By: Hector L Contreras SSGT / USMC Finite Fields By: Hector L Contreras SSGT / USMC

Outline Abstract Algebra review to show that Finite Fields exist Proof on Cyclic Difference Sets Proof on Quadratic Residue Difference Set

What are Finite Fields? Finite Fields are Fields with a finite amount of elements (i.e. the obvious). These are special types of sets that are algebraic systems that are closed under addition, subtraction, multiplication and division (except for 0). Fields >> (come from) Integral Domains Integral Domains >> Commutative Rings Commutative Rings >> Groups In fact they contain a group

Groups A Group G is a nonempty set together with a binary operation (*) such that the following three properties are satisfied: Associativity  (a*b)*c = a*(b*c) For all a,b,c є G Identity  There is an element e є G such that a*e = e*a = a For all a є G Inverses  For each element a є G, there is an element b є G such that a*b = b*a = e (Note: A binary operation on G is a function that assigns each ordered pair of elements of G an element of G (closure))

Terminology (Groups) Order of a Group G is the number of elements it contains (denoted |G| ). Order of an element g є G is the smallest positive integer n such that gn = e (denoted |g|). Here gn = g * g * … * g (n times). In a finite group, the order of each element of the group divides the order of the group.

Properties of Groups For all g є G, g0 = e For all n,m ≥ 1, g є G, gn = gn-1*g gn * gm = gn + m (gn)-1 = g-n = (g-1)n (gm)n = gmn

Abelian Groups If G is a group and for all a, b є G we have a*b = b*a (commutativity) then G is called an Abelian Group. In an abelian group G, for all a, b є G, (a * b)-1 = b-1 * a-1 = a-1 * b-1

Cyclic Groups A group G is called cyclic if there exists an element g є G such that G = {gn | n є Z}. Such an element g is called a generator of G. Here |g| = |G| Z4 (group of integers modulo 4) is cyclic since Z4 = {0, 1, 2, 3} and 3 + 0 = 3, 3 + 3 = 6 ≡ 2 (mod 4), 3 + 3 + 3 = 9 ≡ 1 (mod 4), 3 + 3 + 3 + 3 = 12 ≡ 0 (mod 4) so 3 is a generator. An integer k in Zn is a generator of Zn if and only if gcd(n,k) = 1.

Ring with Unity A Ring R is a nonempty set with two binary operations, addition (denoted by a + b) and multiplication (denoted ab), shuch that for all a, b, c є R: R is an abelian group under addition. a(bc) = (ab)c (associativity) a(b + c) = ab + ac and (b + c)a = bc + ca A Unity in a ring is a nonzero element that is the identity under multiplication. Note that whenever we speak of rings we mean for them to have unity.

Commutative Rings A Commutative Ring R is ring such that for all a, b, c є R. a(b + c) = ab + ac = (b + c)a (commutativity) A Unit is a nonzero element of a Commutative Ring with Unity that has a multiplicative inverse.

Integral Domains A Zero-Divisor is a nonzero element a є R, R is a commutative ring, such that there is a nonzero element b є R with ab = 0. An Integral Domain is a commutative Ring with unity and no zero-divisors.

Fields A Field is a commutative ring with unity in which every nonzero element is a unit. C, R, Q are all examples of Infinite fields Every field is an integral domain. In fact a finite integral domain is a field

Zm  Ring of Integers Modulo m For all m > 1, m є Z, Zm = { 0, 1, 2, …, m-2, m-1} Addition modulo m (denoted mod m) For all x,y є Zm, (x + y) is the remainder of (x + y) divided by m. Multiplication modulo m (denoted mod m) For all x,y є Zm, xy is the remainder of xy divided by m. Zm is the ring of integers under addition and multiplication modulo m.

Zp is a Field For every prime p, Zp, the ring of integers modulo p, is a field Commutative Unity Finite Integral Domain Field Why not Zm for all m > 1, m є Z? Zero - Divisors

Polynomials Let R[x] represent the ring of polynomials over R. Here you add and multiply polynomials just like you have always done but the coefficient arithmetic is done over R. If R = Z5 then 4x + 2x = x, (3x2)(3x6) = 4x8 Let p(x) є R[x]. If p(x) = anxn + an-1xn-1 + … + a1x + a0 where an ≠ 0, then deg(p(x)) = n.

Irreducible/Reducible Polynomials Let D be an integral domain. A polynomial f(x) є D[x] where deg(f(x)) ≥ 2, is said to be Irreducible over D if we have that when, f(x) = g(x)h(x), with g(x), h(x) є D[x], we have deg(g(x)) = deg(f(x)) or deg(h(x)) = deg(f(x)). An element of D[x] that is not irreducible over D is called Reducible over D (Duh!!!).

Irreducible/Reducible Polynomials Let F be a field. If deg f(x) = 2 or 3, f(x)єF[x], then f(x) is reducible over F if and only if f(x) has a zero in F. Examples x2 - x - 1 is irreducible over Q but reducible over R: x2 - x - 1 = (x – (1+√5)/2)(x – (1-√5)/2) x = (1 + √5 )/2 is a zero.

