theory and practice of algorithmsthomas/tpa/slides/tap-lect04.pdf · having p many elements (up to...

Field Integers Algebraic Structure of Finite Fields End

Theory and Practice of Algorithms

Thomas Zeugmann

Hokkaido UniversityLaboratory for Algorithmics

https://www-alg.ist.hokudai.ac.jp/∼thomas/TPA/

Lecture 4: More About Finite Fields

Theory and Practice of Algorithms c©Thomas Zeugmann

Field Integers IIt remains to find out for which q there are finite Abelianfields Fq. So far, we only know that there are finite Abelianfields Zp, where p is a prime. Clearly, we also interesting inlearning whether or not Zp is the only finite Abelian fieldhaving p many elements (up to isomorphism).Let us consider the additive properties of the element 1; i.e., theidentity element with respect to multiplication. In order toproceed we need the following definition:

Definition 4.1

Let F = (F, +, · ) be any Abelian field. We call the minimum

number c ∈N+ for whichc∑

1 = 0 the characteristic of F

provided it exists. If there is no c ∈N+ such thatc∑

1 = 0 then

we define the characteristic of F to be 0.

Field Integers IIt remains to find out for which q there are finite Abelianfields Fq. So far, we only know that there are finite Abelianfields Zp, where p is a prime. Clearly, we also interesting inlearning whether or not Zp is the only finite Abelian fieldhaving p many elements (up to isomorphism).Let us consider the additive properties of the element 1; i.e., theidentity element with respect to multiplication. In order toproceed we need the following definition:

Definition 4.1

Let F = (F, +, · ) be any Abelian field. We call the minimum

number c ∈N+ for whichc∑

1 = 0 the characteristic of F

provided it exists. If there is no c ∈N+ such thatc∑

1 = 0 then

we define the characteristic of F to be 0.

Field Integers IIRemarks.(1) We denote the characteristic of F by char(F).(2) Note that 1 ∈ F. Since F is field, we also know that

1 + 1 ∈ F, 1 + 1 + 1 ∈ F, and in general thatn∑

1 ∈ F for

every n ∈N+. So, if F is finite there exists m, n ∈N+,

where m > n such thatm∑

1 =n∑

1. Consequently,

m−n∑i=1

1 = 0; i.e., for finite Abelian fields we know that

char(F) is finite.

(3) If F is infinite then char(F) may be zero, e.g., for the realnumbers we have char(R) = 0.

(4) The element 0 and every element of F which can be written

asn∑

1 for some n ∈N+ is said to be a field integer.

Field Integers IIRemarks.(1) We denote the characteristic of F by char(F).(2) Note that 1 ∈ F. Since F is field, we also know that

1 + 1 ∈ F, 1 + 1 + 1 ∈ F, and in general thatn∑

1 ∈ F for

every n ∈N+. So, if F is finite there exists m, n ∈N+,

where m > n such thatm∑

1 =n∑

1. Consequently,

m−n∑i=1

1 = 0; i.e., for finite Abelian fields we know that

char(F) is finite.(3) If F is infinite then char(F) may be zero, e.g., for the real

numbers we have char(R) = 0.(4) The element 0 and every element of F which can be written

asn∑

1 for some n ∈N+ is said to be a field integer.

Field Integers III

Theorem 4.1

Let Fq be any finite Abelian field. Then char(Fq) must be a primenumber. The characteristic of an infinite Abelian field is either a primenumber or it is zero. Moreover, if the characteristic of an Abelianfield F is zero then F must be infinite.

Proof. Consider any Abelian field F such that char(F) is finite.Let c = char(F) and suppose that there are k, ` ∈N+ \ {1} such

that c = k`. So k, ` < c and we havek∑

1 , 0 and∑̀i=1

1 , 0. On

the other hand, it is easy to see that( k∑i=1

1)(∑̀

k∑̀i=1

c∑i=1

1 = 0 . (1)

Field Integers III

Theorem 4.1

Let Fq be any finite Abelian field. Then char(Fq) must be a primenumber. The characteristic of an infinite Abelian field is either a primenumber or it is zero. Moreover, if the characteristic of an Abelianfield F is zero then F must be infinite.

