0

I am trying to understand the AES-256 encryption algorithm as it would be implemented on a gated quantum computer (actually, a simulator), and I am having some trouble understanding the theory behind it. The papers I read start with the ring of polynomials given by $F_2[x]/(1 + x + x^3 + x^6 + x^8)$. What is the significance of the polynomial $1 + x + x^3 + x^6 + x^8$? And how does this relate to $GF(2^8)$?

poncho
  • 147,019
  • 11
  • 229
  • 360
Robert Singleton
  • 103
  • 5

1 Answers1

1

To answer the specific question, $F_2[x]/(1 + x + x^3 + x^6 + x^8)$ is isomorphic to $GF(2^8)$. See here for more info.

The polynomial $g(x) = 1 + x + x^3 + x^6 + x^8$ is irreducible over $F_2$, so the quotient is a field. The degree of the polynomial is 8, so it is a degree 8 algebraic extension of $F_2$. In other words, it is $F_{2^8}$.

Elements in $F_2[x]/(g(x))$ are equivalence classes of polynomials modulo $g(x)$.

This is a standard way to construct finite-degree algebraic field extensions.

By the way, I think AES actually has $x^4$ instead of $x^6$ in the polynomial. Not sure if that was a typo in your question or if you read it somewhere.

meshcollider
  • 1,573
  • 1
  • 10
  • 14
  • This was very helpful. I've been trying to factor the polynomial unsuccessfully over $_2$, so it's good to know that it is irreducible. How does one prove that that a specific polynomial is irreducible in $F_2$? I have very little intuition for $_2$. Also: you are indeed correct, the polynomial has $x^4$ instead of $x^6$. Is there a reason AES chose $1 + x + x^3 + x^4 + x^6$ instead of some other irreducible polynomail? – Robert Singleton Mar 25 '22 at 07:41
  • 1
    @RobertSingleton you can use Rabin's test for irreducibility. The choice of polynomial is just part of the standard. – meshcollider Mar 25 '22 at 08:13
  • 1
    You can find how to see that AES polynomial(s) is irreducible here. The selection reason of low weight irreducible it this that reduces the calculation costs in the Finite Field. – kelalaka Mar 25 '22 at 11:25