COMPUTING PRIMITIVE POLYNOMIALS - THEORY AND ALGORITHM

Sean E. O'Connor

Introduction
Number Theory and Finite Field Review
Definition of Primitive Polynomials
Algorithm for Finding Primitive Polynomials
Primitive Polynomial Search Example
Theory Behind the Algorithm
References
Appendix A - Number of Primitive Polynomials
Appendix B - Number of Linear Factor Free Polynomials
Appendix C - Berlekamp Method for Testing Irreducibility
Appendix D - Finding All Primitive Polynomials

Introduction

This technical note explains in great detail the technique used to compute primitive polynomials from the paper by Alanen and Knuth with extensions due to Sugimoto . Prerequisites: Knowledge of elementary number theory, and finite fields as covered in books on abstract algebra. See the references.

Fast Review of Number Theory, Finite Fields and Combinatorics

Here is an ultra-fast review of some basic results we'll need to use.

Number Theory

Primitive Roots

An integer a is defined to be a primitive root of the prime p if equation044. for equation046. but equation048. i.e. the integer a generates the cyclic group { 1, 2, 3, ..., p-1} under modulo p multiplication. Primitive roots exist for all prime p. Example: 2 is a primitive root of 3 because equation050. but equation052.

Euler Phi Function

The Phi or Totient function is defined by equation054. and, for n > 1, equation056. (number of integers between 1 and n-1 relatively prime to n). (Integers a and b are relatively prime (coprime) if the greatest

fig 3.

Euler's Totient with upper and lower bounds.

common divisor of a and b is 1). We have equation058.

for prime p. In general, if n has the prime factorization equation060.

then

Example: equation064. = number of integers between 1 and 17 relatively prime to 18 = # {1, 5, 7, 11, 13, 17}

We have the bounds, where the lower bound holds except for the number, n = 2 3 5 7 11 13 17 19 23. For our example, this is 4.239 ≤ φ ( n ) ≤ 18. A more loose lower bound is φ ( n ) ≤ √ n for n ≥ 6.

Fermat's Little Theorem

If p is a prime and p does not divide a, then equation070. and for any integer a, equation072. For example, equation074.

Finite Fields

Basic Properties

Any finite field has equation076. elements where n is 1 or greater and p is prime. All fields with the same number of elements are isomorphic. A field with equation078. elements is called Galois Field equation080.

Polynomial Representation

The Galois field equation082. is a quotient ring equation084. where g(x) is any monic irreducible polynomial of degree n with coefficients in GF(p), and (g(x)) is the maximal principle ideal generated by g(x). In other words, it is an algebraic extension of GF(p).

The field is exactly the set of all polynomials of degree 0 to n-1 with the two field operations being addition and multiplication of polynomials modulo g(x) and with modulo p integer arithmetic on the polynomial coefficients.

For example, the field equation086. is the set of polynomials equation088. with addition and multiplication of polynomials mod equation090. and mod 3.

Exponential Representation

equation094. forms a cyclic group of order equation096. under multiplication with the elements, equation098. where the field element a is called a generator of the group (or primitive element of the field). Multiplication is defined by equation100. For consistency, we define the zero element of the field as equation092. Zero is not a primitive element.

Example: We show that equation102. is a primitive element of the field equation104. by multiplying out powers of a.

equation106.

equation108.

equation110.

equation112.

equation114.

equation116.

equation118.

equation120.

Primitive Elements of a Field

The field element equation122. is a primitive element iff equation124.

Thus, it's intuitively obvious there are equation126. primitive elements. In the example above, equation128. has equation130. primitive elements, and they are equation132.

Fermat's Theorem for a Field

Any field element a satisfies the equation, equation134. and non-zero field elements satisfy, equation136. Example: equation138.

Polynomial Identity

Any polynomial equation140. with coefficients in equation142. obeys the identity equation144. This implies, if equation146. is any root of equation148. in equation150. then so are equation152. Example: equation154.