Proof. Consider any Abelian field F such that char(F) is finite.Let c = char(F) and suppose that there are k, ` ∈N+ \ {1} such

that c = k`. So k, ` < c and we havek∑

1 , 0 and∑̀i=1

1 , 0. On

the other hand, it is easy to see that( k∑i=1

1)(∑̀

k∑̀i=1

c∑i=1

1 = 0 . (1)

Field Integers IV

Since F is an Abelian field, we know that ab = 0 iff a = 0

or b = 0 (cf. Theorem 1.4, Assertion (2)). Therefore, we must

havek∑

1 = 0 or∑̀i=1

1 = 0, a contradiction.

Consequently, if the characteristic is finite then it must be prime.

If char(F) = 0 then F cannot be finite (cf. Remark (2)).

Corollary 4.1

Let Fq be any Abelian field. Then the field integers are closed undermultiplication.

Proof. The corollary is a direct consequence of Equation (1).

Field Integers IV

havek∑

1 = 0 or∑̀i=1

Corollary 4.1

Field Integers IV

havek∑

1 = 0 or∑̀i=1

Corollary 4.1

Field Integers V

Theorem 4.2

In every Abelian field F of characteristic p, where p ∈N+, the fieldintegers form a subfield of order p isomorphic to the field Zp.

Proof. We know that p must be prime (cf. Theorem 4.1). Let I be

the set of all field integers. Then we havem∑

1 +n∑

1 =m+n∑i=1

Since char(F) = p, we directly see that this is just additionmodulo p. In particular, the additive inverse of 0 < m < p

isp−m∑i=1

1. Hence, (I, +) is an Abelian group.

Claim 1. (I \ {0}, · ) is an Abelian group.

By Corollary 4.1 we know that the field integers are closedunder multiplication.

Field Integers V

Theorem 4.2

1 +n∑

1 =m+n∑i=1

isp−m∑i=1

Field Integers V

Theorem 4.2

1 +n∑

1 =m+n∑i=1

isp−m∑i=1

Field Integers VI

Hence, it suffices to show that every field integer m ∈ I \ {0}

possesses an inverse element with respect to multiplication.So let m ∈ I \ {0}, m < p, be any field integer. Since p is prime,we conclude that gcd(m, p) = 1. By Theorem 2.5 we know thatthere are x, y ∈ Z such that 1 = mx + py (in Z).

Consequently, in Fwe thus have

1 =( m∑

1)( x∑

+( p∑

1)( y∑

=( m∑

1)( x∑

sincep∑

1 = 0. Sox∑

1 is the multiplicative inverse ofm∑

Field Integers VI

Hence, it suffices to show that every field integer m ∈ I \ {0}

possesses an inverse element with respect to multiplication.So let m ∈ I \ {0}, m < p, be any field integer. Since p is prime,we conclude that gcd(m, p) = 1. By Theorem 2.5 we know thatthere are x, y ∈ Z such that 1 = mx + py (in Z).

Consequently, in Fwe thus have

1 =( m∑

1)( x∑

+( p∑

1)( y∑

=( m∑

1)( x∑

sincep∑

1 = 0. Sox∑

1 is the multiplicative inverse ofm∑

Field Integers VII

Furthermore, taking Theorem 2.8 and its proof into account, wesee that the modular inverse in the field Z∗

p is obtained in thesame way as above. Thus, it directly follows that (I \ {0}, · ) isan Abelian group isomorphic to Z∗

p and Claim 1 is shown.

Finally, since F is a field, it is clear that the distributive laws aresatisfied, too. Putting it all together, the theorem follows.

Next, we show that every Abelian field of characteristic p

inherits a considerable part of its structure from its subfieldformed by its field integers.

Field Integers VII

p and Claim 1 is shown.Finally, since F is a field, it is clear that the distributive laws aresatisfied, too. Putting it all together, the theorem follows.

Field Integers VII

p and Claim 1 is shown.Finally, since F is a field, it is clear that the distributive laws aresatisfied, too. Putting it all together, the theorem follows.

