Solve polynomial congruence $f(x)\equiv a \pmod{2^n}$

Question

I only found one textbook which gives a limited treatment for the quadratic version. After some work I came up with the following steps to solve $f(x)=x^2-a\equiv 0 \pmod{2^m}$ where $a\equiv 1 \pmod 8$ (there is no solution for other odd $a$'s).

First notice that when $a\equiv 1 \pmod 8$, the equation $x^2\equiv a \pmod{2^m}$ has exactly four solutions: if $r$ is a root, then the other three are $-r, 2^{m-1}\pm r$.

Step 1: Starting from $k=m$, find the highest power $2^k, k\leq m$ such that $a \mod{2^k} = r^2$ where $r$ is an odd integer between $0$ and $2^k$ (this is always achievable -- I omitted the proof). Then we know the four solutions to $f(x)\equiv 0 \pmod {2^k}$ are $\pm r, 2^{k-1}\pm r \pmod{2^k}$. Let $a=r^2+2^kb$.

Step 2: Now if $\hat r$ is a solution to $f(x)\equiv 0 \pmod{2^m}$, then $f(\hat r)\equiv 0 \pmod{2^k}$, therefore $\hat r$ has either of the following forms: $r+2^k t$ or $r+2^k t + 2^{k-1} \pmod{2^k}$ (this is also not difficult to prove).

Now let $n=m-k, m=n+k$. If $n\leq k$ we do the following:

Step 2a: $\mod{2^{n+k}}: 0\equiv f(r+2^k t)^2 \equiv (r+2^kt)^2-a=r^2+2^{k+1} rt+2^{2k} t^2-a \equiv 2^k(2rt-b)$ has a solution $t$ if and only if $$2rt-b\equiv 0 \pmod {2^n}$$ has a solution.

If the above has no solution, then

Step 2b: $\mod{2^{n+k}}: 0\equiv f(2^{k-1}+ r+2^k t)^2 $ must have a solution.

Once we have $t$, we have one $\hat r$, and all solutions are $\pm \hat r, 2^{m-1} \pm \hat r$.

If $n\ge k$, we can lift $r$ to a solution $\mod {2^{2k}}$, then up to $\mod {2^{4k}}$, etc.

Example: Let's solve $x^2\equiv 17 \pmod {81}$. Notice that $17\equiv 1 \pmod{16}$ and the solutions to $x^2\equiv 17 \pmod{16}$ is $1,7,9,15 \pmod{16}$ so we only need to try $(16t+1)^2-17\equiv 0 \pmod{128}$ and (if the former fails) $(16t+9)^2-17\equiv 0 \pmod{128}$. The former has no solutions. The latter

$$(16t+9)^2-17=256t^2+32(9t)+64\equiv 32(9t+2) \equiv 0 \pmod{128}$$ $$\iff 9t+2\equiv 0 \pmod 4 \iff t\equiv 2 \pmod 4$$

Therefore one solution is $16(4s+2)+9=64s+41$. So all solutions are $\pm 41, 64\pm 41\equiv 23,41,87,105 \pmod{128}$.

My questions:

1. Is there a neat Hensel-type formula like the one presented here, for any arbitrary $f(x)$ with an odd leading coefficient?

Notice that in the above I could have combined Step 2a and 2b by considering $r+2^{k-1} t$. But then we can only lift to a modulus lower than $2^{2k}$).

2. If $n=1$ and we combine Step 2a and 2b by letting $x=r+2^{k-1}t$, then $$\mod{2^{k+1}}: 0\equiv (r+2^{k-1}t)^2-a=r^2+2^k rt+2^{2k-2} t^2-a \equiv 2^k(rt-b)$$ $$\iff rt-b\equiv 0 \pmod 2 \iff t \equiv b \pmod 2 \text{, since } r \text{ is odd}$$ Hence $$\hat r \equiv r + 2^{k-1} (f(x)/2^k \mod 2) \pmod {2^{k+1}}$$ But there are two things I don't like the above: first it produces two incongruent solutions when $f(x)/2^k$ is odd; and $f(x)/2^k$ may be confused with modular fractions where the denominator should be relatively prime to the modulus.

3. Any references on this topic? A few other textbook I found only mentioned the case when $p$ is an odd prime.

Thanks for your help.

Answer 1

I can say unlimitedly much on this topic, but for the specific problem $x^2\equiv a\pmod{2^n}$ when $a\equiv1\pmod8$, here’s one approach that doesn’t involve methods of the Hensel’s-lemma type:

When you look closely at the Binomial series for $(1+4t)^{1/2}$, you realize that all the coefficients are integers ! In fact, the series starts $$ 1+2t - 2t^2 + 4t^3 - 10t^4 + 28t^5 - 84t^6 + 264t^7 - 858t^8 + 2860t^9 - 9724t^{10}+\cdots\,. $$ Since your $t$ will be divisible by $2$, you have a good $2$-adically convergent series. This is the solution that’s $\equiv1\pmod4$; its negative is the solution $\equiv3\pmod4$.