Finite Fields: Motivation: EE 387, John Gill, Stanford University Notes #4, October 22, Handout #11

EE 387, John Gill, Stanford University Notes #4, October 22, Handout #11
Finite elds: motivation

Algebraic block codes treat each channel symbol as an element of a nite eld.
A linear encoder multiplies symbols by constants and accumulates the products to
generate each codeword symbol.
Syndrome computations also use multiply-accumulates.
The only knowledge about elds needed for error detection is that elements can be
multiplied and added.
We need to learn more about the structure of elds in order to
design good codes
build ecient implementations of eld arithmetic units
develop decoders for codes based on polynomials (cyclic codes)
In the following notes we dissect nite elds.
EE 387 Notes #4, Page 1
Finite elds: executive summary
A nite eld with q elements is called GF(q).
1
If p is a prime number, then GF(p) = integers with arithmetic modulo p.
Every nite eld is the vector space GF(q) = GF(p
m
) of m-tuples over GF(p).
Addition is componentwise addition modulo p.
Multiplication is polynomial multiplication modulo a prime polynomial.
Every nonzero element of GF(q) has multiplicative order that divides q 1.
The multiplicative group of GF(q) is cyclic: every nonzero element is
i
, where
is a primitive element and 0 i q 2 .
Multiplication and division can be done by adding or subtracting logarithms.
x
q1
1 =
GF(q){0}
(x ) =
(x) where f
(x) are prime polynomials

whose degrees are divisors of m, the dimension of GF(q).
1
GF = Galois eld. Evariste Galois (18111832) was a much better mathematician than marksman.
Field characteristic
The characteristic of a eld is the least positive number of 1s that adds to 0.
2
Theorem: The characteristic of a nite eld is a prime number.
Proof : By contradiction. Let the rs be smallest positive number of ones that adds
to zero where r > 1 and s > 1. By associative law for addition,
1 + + 1
. .
rs
= 1 + + 1
. .
r
+1 + + 1
. .
r
+ + 1 + + 1
. .
r
. .
s
= r + + r
. .
s
where r denotes the sum of r ones. Now use the distributive law:
rs = r + + r
. .
s
= r(1 + + 1
. .
s
) = 0 .
But r = 0, so rs = 0 implies that s = 0, i.e.,
1 + + 1
. .
s
= s = 0 .
In other words, a sum of s ones equals zero, which contradicts assumption that rs
is smallest sum of ones that equals 0.
2
If no sum of ones is zero, the eld is said to have characteristic 0.
Field integers
In any eld, the additive subgroup generated by 1 is called the eld integers.
In a nite eld F of characteristic p, the eld integers are
{ 0, 1, 1 + 1, 1 + 1 + 1, . . . , 1 + + 1
. .
p1
}
Arithmetic is the same as the integer arithmetic modulo p, since any sum of a
multiple of p ones is 0. The eld integers are also closed under division, since every
nonzero eld integer has a reciprocal modulo p.
Therefore the eld integers are a subeld of F. They form the smallest subeld
because every eld must contain 1 and all of its sums and products.
Every eld F is a vector space over the subeld GF(p) of its eld integers.
Thus if m is the dimension of F over GF(p), then F has p
m
elements.
Theorem: A nite eld of characteristic p has p
m
elements.
A eld of characteristic zero is innite. Its eld integers behave like normal integers, and rational numbers ratios of
eld integers are the smallest subeld.
Finite eld arithmetic
Let F be a nite eld of characteristic p. Then F is a vector space over GF(p).
Elements of F have coordinate representations as m-tuples over GF(p). Choose an
arbitrary basis.
Addition is easy. If a = (a
0
, . . . , a
m1
) and b = (b
0
, . . . , b
m1
) then the sum
a + b = (a
0
+ b
0
, . . . , a
m1
+ b
m1
) .
just adds components in GF(p). Multiplication is harder. For example,
(1, 0, . . . , 0) (1, 0, . . . , 0) = (m
00
0
, m
00
1
, . . . , m
00
m1
)
where m
00
i
is the i-th coordinate of product of rst unit vector with itself.
A complete description of multiplication might require m
3
scalar components, m
jk
i
,
where m
jk
i
is the i-th cooordinate of the product of unit vectors e
j
and e
k
.
A good basis for F over GF(p) greatly simplies multiplication:
basis = {1, , . . . ,
m1
}
i

