Factoring polynomials over finite fields

Transcription

1 Factoring polynomials over finite fields Summary and et questions 12 octobre Finite fields Let p an odd prime and let F p = Z/pZ the (unique up to automorphism) field with p-elements. We want to classify finite fields up to automorphism. Question 1 Give a field with 4 elements. Is there any field with 6 elements? Let K be a finite field. Its characteristic p is finite. Otherwise K would contain Q. So K contains a subfield isomorphic to F p. So K is a vector space over F p. Let d be its dimension. The cardinality of K is p d. Let Φ : K K be the map defined by Φ(x) = x p. It is an F p -linear map. It is even a ring homomorphism. It is called the Frobenius endomorphism. The multiplicative group K is cyclic. More generally, any finite subgroup in the multiplicative group of a field is cyclic. A primitive element of K is by definition a generator of the group K. Be carefull : some people call primitive any element that generates K as an F p -algebra. Question 2 Find a primitive element in F 101. How many primitive elements do we have in F p? How can we find such an element in general? Let F (x) F p [x] be a degree d irreducible polynomial. Then F p [x]/f (x) is a finite field with cardinality p d. Question 3 Is every finite field isomorphic to such a quotient? We prove that for any positive integer d there exists a degree d irreducible polynomial in F p [x]. This finishes the classification of finite fields. To prove the existence of irreducible polynomial for every degree we first prove the following identity in F p [x] x pd x = f(x) (1) where f(x) runs over the set of irreducible polynomials with degree dividing d. We deduce that 1

2 p d = e d en(e) (2) where N(e) is the number of monic irreducible polynomials of degree e in F p [x]. Using Mœbius inversion formula we deduce dn(d) = e d µ( d e )pe (3) To prove the existence of a degree d irreducible polynomial it suffices to prove that the sum e d µ( d e )pe is positive. Indeed if d 2 then µ( d e )pe p d e d e d et e d p e p d 1 e d/2 p e p d p d/ So there exists a field with cardinality p d. It is easy to see that two finite fields with the same cardinality are isomorphic. We write F q for the field with q elements. This is a questionable notation because this field is only defined up to isomorphism, unless we have fixed one algebraic closure Ω for F p. In this text we are interesed in the following problem : given a polynomial A(x) in F p [x], find the decomposition of A(x) as a product of irreducible factors. The algorithm we present decomposes in three steps. There are variants for the third step. We only present one of them. Question 4 About the various meanings of primitive element. How many primitive elements do we have in F 256? How many generators of the group F 256? How many generators of the F 2 -algebra F 256? Deduce the number of degree 8 irreducible polynomials in F 2 [x]. 2 Berlekamp s algorithm, first step We want to factor A(x) F p [x]. Assume A is monic. Let A(x) = f e i i (x) 1 i I be the prime decomposition. The integer e i 1 is the multiplicity of f i (x) in A. The goal of this first step is to reduce to the case where A is square-free (i.e. all multiplicities are 0 or 1). The square-free case will be treated in steps 2 and 3. The multiplicity of f i (x) in the derivative A (x) is e i 1 if e i is non-zero modulo p. Otherwise it is e i. Set B = pgcd(a, A ). If B = A then p divides all e i so A is a p-th power. One easily finds an R(x) such that R p = A. We reduce to factoring R. 2

3 If B A then we set C = A/B and we reduce to factoring C and B. We note that C is square-free. An example with Mupad : R := Dom :: IntegerMod(5); A := poly((x-1)*(x-2)^2*(x-3)^6,r); We obtain a degree 9 polynomial to be factored. B := gcd(a,diff(a,x)); C := A/B; The equivalent commands in Maple are A:=(x-1)*(x-2)^2*(x-3)^6; A:=expand(A); B:=Gcd(A,diff(A,x)) mod 5; Rem(A,B,x) mod 5; C:=Quo(A,B,x) mod 5; it. The polynomial C has degree 3 and is square-free, so we are content with The polynomial B has degree 6. We continue. F := gcd(b,diff(b,x)); G := B/F; F. The polynomial G has degree 1. We are content with it. We continue with H := gcd(f,diff(f,x)); We find H = F. This is not a surprise because H = x is a 5-th power. Indeed H(x) = (x + 2) 5. 3 Second step Thanks to the first step we now have square-free polynomials to factor. We use the identity (1). If A(x) is square-free we set A 1 (x) = pgcd(a(x), x p x). We check the A 1 is the product of all degree 1 irreducible factors of A(x). We set A 2 (x) = pgcd(a/a 1, x p2 x). This is the product of all degree 2 irreducible factors of A. We continue and compute A 3 (x) = pgcd(a/(a 1 A 2 ), x p3 x)... In the end we have decomposed A as a product of polynomials A 1, A 2, A 3,..., where A i is square-free and has only degree i irreductible factors. Factoring such polynomials will be the purpose of the third step. An example of the second step treated in Mupad : 3