Algebraic Structure of Finite Fields I

Theorem 4.3

In every Abelian field F of characteristic p, p ∈N+, the equation

(x − a)p = xp − ap

is satisfied for all x, a ∈ F.

Proof. By the binomial theorem we have

(x − a)p =

p∑k=0

)xp−k(−a)k .

Taking into account that(p0

)= 1 and that

)≡ 0 mod p

for all 0 < k < p (cf. Theorem 4.2), the theorem follows (notethat in Z2 we have −1 = +1).

Algebraic Structure of Finite Fields I

Theorem 4.3

In every Abelian field F of characteristic p, p ∈N+, the equation

(x − a)p = xp − ap

is satisfied for all x, a ∈ F.

Proof. By the binomial theorem we have

(x − a)p =

p∑k=0

)xp−k(−a)k .

Taking into account that(p0

)= 1 and that

)≡ 0 mod p

for all 0 < k < p (cf. Theorem 4.2), the theorem follows (notethat in Z2 we have −1 = +1).

Algebraic Structure of Finite Fields II

Theorem 4.3 directly allows for the following corollaries:

Corollary 4.2

In every finite Abelian field F of characteristic p there does not existany element that has an order pk, where k ∈N+, k > 1.

Proof. Suppose the converse. Then there exists an element a ∈ F

such that apk = 1. Since ord(a) = pk, we know that ak , 1.Consequently, we have ak − 1 , 0. By Theorem 1.4,Assertion (2) we thus have (ak − 1)p , 0. On the other hand, byTheorem 4.3 we obtain (ak − 1)p = apk − 1p = 0, acontradiction.

In the following, we always asume that char(F) , 0.

Algebraic Structure of Finite Fields II

Theorem 4.3 directly allows for the following corollaries:

Corollary 4.2

In every finite Abelian field F of characteristic p there does not existany element that has an order pk, where k ∈N+, k > 1.

Proof. Suppose the converse. Then there exists an element a ∈ F

such that apk = 1. Since ord(a) = pk, we know that ak , 1.Consequently, we have ak − 1 , 0. By Theorem 1.4,Assertion (2) we thus have (ak − 1)p , 0. On the other hand, byTheorem 4.3 we obtain (ak − 1)p = apk − 1p = 0, acontradiction.

In the following, we always asume that char(F) , 0.

Algebraic Structure of Finite Fields III

Corollary 4.3

Let w1, . . . , wk be any elements of an Abelian field F of

characteristic p. Then we have( k∑

=( k∑

all n ∈N.

Proof. The proof is by induction. For k = 1 the assertion isobvious. So, let k = 2 and let us perform induction over n. Forthe induction basis, i.e., for n = 0, we have p0 = 1 and theequality is again obvious.

The induction step is from n to n + 1. Using the inductionhypothesis we directly obtain

(w1 + w2)pn+1=

((w1 + w2)pn

1 + wpn

Corollary 4.3

=( k∑

all n ∈N.

(w1 + w2)pn+1=

((w1 + w2)pn

1 + wpn

Corollary 4.3

=( k∑

all n ∈N.

(w1 + w2)pn+1=

((w1 + w2)pn

1 + wpn

Algebraic Structure of Finite Fields IV

Next, we apply Theorem 4.3 for x = wpn

1 and a = −wpn

2 .Consequently, we have(

1 + wpn

= wpn+1

1 + wpn+1

and the induction step is shown.

Next, we fix n and perform the induction step from k to k + 1.

Taking into account thatk∑

wi ∈ F we can apply the already

shown part. Then we use the induction hypothesis for k.Consequently, we obtain the following:

Algebraic Structure of Finite Fields IV

Next, we apply Theorem 4.3 for x = wpn

1 and a = −wpn

2 .Consequently, we have(

1 + wpn

= wpn+1

1 + wpn+1

and the induction step is shown.

Next, we fix n and perform the induction step from k to k + 1.