j
=
i+j
(0 i, j m1)
The rst 2m1 powers 1, ,
2
, . . . ,
2m2
determine multiplication in F.
Finite eld: GF(4)
Let GF(4) = {0, 1, , }, where 0, 1 are additive and multiplicative identities.
The eld axioms allow only these operation tables:
+ 0 1
0 0 1
1 1 0
0 1
1 0
0 1
0 0 0 0 0
1 0 1
0 1
0 1
Every nonzero element in the additive group has order 2, i.e., is its own inverse.
The multiplicative group of size 3 must be cyclic because 3 is prime.
Both and are generators.
Note: and are indistinguishable; exchanging these two elements yields exactly
the same operation tables.
It is not obvious that the distributive law is satised by these operations.
To understand operation tables, we need a dierent interpretation.
GF(4) (continued)
A better way to dene GF(4): the (binary) polynomials over GF(2) modulo some
prime polynomial over GF(2) of degree 2.
The only prime polynomial of degree 2 over GF(2) is x
2
+ x + 1.
x
2
= x x, x
2
+ x = x(x + 1) , x
2
+ 1 = (x + 1)
2
Therefore GF(4) = {0, 1, x, x+1} with arithmetic modulo x
2
+ x + 1.
Operation tables for GF(4) using this polynomial representation:
+ 0 1 x x+1
0 0 1 x x+1
1 1 0 x+1 x
x x x+1 0 1
x+1 x+1 x 1 0
0 1 x x+1
0 0 0 0 0
1 0 1 x x+1
x 0 x x+1 1
x+1 0 x+1 1 x
Substituting x , x + 1 , we obtain the operation tables of last page.
GF(4) (continued)
Arithmetic modulo x
2
+ x + 1 is equivalent to replacing all occurrences
of x
2
+ x + 1 by 0. In particular, over GF(2)
x
2
+ x + 1 = 0 x
2
= x + 1 .
Thus x
2
and all higher powers of x modulo x
2
+ x + 1 can be replaced by a
polynomial of degree 1. Every nonzero element of GF(4) is a power of x:
GF(4) = {0, 1, x, x
2
= x + 1} .
In other words, x is a primitive element.
Denition: A primitive element of a nite eld is any that is a generator of the
mulitiplicative group of the eld.
It is easier to understand GF(4) if we replace the indeterminant x by . Then
every element in GF(4) is a linear combination of the basis vectors, 1 and :
GF(4) = {0, 1, , + 1} .
Therefore multiplication in GF(4) is determined by the products of 1 and .
GF(4) (concluded)
Products of the basis vectors dene multiplication (a bilinear function):
1
1 1
+ 1
0 1 +1
0 0 0 0 0
1 0 1 +1
0 +1 1
+1 0 +1 1
Binary polynomials in of degree < 2 (i.e., 1) can be represented by bit vectors
(lsb rst):
a
0
+ a
1
= (a
0
, a
1
)
Multiplication table for GF(4) in binary (lsb rst) and 4-ary:
00 10 01 11
00 00 00 00 00
10 00 10 01 11
01 00 01 11 10
11 00 11 10 01
0 1 2 3
0 0 0 0 0
1 0 1 2 3
2 0 2 3 1
3 0 3 1 2
Note: in above tables, 2 and 3 .
Finite eld arithmetic: GF(8)
To dene GF(8) we need a prime polynomial f(x) over GF(2) of degree 3.
Constant coecient f
0
must be 1, otherwise f(x) is divisible by x.
Parity of coecients must be odd; otherwise x 1 is a factor, since
(x 1) | f(x) f(1) = 0 f
0
f
1
f
2
f
3
= 0 .
Of the 8 monic polynomials of degree 3, two satisfy the above requirements:
x
3
+ x + 1 and x
3
+ x
2
+ 1
Both are prime because they have no factors of degree 1 (i.e., x or x + 1).
Either can be used to dene arithmetic in GF(8). Arithmetic tables are slightly
simpler if we use x
3
+ x + 1.
When GF(8) = binary polynomials modulo x
3
+ x + 1, the key equation is
3
+ + 1 = 0
3
= + 1 ,
where the element is the polynomial x.
Powers in GF(8)
Powers of can be computed using the equation
3
+ + 1 = 0
3
= + 1
In table below, 3-bit representations of eld elements have the lsb rst.
i
i
0 100 1 1
1 010 2
2 001 4
2
3 110 3
3
= + 1
4 011 6
2
+
5 111 7
3
+
2
=
2
+ + 1
6 101 5
3
+
2
+ =
2
+ 1
7 100 1
3
+ = 1
Every nonzero element of GF(8) is a power of ; i.e., is a primitive element.
Every element of GF(8) is a binary linear combination of {1, ,
2
}.
Basis for GF(8)
GF(8) can be represented as binary linear combinations of {1, ,
2
}.
The set {1, ,
2
} is linearly independent over GF(2) because any linear
dependence
f
0
1 + f
1
+ f
2