4 R := Dom :: IntegerMod(2); A := poly(x^9+x^8+x^7+x^2+x+1,[x],r); B := gcd(a,diff(a,x)); We obtain poly(1, [x], Dom::IntegerMod(2)) Then A1 := gcd(a,poly(x^2-x,[x],r)); C1 := A/A1; We obtain A 1 = x + 1. Then A2 := gcd(c1,poly(x^4-x,[x],r)); C2 := C1/A2; A3 := gcd(c2,poly(x^8-x,[x],r)); We obtain A 2 = x 2 + x + 1 et A 3 = C 2. Question 5 What can we deduce about the factors of A? We now treat an example with p = 101. Let A(x) = x 4 + x + 7 F 101 [x] the polynomial to be factored. We don t want to compute the gcd of x 101 x and A(x) directly. Even less the gcd with x 1012 x. We work in the ring R = F p [x]/a(x) and set α = x mod A(x). We compute α p = U(x) mod A(x) with deg(u) < deg(a). We check that pgcd(x p x, A(x)) = pgcd(u(x) x, A(x)). This way we avoid dealing with big polynomials. Note that α p R can be computed using the fast exponentiation algorithm. Another example of the second step in Mupad : R := Dom :: IntegerMod(101); A := poly(x^4+x+7,[x],r); B := gcd(a,diff(a,x)); U := powermod(x,101,a); We obtain B = 1 and U = 21x x x Equivalent instructions in Maple are A := x^4+x+7; B := Gcd(A,diff(A,x)) mod 101; U:=Powmod(x,101,A,x) mod 101; We continue 4

5 C := gcd(poly(u-x,r),a); We find C = x x Question 6 What can we deduce about the irreducible factors of A? Question 7 Give an estimate for the number of elementary operations required by the second step of Berlekamp s algorithm. 4 Third step After the second step we find ourselves with square-free polynomials having equal degree irreducible factors. So let A F p [x] be such a polynomial and let k be the degree of all its irreducible factors. Let I be the number of these factors. So deg(a) = Ik. We assume the characteristic p is odd. We come back to equation (1). We set r d = pd 1 2. We find (x r d 1)(x r d + 1)x = f(x) (4) where the product is over all irreducible monic polynomials in F p [x] having degree dividing d. We set A 1 = pgcd(a, x r k 1), A 1 = pgcd(a, x r k +1), and A 0 = pgcd(a, x). So A = A 0 A 1 A 1. If f is an irreducible factor of A and α F p k a root of f, then f divides A 1 if and only if α is a non-zero square in F p k. More generally, let U(x) be a polynomial in F p [x] and set A U 1 = pgcd(a, U(x)r k 1), A U 1 = pgcd(a, U(x)r k+1), and A U 0 = pgcd(a, U(x)). So A = A U 0 AU 1 AU 1. If f is an irreducible factor of A and α F pk a root of f, then f divides A U 1 if and only if U(α) is a non-zero square in F p k. Question 8 Pick a random (with uniform distribution) U(x) among all polynomials F p [x] having degree deg(a) 1. What is the probability that one of polynomials A U 0, AU 1, AU 1 be a non-trivial factor of A? How many trials do we need on average to find such a non-trivial factor? Question 9 Give an upper bound for the number of elementary operations that are necessary to compute A U 0, AU 1 and AU 1. Deduce an estimate for the complexity of the third step as a function of log p, k and deg(a). We come back to the example in the previous section. So let C = x 2 +38x+11 and F = A/C = x x F := A/C; V := powermod(x,50,c); W := gcd(poly(v-1,r),c); K := C/W; 5

6 We obtain V = 89x + 75 and W = x + 78 and K = x Question 10 Deduce the factorisation of A. Question 11 Give the structure of the multiplicative group (Z/107Z). Give an adapted generating set. Same question with (Z/10807Z). Same question with (F 2 [x]/a(x)) where A(x) = x 7 + x 6 + x 5 + x + 1. Question 12 Let p be a prime and let d be a positive integer. Set T d (x) = x + x p + x p2 + + x pd 1. Let q = p d. Prove that x q x = a F p (T d (x) a). Deduce a variant of the third step that is valid for p = 2. 6