# Finite Fields 02: $\mathbb{F}_{2^3}$ over $\mathbb{F}_2$

In [1]:
F2 = GF(2)
R2.<x> = F2[]

def ord(elem, card=None):
    K = elem.parent()
    if card == None:
        card = K.order()
    for i in range(1, card):
        if elem**i == 1:
            return i
    return "False"
    
def log(s, t):
    K = s.parent()
    for i in range(1, K.order()):
        if s^i == t:
            return i
    return "Fail"
    
def logtable(prim_elem):
    K = prim_elem.parent()
    for i in range(1, K.order()):  # Iterate from 0 to p-1
        elem = prim_elem**i
        print("{:3}, ord={}\t = {}".format(i, ord(elem), elem))


In [2]:
# Construct F8, F_{2^3} with SOME irreducible polynomial (degree 3) 

# F2^3 Basis is (1, a, a^2)

F8.<a> = GF(2^3, 'a')

In [3]:
F8.list()

[0, a, a^2, a + 1, a^2 + a, a^2 + a + 1, a^2 + 1, 1]

In [4]:
# Compute multiplication on F8

a^2 * (a+1) 

a^2 + a + 1

In [5]:
# Let's do some manual calculation
#
#    a^2 * (a+1) = a^3 + a^2 (by expansion)
#
#    a^3 + a^2 = a + 1 + a^2 (by result just returned)
# 
#  ==> a^3 = a + 1  (remove a^2 from both sides)
#
#  ==>  a^3 + a + 1 = 0  (move the right-hand-side term `a + 1` to the left)

a^3 + a + 1 == 0

True

In [6]:
# Obviously, `a` is the root of (x^3 + x + 1 = 0)

# So F8 must have been constructed by using (x^3 + x + 1) (irreducible over F2[x])

# Check it,

F8.polynomial()

a^3 + a + 1

In [7]:
# There are three DISTINCT roots of (x^3 + x + 1)
#
#  1.  a 
#  2.  ?
#  3.  ?

def search_roots(g, poly):
    K = g.parent()
    r = []
    for t in K:
        v = poly.subs(t)
        if v == 0:
            r.append(t)
    return r

search_roots(a, x^3 + x + 1)

# Output: 
#    [a, a^2, a^2 + a]

[a, a^2, a^2 + a]

In [8]:
# There are three distinct roots of (x^3 + x + 1)
#
#  1.  a 
#  2.  a^2
#  3.  a^2 + a

In [39]:
# F8 is the splitting field of (x^8 - x)
#
# Factorization over F2[x]

(x^8 - x).factor()

x * (x + 1) * (x^3 + x + 1) * (x^3 + x^2 + 1)

In [40]:
# Factorization over F8[x]

F8['x'](x^8 - x).factor()

x * (x + 1) * (x + a) * (x + a + 1) * (x + a^2) * (x + a^2 + 1) * (x + a^2 + a) * (x + a^2 + a + 1)

In [11]:
# We can see that (x^3 + x + 1) is irreducible over F2[x], but it is not the only one
# The polynomial (x^3 + x^2 + 1) is another factor of (x^8 - x) and also irreducible over F2[x]

# Clearly, `a` is not the root of (x^3 + x^2 + 1) = 0

(x^3 + x^2 + 1).subs(x=a)

# Output: a^2 + a

a^2 + a

In [12]:
# What are roots of (x^3 + x^2 + 1) = 0

search_roots(a, x^3 + x^2 + 1) == [a + 1, a^2 + a + 1, a^2 + 1]

True

In [13]:
# F8 Partition:
#
#   [0, 1]                        // from F2
#   [a, a^2, a^2 + a]             // from the roots set of (x^3 + x + 1 = 0)
#   [a + 1, a^2 + 1, a^2 + a + 1] // from the roots set of (x^3 + x^2 + 1 = 0)

# Quiz: why the two root sets are disjoint?

In [14]:
# Let's take a closer look at one of them, [a, a^2, a^2 + a] 
#
# Notice that the third root is `a^2 + a`

a^2 + a == a^4

# the roots of `x^3 + x + 1 = 0` is [a, a^2, a^4]

True

In [15]:
# What about the other roots set
#
# Actually, `(a+1)^2` equals to the second root
# and `(a+1)^4` equals to the third