2
= 0
would correspondend to a quadratic polynomial f(x) over GF(2) such that
f() = 0. But the minimal polynomial of is x
3
+ x + 1.
GF(8) consists of the 8 linear combinations of these basis vectors.
The multiplication table is determined by the products of the basis vectors:
i

j
=
i+j
(0 i, j 2) or
i
(i = 0, . . . , 4)
Multiplication is associative and distributes over addition because it is derived from
polynomial multiplication modulo x
3
+ x + 1
Multiplication is invertible because the dening polynomial x
3
+ x + 1 is prime.
Reciprocals can be found from the table of powers of , since
i
=
7i
.
GF(8) operation tables
Elements of GF(8) can be represented by octal digits 0, . . . , 7:
1 = 100 = 1, = 010 = 2,
2
= 001 = 4,
3
= 110 = 3, . . . (lsb rst)
Operation tables for GF(8):
+ 0 1 2 3 4 5 6 7
0 0 1 2 3 4 5 6 7
1 1 0 3 2 5 4 7 6
2 2 3 0 1 6 7 4 5
3 3 2 1 0 7 6 5 4
4 4 5 6 7 0 1 2 3
5 5 4 7 6 1 0 3 2
6 6 7 4 5 2 3 0 1
7 7 6 5 4 3 2 1 0
0 1 2 3 4 5 6 7
0 0 0 0 0 0 0 0 0
1 0 1 2 3 4 5 6 7
2 0 2 4 6 3 1 7 5
3 0 3 6 5 7 4 1 2
4 0 4 3 7 6 2 5 1
5 0 5 1 4 2 7 3 6
6 0 6 7 1 5 3 2 4
7 0 7 5 2 1 6 4 3
Multiplication is determined by 2 4 = 3
2
=
3
= + 1.
Important: the symbols 0, 1, . . . , 7 for elements of GF(8) are just abbreviations for
the 3-bit vector representations. Elements of GF(8) do not behave like integers.
The smallest nonbinary eld of dimension > 1 is GF(3
2
) = GF(9).
GF(9) can be dened by any quadratic prime polynomial over GF(3).
There are three prime quadratic polynomials over GF(3):
x
2
+ 1 , x
2
+ x + 2 , x
2
+ 2x + 2
These are prime because 0, 1, 2 are not zeroes, hence no linear factors.
GF(9) could be dened using x
2
+ 1.
If
2
+ 1 = 0 then is a square root of 1, an imaginary element with
properties similar to i in the complex numbers.
But is not primitive since
4
= (
2
)
2
= (1)
2
= 1 .
The other two polynomials are primitive polynomials. Their zeroes are primitive
elements, whose powers generate the nonzero elements of GF(9).
Powers in GF(9)
Let be a zero of x
2
+ 2x + 2. Then
2
+ 2 + 2 = 0
2
= 2 2
2
= + 1 .
(Same equation was used for GF(4), but here scalar arithmetic is modulo 3.)
Powers of computed using dening equation:
i
i
0 10 1
1 01
2 11
2
= + 1
3 12
2
+ = 2 + 1
4 20 2
2
+ = 3 + 2 = 2
5 02 2
6 22 2
2
= 2 + 2
7 12 2
2
+ 2 = 4 + 2 = + 2
8 10
2
+ 2 = 3 + 1 = 1
As expected,
8
= 1. The (multiplicative) order of is 8.
GF(9) multiplication and division
Product of elements a = a
0
+ a
1
and b = b
0
+ b
1
of GF(9):
(a
0
+ a
1
)(b
0
+ b
1
) = a
0
b
0
+ (a
0
b
1
+ a
1
b
0
) + a
1
b
1
2
= a
0
b
0
+ (a
0
b
1
+ a
1
b
0
) + (
1
b
1
+ a
1
b
1
)
= (a
0
b
0
+ a
1
b
1
) + (a
0
b
1
+ a
1
b
0
+ a
1
b
1
)
(Same equations as GF(4), but multiplications and additions are modulo 3.)
(a
0
, a
1
) (b
0
, b
1
) = (a
0
b
0
+ a
1
b
1
