ECEN 5682 Theory and Practice of Error Control Codes Introduction - PowerPoint PPT Presentation

Introduction to Finite Fields ECEN 5682 Theory and Practice of Error Control Codes Introduction to Finite Fields Peter Mathys University of Colorado Spring 2007 Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes

Integer Rings/Fields Introduction to Finite Fields Polynomial Rings/Fields Integer Rings The set of integers, denoted by Z , forms a ring under usual addition and multiplication. This ring is called integer ring . Definition: The integer n is divisible by the integer d , denoted by d | n (i.e., d divides n ) if a · d = n for some integer a . Example: 3 | 9 but 2 � | 9. Definition: A positive integer p , p > 1, is called a prime if it is divisible only by ± p and ± 1. Any integer greater than 1 which is not a prime is called a composite . Definition: The greatest common divisor of two integers n 1 and n 2 , denoted gcd ( n 1 , n 2 ), is the largest positive integer that divides both n 1 and n 2 . Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes

Integer Rings/Fields Introduction to Finite Fields Polynomial Rings/Fields Definition: If gcd ( n 1 , n 2 ) = 1, then n 1 and n 2 are said to be relatively prime . Theorem: Division Algorithm . Given a pair of integers, c and d � = 0, there is a unique pair of integers q and r , called quotient and remainder , such that c = q · d + r , 0 ≤ r < | d | . Proof: Assume that there are two solutions, i.e., c = q 1 · d + r 1 = q 2 · d + r 2 , with 0 ≤ r 1 < | d | and 0 ≤ r 2 < | d | . Then ( q 1 − q 2 ) · d = r 2 − r 1 and −| d | < r 2 − r 1 < | d | . But this implies that r 2 − r 1 = 0 and q 1 − q 2 = 0, which means that q and r are unique. QED Example: Let c = 26, d = 7. Then 26 = 3 × 7 + 5, i.e., q = 3 and r = 5. Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes

Integer Rings/Fields Introduction to Finite Fields Polynomial Rings/Fields Definition: The notation r = R d ( c ) , is used to denote the remainder of c when divided by d . Note: Another notation that is often used in connection with remainders is r ≡ c (mod d ) . This means that “ r is congruent to c modulo d ”. Note, however, that 0 ≤ r < | d | is not guaranteed in this case since, for example, 9 ≡ 16 (mod 7). Theorem: Computations with remainders satisfy � � (i) R d ( a + b ) = R d R d ( a ) + R d ( b ) , � � (ii) R d ( a · b ) = R d R d ( a ) · R d ( b ) . Proof: Left as an exercise. Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes

Integer Rings/Fields Introduction to Finite Fields Polynomial Rings/Fields Finite Fields from Integer Rings Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes

Integer Rings/Fields Introduction to Finite Fields Polynomial Rings/Fields Polynomial Rings Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes

Integer Rings/Fields Introduction to Finite Fields Polynomial Rings/Fields Finite Fields from Polynomial Rings Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes

Integer Rings/Fields Introduction to Finite Fields Polynomial Rings/Fields The Structure of Finite Fields Any prime polynomial p ( x ) over GF ( q ) with deg p ( x ) = m can be used to construct GF ( q m ) by using polynomial addition and multiplication modulo p ( x ). However, it is much easier to use a primitive element α , defined as one of the roots of a primitive polynomial of degree m , to construct all non-zero elements of GF ( q m ) by repeated multiplication as α, α 2 , α 3 , . . . . But before using this construction method in general, one must show that the multiplicative subgroup of GF ( q m ) is cyclic and that at least one primitive polynomial over GF ( q ) of degree m always exists if q is a prime or a prime power. In what follows, the order of an element always refers to the multiplicative order, unless otherwise stated. Theorem: If ord ( β ) = c , then β s = 1 iff c | s (or, equivalently, iff s is an integer multiple of c ). Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes

Integer Rings/Fields Introduction to Finite Fields Polynomial Rings/Fields Proof: If c | s then s = a c and thus β s = β a c = ( β c ) a = 1. This proves the ‘if’ part. Now suppose c � | s . Then s can be written as s = q c + r , 0 ≤ r < c , and 1 = β s = β q c β r = ( β c ) q β r . This contradicts ord ( β ) = c unless r = 0, which implies that c | s . QED Theorem: Let β be an element of GF ( q ) and assume ord ( β ) = c . Then ord ( β i ) = c / gcd ( c , i ). Proof: Suppose that ord ( β i ) = h . Clearly, ( β i ) c / gcd ( c , i ) = β i c / gcd ( c , i ) = ( β c ) i / gcd ( c , i ) = 1 i / gcd ( c , i ) = 1 , which implies that h | ( c / gcd ( c , i )) by the previous theorem. Similarly, β i h = 1, which means that c | ( i h ). Since h gcd ( c , i ) = a c h + b i h for some integers a , b , it follows that c | ( h gcd ( c , i )) and thus ( c / gcd ( c , i ) | h . Together with h | ( c / gcd ( c , i )) this establishes ord ( β i ) = h = c / gcd ( c , i ). QED Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes

