Permutation Polynomials over Finite Fields

Permutation Polynomials over Finite Fields Omar Kihel Brock University

1 Finite Fields 2 How to Construct a Finite Field 3 Permutation Polynomials 4 Characterization of PP

Finite Fields Let p be a prime. Then Z/pZ is a finite field.

Finite Fields The mapping Φ : Z F n n 1 is a homomorphism. For F a finite field, ker Φ.

Finite Fields The mapping Φ : Z F n n 1 is a homomorphism. For F a finite field, ker Φ. ker Φ = pz, where p is prime since F is a finite field. F p = Z/pZ F

Finite Fields F is an F p -vector space of dimension r. Then the number of elements in F is p r.

Finite Fields F is an F p -vector space of dimension r. Then the number of elements in F is p r. For every q = p r, there exists a unique field F with F = q, up to isomorphism.

Finite Fields Theorem Let r be a positive integer, p a prime, q = p r. For every x F q, x q = x.

Finite Fields Theorem Let r be a positive integer, p a prime, q = p r. For every x F q, x q = x. P roof: F q = {x F q ; x 0} is a multiplicative group of order q 1. Then x q 1 = 1. for every x F q. Hence for every x F q. x q = x

Finite Fields Let Ω be an algebraic closure of F p. Let q = p r, r a positive integer. F q is the splitting field of x q x.

Finite Fields Let Ω be an algebraic closure of F p. Let q = p r, r a positive integer. F q is the splitting field of x q x. The unicity of the splitting field implies the unicity of F q, up to isomorphism.

How to Construct a Finite Field Let q = p n, n a positive integer. Let f(x) be an irreducible polynomial of degree n over F p. Then is a finite field of q elements. F p [x]/ ( f(x) )

Polynomials in Finite Fields The number of monic irreducible polynomials in F q [x] of degree n is 1 µ(d)q n/d. n d n

Polynomials in Finite Fields The number of monic irreducible polynomials in F q [x] of degree n is 1 µ(d)q n/d. n d n The product of monic irreducible polynomials over F q of degree d n is x qn x.

Polynomials in Finite Fields Let h : F q F q be an application. Then there exists a unique polynomial of degree less than q, f(x) = ) (1 (x c) q 1 ) h(c), c F q with f(b) = h(b) for every b F q.

Permutation Polynomials A polynomial f F q [x] is a permutation polynomial if the induced application F q F q c f(c) permutes the elements of F q, i.e. f is one-to-one from F q to F q.

Permutation Polynomials Recently, permutation polynomials have become of considerable interest in the construction of crytographic systems for the secure transmission of data.

Permutation Polynomials Recently, permutation polynomials have become of considerable interest in the construction of crytographic systems for the secure transmission of data. Let M (an element of F q ) be a message which is to be sent securely from A to B. If P (x) is a permutation of F q, then A sends to B the field element N = P (M). Since P (x) is a bijection, B can obtain the original message M by calculating P 1 (N) = P 1( P (M) ) = M.

Permutation Polynomials Recently, permutation polynomials have become of considerable interest in the construction of crytographic systems for the secure transmission of data. Let M (an element of F q ) be a message which is to be sent securely from A to B. If P (x) is a permutation of F q, then A sends to B the field element N = P (M). Since P (x) is a bijection, B can obtain the original message M by calculating P 1 (N) = P 1( P (M) ) = M. Permutation polynomials are also useful in several combinatorial applications.

Some examples of permutation polynomials Polynomials of degree 0 are not PP over F q ; x i is PP over F q if and only if gcd(i, q 1) = 1; ax 2 + bx + c, (a 0), is PP over F q if and only if b = 0 and char(f q ) = 2; x 4 + 3x and x 5 + 2x 2 permute F 7 ; x 5 ix permutes F 9 = F 3 (i), where i 2 = 1; x 8 + 4x permutes F 29 ; If a F q, then the Dickson polynomial g k (x, a) = [k/2] j=0 k k j ( k j permutes F q if and only if (k, q 2 1) = 1. j ) ( a) j x k 2j

Permutation Polynomials Lidl and Mullen in American Math Monthly listed 17 open problems in 2 papers (1988, 1993). P 2. Find new classes of PP. P 13. Find conditions on m, n, q so that ax n + x m permutes F q.

Permutation Polynomials Let f(x) = ax n + x m, where gcd(n, m) = 1, a 0, n > m. Let d = gcd(n m, q 1).

Permutation Polynomials Let f(x) = ax n + x m, where gcd(n, m) = 1, a 0, n > m. Let d = gcd(n m, q 1). If ( a) (F q ) d, then f(x) = 0 has d + 1 distinct roots in F q. Hence d = 1, implying f is not PP over F q.

Permutation Polynomials Let f(x) = ax n + x m, where gcd(n, m) = 1, a 0, n > m. Let d = gcd(n m, q 1). If ( a) (F q ) d, then f(x) = 0 has d + 1 distinct roots in F q. Hence d = 1, implying f is not PP over F q. f(x) being PP over F q implies f(x) = 0 has a unique root in F q (not neccesarily simple).

Permutation Polynomials Let f(x) = ax n + x m, where gcd(n, m) = 1, a 0, n > m. Let d = gcd(n m, q 1). If ( a) (F q ) d, then f(x) = 0 has d + 1 distinct roots in F q. Hence d = 1, implying f is not PP over F q. f(x) being PP over F q implies f(x) = 0 has a unique root in F q (not neccesarily simple). The reciprocal is not true in general: x i is PP if and only if gcd(i, q 1) = 1.