Taking into account thatk∑

wi ∈ F we can apply the already

shown part. Then we use the induction hypothesis for k.Consequently, we obtain the following:

Algebraic Structure of Finite Fields V

(k+1∑i=1

=( k∑

wi + wk+1

=( k∑

k∑i=1

i + wpn

k+1∑i=1

and the corollary is shown.

Furthermore, Corollary 4.3 implies the following special case ofFermat’s theorem:

Algebraic Structure of Finite Fields V

(k+1∑i=1

=( k∑

wi + wk+1

=( k∑

k∑i=1

i + wpn

k+1∑i=1

and the corollary is shown.

Furthermore, Corollary 4.3 implies the following special case ofFermat’s theorem:

Algebraic Structure of Finite Fields VI

Corollary 4.4

Let F be any Abelian field of characteristic p, and let k be any fieldinteger. Then we have kpn

= k for all n ∈N.

Proof. Since k is a field integer, we have k =k∑

1. Hence, by

Corollary 4.3 we directly obtain that

( k∑i=1

k∑i=1

1 = k .

Thus, the corollary is shown.

Algebraic Structure of Finite Fields VI

Corollary 4.4

Let F be any Abelian field of characteristic p, and let k be any fieldinteger. Then we have kpn

= k for all n ∈N.

Proof. Since k is a field integer, we have k =k∑

1. Hence, by

Corollary 4.3 we directly obtain that

( k∑i=1

k∑i=1

1 = k .

Thus, the corollary is shown.

Algebraic Structure of Finite Fields VII

Now, we are in a position to show the followingcharacterization of field integers:

Theorem 4.4

Let F be any Abelian field of characteristic p. Then for every a ∈ F wehave the following: The element a is a field integer in F iff it is asolution of the equation xp − x = 0.

Proof. Necessity. If a is field integer then by Corollary 4.4 wehave ap = a. Consequently, a is a solution of xp − x = 0.

Sufficiency. The polynomial xp − x = 0 has degree p. Thus, inaccordance with Theorem 3.5 we know that it has at most p

many zeros. Since there are p many field integers and sinceevery field integer is a zero of xp − x = 0, we are done.

Theorem 4.4

Algebraic Structure of Finite Fields VIII

Corollary 4.5

Let F be any Abelian field of characteristic p, and let w ∈ F be suchthat w is not a field integer. Then we have wp , w.

Nevertheless, wp is still closely related to w as the followingtheorem shows:

Theorem 4.5

Let F be any Abelian field of characteristic p, let f ∈ Zp[x], andlet w ∈ F be such that f(w) = 0. Then we have f

= 0 forall n ∈N.

Proof. Let deg(f) = d > 0 and f0, . . . , fd ∈ Zp be the coefficientsof f. Then we know that the fi, i = 0, . . . , d, are field integers.

Corollary 4.5

Theorem 4.5

= 0 forall n ∈N.

Corollary 4.5

Theorem 4.5

= 0 forall n ∈N.

Algebraic Structure of Finite Fields IX

By assumption we have f(w) = 0. Consequently, byCorollary 4.4 we know that f

i = fi for all i = 0, . . . , d.Therefore, Corollary 4.3 directly yields

0 =( d∑

fiwi)pn

d∑i=0

i wipn=

d∑i=0

i.e., we have f(wpn)

Looking at w, wp, wp2, wp3

, . . . we see that they form a subsetof the powers of w. Hence, the number of different elements ofthis form solely depends on the order of w.

Algebraic Structure of Finite Fields IX

By assumption we have f(w) = 0. Consequently, byCorollary 4.4 we know that f

i = fi for all i = 0, . . . , d.Therefore, Corollary 4.3 directly yields

0 =( d∑

fiwi)pn

d∑i=0

i wipn=

d∑i=0

i.e., we have f(wpn)

Looking at w, wp, wp2, wp3

, . . . we see that they form a subsetof the powers of w. Hence, the number of different elements ofthis form solely depends on the order of w.

Algebraic Structure of Finite Fields X

Theorem 4.6

Let F be any finite Abelian field F of characteristic p, let w ∈ F be anyelement of order n. Furthermore, let m be the order of p in Z∗

n. Thenwe have wpm

= w, and the m elements w, wp, wp2, . . . , wpm−1

arepairwise distinct.

