TC10 / 3. Finite fields S. Xambó

Transcription

1 TC10 / 3. Finite fields S. Xambó The ring Construction of finite fields The Frobenius automorphism Splitting field of a polynomial Structure of the multiplicative group of a finite field Structure of the multiplicative group of a finite field The discrete logarithm Minimal polynomial Uniqueness of the finite fields with the same cardinal Factorization of 1 over a finite field

2 2 The ring Set to denote the ring / of classs of integers modulo. We usually represent its elements by the elements of the set 0, 1,, 1, with the operations of sum and product the ordinary sum and product of integers, but reduced modulo. We will also set to denote the multiplicative grup of invertible elements of. N1 An element 0, 1,, 1 is invertible modulo if and only if gcd, 1. In particular we see that is a field if and only if is prime. We have, therefore,, where is Euler s (totient) function (by definition, is the number of 0, 1,, 1 such that gcd, 1). In particular we have 1 mod for any integer such that gcd, 1. N2

3 3 The function has the following properties: 1. if mcd, If is prime, 1. Proposition..

4 4 Construction of finite fields A. If is a finite field of cardinal, then there exists a prime number and a positive integer such that. The number is called the characteristic of. B. If is a finite field and a subfield of with cardinal, then there is positive integer such that. If is another subfield of such that, then, where is a divisor of. The converse of A is also valid: if is a prime number and is a positive integer, then there exist fields of cardinal. Moreover, two fields of cardinal are isomorphic (not canonically). Let us summarize the essential ideas that are involved in proving these statements.

5 5 If is a field, and, then we have the quotient ring /. This ring is a vector space of dimension. More explicitely, if (the class of mod ), then 1,,, is a basis of over. In particular we have that if is finite and, then. The ring is a field if and only if is irreductible over. Therefore, we know how to construct a field of elements ( prime and a positive integer) if we know an irreducible polynomial of degree over. Thus we have that the existence of a finite field of cardinal is a consequence of the following result. Theorem. If is a finite field, and is any positive integer, there exist irreducible polynomials over of degree.

6 6 Remark. For 2, the number of monic reducible polynomials is 1 /2, while the number of monic polynomials of degre 2 is. Hence the number of monic irreducible polynomials of degree 2 over is 1 /2. A similar reasoning is valid for monic polynomial of degree 3. Indeed, there are monic polynomials of degree 3, while the number of monic reducible polynomials of degree 3 is (the first summand counts polynomials that are the product of three monic linear factors and the second those that are the product of a monic linear factor and monic quadratic factor. It follows that the number of monic irreducible polynomials of degree 3 is 3 3.

7 7 Example. / 1 is a field of 4 elements. Example. / 1 is a field of 8 elements. Examples. If, a field, is irreducible over if and only if is not a square in. For example, 1 is irreducible over, as the squares in are 0 and 1. Similarly, the squares of are 0, 1, 4 and 2, and hence the polynomials 3 4, 5 2, 6 1 are irreducible over. Examples. If, is irreducible over if and only if is not a cube in. Since the cubes in are 0, 1 and 6, the polynomials 2 5, 3 4, 4 3 and 5 2 are irreducible over.

8 8 The Frobenius automorphism In a finite field of characteristic, the map such that is an automorphism of. It is called the Frobenius automorphism of. The subfield of the elements such that is. If is a subfield of, and, the map such that is an automorphism of over. It is called the Frobenius automorphism of relative to. The subfield of the elements such that is.

9 9 Splitting field of a polynomial Theorem. Given a field and a monic polynomial, there exists a field extension / and elements,, such that and,,. Proof. Let be the degree of. If 1, it is sufficient to set. So we may suppose that 1, and, by induction, that the theorem is true for polynomials of degree 1. If every irreducible factor of has degree 1, then has roots in and again we can set. We may suppose, therefore, that has at least one irreducible factor, say, of degree 1. Define / and. Then the field extension / and the element are such that and 0. Since divides, we also have 0, and hence. Now the proof follows by induction applied to.

10 10 A field that satisfies the conditions of the preceding theorm is called a splitting field of over. Theorem (Splitting field of ). Let be a finite field and. Let be a decomposition field of over. Then. Proof. By definition of decomposition field, there exist elements, 1,,, such that and,,. The elements are different, for otherwise and would have a common root, which is impossible because 1. On the other hand, the set,, of roots of in is a subfield of. Indeed, if and are roots of then and, and if is a non zero root of, then

11 11 1 1/ 1/ (that is,, are roots of, and so is 1/ if 0). Since for every, the elements of are also roots of. It follows that,,,, and consequently. Corollary (Existence of finite fields). If is a prime number and a positive integer, there exists a field of cardinal. Proof. The cardinal of the splitting field of over is. Corollary. Given a field such that and a divisor of, there exists a unique subfield of of cardinal. Proof. If and we set, then. If there is a subfield of of cardinal, it must be. Let, then,. Since the elements of are the elements of

12 12 that are fixed by the automorphism, is a subfield of. To see that the cardinal of is, notice that is divisible by : Thus has roots in and this completes the proof. Structure of the multiplicative group of a finite field Order of an element. If is a finite field and is a non zero element of, the order of, ord, is the least positive integer such that 1. Note that exists and that it is a divisor of 1 ( the cardinal of ). Moreover, 1 except for 1. Example. In we have ord 2 ord 3 4 and ord 4 2.

