Fundamental Theorem of Algebra

Similar documents
x n k m(x) ) Codewords can be characterized by (and errors detected by): c(x) mod g(x) = 0 c(x)h(x) = 0 mod (x n 1)

Coding Theory and Applications. Solved Exercises and Problems of Cyclic Codes. Enes Pasalic University of Primorska Koper, 2013

Rings. EE 387, Notes 7, Handout #10

Finite Fields. Saravanan Vijayakumaran Department of Electrical Engineering Indian Institute of Technology Bombay

Computer Algebra for Computer Engineers

Section 33 Finite fields

Irreducible Polynomials. Finite Fields of Order p m (1) Primitive Polynomials. Finite Fields of Order p m (2)

Public-key Cryptography: Theory and Practice

Quasi-reducible Polynomials

Algebra Review 2. 1 Fields. A field is an extension of the concept of a group.

ELG 5372 Error Control Coding. Lecture 5: Algebra 3: Irreducible, Primitive and Minimal Polynomials

Homework problems from Chapters IV-VI: answers and solutions

7.1 Definitions and Generator Polynomials

Extension fields II. Sergei Silvestrov. Spring term 2011, Lecture 13

Homework 8 Solutions to Selected Problems

Section VI.33. Finite Fields

Cyclic codes: overview

Finite Fields. Sophie Huczynska (with changes by Max Neunhöffer) Semester 2, Academic Year 2012/13

g(x) = 1 1 x = 1 + x + x2 + x 3 + is not a polynomial, since it doesn t have finite degree. g(x) is an example of a power series.

Algebra for error control codes

Information Theory. Lecture 7

Finite Fields. Sophie Huczynska. Semester 2, Academic Year

ϕ : Z F : ϕ(t) = t 1 =

Classification of Finite Fields

17 Galois Fields Introduction Primitive Elements Roots of Polynomials... 8

LECTURE NOTES IN CRYPTOGRAPHY

Introduction to finite fields

G Solution (10 points) Using elementary row operations, we transform the original generator matrix as follows.

Theory of Numbers Problems

Further linear algebra. Chapter II. Polynomials.

Factorization in Polynomial Rings

Polynomial Rings. i=0

SUPPLEMENT TO CHAPTERS VII/VIII

Explicit Methods in Algebraic Number Theory

CYCLOTOMIC POLYNOMIALS

Course 311: Abstract Algebra Academic year

EE 229B ERROR CONTROL CODING Spring 2005

Coding Theory ( Mathematical Background I)

Algebra Review. Instructor: Laszlo Babai Notes by Vincent Lucarelli and the instructor. June 15, 2001

Homework 9 Solutions to Selected Problems

CYCLOTOMIC POLYNOMIALS

Vector spaces. EE 387, Notes 8, Handout #12

A connection between number theory and linear algebra

Automorphisms and bases

Finite Fields. [Parts from Chapter 16. Also applications of FTGT]

MATH 3030, Abstract Algebra Winter 2012 Toby Kenney Sample Midterm Examination Model Solutions

Course 311: Hilary Term 2006 Part IV: Introduction to Galois Theory

GF(2 m ) arithmetic: summary

(January 14, 2009) q n 1 q d 1. D = q n = q + d

D-MATH Algebra II FS18 Prof. Marc Burger. Solution 26. Cyclotomic extensions.