Proof. By assumption, pm ≡ 1 mod n and ps . 1 mod n forall 0 < s < m. Furthermore, it holds that

wpk= wpi ⇐⇒ wpk−pi

= 1 ⇐⇒ pk − pi = ` · n⇐⇒ pk ≡ pi mod n ⇐⇒ pk−i ≡ 1 mod n ,

i.e., k − i must be a multiple of m.

Algebraic Structure of Finite Fields X

Theorem 4.6

Let F be any finite Abelian field F of characteristic p, let w ∈ F be anyelement of order n. Furthermore, let m be the order of p in Z∗

n. Thenwe have wpm

= w, and the m elements w, wp, wp2, . . . , wpm−1

arepairwise distinct.

Proof. By assumption, pm ≡ 1 mod n and ps . 1 mod n forall 0 < s < m. Furthermore, it holds that

wpk= wpi ⇐⇒ wpk−pi

= 1 ⇐⇒ pk − pi = ` · n⇐⇒ pk ≡ pi mod n ⇐⇒ pk−i ≡ 1 mod n ,

i.e., k − i must be a multiple of m.

Algebraic Structure of Finite Fields XI

Theorem 4.7

Let w be an element of order n in a finite Abelian field Fq ofcharacteristic p, and let m be the order of p in Z∗

n. Then the

coefficients of the mth degree polynomial f(x) =m−1∏i=0

(x − wpi

field integers. Furthermore, f is irreducible in Zp[x].

Proof. By assumption we have pm ≡ 1 mod n and wn = 1 (inthe field Fq). Thus, we see that wpm

= w = wp0. By

Theorem 4.3 we know that(x − wpi

)p= xp − wpi+1

forall i = 0, . . . ,m − 1. Consequently,

(f(x))p =

m−1∏i=0

(x − wpi

m−1∏i=0

(xp − wpi+1

Algebraic Structure of Finite Fields XI

Theorem 4.7

Let w be an element of order n in a finite Abelian field Fq ofcharacteristic p, and let m be the order of p in Z∗

n. Then the

coefficients of the mth degree polynomial f(x) =m−1∏i=0

(x − wpi

field integers. Furthermore, f is irreducible in Zp[x].

Proof. By assumption we have pm ≡ 1 mod n and wn = 1 (inthe field Fq). Thus, we see that wpm

= w = wp0. By

Theorem 4.3 we know that(x − wpi

)p= xp − wpi+1

forall i = 0, . . . ,m − 1. Consequently,

(f(x))p =

m−1∏i=0

(x − wpi

m−1∏i=0

(xp − wpi+1

Algebraic Structure of Finite Fields XII

Next, we manipulate the index of the product as follows:

m−1∏i=0

(xp − wpi+1

m∏i=1

(xp − wpi

m−1∏i=0

(xp − wpi

where in the last step we used xp − wpm= xp − w = xp − wp0

Thus, we conclude that (f(x))p = f(xp).

Writing f as f(x) =m∑

fixi we therefore obtain

(f(x))p =( m∑

fixi)p

m∑i=0

fpi xpi

where the last step is by Corollary 4.3.

Algebraic Structure of Finite Fields XII

Next, we manipulate the index of the product as follows:

m−1∏i=0

(xp − wpi+1

m∏i=1

(xp − wpi

m−1∏i=0

(xp − wpi

where in the last step we used xp − wpm= xp − w = xp − wp0

Thus, we conclude that (f(x))p = f(xp).

Writing f as f(x) =m∑

fixi we therefore obtain

(f(x))p =( m∑

fixi)p

m∑i=0

fpi xpi

where the last step is by Corollary 4.3.

Algebraic Structure of Finite Fields XIII

Furthermore, f(xp) =m∑

fpi xpi

, and as shown above

(f(x))p = f(xp). Consequently, we see that fpi = fi must hold

(cf. our definition of equality for polynomials). By Theorem 4.4we see that fi must be a field integer for all i = 0, . . . ,m.