More Examples of Irreducible/Reducible Polynomials 2x2 + 4 is irreducible over Q and R but Reducible over C. i є C, √(2i) is a zero x2 + x + 1 is irreducible over Z2 (in fact it is the only irreducible quadratic over Z2): x2 and x2 + x both have 0 as a zero x2 + 1 = (x + 1)(x + 1) and 1 is a zero.

Example of Irreducible polynomial with degree > 3. x4 + x + 1 is irreducible over Z2 If it were reducible then it would either have quadratic factors or linear factors. Linear factors have zeros. If quadratic then the factor would have to be x2 + x + 1 (verify that not true).

Properties of a Finite Field It can be shown that finite fields have order pn, where p is a prime. It can be shown that for each prime p and each positive integer n, there is, up to isomorphism, a unique finite field of order pn. Let GF(pn) represent a finite field of order pn..

Construction of Finite Fields To construct GF(pn), first find an irreducible polynomial I of degree n, with coefficients in Zp. Let GF(pn) = {an-1xn-1 + an-2xn-2 + … + a1x + a0 | ai є Zp} (Note that here addition is done modulo Zp while multiplication is done modulo I)

Construction of GF(pn) (cont.) Example GF(16) = GF(24) we want polynomial of degree 4 with coefficients in Z2 = {ax3 + bx2 + cx + d | a,b,c,d є Z2} Here addition is done as in Z2[x], while multiplication is done modulo x4 + x + 1.

More Properties of GF(pn) It can be shown that for each positive integer n there exists an irreducible polynomial of degree n over GF(p) for any p. It can be shown that for each divisor m of n, GF(pn) has a unique subfield of order pm. Moreover, these are the only subfields of GF(pn).

Example of Computation (reducing modulos f(x) and Zp ) GF(16) = GF(24) In this context x4 + x + 1 = 0 then x4 = x + 1 So x6 = x3 + x2, x5 = x2 + x (x3 + x2 + x + 1)(x3 + x) = x6 + x5 + 2x4 + 3x3 + x2 + x ≡ x6 + x5 + x3 + x2 + x ≡ x2

Primitive Element A nonzero element a є GF(q) is called a Primitive Element if h1, h2, …, hq-1, are precisely all the nonzero elements of GF(q) (i.e. the multiplicative order of a is (q-1)) Generator of the multiplicative group of nonzero elements Used to simplify multiplication It can be shown that every GF(pn) contains a primitive element

Example of computations of Galois Fields using a Primitive Root Since GF(16) = {0, 1, x, … x14} where x15 = 1, then x is a primitive root: (x6)(x12) = x18 = x3 x10 + x7 = (x2 + x + 1) + (x3 + x + 1) = x3 + x2 = x6 (x3 + x2 + 1)(x3 + x2 + x + 1) = x13x12 = x25 = x10 = x2 + x + 1

Transition Now that we know that finite fields exist and are familiar with some of the properties that they obey, we can now use them to perform some constructions on difference sets. Up ahead we have: If q is a prime power, there exists a cyclic (q2 + q + 1, q + 1, 1) difference set. Let pn = 4t + 3. Then the nonzero squares in GF[pn] form a (4t + 3, 2t + 1, t) difference set.

Finite Projective Planes Recall that symmetric designs with λ = 1 have parameters v = n2 + n + 1, k = n + 1 for some integer n ≥ 2, and are called Finite Projective Planes (FPP). Let Pn = (n2 + n + 1, n + 1, 1) design (FPP). We know these exists if n = p where p is prime. Will show that exists if n = pm

Difference Set A (v, k , λ) Difference Set in an additive Abelian Group G of order v is a set D = {d1, …, dk} of distinct elements of G such that each nonzero element g of G has exactly λ representations as g = di – dj. If q is a prime power, there exists a cyclic (q2 + q + 1, q + 1, 1) difference set.

Proof Let q = pn and let h be a Primitive Element of GF(q3). Then GF(q3) = {0, h0, h1, …, hq3 - 2, hq3 - 1}. Let G = {0, hu, h2u, …, h(q-1)u} where u = (q3-1)/(q-1) = q2 + q + 1 (it can be shown that G isomorphic to GF[q]). Now for each bi є GF(q), 1 ≤ i ≤ q, bi = hui there is a unique ai, 0 ≤ ai ≤ q3 – 1, such that h + bi = hai. Furthermore, ai distinct (mod u).

Cont. Proof (Show that each power is distinct) Aiming for a contradiction, assume that h + b1 = ha1 and h + b2 = ha2 where a1 ≡ a2 (mod q2 + q + 1)  a1 = m(q2 + q + 1) + a2 for some m є Z. So ha1 = ha2hm(q2 + q + 1) = ha2x for some x є GF[q]. This implies that h + b1 = (h + b2)x. So h є GF[q]  since h is a primitive element of GF[q3]. Therefore all ai are distinct(mod u).