Permutation Polynomials Proposition Let f(x) = i 0 a i x pi F q [x]. f is a permutation polynomial if and only if f has exactly one unique root in F q.

Permutation Polynomials Proposition Let f(x) = i 0 a i x pi F q [x]. f is a permutation polynomial if and only if f has exactly one unique root in F q. P roof: f(x ± y) = f(x) ± f(y).

Permutation Polynomials A new family of PP (Ayad and K). ( ) f(x) = x u x (q 1)/2 + x (q 1)/4 + 1, (i) (u, q 1) = 1; (ii) q 1 (mod 8); (iii) 3 (q 1)/4 1 (mod p).

Permutation Polynomials Conjecture (Conjecture of Carlitz) If n is an even integer greater than 0, there exists a constant c(n) such that if q > c(n), then there is no permutation polynomial of degree n over F q.

Permutation Polynomials Conjecture (Conjecture of Carlitz) If n is an even integer greater than 0, there exists a constant c(n) such that if q > c(n), then there is no permutation polynomial of degree n over F q. Fried, Guralnick, and Saxl proved the Conjecture of Carlitz.

Characterization of PP Theorem (Hermite-Dickson) Let p be a prime, q = p r, and g(x) F q [x]. Then g(x) is a permutation polynomial over F q if and only if (i) g(x) = 0 has a unique root in F q ; (ii) for every l {1, 2,..., q 2}, ( ) deg g l (x) (mod x q x) q 2.

Characterization of PP Theorem (Hermite-Dickson) Let p be a prime, q = p r, and g(x) F q [x]. Then g(x) is a permutation polynomial over F q if and only if (i) g(x) = 0 has a unique root in F q ; (ii) for every l {1, 2,..., q 2}, ( ) deg g l (x) (mod x q x) q 2. Corollary If deg g(x) = d and d (q 1), then g(x) is not a permutation polynomial over F q.

Characterization of PP Theorem (Ayad-Belghaba-K) Let f(x) = ax n + x m F q [x], with a 0, gcd(m, n) = 1. Let d = gcd(n m, q 1), and suppose that d > 2. Then f(x) is a permutation polynomial over F q if and only if (i) f(x) = 0 has a unique root in F q (ii) for every l {1,..., q 2} such that d l, we have ( ) deg f l (x) q 2.

Characterization of PP To give the idea of the proof of the Theorem of Hermite-Dickson, we require the following lemma. Lemma a 1, a 2,..., a q F q are distinct if and only if q a t i = 0 for 1 t q 2 i=1 and q a q 1 i = 1 i=1

Characterization of PP The reduction of ( f(x)) t modulo (x q x) has the form q 1 α i,t x i. i=0

Characterization of PP The reduction of ( f(x)) t modulo (x q x) has the form q 1 α i,t x i. i=0 We have f(x) = c F q (1 (x c) q 1) f(c), then α q 1,t = c F q f(c) t.

Characterization of PP f has a unique root in F q, which implies that c F q f(c) q 1 = 1.

Characterization of PP f has a unique root in F q, which implies that c F q f(c) q 1 = 1. ( ) deg f t (x) q 2, 1 t q 2 implies that the coefficient of x q 1 is 0. Hence α q 1,t = 0. Then α q 1,t = c F q (f(c)) t = 0, for 1 t q 2.

Characterization of PP For the reciprocal, f being PP implies f has a unique root in F q. f is PP, then f(c) are distinct. Then c F q ( f(c)) t = 0, 1 t q 2 implies ( ) ( ) t deg f(x) q 2 for 1 t q 2.

Characterization of PP Ayad-Belghaba-K proved the following: Theorem If f(x) = ax n + x m permutes F p, where n > m > 0 and a F p, then p 1 (d 1)d. We showed that this bound in terms of d only is sharp.

Characterization of PP Corollary If f(x) = x n + ax m permutes F p, where 1 m < n < p and a F p, then gcd(n m, p 1) > 4, except if d = 3, p = 7, and f(x) is one of the following: (i) f(x) = x 4 + 3x, (ii) f(x) = x 4 3x, (iii) f(x) = x 5 + 2x 2, (iv) f(x) = x 5 2x 2.

Characterization of PP Niederreiter and Robinson proved the following: Theorem Given a positive integer n, there exists a constant c(n) such that for q > c(n), no polynomial of the form ax n + bx m + c F q with n > m > 1, gcd(n, m) = 1, and ab 0 permutes F q. The constant c(n) is not explicit.

Characterization of PP Turnwald proved the following: Theorem If f(x) = ax n + x m permutes F q, where n > m > 0 and a F q, then either q (n 2) 4 + 4n 4 or n = mp i.

Characterization of PP Turnwald proved the following: Theorem If f(x) = ax n + x m permutes F q, where n > m > 0 and a F q, then either q (n 2) 4 + 4n 4 or n = mp i. The proof uses Weil lower bound for the number of the points on the curve f(x) f(y) x y over F q.

Characterization of PP When q = p, Turnwald proved the following: Theorem If f(x) = ax n + x m permutes F p, where n > m > 0 and a F p, then p < n max{m, n m}.

Characterization of PP In 2009, Masuda and Zieve proved the following: Theorem If f(x) = ax n + x m permutes F p, where n > m > 0 and a F p, then p 1 (d + 1)d.

Thank you for your time.