, a
0
b
1
+ a
1
b
0
+ a
1
b
1
)
Exercise: nd formula for reciprocal (a
0
+ a
1
)
1
= (b
0
+ b
1
).
Hint: one of several approaches is to solve
a
0
b
0
+ a
1
b
1
= 1
a
1
b
0
+ (a
0
+ a
1
)b
1
= 0
for the coecients (b
0
, b
1
) of the reciprocal of (a
0
, a
1
).
There are three prime polynomials over GF(2) of degree 4:
x
4
+ x + 1 , x
4
+ x
3
+ 1 , x
4
+ x
3
+ x
2
+ x + 1
Simplest is x
4
+ x + 1. Let satisfy
4
+ + 1 = 0
4
= + 1
Powers of can be used as columns of a systematic parity-check matrix.
H =
_
_
1 0 0 0 1 0 0 1 1 0 1 0 1 1 1
0 1 0 0 1 1 0 1 0 1 1 1 1 0 0
0 0 1 0 0 1 1 0 1 0 1 1 1 1 0
0 0 0 1 0 0 1 1 0 1 0 1 1 1 1
_
_
GF(16): Using
4
= + 1, the components of y = a b are:
y
0
= a
0
b
0
+ a
1
b
3
+ a
2
b
2
+ a
3
b
1
y
1
= a
0
b
1
+ a
1
b
0
+ a
1
b
3
+ a
2
b
2
+ a
3
b
1
+ a
2
b
3
+ a
3
b
2
y
2
= a
0
b
2
+ a
1
b
1
+ a
2
b
0
+ a
2
b
3
+ a
3
b
2
+ a
3
b
3
y
3
= a
0
b
3
+ a
1
b
2
+ a
2
b
1
+ a
3
b
0
+ a
3
b
3
Fundamental Theorem of Algebra
Lemma: Let f(x) be a polynomial over GF(q) GF(Q). An element of GF(Q)
is a zero of f(x) if and only if x is a divisor of f(x) over GF(Q).
Proof : By the division algorithm,
f(x) = q(x)(x ) + r(x) , where deg r(x) < deg(x ) = 1
Thus deg r(x) 0, so r(x) is a constant polynomial, r(x) = r
0
. Therefore
r
0
= r() = f() q()( ) = f() ,
hence f(x) is a multiple of x if and only if f() = 0.
Lemma: Every polynomial f(x) of degree n over a eld has at most n zeroes.
Proof : Each zero of f(x) corresponds to a linear factor of f(x). Because
deg f(x) = n, there are at most n linear factors, hence at most n distinct zeroes.
Blahut (Theorem 4.3.9) calls this the Fundamental Theorem of Algebra. Gausss FTA: every polynomial equation with
complex coecients and degree 1 has at least one complex root.
Examples of factors and zeroes
Example: Polynomials of degree 2 over GF(2):
x
2
= x x, x
2
+ 1 = (x + 1)(x + 1) , x
2
+ x = x(x + 1) , x
2
+ x + 1
The only prime polynomial over GF(2) of degree 2 has zeroes in GF(4) = {0, 1, , }.
(x + )(x + ) = x
2
+ ( + )x + = x
2
+ x + 1 .
Whether a polynomial is prime depends on what coecients are allowed in factors.
Example: GF(2
4
) can be represented as polynomials in of degree < 4, where
is a zero of the prime (over GF(2)) polynomial x
4
+ x + 1.
Therefore x + is a factor of x
4
+ x + 1 over GF(2
4
).
Another zero is a
2
:
x
4
+ x + 1
2
= (
2
)
4
+
2
+ 1 = (
4
+ + 1)
2
= 0
2
= 0 .
Similarly,
4
= (
2
)
2
and
8
= (
4
)
2
are zeroes. Over GF(16) we can factor
x
4
+ x + 1 = (x + )(x +
2
)(x +
4
)(x +
8
) .
GF(Q) consists of zeroes of x
Q
x
The order of the multiplicative group of GF(Q) is Q1.
Let e be the order of of GF(Q). By Lagranges theorem, e | (Q1), so
Q1
=
e(Q1)/e
= (
e
)
(Q1)/e
= 1
(Q1)/e
= 1 .
This shows that every nonzero element of GF(Q) is a zero of x
Q1
1.