13 13 Proposition. Let be a finite field, 0 and ord. 1. If 0 is such that 1, then there exists an integer such that. 2. For every integer, ord /gcd,. 3. The elements of order of have the form, with gcd, 1. In particular we have that if there exists an element of order, then there are exactly elements of order. Proof. Consider the polynomial 1. Since has degree and is a field, has at most roots in. Since is the order of, all the elements of the subgroup 1,,, are roots of and hence has no roots other than the elements of. Since is a root of by hypothesis,. This settles point 1.

14 14 To establish 2, let gcd, and /. We want to see that has order. If 1, then 1 and hence. Dividing by we see that. As and / have no common primer divisors, it follows that. Finally it is clear that / / 1 and this completes the proof of 2. Finally 3 is a direct consequence of 1, 2 and the definition of. Primitive roots. A non zero element of a finite field of cardinal is said to be a primitive root (or a primitive element) of if ord 1. In this case it is clear that 1,,,.

15 15 This representation of the elements of is called exponential representation relative to a primitive root. With this representation, the product of elements of is particularly easy to obtain:, where mod 1. Examples. The elements 2 and 3 are the primitive roots of. Theorem. Let be a finite field of cardinal and a positive integer. If 1, then contains exactly elements of order. Proof. Let be the number of elements of that have order. It is clear that 1, as the order of any non zero element is a divisor of 1. Now observe that if 0 and that 1, with which the proof is easily completed.

16 16 Proposition. Let be a finite field, a subfield of and. Let be the positive integer such that. If is a primitive element of, then 1,,, is a basis of as a vector space. Proof. If and 1,,, are linearly dependent over, there would exist,,, not all zero, such that 0. If we let, then is a polynomial of positive degree such that 0. It follows that there exists a monic irreducible polynomial of degree such that 0. This implies that the kernel of the homomorphism such that is the ideal and therefore that there is an inclusion of the field / in that is the identity on and such that it maps to.

17 17 But then the order of divides and would not be a primitive root. Primitive polynomials. If is an irreducible polynomial of degree over, a prime, then / is a field of cardinal, where is the class of mod. The element may be primitive or not. In the case / 1, for example, it is primitive, but in the case / 1, ord 4.

18 18 Proposition. Let be a finite field and a monic irreducible polynomial,. Let be the class of in /. If deg, then ord is the least divisor of 1 such that 1. Proof. The order of is the least divisor of 1 1 such that 1. But this is equivalent to say that 1 is 0 mod, which is the same as asserting that 1 is a multiple of. If is a primitive root, we say that is primitive over. The least divisor of 1 such that 1 is called the period (or exponent) of f.

19 19 The discrete logarithm Suppose that is a finite field and that is a primitive element of. Let be a subfield of and let, dim. We know that 1,,, form a basis of over, so that the elements of can be uniquely written in the form,,,. This representation of the elements of is called additive representation over relative to the primitive root. With the additive representation the sum of two elements of is reduced to the sum of two vectors of. To calculate products, however, it is more convenient to use the exponential representation with respect to the primitive element. More concretely, if, and we know the exponents, such that,, then, mod 1,.

20 20 Given, we write ind to indicate the exponent (defined mod 1) such that and we say that it is the index or discrete logarithm of with respect to. In order to be able to use the additive and exponential representations at the same time, it is convenient to tabulate the additive form of the powers ( 2),,, as this allows us to pass from the exponential form to the additive form and conversely. This table is often completed by assigning a conventional symbol (say or ) as the index of 0. Given a table of discrete logarithms, we can form the Zech (or Jacobi) table, which by definition associates the index ind 1 to the exponent. With this we can get exponential representation of a sum as 1.

21 21 ind ind Discrete logaritme and Zech table of / 1

22 22 Minimal polynomial Let be finite field and a subfield. Let. Then, for some positive integer. Given, the 1 elements 1,,, are linearly dependent over. Hence there exist,, not all zero such that 0. This means that if, then 0 and 0.

23 23 Proposition. There exists a unique monic polynomial that satisfies the following two conditions: If satisfies 0, then. The polynomial is irreducible and satisfies 3. deg. Proof. Among all the monic polynomials that satisfy 0, pick one, say, of least degree. It is clear that deg, as we have observed that there exist non zero polynomials of degree such that 0. If now is any polynomial such that 0, let and be the quotient and remainder of the integer division of by :, with 0 or deg deg.