It remains to show that f is irreducible in Zp[x]. Note that f ismonic. Suppose the converse. Then there are monicpolynomials g, h ∈ Zp[x] such that f(x) = g(x)h(x).

If g(w) = 0 and if all coefficients of g are field integer then wealso have g (wp) = 0, . . . , g

(wpm−1

)= 0 (cf. Theorem 4.5).

Hence, Theorem 4.6 implies deg(g) = m, and so f = g.Analogously one sees that h(w) = 0 implies f = h.Consequently, the polynomial f is irreducible in Zp[x].

Algebraic Structure of Finite Fields XIII

Furthermore, f(xp) =m∑

fpi xpi

, and as shown above

(f(x))p = f(xp). Consequently, we see that fpi = fi must hold

(cf. our definition of equality for polynomials). By Theorem 4.4we see that fi must be a field integer for all i = 0, . . . ,m.

It remains to show that f is irreducible in Zp[x]. Note that f ismonic. Suppose the converse. Then there are monicpolynomials g, h ∈ Zp[x] such that f(x) = g(x)h(x).

If g(w) = 0 and if all coefficients of g are field integer then wealso have g (wp) = 0, . . . , g

(wpm−1

)= 0 (cf. Theorem 4.5).

Hence, Theorem 4.6 implies deg(g) = m, and so f = g.Analogously one sees that h(w) = 0 implies f = h.Consequently, the polynomial f is irreducible in Zp[x].

Algebraic Structure of Finite Fields XIV

Remarks. Since all polynomials over the field integers forwhich w is a root must also have wp, wp2

, . . . , wpm−1as roots,

we conclude that all such polynomials are multiples of the

polynomial f(x) =m−1∏i=0

(x − wpi

We call f the minimal polynomial of w, and its degree m is said tobe the degree of w. Since all the elements wp, wp2

, . . . , wpm−1

must have the same minimal polynomial as w, we call theseelements the conjugates of w.

Compare this to the complex numbers i and −i which are alsosaid to be conjugates. These complex numbers are the rootsof x2 + 1. The set of all complex numbers is then the set of alllinear combinations a + bi, where a, b ∈ R. They are added asvectors, i.e., (a + bi) + (c + di) = (a + c) + (b + d)i, andmultiplied as polynomials in i modulo i2 + 1; i.e., we have

(x − wpi

, . . . , wpm−1

(x − wpi

, . . . , wpm−1

Algebraic Structure of Finite Fields XV

(a + bi)(c + di) = (ac − bd) + (ad + bc)i, since i2 : (i2 + 1) hasremainder −1.

Since the minimal polynomial of w is an irreducible polynomialof degree m over the field integers, the pm polynomials in w ofdegree less than m over the field integers are all different. Theyform a field.

Theorem 4.8

If w is a field element of degree m in a finite Abelian field Fq ofcharacteristic p then the polynomials over the field integers of Fq ofdegree less than m in w form a subfield of Fq that has order pm.

Proof. First, the pm polynomials in w of degree less than m overthe field integers are all distinct. This can be seen as follows:

Theorem 4.8

Algebraic Structure of Finite Fields XVISuppose that two of these polynomials are equal. Then w

would be a root of their difference. But the difference is apolynomial of degree less than m, a contradiction to theassumption that the degree of w is m.

The sum of two polynomials of degree less than m in w is againa polynomial of degree less than m in w. The product of twopolynomials of degree less than m in w is a polynomial in w

which can be reduced modulo the minimal polynomial of w,i.e., the product is also a polynomial of degree less than m in w.The multiplicative inverse of a polynomial h of degree less thanm in w can be found by using the ECL for h and the minimalpolynomial of w. Since the minimal polynomial f of w isirreducible, we have gcd(h, f) = 1. By Bézout’s lemma thereare u, v such that 1 = h(x)u(x) + f(x)v(x). Consequently, wehave h(x)u(x) ≡ 1 mod f(x), and u(w) is the multiplicativeinverse of h(w).

would be a root of their difference. But the difference is apolynomial of degree less than m, a contradiction to theassumption that the degree of w is m.The sum of two polynomials of degree less than m in w is againa polynomial of degree less than m in w. The product of twopolynomials of degree less than m in w is a polynomial in w

which can be reduced modulo the minimal polynomial of w,i.e., the product is also a polynomial of degree less than m in w.