Prime Subfield

equation156. is the smallest subfield of equation158. It is the field of integers under modulo p arithmetic. equation160. is isomorphic to an element of equation162. if it satisfies the equation, equation164. For example, for a = 2x above, equation166.

Minimal Polynomial

The minimal polynomial equation168. of a field element equation170. in equation172. is the unique polynomial of lowest degree which has equation174. as a root and whose coefficients lie in equation176. More precisely, the coefficients are allowed to be in equation178. as long as they are isomorphic to elements of equation180. Example: equation182. is the minimal polynomial of equation184.

Conjugates

The conjugates of a field element equation186. in equation188. are the r elements, equation190. where r <= n is the smallest integer for which equation192. Example: equation194. has r = 2 conjugates, equation196. and equation198. because equation200.

Minimal Polynomial Formula

The conjugates of the field element equation202. are exactly the roots of the minimal polynomial for equation204. The minimal polynomial can then be written explicitly as, equation206. Example: The minimal polynomial, equation208. factors as equation210.

Group Theory: Generators of a Cyclic Group

In the cyclic group equation212. of order equation214. the element equation216. is a generator if and only if s and N are relatively prime.

That is why equation218. were primitive elements of the field equation220. There are equation222. generators.

Combinatorics: Principle of Inclusion and Exclusion

Suppose we are given a set S and m of its subsets, equation224. Let equation226. denote the number of elements in a set S. Then we have the formula, equation228. Example: Use inclusion and exclusion to count the number of primes between 1 and 10 by subtracting off all multiples of 2, 3, 4, ..., 10. (1 is counted along with the primes). Let equation230. m = 9, and let equation232. be the set of multiples of i+1 except itself. Then equation234. , equation236. , equation238. , equation240. and equation242.

equation244. through equation246. are empty.

equation248. and equation250. All other intersections are empty as are all intersections of 3 or more sets. The inclusion and exclusion principle then gives us equation252. which agrees with the direct calculation, equation254.

Definition of Primitive Polynomial

f(x) is a primitive polynomial iff the field element x generates the cyclic group of non-zero field elements of the finite field. equation002 where p is prime and equation004 In particular, as a generator of the non-zero field elements, f(x) satisfies the equations

equation006

but

equation008 for equation010

The probability that a random f(x) is a primitive polyomial is equation040 which is bounded above and below by equation042

fig 4.

Lower bound factor in parentheses.

The factor in parentheses falls slowly to approximately 0.0623901 for n = p = 1000, so if we generate polynomials at random and are able to test them quickly for primitivity, we have a fast algorithm.

Algorithm for Finding Primitive Polynomials

Instead of checking pⁿ-1 conditions for each candidate polynomial, as in the definition, we can reduce the number of conditions to the number of distinct prime factors of (pⁿ-1)/(p-1). For a primitive polynomial of degree 9 modulo 3, we test 2 conditions instead of 19,682: (3⁹-1)/(3-1) = 23 * 757. Or for degree 10 modulo 2, we can test 3 conditions instead of 1023.

Step 0) Factor equation012 into distinct primes: equation014

Step 1) Generate a new nth degree monic polynomial (randomly or sequentially) of the form, equation016. where we take care that all equation017. possible combinations of coefficients are generated exactly once.

Step 2) Check that equation018. is a primitive root of the prime p. Use the quick test that a is a primitive root of prime p iff equation019. for all prime equation020. Of course, equation021. and 1 is the primitive root of p=2. Empirically, about 37% of random integers in [0,p-1] are primitive roots of p.

Step 3) Check for absence of linear factors by testing that equation022. When equation023. 63.2% of polynomials will have linear factors and be rejected.

Step 4) Check if equation024. for some integer equation025. Most polynomials are rejected here.

Step 5) Check if f( x ) has two or more irreducible factors using the Berlekamp polynomial factorization method, and reject it as not primitive if it does. The probability that a random polynomial of degree n is irreducible is between 1/2n and 1/n.

Step 6) Check equation026.

Step 7) Check equation027. for equation028. But skip the test for equation029.