24 24 Since 0, we also have 0. It follows that 0, for otherwise we would have a contradiction with the definition of. But this means that, which is the property 2. To see that is unique, let be another monic polynomial that satisfies 1 and 2. Then (we can apply 2 to, as 0). Similarly,. This implies that, for some. Since and are monic, we conclude that. To prove that is irreducible, suppose that,,. Then 0 or 0. Without loss of generality we may assume that 0. Then for some polynomial. Thus and hence is a constant polynomial. Consequently and are constants and therefore the factorization is not proper. Hence p is irreducible.

25 25 The polynomial of last proposition is called the minimal polynomial of over, and usually will be denoted. The degree of is also called degree of, and is denoted deg. Remark. Note that deg is the least positive integer such that 1,,,. Remark. There exists a unique isomorphism such that, where. Thus we see that the degree of coincides with the dimension of over. For example, if is a primitive element of, then deg, as. Remark. If is a monic irreducible polynomial and is a root of in an extension of, then is the minimal polynomial of over. Note, in particular, that if /, then is the minimal polynomial of over.

26 26 Example. Let, / 1,, / 1,. Then 1 1,, which amounts to rediscovering that the minimal polynomial of over is 1. But 1,, so that the minimal polynomial of over has degree 2. Since 1,, and 1, the minimal polynomial of y over is 1. Notice that this polynomial is not primitive, as ord 5. Conjugates of an element. The set of conjugates over of an element is defined as,,,,, where is the least positive integer such that.

27 27 Proposition.. Proof. We will use the extension of the Frobenius automorphism of / to the automorphism of the ring such that. The polynomial is invariant by this automorphism, as permutes the elements of. Hence. Now observe that if is a root of, then is also a root of, as seen by applying the Frobenius automorfisme of / to the relation 0. Applying this observation repeatedly beginning with the root of, we obtain that 0 for any. Hence,. But since is irreducible and has positive degree, we conclude that, inasmuch as both polynomials are monic.

28 28 Uniqueness of the finite fields with the same cardinal Theorem. If and are finite fields with the same cardinal, then there exists an isomorphism :. Proof. If, is a subfield of and of. Consider the polynomial. Regarded as a polynomial with coefficients in, we have Analogously,.. Let be a primitive element of and its minimal polynomial. We know that deg. Since all the roots of are in, we also have 1

29 29 as polynomials with coefficients in. But since these polynomials are monic and with coefficients in, the relation 1 is also valid as polynomials with coefficients in. The polynomial 1 also factors completely in and thereby has a root. From this it follows that there is a unique isomorphism such that. But there is also a unique isomorphism such that. As a result, there is a unique isomorphism such that.

30 30 Factorization of 1 over a finite field The solution of this question turns out to be of fundamental importance for the study of cyclic codes. If, prime, and we put,, then we have 1 1. This shows that we can assume that is not divisible by. Field of decomposition of 1. The condition tells us that. Hence we may consider the order of in. By definition, is the least positive integer such that 1. In other words, is the least positive integer such that 1. We write to denote it.

31 31 Let now be any monic irreducible polynomial of degree and define / ( ). Let be a primitive element of (if we chose primitive, we can take ). Then, by definition of, ord 1 is divisible by. Set 1 / and. Proposition. Over we have Proof. Since the set 1. ord 1 /, 0 1

32 32 has cardinal. Moreover, is a root of 1 for all, because 1. Hence the set contains distinct roots of 1. It follows that is a monic polynomial of degree that divides 1. Since both polynomials are monic of degree, they must coincide. Proposition. and so is the splitting field of 1 over. Proof. Indeed, if, then ord must divide 1 and, by definition of, we get.

33 33 Cyclotomic classes Given an integer in 0.. 1, the cyclotomic class of mod is the set,,,, where is the least positive integer such that mod. If is a cyclotomic class mod, we define. Lemma. The polynomial has coefficients in for every cyclotomic class. Proof. It is enough to note that is invariant by the Frobenius automorphism.

34 34 Theorem. The correspondence is a bijection between the set of cyclotomic classes mod and the set of monic irreducible factors of 1 over. Proof. The fact that the cyclotomic classes mod form a partition of 0,1,, 1, and the factoritzation, imply that the factorization 1, where runs over the cyclotomic classes mod. It is therefore enough to show that is irreducible for any class. To see this, note that is the set of conjugates of anyone of its elements, so that is the minimal polynomial of for any.

35 35 Notes N1. If is a ring with multiplicative unit (usually dented 1, or 1 ), then the set of invertible elements of forms a grup with the product operation of. Examples. 1. is a field if and only if 0. If is a field,. If is the ring of square matrices of dimension, then,, the linear grup over of dimension. N2. If is a finite grup of order, then for any ( denotes the identity element of ). Indeed, there is a least positive integer such that. Since,,, is a subgroup of order of, we know that (Lagrange lemma) and this clearly implies the assertion.