Integer Rings/Fields Introduction to Finite Fields Polynomial Rings/Fields Example: Let α = 2 ∈ GF (11). Then α 1 = 2 , α 2 = 4 , α 3 = 8 , α 4 = 5 , α 5 = 10 , α 6 = 9 , α 7 = 7 , α 8 = 3 , α 9 = 6 , α 10 = 1 , and thus ord (2) = 10, i.e., α = 2 is a primitive element in GF (11). Note that the powers of the primitive element α generate all the nonzero elements of GF (11). The possible orders of these elements are the divisors of q − 1 = 10, i.e., 1 , 2 , 5 , 10. For example, since gcd (6 , 10) = 2, α 6 = 9 has order 10 / 2 = 5, which is easily verified as follows 9 1 = 9 , 9 2 = 4 , 9 3 = 3 , 9 4 = 5 , 9 5 = 1 . But, since 9 and 10 are relatively prime, α 9 = 6 has order 10 and is therefore a primitive element in GF (11). Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes

Integer Rings/Fields Introduction to Finite Fields Polynomial Rings/Fields Definition: Euler’s Totient Function φ ( n ), for integers n ≥ 1, is the number of integers in { 0 , 1 , 2 , . . . , n − 1 } that are relatively prime to n . By definition, φ (1) = 1. Euler’s totient function can be computed as follows. Assume that n = p e 1 1 p e 2 2 · · · p e m m is the factorization of n into distinct prime powers. Then φ ( n ) = |{ 0 ≤ k < n | gcd ( k , n ) = 1 }| m m (1 − 1 � � p e i − 1 = n ) = ( p i − 1) . i p i i =1 i =1 Note that if gcd ( n 1 , n 2 ) = 1, then φ ( n 1 n 2 ) = φ ( n 1 ) φ ( n 2 ), and thus φ ( n ) = φ ( p e 1 1 ) φ ( p e 2 2 ) · · · φ ( p e m m ) , i ) = p e i − 1 where φ ( p e i ( p i − 1). Note that this also implies that i φ ( n ) ≥ 1. Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes

Integer Rings/Fields Introduction to Finite Fields Polynomial Rings/Fields Theorem: Suppose β ∈ GF ( q ) has order n . Then x n − 1 = ( x − β 0 ) ( x − β 1 ) · · · ( x − β n − 1 ) . Proof: Clearly, ( β i ) n = ( β n ) i = 1 i = 1 for any integer i ≥ 0, and thus β i is a root of x n − 1. Since β 0 , β 1 , . . . , β n − 1 are all distinct and x n − 1 has degree n , these are all the roots that x n − 1 can have. QED Theorem: If n | ( q − 1), then there are φ ( n ) elements of order n in GF ( q ). Proof: Suppose β ∈ GF ( q ) has order n . According to the previous theorem, the set { β 0 , β 1 , . . . , β n − 1 } is the set of solutions of the equation x n − 1 = 0. But β i has order n iff gcd ( i , n ) = 1. Thus, by the definition of Euler’s totient function, the set of solutions to x n − 1 = 0 contains exactly φ ( n ) elements of order n . QED Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes

Integer Rings/Fields Introduction to Finite Fields Polynomial Rings/Fields Corollary: In every finite field GF ( q ) there are exactly φ ( q − 1) primitive elements. Proof: Follows immediately from the above theorem. Corollary: The group of nonzero elements of GF ( q ) under multiplication is a cyclic group. Proof: Follows from the above corollary and the fact that φ ( n ) ≥ 1 for any positive integer n . Example: Let α ∈ GF (2 4 ) be a primitive element of GF (2 4 ). The divisors of q − 1 = 15 are c = 1 , 3 , 5 , 15 and thus: GF (2 4 ) Elements of order c Order c φ ( c ) α 0 1 1 α 5 , α 10 3 2 α 3 , α 6 , α 9 , α 12 5 4 α 1 , α 2 , α 4 , α 7 , α 8 , α 11 , α 13 , α 14 15 8 There are φ (15) = 8 primitive elements, each of which can be used to generate all nonzero elements of GF (2 4 ). Peter Mathys ECEN 5682 Theory and Practice of Error Control Codes