(a+1)^2 == (a^2 + 1), (a+1)^4 == (a^2 + a + 1)

(True, True)

In [41]:
# Froebenius Map: σ
#
# for any t \in F_{p^m}, 
# 
#  σ : F8 --> F8
#      t |--> t^p   (char = p)
#
# if `t` is one root of an irreducible polynomial, 
# then `σ(t)` is the next root 
# and `σ(σ(t))` is the next to the next, and so on.
# Finally, σ(...(σ(t))) = t

sigma = lambda t: t^2

[(t, sigma(t), sigma(sigma(t)), sigma(sigma(sigma(t)))) for t in [a, a+1]]

# Output:
#    [(a, a^2, a^2 + a, a), (a + 1, a^2 + 1, a^2 + a + 1, a + 1)]

[(a, a^2, a^2 + a, a), (a + 1, a^2 + 1, a^2 + a + 1, a + 1)]

In [17]:
# Surprisingly, we can get the root set starting from any root

[(t, sigma(t), sigma(sigma(t)), sigma(sigma(sigma(t)))) for t in [a^2]]

[(a^2, a^2 + a, a, a^2)]

In [18]:
# Again,

[(t, sigma(t), sigma(sigma(t)), sigma(sigma(sigma(t)))) for t in [a^2 + a]]

[(a^2 + a, a, a^2, a^2 + a)]

In [19]:
# The roots are ordered like an ORBIT. That's why it is often called Froebenius Orbit

# Test one more case from `x^3 + x^2 + 1` roots

[(t, sigma(t), sigma(sigma(t)), sigma(sigma(sigma(t)))) for t in [a^2 + a + 1]]

[(a^2 + a + 1, a + 1, a^2 + 1, a^2 + a + 1)]

In [43]:
# The elements on the same orbit are called conjugates

def conjugates(t):
    r = []
    for i in [1,2,4,8,16]:
        t2 = t^i
        if t2 in r:
            continue
        r.append(t^i)
    return r

In [42]:
conjugates(a)

[a, a^2, a^2 + a]

In [44]:
conjugates(a+1)

[a + 1, a^2 + 1, a^2 + a + 1]

In [22]:
# Definition:
#
#  σ : t ---> t^2,  forall t in F8
#  ɩ : t ---> t,    forall t in F8
#
#  (ɩ, σ(.), σ(σ(.))) is a cyclic group, where `σ` is the group law and `ɩ` is the identity

# The group has a legendary name: Galois Group, or `Gal(F8/F2)`
#  
# Froebenius Automorphism 
#
# σ fixed F2
#
#  F8 -σ-> F8' -σ-> F8'' -+
#   ^                     |
#   |__________σ__________v
#
#  F8  = {t0,         t1 ,        t2 , ...,      t7}
#  F8' = {σ(t0),    σ(t1),      σ(t2), ...,    σ(t7)}
#  F8''= {σ(σ(t0)), σ(σ(t1)), σ(σ(t2)), ..., σ(σ(t7))}
#
#  F8, F8', F8'' are isomorphic to each other


In [23]:
# Quiz: Is there any 3-degree irreducible polynomial other than `x^3+x+1` or `x^3+x^2+1`?

In [24]:
# The irreducible polynomial (x^3+x^2+1) (over F2[x]) can also be used to construct another "F8 over F2" 

F8_alt.<b> = F2.extension((x^3 + x^2 + 1), 'b')
F8_alt

# Here, we use a new notation `b` to denote the adjoined root of (x^3+x^2+1=0)

Finite Field in b of size 2^3

In [25]:
F8_alt.list()

[0, b, b^2, b^2 + 1, b^2 + b + 1, b + 1, b^2 + b, 1]

In [26]:
F8.list()

[0, a, a^2, a + 1, a^2 + a, a^2 + a + 1, a^2 + 1, 1]

In [27]:
# They look similar, except that their elements are in different order

# Print the logtable of F8_alt (let `b` the generator of F8_alt^*)

logtable(b)

