2

I am reading Geisel's tutorial$^{\color{red}{\star}}$ on Reed-Solomon codes, in which a Galois Field is developed. The elements of the field are generated as consecutive powers of $X$, modulo an irreducible, primitive polynomial $F(X)=X^4+X+1$. From pages 18 and 19,

enter image description here enter image description here

My question is: Why can $X^4\mod F(X) = X^4 + X + 1$ be calculated by '... setting our 4th degree $F(X)$ to zero, and obtain the 4-tuple equivalent to $X^4$.'?

A few pages later, the same modulo function is performed using a long division on the polynomials, which I understand. But why can this also be done as mentioned above?

The answer is probably obvious, I just don't see it.

$\color{red}{\star}$ William A. Geisel, Tutorial on Reed-Solomon Error Correction Coding [PDF], NASA Technical Memorandum 102162, NASA, August 1990.

ʕ ᵔᴥᵔ ʔ
  • 143
  • We are calculating in the ring $,\Bbb Z_2[x]/F(x) ,\cong, \Bbb Z_2[X]\bmod F(x),,$ i.e. polynomials with coefficients in $\Bbb Z_2$ with the hypothesis that $,0\equiv F(X)= X^4+X+1,,$ so $,X^4\equiv -X-1\equiv X+1,,$ by $-1\equiv 1,,$ by $,2\equiv 0.,$ Here $X$ denotes a generic root of $F$ (we assume only the ring axioms and that $X$ is a root). It is a special case of a quotient ring construction. – Bill Dubuque Apr 12 '22 at 18:32
  • Setting $F$ to 0 is just an ad hoc trick (for avoiding long division) which works because $X^4$ is a part of $F$. I.e. $F \equiv 0 \mod F \Rightarrow X^4+X+1 \equiv \mod F \Rightarrow X^4 \equiv -X-1 \mod F$. But $-X-1$ is the same as $X+1$ because the field has characteristic 2 – blamocur Apr 12 '22 at 18:33
  • 1
    When $,F(X) = X^k + H(x),$ and $\deg H < k,$ then we can compute $,G\bmod F,$ using $,X^k\equiv -H(X),$ as rewrite rule to continually reduce all powers $,X^n,$ till $,n< 4,,$ yielding the (unique) least degree polynomial that is congruent to $G$ modulo $F$. This is just as equational form of the longhand division algorithm. These remainders form a complete system of reps of our polynomial ring $!\bmod F,,$ just as do $,0,1,2,\ldots n-1,$ for $,\Bbb Z\bmod n.,$ See here for more on such Euclidean normal forms. – Bill Dubuque Apr 12 '22 at 18:46
  • @blamocur We need more than just $X^4$ is "a part of $F$". It needs to be the largest degree monomial in order for the rewrite rule to be degree reducing (so terminating). For more on this look up monomial term orders in any exposition of the Grobner basis algorithm (a multivariate generalization of both the polynomial division algorithm and Gaussian elimination). – Bill Dubuque Apr 12 '22 at 19:01
  • I'm not sure they answer your precise question, but I once wrote here about constructing a finite field to be used in Reed-Solomon codes here. Alas, I used GF(8) as the example on how to construct a field. This other answer of mine was partly designed for referrals like this, but the focus is on building the discrete logarithm table. It is exactly what you seem to be doing here, but it is not called a discrete logarithm table which may be a bit confusing. – Jyrki Lahtonen Apr 12 '22 at 21:13
  • 1
    Here $\alpha$ simply stands for a root of the polynomial $X^4+X+1$. And that's why $\alpha^4+\alpha+1=0$, implying that $\alpha^4=\alpha+1$. From that point on you just calculate with $\alpha$ using the relation to get lower degree polynomials in $\alpha$ as the answer. It is very similar to how you use the relation $(\sqrt 2)^2=2$ when you simplify products like $(2+\sqrt2)(3+7\sqrt2)$ - you use it when it helps! In my discrete log link I denoted this element by $\gamma$ instead, but that's irrelevant. – Jyrki Lahtonen Apr 12 '22 at 21:20
  • You may benefit from looking at the discussion here also. I feel a bit bad about using my own posts mostly. It's just that I try to approach this simple idea from (pedagogically) different angles. Feel free to ask for more explanations. – Jyrki Lahtonen Apr 12 '22 at 21:23