18. Cyclotomic polynomials II

RINGS: SUMMARY OF MATERIAL

arxiv: v1 [math.nt] 20 Sep 2018

p-adic fields Chapter 7

M2P4. Rings and Fields. Mathematics Imperial College London

Review/Outline Frobenius automorphisms Other roots of equations. Counting irreducibles Counting primitive polynomials

1 The Galois Group of a Quadratic

MATH 361: NUMBER THEORY TENTH LECTURE

MINIMAL GENERATING SETS OF GROUPS, RINGS, AND FIELDS

Chapter 5. Modular arithmetic. 5.1 The modular ring

1 Rings 1 RINGS 1. Theorem 1.1 (Substitution Principle). Let ϕ : R R be a ring homomorphism

Section X.55. Cyclotomic Extensions

On the Primitivity of some Trinomials over Finite Fields

ECEN 5022 Cryptography


Lecture Notes Math 371: Algebra (Fall 2006) by Nathanael Leedom Ackerman

Math 319 Problem Set #2 Solution 14 February 2002

Congruences and Residue Class Rings

Supplement. Dr. Bob s Modern Algebra Glossary Based on Fraleigh s A First Course on Abstract Algebra, 7th Edition, Sections 0 through IV.

Zsigmondy s Theorem. Lola Thompson. August 11, Dartmouth College. Lola Thompson (Dartmouth College) Zsigmondy s Theorem August 11, / 1

Math Introduction to Modern Algebra

Part II. Number Theory. Year

Abstract Algebra: Chapters 16 and 17

Solutions for Problem Set 6

R. Popovych (Nat. Univ. Lviv Polytechnic )

Homework 4 Algebra. Joshua Ruiter. February 21, 2018

Know the Well-ordering principle: Any set of positive integers which has at least one element contains a smallest element.

QUALIFYING EXAM IN ALGEBRA August 2011

TC10 / 3. Finite fields S. Xambó

COMMUTATIVE RINGS. Definition 3: A domain is a commutative ring R that satisfies the cancellation law for multiplication:

ALGEBRA PH.D. QUALIFYING EXAM SOLUTIONS October 20, 2011

The number of ways to choose r elements (without replacement) from an n-element set is. = r r!(n r)!.

MATH 431 PART 2: POLYNOMIAL RINGS AND FACTORIZATION

Scalar multiplication in compressed coordinates in the trace-zero subgroup

On the number of semi-primitive roots modulo n

9. Finite fields. 1. Uniqueness

Math 547, Exam 2 Information.

AN INTRODUCTION TO THE THEORY OF FIELD EXTENSIONS

Notes on Primitive Roots Dan Klain

Polynomials. Henry Liu, 25 November 2004

GALOIS THEORY. Contents

Solutions for Field Theory Problem Set 5

Course 2316 Sample Paper 1

Solutions for Field Theory Problem Set 1

22M: 121 Final Exam. Answer any three in this section. Each question is worth 10 points.

Galois fields/1. (M3) There is an element 1 (not equal to 0) such that a 1 = a for all a.

Section 10: Counting the Elements of a Finite Group

Lecture Notes Math 371: Algebra (Fall 2006) by Nathanael Leedom Ackerman

Mathematics for Cryptography

FINITE FIELDS KEITH CONRAD

Transcription:

EE 387, Notes 13, Handout #20 Fundamental Theorem of Algebra Lemma: If f(x) is a polynomial over GF(q) GF(Q), then β is a zero of f(x) if and only if x β is a divisor of f(x). Proof: By the division algorithm, f(x) = q(x)(x β)+r(x), where degr(x) < deg(x β) = 1. Thus degr(x) 0, so r(x) is a constant polynomial, r(x) = r 0. Therefore r 0 = r(β) = f(β) q(β)(β β) = f(β), hence f(x) is a multiple of x β if and only if f(β) = r 0 = 0. Lemma: A polynomial f(x) of degree n over a field has at most n zeroes. Proof: Each zero of f(x) corresponds to a linear factor of f(x). Because degf(x) = n, there are at most n linear factors. Thus there are at most n distinct zeroes (including multiple zeroes). Blahut (Theorem 4.3.9) calls this the Fundamental Theorem of Algebra. Gauss s FTA: every polynomial equation with complex coefficients and degree 1 has at least one complex root. EE 387, October 21, 2015 Notes 13, Page 1