Step 8) If the polynomial f(x) passes tests in steps 1-7, stop. It is a primtive polynomial of degree n, modulo p. Otherwise, repeat steps 1-7 until a primitive polynomial is found in not more than pⁿ iterations.

Factoring r into primes is the time consuming part, followed by computing xⁿ mod f(x), modulo p on the coefficients, but is still much faster than attemping to use the definition of primitive polynomial directly.

Primitive Polynomial Search Example

We use Mathematica to demonstrate the technique for finding a primitive polynomial of degree n = 4 modulo p = 5.

You can download the Mathematica notebook or view the corresponding Mathematica PDF file; this Mathematica notebook is distributed under the terms of the GNU General Public License.

Theory Behind the Algorithm

More Properties of Primitive Polynomials

We'll show primitive polynomials are exactly the minimal polynomials of the primitive elements of a field.

Theorem. Any minimal polynomial of a primitive element of the field element of the field equation260. where p >=2 is prime and n > 1 is a primitive polynomial.

Proof. Let f(x) be the minimal polynomial of the primitive field element a. Recall a field always contains a primitive element and minimal polynomials exist for each field element. We'll show x is a generator of the field. Suppose to the contrary, that equation261. for some m, equation262. Then there is an h(x) such that equation263.

Since f is a minimal polynomial of a, it has a as a root: equation264. so equation265. contradicting the primitivity of a because its order is not maximal.

By Fermat's theorem for fields, the non-zero field element x satisfies equation266. so x is a generator of the field, and f(x) is a primitive polynomial.

Theorem. The minimal polynomial f(x) of the primitive element a has the explicit formula, equation267. where the roots of f(x) are the n conjugates of a.

Proof. By the minimal polynomial formula, equation268. where r is the least integer such that equation269.

But a is a primitive element, so all the powers of a are distinct, until by Fermat's theorem for fields, equation270. Thus r=n.

Theorem. Any primitive polynomial f(x) of degree n modulo p is the minimal polynomial of a primitive element of the field.

Proof. Suppose f(x) is a primitive polynomial of degree n modulo p. Then x is a primitive element of the field equation271. i.e. it generates the field. x is a root because equation272. By the polynomial field identity, the powers of x, equation273. are also roots. They are all distinct since x is a generator and has maximal order. Since the degree of f is n, there can be no more roots. Thus f(x) is the minimal polynomial of the primitive element x.

Theorem. A primitive polynomial f(x) is irreducible in GF(p). (As an aside, polynomials which are irreducible, but not primitive also generate fields, but they are minimal polynomials of non-primitive elements.)

Proof. If not, we'd have f(x)=g(x) h(x) for some polynomials of degree < n. But then g(x) h(x) = 0 (mod f(x), p), and our field would have zero divisors, a contradiction.

Theorem. For any primitive polynomial f(x), equation274. If f(x) has zeros in GF(p), it would contains linear factors, contradicting irreducibility.

Algorithm For Finding Primitive Polynomials

We develop an efficient test for a polynomial to be primitive. It is like "factoring" the original definition into two simpler ones.

Lemma. Suppose n is the smallest integer for which equation275. if equation276. then equation277.

The same result holds if we replace the condition "= 1" with the condition "= integer".

Also, for any integer a and prime p, if n is the smallest number for which equation278. and equation279. then equation280.

Proof. Since n is the smallest such number, equation281. so by the division algorithm, equation282. which gives equation283. equation284.

But since r < n, this would contradict the minimality of n unless r=0. Thus equation285. The same exact reasoning based on minimal order holds for the other two conditions.

Theorem. Let r be the smallest number for which equation286. for some integer a and let k be the smallest number for which equation287. (Such numbers always exists by Fermat's theorem for fields and the well-ordering principle.)

Given a, let t be the smallest number for which equation288. then equation289.

Proof. Observe equation290. By the lemma, equation291. But since 1 is an integer, by the lemma, we must have equation292. From these divisibility results, we can write for some integers u and v, equation293. giving equation294. and by cancellation, equation295. But then equation296. By the lemma, equation297. But we already had equation298. from t=uv, so t=v, implying u=1 implying equation299.