The special case of 0 requires one more factor, x 0, which yields
x(x
Q1
1) = x
Q
x.
This polynomial has at most Q zeroes. Therefore GF(Q) = zeroes of x
Q
x.
Similarly, for any subeld, GF(q) = zeroes of x
q
x. We obtain factorizations
over GF(Q).
x
Q
x =
GF(Q)
(x ) , x
q
x =
GF(q)
(x )
x
Q
x = x(x
Q1
1) = x(x
q1
1)(x
Q1(q1)
+ + x
q1
+ 1)
The last equation holds because (q 1) | (Q1).
Primitive elements
Fact: The multiplicative group of the nite eld GF(q) is cyclic of order q 1.
The proof uses a lemma about groups: if for every divisor d of the order of a group
there are at most d elements of order dividing d, then the group is cyclic.
Denition: A primitive element of GF(q) is a generator of the multiplicative group.
Let be a primitive element of GF(q). All primitive elements are
i
where
gcd(i, q 1) = 1.
1 = ai + b(q 1) =
ai+b(q1)
=
ai
= (
i
)
a
.
Conversely, if gcd(i, q 1) = d > 1 then the order of
i
is (q 1)/d < q 1 .
If q 1 is prime then there are q 2 primitive elements. (This is possible only
for q = 3 and for q = 2
m
with m odd.)
GF(4), GF(8), GF(16), GF(32) have respectively 2, 6, 8, 30 primitive elements
In general, GF(q) has (q 1) primitive elements.
Euler phi function: review
The Euler phi function (n) is the number of integers between 0 and n that are
relatively prime to n.
We can nd a formula for (n) in terms of its factorization n = p
e
1
1
p
e
2
2
p
e
t
t
:
if p is prime then (p) = p 1 (1, 2, . . . , p 1 are coprime to p)
if p is prime then (p
e
) = p
e
p
e1
(only multiples of p are not coprime).
(n) is a multiplicative function; i.e., if gcd(r, s) = 1 then (rs) = (r)(s).
Combining these facts, we obtain the nal formula:
(n) =
_
_
p 1 if n = p is a prime
(p1)p
e1
=
_
1
1
p
_
p
e
if n = p
e
is power of prime
(p
e
1
1
p
e
2
2
. . . p
e
t
t
) =
t
i=1
(p
i
1)p
e
i
1
i
in general
Minimal polynomials (1)
Let GF(Q) and GF(q) GF(Q).
Denition: The minimal polynomial over GF(q) of is the monic polynomial f(x)
over GF(q) of smallest degree such that f() = 0.
Example: GF(4) = {0, 1, , }. Minimal polynomials over GF(2):
0 x, 1 x + 1 , , x
2
+ x + 1
Theorem: Suppose GF(q) GF(Q) where Q = q
m
.
1. Every in GF(Q) has a minimal polynomial over GF(q) of degree m.
2. The minimal polynomial is unique.
3. The minimal polynomial is prime over GF(q) .
4. If g(x) is any polynomial over GF(q) such that g() = 0 then f(x) | g(x).
Every in GF(Q) is a zero of x
Q
x, whose coecients (1, 0, 1) belong to GF(q).
So the minimal polynomial exists and has degree Q.
Proof :
1. GF(Q) is a vector space over GF(q) of dimension m.
Therefore any set of m + 1 elements is linearly dependent over GF(q).
In particular, consider the rst m + 1 powers of : {1, ,
2
, . . . ,
m
}.
There exist m + 1 scalars f
0
, f
1
, . . . , f
m
in GF(q), not all 0, such that
f
0
1 + f
1
+ + f
m