Examples of factors and zeroes Example: Polynomials of degree 2 over GF(2): x 2 = x x, x 2 +1 = (x+1)(x+1), x 2 +x = x(x+1), x 2 +x+1 The only prime polynomial over GF(2) of degree 2 has zeroes in GF(4): (x+β)(x+δ) = x 2 +(β +δ)x+βδ = x 2 +x+1. Whether a polynomial is prime depends on what coefficients are allowed. Example: GF(2 4 ) can be represented as polynomials in α of degree < 4, where α is a zero of the prime (over GF(2)) polynomial x 4 +x+1. Therefore x+α is a factor of x 4 +x+1 over GF(2 4 ). Another zero is a 2 : x 4 +x+1 α 2 = (α 2 ) 4 +α 2 +1 = (α 4 +α+1) 2 = 0 2 = 0. Similarly, α 4 = (α 2 ) 2 and α 8 = (α 4 ) 2 are zeroes. Over GF(16) x 4 +x+1 = (x+α)(x+α 2 )(x+α 4 )(x+α 8 ). EE 387, October 21, 2015 Notes 13, Page 2

GF(Q) consists of zeroes of x Q x The order of the multiplicative group of GF(Q) is Q 1. Let e be the order of β of GF(Q). By Lagrange s theorem, e (Q 1), so β Q 1 = β e (Q 1)/e = (β e ) (Q 1)/e = 1 (Q 1)/e = 1. This shows that every nonzero element of GF(Q) is a zero of x Q 1 1. The special case of 0 requires one more factor, x 0, which yields x(x Q 1 1) = x Q x. This polynomial has at most Q zeroes. Thus GF(Q) = zeroes of x Q x. Similarly, for any subfield, GF(q) = zeroes of x q x. Factorizations: x Q x = (x β), x q x = (x β) β GF(Q) β GF(q) x Q x = x(x Q 1 1) = x(x q 1 1)(x Q 1 (q 1) + +x q 1 +1) The last equation holds because (q 1) (Q 1). EE 387, October 21, 2015 Notes 13, Page 3

Minimal polynomials Let β GF(Q) and GF(q) GF(Q). Definition: The minimal polynomial over GF(q) of β is the monic polynomial f(x) over GF(q) of smallest degree such that f(β) = 0. Example: GF(4) = {0, 1, β, δ}. Minimal polynomials over GF(2): 0 x, 1 x+1, β,δ x 2 +x+1 Theorem: Suppose GF(q) GF(Q) where Q = q m. 1. Every β in GF(Q) has minimal polynomial over GF(q) of degree m. 2. The minimal polynomial is unique. 3. The minimal polynomial is prime over GF(q). 4. If g(x) is a polynomial over GF(q) such that g(β) = 0 then f(x) g(x). Every β in GF(Q) is a zero of x Q x, whose coefficients (1,0, 1) belong to GF(q). So the minimal polynomial exists and has degree Q. EE 387, October 21, 2015 Notes 13, Page 4

Minimal polynomials (cont.) Proof: 1. GF(Q) is a vector space over GF(q) of dimension m. Therefore any set of m+1 elements is linearly dependent over GF(q). In particular, consider the first m+1 powers of β: {1, β, β 2,...,β m } There exist m+1 scalars f 0,f 1,...,f m in GF(q), not all 0, such that f 0 1+f 1 β + +f m β m = 0 = f(β). In other words, β is a zero of f(x) = f 0 +f 1 x+ +f m x m, which is a nonzero polynomial over GF(q) of degree m. Therefore the minimal polynomial of β has degree m. EE 387, October 21, 2015 Notes 13, Page 5