Corollary. Given the definition of the numbers r and t as in the lemma above, if equation300. and equation301. then equation302. so f(x) is a primitive polynomial by definition.

Theorem. Let's go in the opposite direction. Defining r, t and k as in the lemma, let f(x) be primitive. It follows that equation303. and equation304.

Proof. Since f(x) is primitive, equation305. Now our first theorem says equation306. Next, by Fermat's theorem, equation307. so by the lemma, equation308. and then for some s, equation309. Combining all of this, equation310. Upon cancelling t, equation311. Now we show equation312. which will force the equality equation313. and prove the first part of the theorem.

A field element, equation314. is an element of equation315. iff its p-1 power is 1. equation316. by the primitivity of f(x), proving equation317. By the lemma, equation318. The value of t is equation319. Let's summarize all of this in a theorem:

Theorem. f(x) is a primitive polynomial iff these two conditions hold: The smallest value of r such that equation320. for some integer a is equation321. The smallest value of t such that equation322. is equation323. In other words a must be a primitive root of p.

The Polynomial's Constant Term

Theorem. Let f(x) be a primitive polynomial of degree n, modulo p. The the constant term of f is equation324.

Proof. By the lemma, the primitive polynomial can be written as equation325. and as the minimal polynomial equation326. Multiplying out and comparing constant terms gives equation327. which by geometric progression is equation328.

Corollary. equation329. where a is the integer of the theorem earlier. Also, a is a primitive root of p.

Proof.

equation330. Thus equation331. But a is a primitive root of p by the theorem, so equation332. is a primitive root of p as well.

Finding Minimal r such that

Let's show we don't need to test r conditions, saving considerable time. We need two lemmas to get started.

Lemma. Suppose equation334. for some m equation335. If equation336. then equation337.

Proof. Suppose that equation338. and force a contradiction. Since m divides r its prime factorization is equation339. with equation340. But since equation341. there is at least one i for which equation342. Making equation343. So for some i, we get equation344. equation345. equation346. a contradiction.

Lemma. Take the other case now and assume m does NOT divide r where equation347. If equation348. then equation349.

Proof. Since m is less than r and doesn't divide it, m and r must be relatively prime. By the Euclidean algorithm, equation350. so we can find integers u and v such that equation351. Raising x to this power gives, equation352. Now if equation353. we'd get a contradiction since that would make x an integer, so any integral power of x would be an integer; in particular, equation354. We conclude equation355.

Theorem. Factor r into primes, equation356. The k+1 conditions equation357. equation358. hold iff equation359. is the smallest number for which equation360.

Proof. Let's take the easy direction first. If r is the smallest number for which equation361. then it's intuitively obvious that equation362. Now take the hard direction. Assume all k+1 conditions hold. By the lemma, equation363. for equation364. By the second lemma, equation365. for equation366. covering all possible m. equation367. equation368. and by assumption we had equation369.

Testing if a Polynomial is Primitive

We'll tie together all the theory here. But first, we need a few more theorems.

Theorem. For equation370. if equation371. it implies equation372. is not a primitive root of p for any integer a.

Proof. By Fermat's theorem, if a isn't a multiple of p, equation373. But equation374. so for some s<p-1, equation375. giving equation376. Thus equation377. cannot be a primitive root of p. In the case, equation378. we'd have equation379. so again, equation380. is not a primitive root of p.

Theorem. Suppose equation381. where equation382. If equation383. is an integer and a primitive root of p, then equation384.

Proof. Suppose equation385. for some integer a. equation386. but the theorem above says equation387. is not a primitive root of p, a contradiction.

Theorem. Let the prime factorization of r be equation388. and let equation389. where equation390. Then f(x) is a primitive polynomial of degree n modulo p iff the following conditions hold:

(1) for some integer a.
(2) for But we may skip this test for whenever
(3) The constant term in the polynomial satisfies
(4) a is a primitive root of p.