Cont. Proof (Show that each difference is unique) Now let aq+1 = 0 and consider the set D = {a1, a2, …, aq, aq+1} (note that all elements are distinct since for all i≠q+1 we have ai ≠ 0). Now show that are differences in D are different. Aiming for a contradiction, assume that ai - aj ≡ ak - al (mod u) ≡∕ 0, ai ≡∕ ak. So we have that ai + al ≡ ak + aj (mod u). If none of these ay equal 0 or the identity, then hai + al = hak + aj + ux haihal = hakhajhux  (h + bi)(h + bl) = (h + bk)(h + bj)g, g є GF[q]

Cont. Proof (Cont. Show each difference is unique) (h + bi)(h + bl) = (h + bk)(h + bj)g, g є GF[q]. This give us h2(1- f) + h(bl + bi - fbj - fbk) + (bibl - fbkbj) =0. If g = 1, then we get bi + bl = bk + bj and bibl = bkbj. This implies that (bi – bk)(bj – bi) = 0  bi = bk or bi = bj . If g > 1 then  since h is a primitive element of GF[q3]. Finally, if one of these ay = aq+1 = 0 (say it’s ai) then we get that h + bl = (h + bk)(h + bj)g  since h is a primitive element of GF[q3]. Therefore each difference is unique  a cyclic (q2 + q + 1, q + 1, 1) difference set exists QED.

Quadratic Residue Let p be an odd prime and gcd(a, p) = 1. If the quadratic congruence x2 ≡ a (mod p) has a solution, then a is said to be a Quadratic Residue (Square) of p. Otherwise a is called a quadratic nonresidue of p (once again DUH!!!). Let p = 7, then h = 3 is a primitive element 32 ≡ 2 (mod 7), 34 = (32)2 ≡ 4 (mod 7), 36 = (33)2 ≡ 1 (mod 7). So {1, 2, 4} is the set of nonzero squares (quadratic residues) in 7.

Properties of Squares Let h be a primitive element of GF[pn] where pn is odd. It can be shown that: The nonzero squares in GF[pn] are the even powers of h. -1 is a square if pn ≡ 1 (mod4) but is not a square if pn ≡ 3 (mod 4). If pn ≡ 1 (mod 4) then x is a square iff –x is a square. If pn ≡ 3 (mod 4) then x is a square iff –x is not a square Let pn ≡ 4t + 3. Then the nonzero squares in GF[pn] form a (4t + 3, 2t + 1, t) difference set.

Proof Since pn ≡ 3 (mod 4) then let pn = 4t + 3 for some integer t. Let h be a primitive element of GF[pn] and let Q denote the set of nonzero squares. So Q = {h2, h4, …, h4t + 2} and – Q = {h, h3, …, h4t+1}. Let S = {(x,y)| x, y є Q, x, y are distinct squares}. If x – y ≡ a (mod p) (a є Zp) then we say the (x,y) represents a and denote N(a) as the number of pairs in S that represent a. Now define a mapping fa of ordered pairs mod p by: fa(x,y) = {(a-1x, a-1y) if a is a square {(-a-1y, -a-1x) if a is not a square

Cont. Proof (rep’s of a lead to rep’s of 1) If a is a square then a-1x and a-1y are both squares and then (a-1x , a-1y) represent 1 since whenever we have (x,y) represent a, then x – y ≡ a (mod p)  a-1x – a-1y ≡ 1 (mod p). Now if a is not a square then (-a-1y, -a-1x) represents 1 since whenever we have (x,y) represent a, then -y – (-x) = x – y ≡ a (mod p)  -a-1y – -a-1x = a-1x – a-1y ≡ 1 (mod p). So we have that every representation of a leads to a representation of 1. So whenever (x,y) represents a we have fa(x,y) represents 1.

Cont. Proof (rep’s of 1 lead to rep’s of a) fa-1 maps (a-1x , a-1y) back to (x,y), if a is a square, and (-a-1y, -a-1x) back to (x,y), if a is not a square. If (w,v) represents 1 then fa-1(w,v) represents a. For if w – v ≡ 1 (mod p) then w – v = a-1x – a-1y for some x,y є Q  a(w – v ) = a(a-1x – a-1y) = x – y ≡ a (mod p). So we have that every representation of 1 leads to a representation of a.

End Proof We now have the N(a) = N(1) for all a є Zp (i.e. the difference a shows up the same amount of times as the difference 1). So Q is a difference set. We know that we have v = pn = 4t + 3. Since Q = {h2, h4, …, h4t + 2} then it is easy to see that k = (4t + 2)/2 = 2t + 1. From lecture we know that λ(v – 1) = k(k – 1)  λ(4t + 2)= 4t2 + 2t  λ = t. Therefore the nonzero squares in GF[pn] form a (4t + 3, 2t + 1, t) difference set. Q.E.D.