shape-position assumptions, complexities can revert to classical cubic or worse.

A plausible implication is that continued advances will require deeper exploitation of structural symmetries, further layers of recursive decomposition, and tighter integration between algorithmic and hardware design to approach theoretical lower bounds in operational complexity.

7. Outlook and Research Directions

Ongoing efforts include:

Further reduction of constant factors in polynomial-time algorithms, especially for high-throughput cryptography.
Exploration of discrete logarithm and FFT-based techniques in new algebraic structures, such as noncommutative rings and modules.
Unification of probabilistic verification schemes for dense, sparse, and modular polynomial products.
Expanding the repertoire of fast algorithms for system identification, observer design, and control in high-dimensional Boolean and finite-state networks (Weiss et al., 2018).

Emerging paradigms in randomized, hardware-co-optimized, and algebraic-geometry-inspired methods are pushing the practical reach of low-complexity polynomial algorithms beyond traditional symbolic computation, with system-level implications across information theory, cryptography, and modern hardware architectures.