The multiplicative inverse of a polynomial h of degree less thanm in w can be found by using the ECL for h and the minimalpolynomial of w. Since the minimal polynomial f of w isirreducible, we have gcd(h, f) = 1. By Bézout’s lemma thereare u, v such that 1 = h(x)u(x) + f(x)v(x). Consequently, wehave h(x)u(x) ≡ 1 mod f(x), and u(w) is the multiplicativeinverse of h(w).

would be a root of their difference. But the difference is apolynomial of degree less than m, a contradiction to theassumption that the degree of w is m.The sum of two polynomials of degree less than m in w is againa polynomial of degree less than m in w. The product of twopolynomials of degree less than m in w is a polynomial in w

which can be reduced modulo the minimal polynomial of w,i.e., the product is also a polynomial of degree less than m in w.The multiplicative inverse of a polynomial h of degree less thanm in w can be found by using the ECL for h and the minimalpolynomial of w. Since the minimal polynomial f of w isirreducible, we have gcd(h, f) = 1. By Bézout’s lemma thereare u, v such that 1 = h(x)u(x) + f(x)v(x). Consequently, wehave h(x)u(x) ≡ 1 mod f(x), and u(w) is the multiplicativeinverse of h(w).

Algebraic Structure of Finite Fields XVII

Note that every element a of this subfield can be written

as a =m−1∑i=0

aiwi, where ai ∈ Zp.

We show that every finite Abelian field must be of this type.

Theorem 4.9

The order of every finite Abelian field is a power of its characteristic.

Proof. Let Fq be any finite Abelian field, and let p = char(Fq).By Theorem 3.6 we know that F∗q has a generator g such thatord(g) = q − 1. The number of conjugates of g is equal to themultiplicative order, say m, of p modulo q − 1. Since(q − 1)|(pm − 1), we conclude that q − 1 6 pm − 1, i.e., wehave q 6 pm.

as a =m−1∑i=0

Theorem 4.9

as a =m−1∑i=0

Theorem 4.9

Algebraic Structure of Finite Fields XVIII

Finally, the degree of g is equal to m (cf. Theorem 4.7).Consequently, as shown above, we know that the pm

polynomials of degree less than m are all distinct. Therefore,we also have pm 6 q, and thus we conclude q = pm.

Remarks. We have shown that there is a finite Abelian field Fq

if and only if q = pm, where p is a prime and m ∈N+.However, we still have to prove that the finite field Fq isuniquely determined (up to isomorphism).Furthermore, we also obtained a method to construct a finitefield Fq. That is, one starts from Zp and has to find anirreducible polynomial of degree m over Zp. We exemplify themethod below.

Algebraic Structure of Finite Fields XVIII

Finally, the degree of g is equal to m (cf. Theorem 4.7).Consequently, as shown above, we know that the pm

polynomials of degree less than m are all distinct. Therefore,we also have pm 6 q, and thus we conclude q = pm.

Remarks. We have shown that there is a finite Abelian field Fq

if and only if q = pm, where p is a prime and m ∈N+.However, we still have to prove that the finite field Fq isuniquely determined (up to isomorphism).Furthermore, we also obtained a method to construct a finitefield Fq. That is, one starts from Zp and has to find anirreducible polynomial of degree m over Zp. We exemplify themethod below.

Example

Example 4.1.We want to construct a finite field having 9 elements. Since9 = 32, we need a polynomial f of degree 2 which is irreducibleover Z3. For that purpose we can take f(x) =df x2 − x + 2

which is irreducible over Z3, since we have f(0) ≡ 2 mod 3,f(1) ≡ 2 mod 3, and f(2) ≡ 1 mod 3. Now, the elements of F9

can be expressed as aϑ + b, where a, b ∈ Z3, using an elementϑ satisfying ϑ2 − ϑ + 2 = 0.

That is, we obtain the 9 elements:0, 1, 2, ϑ, 2ϑ, ϑ + 1, ϑ + 2, 2ϑ + 1, and 2ϑ + 2. Thecomputation with these elements is performed in the same wayas computations with polynomials mod ϑ2 − ϑ + 2 therebyreducing the coefficients modulo 3.

Example

Example 4.1.We want to construct a finite field having 9 elements. Since9 = 32, we need a polynomial f of degree 2 which is irreducibleover Z3. For that purpose we can take f(x) =df x2 − x + 2

which is irreducible over Z3, since we have f(0) ≡ 2 mod 3,f(1) ≡ 2 mod 3, and f(2) ≡ 1 mod 3. Now, the elements of F9

can be expressed as aϑ + b, where a, b ∈ Z3, using an elementϑ satisfying ϑ2 − ϑ + 2 = 0.

That is, we obtain the 9 elements:0, 1, 2, ϑ, 2ϑ, ϑ + 1, ϑ + 2, 2ϑ + 1, and 2ϑ + 2. Thecomputation with these elements is performed in the same wayas computations with polynomials mod ϑ2 − ϑ + 2 therebyreducing the coefficients modulo 3.

Example cont.

Thus, we obtain the following multiplication table:

· 1 2 ϑ 2ϑ ϑ+1 ϑ+2 2ϑ+1 2ϑ+2

1 1 2 ϑ 2ϑ ϑ+1 ϑ+2 2ϑ+1 2ϑ+2

2 2 1 2ϑ ϑ 2ϑ+2 2ϑ+1 ϑ+2 ϑ+1

ϑ ϑ 2ϑ ϑ+1 2ϑ+2 2ϑ+1 1 2 ϑ+2

2ϑ 2ϑ ϑ 2ϑ+2 ϑ+1 ϑ+2 2 1 2ϑ+1

ϑ+1 ϑ+1 2ϑ+2 2ϑ+1 ϑ+2 2 ϑ 2ϑ 1

ϑ+2 ϑ+2 2ϑ+1 1 2 ϑ 2ϑ+2 ϑ+1 2ϑ

2ϑ+1 2ϑ+1 ϑ+2 2 1 2ϑ ϑ+1 2ϑ+2 ϑ

2ϑ+2 2ϑ+2 ϑ+1 ϑ+2 2ϑ+1 1 2ϑ ϑ 2

Example cont.

As an example, we provide the computation of the entry in row2ϑ + 2 and column 2ϑ + 1. We multiply the polynomials 2ϑ + 2

and 2ϑ + 1, reduce the result modulo ϑ2 − ϑ + 2, and thecoefficients modulo 3. Thus, we obtain:

(2ϑ + 2)(2ϑ + 1) = 4ϑ2 + 2ϑ + 4ϑ + 2

= ϑ2 + 2 ,

and(ϑ2 + 2) : (ϑ2 − ϑ + 2) = 1

−(ϑ2 − ϑ + 2)

Thus, the remainder is ϑ as already displayed in themultiplication table.

Example cont.

As an example, we provide the computation of the entry in row2ϑ + 2 and column 2ϑ + 1. We multiply the polynomials 2ϑ + 2

and 2ϑ + 1, reduce the result modulo ϑ2 − ϑ + 2, and thecoefficients modulo 3. Thus, we obtain:

(2ϑ + 2)(2ϑ + 1) = 4ϑ2 + 2ϑ + 4ϑ + 2

= ϑ2 + 2 ,

and(ϑ2 + 2) : (ϑ2 − ϑ + 2) = 1

−(ϑ2 − ϑ + 2)

Thus, the remainder is ϑ as already displayed in themultiplication table.

Exercises

Exercise 1. Find an irreducible polynomial of degree 2 over Z7.

Exercise 2. Find out whether or not there is a finite field having 8

elements. In case your answer is affirmative, construct such a finitefield.

Exercise 3. Find out whether or not there is a finite field having 27,36, 51, and 2401 elements, respectively. Justify your answer.

Thank you!

Pierre de Fermat

theory and practice of algorithmsthomas/tpa/slides/tap-lect04.pdf · having p many elements (up to...

Documents