Proof. For the forward direction, assume f(x) is primitive. By the previous theorems, (1)-(4) hold. For the reverse direction, assume (1)-(4) hold. Conditions (3)-(4) together imply a is a primitive root of p and the minimality of t as a power of a. By a previous theorem, f(x) is primitive. And by the theorem above, we can skip the test if equation397. for some equation398.

References

Theoretical Papers

"Tables of finite fields", J. D. Alanen and D. E. Knuth, Sankhya, Series A, Vol. 26, Part 4, December 1964, pgs. 305-328. The paper which was the theoretical basis for this program.
"A Short Note on New Indexing Polynomials of Finite Fields", E. Sugimoto, Information and Control, Vol. 41, 1979, pgs. 243-246. This paper introduces the Berlekamp polynomial factoring algorithm as as fast reducibility test to speed up the method of Alanen and Knuth. Primitive polynomials, p ≤ 47; pⁿ < 10¹⁹.
"Searching for Primitive Roots in Finite Fields, Victor Shoup" There is no known polynomial time method for finding a primitive polynomial, but we can come close.
Efficient Computation of Minimal Polynomials in Algebraic Extension of Finite Fields, Victor Shoup and Fast Algorithm for Finding Primitive Polynomials Over GF(q). A. Di Porto, F. Guida and E. Montolivo How to efficiently find all primitive polynomials given any one primitive polynomial.
"Approximate formulas for some functions of prime numbers", J.B. Rosser and L. Schoenfeld, Illinois J. Math. 6 (1962) 64-95. Lower bound for Euler's totient φ ( n ).

Tables of Primitive Polynomials

"Primitive Polynomials Over Finite Fields", T. Hansen and G. L. Mullen, Mathematics of Computation, Vol. 59, pgs. 639-643, 1992. Primitive polynomials of minimum Hamming weight, p ≤ 97, pⁿ < 1000.
W. Stahnke, "Primitive Binary Polynomials", Mathematics of Computation, Vol. 27, No. 124, Oct. 1973, pp. 977-980. Simplest primitive polynomials with p = 2, n ≤ 168.
Simon, Omura, Scholtz, Levitt, Spread Spectrum Communications, Vol. I, Computer Science Press, 1985, pgs. 393-395. Selected primitive polynomials, p = 2 up to n ≤ 120.
E. J. Watson, "Primitive Polynomials (Mod 2)", Mathematics of Computation, Vol. 16, No. 79, July 1962, pgs. 368-369. Primitive polynomials, p = 2, n ≤ 100.

Mathematical Background

D.E. Knuth, The Art of Computer Programming, Vol. 2: Seminumerical Algorithms, Third edition, Addison-Wesley, 1997. errata Algorithms for infinite precision integer arithmetic, factoring, primality testing, and polynomial factoring.
A Computational Introduction to Number Theory and Algebra, Version 2.2 by Victor Shoup Another nice reference for integer arithmetic, primality testing and factoring.
I. N. Herstein, Topics in Algebra, Second Edition, John Wiley, 1975. Introduction to abstract algebra.
D. Burton, Abstract Algebra, Addison-Wesley, 1972. Another introduction.
R. Lidl and H. Niederreiter, Introduction to Finite Fields and Their Applications, Cambridge University Press, 1994. Everything about finite fields.
Fields and Galois Theory, J.S. Milne Online introduction to field theory.

Appendix A - Number of Primitive Polynomials

Theorem. The number of primitive polynomials of the field equation550. is equation552.

Proof. We need a few lemmas, but first, some notation. Let be the primitive elements of the field. They are precisely the generators of the cyclic group of non-zero elements of the field. Let equation554. be the primitive elements of the field. They are precisely the generators of the cyclic group of non-zero elements of the field. Let equation556.

Lemma. equation558.

Proof. Suppose equation560. By definition of conjugate, for some k, equation562. But since equation564. is a generator of the group of non-zero field elements, the order of the generator, equation566. and the size of the group, equation568. must be relatively prime. But equation570. and equation572. have no common factors, making equation574. and equation576. relatively prime as well. Thus B is a generator and so equation578.

For the other direction, suppose equation580. Then equation582. for some i, so equation584. by definition.