m
= 0 = f() .
In other words, is a zero of
f(x) = f
0
+ f
1
x + + f
m
x
m
,
a nonzero polynomial over GF(q) of degree m.
Therefore the minimal polynomial of has degree m.
2. If f
1
(x) and f
2
(x) are distinct minimal polynomials of the same degree, then
f(x) = f
1
(x) f
2
(x)
would be a nonzero polynomial of smaller degree. Since f() = 0, we would
have a contradiction.
3. If f(x) = f
1
(x)f
2
(x) has proper divisors, then
f() = f
1
()f
2
() = 0 f
1
() = 0 or f
2
() = 0 ,
contradicting the minimality of f(x).
4. By the division algorithm,
g(x) = q(x)f(x) + r(x) , where deg r(x) < deg f(x) .
If g() = 0 then
r() = g() q()f() = 0 .
If r(x) = 0 then f(x) is not minimal. Thus r(x) = 0 f(x) | g(x).
Part 4 means that minimal polynomials are minimal in a stronger sense than smallest degree.
Note that part 2 follows from part 4.
Primitive elements and polynomials
Let be a primitive element of GF(Q), and let GF(q) be a subeld of GF(Q).
Let f(x) be the minimal polynomial over GF(q) of , and let m = deg f(x).
Every nonzero element of GF(Q) is a power of :
GF(Q) = {1, ,
2
, . . . ,
Q2
}
Every element of GF(Q) is a polynomial in of degree m1:
= b
0
+ b
1
+ b
2
2
+ + b
m1
m1
Multiplication of a polynomial in by uses the equation f() = 0:
(b
0
+ b
1
+ + b
m1
m1
) =
b
0
+ b
1
2
+ + b
m2
m1
b
m1
(f
0
+ + f
m1
m1
)
A primitive polynomial is the minimal polynomial of a primitive element.
An equivalent denition: f(x) over GF(q) of degree m is primitive if the order
of f(x) is q
m
1; i.e., the smallest n such that x
n
= 1 mod f(x) is n = q
m
1.
Conjugates
Denition: The conjugates over GF(q) of are the zeroes of the minimal
polynomial over GF(q) of (including itself).
Example: GF(4) = {0, 1, , }. Then and = + 1 are conjugates since
(x + )(x + ) = x
2
+ ( + )x + = x
2
+ x + 1 .
Example: GF(8) = {0, 1, , +1,
2
, . . . , 1++
2
}, where
3
= + 1.
The minimal polynomial of is f(x) = x
3
+ x + 1. Another zero of f(x) is
2
:
f(
2
) = (
2
)
3
+
2
+ 1 = (
3
+ + 1)
2
= 0
So
2
and
4
= +
2
are conjugates of , which gives the factorization:
x
3
+ x + 1 = (x + )(x +
2
)(x +
4
) = (x +
0
1
0
)(x +
0
0
1
)(x +
0
1
1
)
(The 3-tuple representations of
i
have lsb in the rst row.)
Conjugates are algebraically indistinguishable. E.g., the complex number +i has coordinates (0, 1) only by convention.
Binomial coecients and prime numbers
Lemma: If p is prime and 0 < k < p then p is a divisor of
p
k
.
Proof :
_
p
k
_
=
p(p1)(p2) (pk+1)
k!
= p
(p1)(p2) (pk+1)
k!
Denominator k! divides p ((p1) (pk+1)) and is relatively prime to p.
Therefore k! divides ((p1) (pk+1)). Therefore
p
k
is a multiple of p.
Lemma: In GF(p
m
), (a + b)
p
= a
p
+ b
p
.
Proof : By the binomial theorem,
(a + b)
p
= a
p
+
p1
k=1
_
p
k
_
a
pk
b
k
+ b
p
= a
p
+ b
p
,
since
p
k
is multiple of p for 0 < k < p, and in GF(p