Minimal polynomials (cont.) 2. If f 1 (x) and f 2 (x) are distinct minimal polynomials of the same degree, then f(x) = f 1 (x) f 2 (x) is a nonzero polynomial of smaller degree. Since f(β) = 0, we have a contradiction. 3. If f(x) = f 1 (x)f 2 (x) has proper divisors, then f(β) = f 1 (β)f 2 (β) = 0 = either f 1 (β) = 0 or f 2 (β) = 0, contradicting the minimality of f(x). 4. By the division algorithm, If g(β) = 0 then g(x) = q(x)f(x)+r(x), where degr(x) < degf(x). r(β) = g(β) q(β)f(β) = 0. If r(x) 0 then f(x) is not minimal. Thus r(x) = 0 = f(x) g(x). EE 387, October 21, 2015 Notes 13, Page 6

Conjugates Definition: The conjugates over GF(q) of β are the zeroes of the minimal polynomial over GF(q) of β (including β itself). Example: GF(4) = {0,1,β,δ}. Then β and δ = β +1 are conjugates since (x+β)(x+δ) = x 2 +(β +δ)x+βδ = x 2 +x+1. Example: GF(8) = {0, 1, α, α+1, α 2,..., 1+α+α 2 }, where α 3 = α+1. The minimal polynomial of α is f(x) = x 3 +x+1. Another zero is α 2 : f(α 2 ) = (α 2 ) 3 +α 2 +1 = (α 3 +α+1) 2 = 0 So α 2 and α 4 = α+α 2 are conjugates of α, which gives the factorization: x 3 +x+1 = (x+α)(x+α 2 )(x+α 4 ) = (x+ 0 1 )(x+ 0 0 )(x+ 0 1 ) 0 1 1 (The 3-tuple representations of α i have lsb in the first row.) EE 387, October 21, 2015 Notes 13, Page 7

Binomial coefficients and prime numbers ( ) p Lemma: If p is prime and 0 < k < p then p is a divisor of. k ( ) p Proof: = p(p 1) (p k+1) = p (p 1) (p k+1) k k! k! Denominator k! divides p (p 1) (p k+1) ( and ) is relatively prime to p. p Therefore k! divides (p 1) (p k+1), so is a multiple of p. k Lemma: In GF(p m ), (a+b) p = a p +b p. Proof: By the binomial theorem, p 1 ( ) p (a+b) p = a p + a p k b k + b p = a p +b p, k k=1 ( ) p since is multiple of p (0 < k < p) and in GF(p m ) multiples of p are 0. k Corollary: In GF(2 m ), (a+b) 2 = a 2 +b 2. In other words, squaring is linear. Corollary: In GF(q) (q = p m ), (a+b) q = (a+b) pm = a pm +b pm = a q +b q. EE 387, October 21, 2015 Notes 13, Page 8

Conjugates of β Theorem: The conjugates of β over GF(q) are β, β q, β q2,..., β qr 1 where r is the least positive integer such that β qr = β. Note: β qm = β Q = β, so r m. In fact, we will see that r m. Proof: First we show that β qi are conjugates. For any f(x) over GF(q) f(β) q = (f 0 +f 1 β +f 2 β 2 + ) q = f q 0 +fq 1 βq +f q 2 β2q + = f 0 +f 1 β q +f 2 β 2q + = f(β q ), since f q i = f i for coefficients in GF(q). If f(x) is the minimal polynomial of β, then f(β q ) = f(β) q = 0 q = 0. Therefore β q is a zero of the minimal polynomial and so is a conjugate of β. EE 387, October 21, 2015 Notes 13, Page 9

Conjugates of β (cont.) Next we show that all conjugates of β are in {β qi }. Consider the product f(x) = (x β)(x β q )(x β q2 ) (x β qr 1 ) of linear factors for all the distinct conjugates of β of the form β qi : since β qr = β. Therefore f(x) q = (x q β q )(x q β q2 ) (x q β qr ) = (x q β q )(x q β q2 ) (x q β) = f(x q ) f q 0 + fq 1 xq + + f q rx qr = f 0 + f 1 x q + + f r x qr Since f q i = f i, all the coefficients of f(x) are in GF(q). Obviously, β is a zero of f(x). Any polynomial over GF(q) that has β as zero must have the same r linear factors. Therefore f(x) is a divisor of every such polynomial, hence f(x) is minimal. EE 387, October 21, 2015 Notes 13, Page 10