  • @BillDubuque: is your first comment meant to be an answer, or rather a formulation of the question in mathematical symbols? – ʕ ᵔᴥᵔ ʔ Apr 14 '22 at 18:36
  • @blamocur: yes it looks like a simpler solution, compared to long division. But why does it work? – ʕ ᵔᴥᵔ ʔ Apr 14 '22 at 18:41
  • 2
    It's not "simpler" but rather it is equivalent, i.e. using said rewrite rule $,X^k \to -H(X),$ to eliminate the highest degree monomial $,X^{k+n},$ in $,G(X),$ corresponds precisely to one line (intermediate step) in the (longhand) division algorithm for $,G(x)\div F(X),,$ e.g. see the displayed equations here (but swap notation $k\leftrightarrow n$, and $f\leftrightarrow g$) – Bill Dubuque Apr 14 '22 at 20:00
  • 1
    As I wrote in my second comment above, this is just the division algorithm performed in equational form, using said rewrite rule to eliminate ("kill") all monomials $,X^j,$ in $,G,$ that have power $,j\ge k,,$ which results in a polynomial $,\bar G\equiv G\pmod{!F},$ of smaller degree than $F$, so it must be the remainder $,G\bmod F,$ (by uniqueness of the remainder), same as in the linked explanation of the division algorithm in my prior comment. – Bill Dubuque Apr 14 '22 at 20:06
  • @BillDubuque: thank you for your time and patience. I am trying to understand your answers, with limited knowledge. I need to build on the little math knowledge that I have. In your second comment, about the rewrite rule to eliminate one power of $X$ (go from $X^4$ to $X^3$): are you referring to the Euclidian division as defined here? – ʕ ᵔᴥᵔ ʔ Apr 22 '22 at 08:39
  • I refer to the polynomial (not integer) division algorithm, e.g. as described here. – Bill Dubuque Apr 22 '22 at 08:42
  • @BillDubuque: and is there a relation with synthetic division? – ʕ ᵔᴥᵔ ʔ Apr 22 '22 at 08:42
  • Synthetic division is just a more concise way to notate the polynomial division algorithm when dividing by $,x-a\ \ $ – Bill Dubuque Apr 22 '22 at 08:44
  • The link above to the WikiPedia page about Polynomial greatest common divisor does refer to polynomial division, not integer division. – ʕ ᵔᴥᵔ ʔ Apr 22 '22 at 09:05
  • Now all we need is an answer! – ʕ ᵔᴥᵔ ʔ Apr 24 '22 at 15:41
  • @BillDubuque: is the following correct? Euclidean division of polynomials states: "Given two univariate polynomials $a$ and $b ≠ 0$ defined over a field, there exist two polynomials $q$ (the quotient) and $r$ (the remainder) which satisfy: $a = bq + r$, and $deg(r) < deg(b)$.". The calculation $X^4\mod F(X) (= X^4 + X + 1)$, can be fitted in the Euclidean division as $a = X^4$, $b = X^4 + X + 1$, $q = 1$ (this is one first step in a repeated division), $r = r$. So $X^4 = 1 ⋅ (X^4 + X + 1) + r$, resulting in $r = - X - 1$, yielding $r = X + 1$, after modulo 2 calculation on this result. – ʕ ᵔᴥᵔ ʔ Apr 26 '22 at 07:58

1 Answers1

1

$X^4 \mod F(X) = X^4 + X + 1$ can be calculated this way, because this is essentially the (modulo) division algorithm performed in equational form.

Euclidean division of polynomials states:

"Given two univariate polynomials $a$ and $b ≠ 0$ defined over a field, there exist two polynomials $q$ (the quotient) and $r$ (the remainder) which satisfy: $a = bq + r$, and $deg(r) < deg(b)$.".

The calculation $X^4 \mod F(X)\ (=X^4 + X + 1) = r$ (with $r$ being the remainder), can be fitted in the Euclidean division as:

  • $a = X^4$,
  • $b = X^4 + X + 1$,
  • $q = 1$ ($q = 1$ because this is one first step in a repeated division algorithm),
  • $r = r$ (the remainder to be calculated).

So $X^4 = (X^4 + X + 1) ⋅ 1 + r$. This can be solved to $r = −X −1$. After applying the modulo 2 calculation on this result, the result is $r = X + 1$.

ʕ ᵔᴥᵔ ʔ
  • 143