Lemma. The sets of conjugates equation586. are either disjoint or identical.

Proof. Suppose equation588. and let equation590. and equation592. have some common element B. Then because B is a conjugate of both sets, for some u and v, equation594. If we keep raising this equation to the pth power repeatedly modulo equation596. the left side will cycle through all the elements of equation598. and the right side will cycle through all elements of equation600. Thus any element in one set is also in the other and they are identical.

Lemma. The number of distinct equation602. is the number of primitive polynomials.

Proof. A primitive polynomial is the minimal polynomial of a generator, and its roots are conjugates of the generator.

So (number of primitive polynomials) = (number of distinct minimal polynomials of all the generators) = (number of disjoint sets of conjugate roots) = (number of disjoint conjugate sets equation604. )

Lemma. equation606. has n distinct elements.

Proof. See the earlier lemma which gives the formula for the roots of a primitive polynomial.

Proof of theorem.

Eliminate duplicate sets of conjugates and write equation608. where the equation610. are disjoint sets. It follows that equation612. equation614. and the number of primitive polynomials is equation616.

Corollary. The probability that a randomly chosen polynomial f(x) of degree n modulo p is primitive is equation618. and we have the bounds, equation620.

Proof. Use the fact that there are equation622. total polynomials and the bounds on the Euler phi function.

Appendix B - Number of Linear Factor Free Polynomials

When equation624. about 63.2% of all polynomials have linear factors (zeros in GF(p)), and so are not primitive. To check a polynomial for zeros quickly, we use Horner's rule to evaluate f(x) for x=0, 1 ... p-1.

Theorem. The number of nth degree polynomials modulo p with no linear factors is equation626. and equation628.

Proof. We'll use the principle of inclusion and exclusion.

Let S be the set of all monic nth degree polynomials modulo p. There are p choices for each of the n coefficients, so equation630.

Now let equation632. be the set of all nth degree polynomials having one or more factors of the form (x-i), i=0,...,p-1. A polynomial in this set has the form equation634. There is one choice for the first factor, and equation636. choices for the second factor giving equation638. There are equation640. possible sets equation642. one for each choice of root i.

The set equation644. is the set of nth degree polynomials containing both factors (x-i) and (x-j) at least once. An element of this set looks like equation646. After picking i and j, there remain equation648. choices for the coefficients, giving equation650. The number of such sets is the number of ways of picking distinct i and j from among p possibilities, equation652. Similarly, there are equation654. many sets for distinct i, j, and k whose cardinality is equation656.

At some point, the intersections become empty. When equation658. we run out of roots to use for linear factors, and the last type of polynomial to consider has the form equation660. It has only one set containing equation662. polynomials.

On the other hand, if n < p, we end up factoring the polynomial completely: equation664. There is only one polynomial of this type, but the set contains equation666. elements.

Counting up the number of possibilities by the principle of inclusion and exclusion gives the formulas.

Example: Let n=3 and p=3.

equation668.

equation670.

equation672.

equation674.

equation676.

equation678.

equation680.

By inclusion-exclusion, the number of polynomials with no linear factors is

equation682.

Corollary. The number of polynomials of degree n modulo p with one or more linear factors is

equation684.

equation686.

Theorem. For the usual case of equation688. we have equation690.

Proof. By the binomial theorem,

equation692. so equation694. giving equation696.

Theorem. Pick an nth degree polynomial at random where equation698. The probability that it has one or more linear factors is equation700.

Proof. The total number of polynomials is equation702. Assuming each choice to be equally likely, the probability is equation704.

Lemma. The function equation706. is an increasing function.

Proof. We'll show equation708.

Taking natural logarithms gives equation710.

Differentiating, equation712.

equation714.

so equation716.

Since equation718. we need only show equation720. or, since equation722. that equation724. By definition of log base e, equation726.

Now we argue using the fact that

fig 2.

Area under the natural log curve.

the natural log is the area under the 1/t curve.