m
) multiples of p are 0.
Corollary: In GF(2
m
) , (a + b)
2
= a
2
+ b
2
. In other words, squaring is linear.
Corollary: In GF(q) with q = p
m
then (a+b)
q
= (a+b)
p
m
= a
p
m
+b
p
m
= a
q
+b
q
.
Conjugates of (1)
Theorem: The conjugates of over GF(q) are
,
q
,
q
2
, . . . ,
q
r1
where r is the least positive integer such that
q
r
= .
Note:
q
m
=
Q
= , so r m. In fact, we will see that r | m.
Proof : First we show that
q
i
are conjugates. For any f(x) over GF(q)
f()
q
= (f
0
+ f
1
+ f
2
2
+ )
q
= f
q
0
+ f
q
1
q
+ f
q
2
2q
+ = f
0
+ f
1
q
+ f
2
2q
+ = f(
q
) ,
since f
q
i
= f
i
for coecients in GF(q). Let f(x) be the minimal polynomial of ,
f(
q
) = f()
q
= 0
q
= 0 .
Therefore
q
is a zero of the minimal polynomial and so is a conjugate of .
Conjugates of (2)
Next we show that all conjugates of are in {
q
i
}. Consider the product
f(x) = (x )(x
q
)(x
q
2
) (x
q
r1
)
of linear factors for all the distinct conjugates of of the form
q
i
:
f(x)
q
= (x
q
q
)(x
q
q
2
) (x
q
q
r
)
= (x
q
q
)(x
q
q
2
) (x
q
) = f(x
q
)
since
q
r
= . Therefore
f
q
0
+ f
q
1
x
q
+ + f
q
r
x
q
r
= f
0
+ f
1
x
q
+ + f
r
x
q
r
Since f
q
i
= f
i
, all the coecients of f(x) are in GF(q).
Obviously, is a zero of f(x). Any other polynomial over GF(q) that has as
zero must have the same r linear factors. Therefore f(x) is a divisor of every such
polynomial, hence f(x) is minimal.
Conjugates: summary
The conjugates of are the zeroes of the minimal polynomial of .
The conjugates of over GF(q) are ,
q
,
q
2
, . . . ,
q
r1
.
The minimal polynomial of is prime over GF(q) but factors over any
eld GF(Q) that contains (and hence its conjugates):
f(x) = (x )(x
q
)(x
q
2
) (x
q
r1
)
If GF(q
m
) then has at most m conjugates (including itself).
If has r conjugates, then the linear subspace of GF(q
m
) spanned by
{1, ,
2
, . . . ,
r1
}
is a eld with q
r
elements. Reciprocals exist because f(x) is prime.
If r < m then belongs to GF(q
r
) , a proper subeld of GF(q
m
) .
Since GF(q
m
) is a vector space over GF(q
r
) , we conclude that r | m.

Finite Fields: Motivation: EE 387, John Gill, Stanford University Notes #4, October 22, Handout #11

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Finite Fields: Motivation: EE 387, John Gill, Stanford University Notes #4, October 22, Handout #11

Uploaded by

Copyright:

Available Formats

EE 387, John Gill, Stanford University Notes #4, October 22, Handout #11

Finite elds: motivation

(x) are prime polynomials

is multiple of p for 0 < k < p, and in GF(p

You might also like