  1, ord=7	 = b
  2, ord=7	 = b^2
  3, ord=7	 = b^2 + 1
  4, ord=7	 = b^2 + b + 1
  5, ord=7	 = b + 1
  6, ord=7	 = b^2 + b
  7, ord=1	 = 1


In [28]:
logtable(a)

  1, ord=7	 = a
  2, ord=7	 = a^2
  3, ord=7	 = a + 1
  4, ord=7	 = a^2 + a
  5, ord=7	 = a^2 + a + 1
  6, ord=7	 = a^2 + 1
  7, ord=1	 = 1


In [29]:
# Notice that `a^3` doesn't look like `b^3`.
#
# The reason is:
#
#   a^3 = a + 1      (F8    = F2(a) is generated by `x^3 + x + 1`)
#   b^3 = b^2 + 1    (F8_alt= F2(b) is generated by `x^3 + x^2 + 1`)
#
# Different irreducible polynomials imply different *" arithmetics
#
# Therefore, the naive map f is NOT isomorphic
#    f : F8 --> F8_alt
#        a |--> b 

# A counter-example:

# a + a^2 == a^4,  but f(a) + f(a^2) != f(a^4).
# 
#   f(a) = b
#   f(a^2) = b^2
#   f(a^4) = b^4

a + a^2 == a^4, b + b^2 == b^4

(True, False)

In [59]:
# Define a function to check if a map is isomorphic

def is_homomorphic(a, b, card=None):
    if card == None:
        card = a.parent().order()
    if card != b.parent().order():
        return "Failed"
    result = True
    for i in range(1, card):
        for j in range(1, card):
            aij = a^i + a^j
            bij = b^i + b^j
            r = log(a, aij) == log(b, bij)
            if not r:
                print("{},{}: ({}) + ({}) != ({}) + ({})".format(i,j,a^i, a^j,b^i, b^j))
                return
            result = result and r
    return result

def is_isomorphic(a, b):
    return (is_homomorphic(a, b) and is_homomorphic(b, a))
    
# For every two terms (a^i, b^j) both from F8\{0} and F8_alt\{0}, the Alg. `is_isomorphic()` checks 
#
#   1. f(a^i) + f(a^j) = f(a^i + a^j)
#   2. f(a^i) * f(a^j) = f(a^i * a^j)

# If the two fields are not isomorphic, the Alg. print out the incorrect terms

is_isomorphic(a, b)

1,2: (a) + (a^2) != (b) + (b^2)


In [58]:
# What if we try again with a different map

is_isomorphic(a, b+1)

# f : F8 --> F8_alt
#     a |--> b+1 
# 
#  is the map we are looking for

True

In [60]:
# another map  f: b |--> a+1 is isomorphic 

is_isomorphic(b, a+1)

True

In [62]:
# Any reasons?
#
# Notice that BOTH `a` and `b+1` are roots of the SAME irreducible polynomial (x^3 + x + 1)

conjugates(b+1)

[b + 1, b^2 + 1, b^2 + b]

In [63]:
conjugates(b)

[b, b^2, b^2 + b + 1]

In [64]:
# F8_alt Partition:
#
#   [0, 1]                        // from F2
#   [b, b^2, b^2 + b + 1]         // from the roots set of (x^3 + x^2 + 1)
#   [b + 1, b^2 + 1, b^2 + b]     // from the roots set of (x^3 + x + 1)

In [65]:
# We guess that  f: a |--> b^2+1  is also isomorphic since they are from `x^3 + x + 1 = 0`
#
# Don't trust, verify!

is_isomorphic(a, b^2+1), is_isomorphic(a, b^2+b)

# Also `f: a |--> b^2+b`

(True, True)

In [66]:
# Minimal 
#

def minimal_poly(t):
    roots = conjugates(t)
    print(roots)
    poly = 1
    for r in roots:
        poly = poly * (x+r)
    return poly

minimal_poly(a)

[a, a^2, a^2 + a]


x^3 + x + 1

In [67]:
minimal_poly(b+1)

[b + 1, b^2 + 1, b^2 + b]


x^3 + x + 1