1

Existence of a finite field:

Solution:

I can understand that if I have a finite field $F$ of characteristic $p$ where $p$ is prime then I can consider $\mathbb Z_p$ as its prime field and hence $F$ will have $p^n$ elements

But how to find such a field $F$ ?

Adam Hughes
  • 36,777
Learnmore
  • 31,062
  • @adam Hughes why did you delete your answer;I was trying to understand it – Learnmore Mar 16 '15 at 06:53
  • I thought the duplicate topic would be the one you were looking at. I've restored my answer. – Adam Hughes Mar 16 '15 at 06:54
  • that's frustrating man@AdamHughes – Learnmore Mar 16 '15 at 06:55
  • I've moved my answer (with a few clean-ups) to the other topic since that is considered the original and it will make searching easier for those looking for it in the future. – Adam Hughes Mar 16 '15 at 07:02
  • @All: This question comes up too often not to be closed as a duplicate. But I am uncertain as to the best original (and I'm not fully content with my pick). If you find a better candidate, please at-ping me. With my moderator superpowers I can do a few mergers :-) – Jyrki Lahtonen Mar 16 '15 at 07:10

3 Answers3

1

For any $n$ one can always find an irreducible degree $n$ polynomial $q(x)$ over $\mathbb{Z}_p$ (edit see below). In particular $(q(x))$ is maximal, and so $\mathbb{Z}_p / (q(x))$ is a field. The elements of this field can be written uniquely as $$a_0 + a_1 x + \cdots + a_{n - 1} x^{n - 1} + q(x), \qquad a_0, \ldots, a_{n - 1} \in \mathbb{Z}_p,$$ so this field has precisely $p^n$ elements.

Edit By request, here's an easy way to see why such a polynomial always exists: By construction, $x^{p^n} - x$ is the product of all irreducible polynomials over $\mathbb{F}_p$ of degree dividing $n$. On the other hand, the degree of the product of all irreducible polynomials over $\mathbb{F}_p$ of degree strictly dividing $n$ (that is, dividing $n$ and less than $n$) is $$\sum_{d \,|\, n, \, d < n} p^d \leq \sum_{k < n} p^d = \frac{p^n - 1}{p - 1} < p^n = \deg (x^{p^n} - x).$$ Thus, $x^{p^n} - x$ has a factor irreducible over $\mathbb{F}_p$ of degree $n$.

Travis Willse
  • 99,363
  • It's not obvious that such a polynomial always exists, you may wish to develop this further to be a more complete answer. – Adam Hughes Mar 16 '15 at 06:28
  • why is the first line true ;how will we find that polynomial – Learnmore Mar 16 '15 at 06:28
  • @AdamHughes I agree it's not obvious, but one often has this fact available when encountering the result in question. learnmore, I've added a (nonconstructive) proof that such a $q(x)$ always exists. – Travis Willse Mar 16 '15 at 08:25
1

You can construct an algebraic closure $\overline{\mathbf{F}}_p$ of $\mathbf{F}_p := \mathbf{Z}/p\mathbf{Z}$ and show that the set of elements $x$ in it such that $x^{p^n}-x$ is a field (because the Frobenius $y\mapsto y^{p^n}$ is additive, classic), and as it has $p^n$ elements...

Olórin
  • 12,040
  • 2
    please say something within my reach ;I am new to this subject;what is Frobenius? – Learnmore Mar 16 '15 at 06:43
  • It is the application $y\mapsto y^{p^n}$ from $\overline{\mathbf{F}}_p$ into itself, as I already wrote in my answer. Note $F$ this map. You have clearly $F(yz)=F(y)F(z)$ for all $y,z$. But you have in fact way more : $F(y+z)=F(y)+F(z)$ for all $y,z$. How do you show this ? You expand $(y+z)^{p^n}$ with Newton's formula, and remark that $p$ divides $p^n \choose k$ when $0<k<p^n$, which leaves only the $y^{p^n}$ and $z^{p^n}$ terms in the expanded sum. This shows that $F$ is a ring endomorphism of $\overline{\mathbf{F}}_p$. – Olórin Mar 16 '15 at 06:47
  • While this works exactly as prescribed, this approach is not for beginners. For example proving the existence of an algebraic closure takes a few chapters :-) – Jyrki Lahtonen Mar 16 '15 at 06:49
  • @JyrkiLahtonen Yet this is the approach you see quite often. By the way, if is false that it is that hard to construct an alg closure. ;-) But in my opinion, intuitively for beginners, it is easier to tell (admitting it in a first time) that you have alg closures (it usually passes smoothly), and then bla bla bla, than to do splitting fields, even if the latter what the original Galois method (existence of an irreducible etc). Moreover, to be honest, it's not the approach that I prefer, but it's the more "direct" in some sense. – Olórin Mar 16 '15 at 06:52
  • Yes, this approach is not without its merits. I agree that believing the existence of an algebraic closure may be easier than fully understanding the existence and uniqueness up to isomorphism of a splitting field. But neither of those approaches helps a person who wants to implement the arithmetic of the field $\Bbb{F}_{2^{337}}$ :-) – Jyrki Lahtonen Mar 16 '15 at 07:05
  • Indeed. But I did not know the OP wanted to calculate in $\mathbf{F}_{2^{337}}$. ;-) No one really wants this. ;-) – Olórin Mar 16 '15 at 07:06
  • Somebody doing elliptic curve cryptography may need to do exactly that. Not necessarily with that exact exponent, but with some other 3-digit exponent. – Jyrki Lahtonen Mar 16 '15 at 07:13
  • 1
    I perfectly know that. (I put smileys.) Actually, I used Niederreiter's sequences in my work in finance, with $p\leq 5$. – Olórin Mar 16 '15 at 07:14
  • Now that's interesting!! Thanks for letting me know! Monte-Carlo, presumably? – Jyrki Lahtonen Mar 16 '15 at 07:16
  • Actually quasi-monte-carlo, but monte-carlo also, as you really gain in throwing quasi-random numbers first to "uniformize", and then "random"-numbers, merely to get confidence intervals. You can have a look at his book : http://www.ricam.oeaw.ac.at/publications/download/niederreiter/siambook_nied.pdf – Olórin Mar 16 '15 at 07:19
0

The cleanest general solution for this that I know of is to construct the said field as the splitting field of the polynomial $x^{p^n}-x$. In practice you want to construct it as the quotient ring $\Bbb{Z}_p[x]/\langle p(x)\rangle$, where $p(x)\in\Bbb{Z}_p[x]$ is an irreducible polynomial of degree $n$.

This practical approach begs the question: Can you show me such an irreducible polynomial? That's when the fun begins. Proving their existence is easier than actually finding one. Deriving a formula telling us exactly how many there are is also easier than actually finding one. I use tables and/or ad hoc techniques.

Community
  • 1
Jyrki Lahtonen
  • 133,153