How to find minimal polynomial for an element in $\mbox{GF}(2^m)$?

Question

I'm new to this Finite field theory. Someone please explain how minimal polynomials are generated for each element in GF(2^m). I searched in the website but I'm not getting any clue.

Answer 1

This isn't too difficult because we only need methods from linear algebra. Let me do an example. I pick the field $GF(2^5)$ because for smaller fields I know the answer by heart, and I would fall back on ad hoc tricks rather than the general method.

Let $\alpha$ be a zero of the irreducible polynomial $x^5+x^2+1$. The task I assign to myself is to find the minimal polynomial of $\beta=\alpha^3$. From general theory we know that the minimal polynomial of $\beta$ has degree at most five (actually we can immediately see that it will be exactly five, but I try to avoid special knowledge here). So let's compute the powers $\beta^i, i\le 5$: $$ \begin{aligned} \beta^0&=&&=1,\\ \beta^1&=&&=\alpha^3,\\ \beta^2&=\alpha^6=\alpha\cdot\alpha^5=\alpha(\alpha^2+1)&&=\alpha^3+\alpha,\\ \beta^3&=\alpha^3(\alpha^3+\alpha)=\alpha^6+\alpha^4&&=\alpha^4+\alpha^3+\alpha,\\ \beta^4&=\alpha^7+\alpha^6+\alpha^4=\alpha^6+\alpha^2&&=\alpha^3+\alpha^2+\alpha,\\ \beta^5&=\alpha^6+\alpha^5+\alpha^4&&=\alpha^4+\alpha^3+\alpha^2+\alpha+1. \end{aligned} $$ At this point we can set up a linear system for the unknowns $c_0,c_1,\cdots,c_5$ and find a solution of the system $$ c_0+c_1\beta+c_2\beta^2+c_3\beta^3+c_4\beta^4+c_5\beta^5=0 $$ by plugging in the values of the powers $\beta^i$ and then set the coefficients of all the powers of $\alpha$ to zero (the powers $1,\alpha,\cdots,\alpha^4$ are linearly independent (because $4<m=5$) so this is valid. We get $$ \left\{\begin{array}{lcl} c_0+c_5&=&0,\\ c_2+c_3+c_4+c_5&=&0,\\ c_4+c_5&=&0,\\ c_1+c_2+c_3+c_4+c_5&=&0,\\ c_3+c_5&=&0. \end{array}\right. $$

Note: One term was missing from the second equation. Fixing the answer as well.

This is an underdetermined homogeneous system, so it has non-trivial solutions. The lowest degree one gives the minimal polynomial (if the solution space has dimension $>1$ then you set undetermined coefficients to zero starting from the highest). I am sure you learned to handle these in linear algebra. So I go ad hoc at this point, and "guess" that $c_5=1$. The equations involving only two unknowns then immediately yield $c_0=c_3=c_4=1$. The remaining equations then imply $c_2=1$ and $c_1=0$. This means that $\beta$ satisfies the equation $$ 1+\beta^2+\beta^3+\beta^4+\beta^5=0, $$ and its minimal polynomial is then $$ m(\beta,x)=m_3(x)=1+x^2+x^3+x^4+x^5. $$

Answer 2

The OP's comment states the goal here is to generate the minimum polynomial for a BCH code. I have an old program that does a brute force search, similar to the example shown in the wiki article:

https://en.wikipedia.org/wiki/BCH_code#Example

Using GF(2^5) based on $x^5+x^2+1$, $\alpha=x+0 =$ hex 02, with code length n = 31, message length k and distance d for a code BCH(n,k,d).

Powers of $\alpha$ (hex 02) from 0 to 30 in GF(2^5), shown as hex:

01 02 04 08 10 05 0a 14
0d 1a 11 07 0e 1c 1d 1f
1b 13 03 06 0c 18 15 0f
1e 19 17 0b 16 09 12

A list of minimum polynomials with 1 bit coefficients otherwise under GF(2^5) for the 30 powers of $\alpha$ where $m_i(\alpha^i)\ mod\ (x^5+x^2+1) = 0$. Each of these can be found using the method shown in Jyrki Lahtonen's answer, or by a brute force search in the range $x^5+1$ to $x^5+x^4+x^3+x^2+x+1$.

m1,m2,m4,m8,m16 = $x^5+x^2+1$
m3,m6,m12,m17,m24 = $x^5+x^4+x^3+x^2+1$
m5,m9,m10,m18,m20 = $x^5+x^4+x^2+x+1$
m7,m14,m19,m25,m28 = $x^5+x^3+x^2+x+1$
m11,m13,m21,m22,m26 = $x^5+x^4+x^3+x+1$
m15,m23,m27,m29,m30 = $x^5+x^3+1$

lcm(...) is the least common multiple for the list of $m_i$'s.

1 bit correction: BCH(31,26,3) => lcm(m1,m2) =
$m1 = x^5+x^2+1$

2 bit correction: BCH(31,21,5) => lcm(m1,m2,m3,m4) =
$m1\ m3 = x^{10}+x^9+x^8+x^6+x^5+x^3+1$

3 bit correction: BCH(31,16,7) => lcm(m1,m2,...m6) =
$m1\ m3\ m5 = x^{15}+x^{11}+x^{10}+x^9+x^8+x^7+x^5+x^3+x^2+x^1+1$

5 bit correction: BCH(31,11,11) => lcm(m1,m2,...m10) =
$m1\ m3\ m5\ m7 = x^{20}+x^{18}+x^{17}+x^{13}+x^{10}+x^9+x^7+x^6+x^4+x^2+1$

7 bit correction: BCH(31,6,15) => lcm(m1,m2,...m14) =
$m1\ m3\ m5\ m7\ m11 =$
$x^{25}+x^{24}+x^{21}+x^{19}+x^{18}+x^{16}+x^{15}+x^{14}+x^{13}+x^{11}+x^9+x^5+x^2+x+1$

15 bit correction: BCH(31,1,31) => lcm(m1,m2,...m30) =
$m1\ m3\ m5\ m7\ m11\ m15 =$
$x^{30}+x^{29}+x^{28}...+x^2+x+1$
There are only two valid codes, all 0 bits or all 1 bits.

---

A common example of BCH code is for some types of ECC memory, which use a shortened BCH(127,120,3) code based on GF(2^7) plus a parity bit used to prevent a single bit correction if the number of error bits is even, such as 2, 64 bits of data, 7 bits for the BCH code, 1 bit for the parity, for a total of 72 bits. Since it's a single bit correction, the BCH generator polynomial will be the same as the field polynomial, such as $x^7+x+1$.

Answer 3

The conjugates of an element $\alpha$ of GF[$2^k$] are $\{\alpha^{(2^i)},\;i\geq 0 \}$. This set contains at most $k$ distinct elements-- let them be $\beta_1,\ldots ,\beta_j$. The minimal polynomial is $$ p_\alpha(x)=\prod_{i=1}^j (x-\beta_i). $$