We'll show that equation728. Area B is too hard to handle directly, so let's estimate it. The curve 1/t is concave upward since its second derivative is equation730. Thus C > B. But C = (1/2) x base x height = equation732. Putting it all together, equation734. equation736.

Corollary. equation738. Is a decreasing function for equation740.

Theorem. For equation742. we have the bounds equation744.

Proof. From calculus, equation746. Giving equation748. equation750. By the corollary, P(n,p) decreases with increasing p, so it stays within the limits above. However, it decreases very slowly: P(n, 4) = 0.684, P(n, 100) = 0.634 and P(n, 500) = 0.632, close to the limiting value of 0.632120559...

Appendix C - Berlekamp Method for Testing Irreducibility

We explain the theory behind testing a polynomial f(x) in modulo p arithmetic for reducibility; in particular, finding out whether it has two or more distinct irreducible factors.

We use a modification of the Berlekamp method for factoring polynomials over a finite field.

Differences are that

We skip the initial stage which finds gcd( f(x), f'(x) ) to reduce f(x) to square-free form for the sake of speed.
We stop as soon as we've found the number of distinct irreducible factors is ≥ 2.

So the standard proof will need to be modified.

Goal

Any monic polynomial f(x) factors into the product of r distinct irreducible polynomials, equation800. If equation802. then f(x) is reducible and can be rejected as a candidate for a primitive polynomial.

Sets of Congruences of the Factors

So how to find r? The trick, discovered by Berlekamp, is to find a congruence equation based on the Chinese Remainder theorem for polynomials whose solutions give us information about the number of factors.

Theorem. The two sets, equation804. and equation806. are the identical. By the Chinese remainder theorem for polynomials, the set equation808. has equation810. solutions, but we can't find r because we don't know the irreducible factors. But the set equation812. is more tractable as we shall see.

Proof. equation814. because by the Chinese remainder theorem for polynomials, there is a unique v(x) for any given r integers, equation816. so there are equation818. solutions. equation820. because 0 and 1 are solutions. To prove equality, if equation822. then by Fermat's theorem, equation824. so that equation826.

On the other hand, if equation828. then equation830. so using the identity, equation832. we get equation834.

Since the ring of polynomials is a UFD, we can factor each factor into the product of unique monic irreducible polynomials as

equation836.

equation838.

where equation840. and some of the equation842. could be zero. Comparing factors, we have equation844. For equation846. we cannot have equation848. and equation850. simultaneously because we'd get equation852. and equation854. implying equation856. equation858. leading to equation860. which implies, since the polynomial is > 1, equation862. a contradiction. Thus if equation864. the sum collapses to one term, equation866. for some j and equation868. for some j. Thus for all i, equation870. for some j implying equation872.

Number of Solutions of a Simpler Equation

But S2 = S1, so let's find how many solutions v(x) solve the equation of S2 to get equation874.

Theorem. equation876. iff equation878. where

equation880.

equation882.

and equation884. and equation886. equation888.

Proof. equation890. and equation892. But in a field of characteristic p, we have the polynomial identity, equation894. and so we have equation896. Comparing equations, we have equation898. iff equation900. or equation902.

Number of Matrix Solutions

The number of elements in the set equation904. is the number of solutions v to matrix equation, equation906. or equivalently equation908. The number of solutions = number of linear combinations of the basis vectors in the left nullspace of Q-I with weighting factors in GF(p). This number is equation910. Now we finally find r which is then equation912. = # basis vectors of left nullspace of (Q-I).

A column reduction by Gaussian elimination using mod p arithmetic will reduce Q-I to column-echelon form.

This will not change the rank or nullity, being equivalent to a series of multiplications by non-singular elementary matrices.

One can read off the rank of the n x n column-echelon form matrix by counting the number of pivotal elements in the columns.

By Sylvester's theorem of linear algebra, rank + nullity = n, and upon applying this to the transpose of a matrix, Nullity of left nullspace = n - rank.

Appendix D - Finding All Primtive Polynomials

There is a better method for finding all primitive polynomials. Here is a brief sketch. Thanks to Martin Dowd for pointing out that better methods exist.

Home