Conjugates: summary The conjugates of β are the zeroes of the minimal polynomial of β. The conjugates of β over GF(q) are β, β q, β q2,...,β qr 1. The minimal polynomial of β is prime over GF(q) but factors over any field GF(Q) that contains β (and hence its conjugates): f(x) = (x β)(x β q )(x β q2 ) (x β qr 1 ) If β GF(q m ) then β has at most m conjugates (including itself). If β has r conjugates, then the linear subspace of GF(q m ) spanned by {1,β,β 2,...,β r 1 } is a field with q r elements. Reciprocals exist because f(x) is prime. If r < m then β belongs to GF(q r ), a proper subfield of GF(q m ). Since GF(q m ) is a vector space over GF(q r ), we conclude that r m. EE 387, October 21, 2015 Notes 13, Page 11

Euler phi function The Euler phi function φ(n) is the number of integers between 0 and n that are relatively prime to n. We can express φ(n) in terms of the factorization n = p e 1 1 pe 2 2 pet t : if p is prime then φ(p) = p 1 (1,2,...,p 1 are coprime to p) if p is prime then φ(p e ) = p e p e 1 (multiples of p are not coprime). φ(n) is multiplicative; i.e., if gcd(r,s) = 1 then φ(rs) = φ(r)φ(s). Combining these facts, we obtain the final formula: p 1 if n = p is a prime ( (p 1)p e 1 = 1 1 ) p e if n = p e is power of prime φ(n) = p t φ(p e 1 1 pe 2 2...pet t ) = (p i 1)p e i 1 i in general i=1 EE 387, October 21, 2015 Notes 13, Page 12

Primitive elements Fact: Multiplicative group of the finite field GF(q) is cyclic of order q 1. A primitive element of GF(q) is a generator of the multiplicative group Let α be a primitive element of GF(q). All primitive elements of GF(Q) are powers α i where gcd(i,q 1) = 1. 1 = ai+b(q 1) = α = α ai+b(q 1) = α ai = (α i ) a. Conversely, if gcd(i,q 1) = d > 1 then the order of α i is q 1 d In general, GF(q) has φ(q 1) primitive elements. If q 1 is prime then there are q 2 primitive elements. (This is possible only for q = 3 and for q = 2 m with m odd.) < q 1. GF(4), GF(8), GF(16), GF(32) have respectively 2, 6, 8, 30 primitive elements. The proof that every finite field has a primitive element uses a lemma about groups: if for every divisor d of the order of a group there are at most d elements of order dividing d, then the group is cyclic. EE 387, October 21, 2015 Notes 13, Page 13

Primitive elements and polynomials Let α be a primitive element of GF(Q) and GF(q) be a subfield of GF(Q). Let f(x) be the minimal polynomial over GF(q) of α and m = degf(x). Every nonzero element of GF(Q) is a power of α: GF(Q) = {1, α, α 2,..., α Q 2 } Every element of GF(Q) is a polynomial in α of degree m 1: β = b 0 +b 1 α+b 2 α 2 + +b m 1 α m 1 where b 0,b 1,...,b m 1 are coefficients from GF(q). Multiplication by α of a polynomial in α uses the equation f(α) = 0: α(b 0 +b 1 α+ +b m 1 α m 1 ) = b 0 α+b 1 α 2 + +b m 2 α m 1 b m 1 (f 0 + +f m 1 α m 1 ) A primitive polynomial is the minimal polynomial of a primitive element. Equivalently: monic f(x) of degree m is primitive if the order of f(x) is q m 1; i.e., the smallest n such that x n = 1 mod f(x) is n = q m 1. EE 387, October 21, 2015 Notes 13, Page 14

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback