Section 17.1 Structure of a Finite Field
Recall that a field \(F\) has characteristic \(p\) if \(p\) is the smallest positive integer such that for every nonzero element \(\alpha\) in \(F\text{,}\) we have \(p \alpha = 0\text{.}\) If no such integer exists, then \(F\) has characteristic \(0\text{.}\) From Theorem 5.19 we know that \(p\) must be prime. Suppose that \(F\) is a finite field with \(n\) elements. Then \(n \alpha = 0\) for all \(\alpha\) in \(F\text{.}\) Consequently, the characteristic of \(F\) must be \(p\text{,}\) where \(p\) is a prime dividing \(n\text{.}\) This discussion is summarized in the following proposition.
Proposition 17.1.
If \(F\) is a finite field, then the characteristic of \(F\) is \(p\text{,}\) where \(p\) is prime.
Throughout this chapter we will assume that \(p\) is a prime number unless otherwise stated.
Proposition 17.2.
If \(F\) is a finite field of characteristic \(p\text{,}\) then the order of \(F\) is \(p^n\) for some \(n \in {\mathbb N}\text{.}\)
Proof.
Let \(\phi : {\mathbb Z} \rightarrow F\) be the ring homomorphism defined by \(\phi(n) = n \cdot 1\text{.}\) Since the characteristic of \(F\) is \(p\text{,}\) the kernel of \(\phi\) must be \(p {\mathbb Z}\) and the image of \(\phi\) must be a subfield of \(F\) isomorphic to \({\mathbb Z}_p\text{.}\) We will denote this subfield by \(K\text{.}\) Since \(F\) is a finite field, it must be a finite extension of \(K\) and, therefore, an algebraic extension of \(K\text{.}\) Suppose that \([F : K] = n\) is the dimension of \(F\text{,}\) where \(F\) is a \(K\) vector space. There must exist elements \(\alpha_1, \ldots, \alpha_n \in F\) such that any element \(\alpha\) in \(F\) can be written uniquely in the form
where the \(a_i\)'s are in \(K\text{.}\) Since there are \(p\) elements in \(K\text{,}\) there are \(p^n\) possible linear combinations of the \(\alpha_i\)'s. Therefore, the order of \(F\) must be \(p^n\text{.}\)
Lemma 17.3. Freshman's Dream.
Let \(p\) be prime and \(D\) be an integral domain of characteristic \(p\text{.}\) Then
for all positive integers \(n\text{.}\)
Proof.
We will prove this lemma using mathematical induction on \(n\text{.}\) We can use the binomial formula (see Example 1.34) to verify the case for \(n = 1\text{;}\) that is,
If \(0 \lt k \lt p\text{,}\) then
must be divisible by \(p\text{,}\) since \(p\) cannot divide \(k!(p - k)!\text{.}\) Note that \(D\) is an integral domain of characteristic \(p\text{,}\) so all but the first and last terms in the sum must be zero. Therefore, \((a + b)^p = a^p + b^p\text{.}\)
Now suppose that the result holds for all \(k\text{,}\) where \(1 \leq k \leq n\text{.}\) By the induction hypothesis,
Therefore, the lemma is true for \(n + 1\) and the proof is complete.
Let \(F\) be a field. A polynomial \(f(x) \in F[x]\) of degree \(n\) is separable if it has \(n\) distinct roots in the splitting field of \(f(x)\text{;}\) that is, \(f(x)\) is separable when it factors into distinct linear factors over the splitting field of \(f\text{.}\) An extension \(E\) of \(F\) is a separable extension of \(F\) if every element in \(E\) is the root of a separable polynomial in \(F[x]\text{.}\)
Example 17.4.
The polynomial \(x^2 - 2\) is separable over \({\mathbb Q}\) since it factors as \((x - \sqrt{2}\, )(x + \sqrt{2}\, )\text{.}\) In fact, \({\mathbb Q}(\sqrt{2}\, )\) is a separable extension of \({\mathbb Q}\text{.}\) Let \(\alpha = a + b \sqrt{2}\) be any element in \({\mathbb Q}(\sqrt{2}\, )\text{.}\) If \(b = 0\text{,}\) then \(\alpha\) is a root of \(x - a\text{.}\) If \(b \neq 0\text{,}\) then \(\alpha\) is the root of the separable polynomial
Fortunately, we have an easy test to determine the separability of any polynomial. Let
be any polynomial in \(F[x]\text{.}\) Define the derivative of \(f(x)\) to be
Lemma 17.5.
Let \(F\) be a field and \(f(x) \in F[x]\text{.}\) Then \(f(x)\) is separable if and only if \(f(x)\) and \(f'(x)\) are relatively prime.
Proof.
Let \(f(x)\) be separable. Then \(f(x)\) factors over some extension field of \(F\) as \(f(x) = (x - \alpha_1) (x - \alpha_2) \cdots (x - \alpha_n)\text{,}\) where \(\alpha_i \neq \alpha_j\) for \(i \neq j\text{.}\) Taking the derivative of \(f(x)\text{,}\) we see that
Hence, \(f(x)\) and \(f'(x)\) can have no common factors.
To prove the converse, we will show that the contrapositive of the statement is true. Suppose that \(f(x) = (x - \alpha)^k g(x)\text{,}\) where \(k \gt 1\text{.}\) Differentiating, we have
Therefore, \(f(x)\) and \(f'(x)\) have a common factor.
Theorem 17.6.
For every prime \(p\) and every positive integer \(n\text{,}\) there exists a finite field \(F\) with \(p^n\) elements. Furthermore, any field of order \(p^n\) is isomorphic to the splitting field of \(x^{p^n} -x\) over \({\mathbb Z}_p\text{.}\)
Proof.
Let \(f(x) = x^{p^n} - x\) and let \(F\) be the splitting field of \(f(x)\text{.}\) Then by Lemma 17.5, \(f(x)\) has \(p^n\) distinct zeros in \(F\text{,}\) since \(f'(x) = p^n x^{p^n - 1} - 1 = -1\) is relatively prime to \(f(x)\text{.}\) We claim that the roots of \(f(x)\) form a subfield of \(F\text{.}\) Certainly 0 and 1 are zeros of \(f(x)\text{.}\) If \(\alpha\) and \(\beta\) are zeros of \(f(x)\text{,}\) then \(\alpha + \beta\) and \(\alpha \beta\) are also zeros of \(f(x)\text{,}\) since \(\alpha^{p^n} + \beta^{p^n} = (\alpha + \beta)^{p^n}\) and \(\alpha^{p^n} \beta^{p^n} = (\alpha \beta)^{p^n}\text{.}\) We also need to show that the additive inverse and the multiplicative inverse of each root of \(f(x)\) are roots of \(f(x)\text{.}\) For any zero \(\alpha\) of \(f(x)\text{,}\) we know that \(-\alpha\) is also a zero of \(f(x)\text{,}\) since
provided \(p\) is odd. If \(p = 2\text{,}\) then
If \(\alpha \neq 0\text{,}\) then \((\alpha^{-1})^{p^n} = (\alpha^{p^n})^{-1} = \alpha^{-1}\text{.}\) Since the zeros of \(f(x)\) form a subfield of \(F\) and \(f(x)\) splits in this subfield, the subfield must be all of \(F\text{.}\)
Let \(E\) be any other field of order \(p^n\text{.}\) To show that \(E\) is isomorphic to \(F\text{,}\) we must show that every element in \(E\) is a root of \(f(x)\text{.}\) Certainly 0 is a root of \(f(x)\text{.}\) Let \(\alpha\) be a nonzero element of \(E\text{.}\) The order of the multiplicative group of nonzero elements of \(E\) is \(p^n-1\text{;}\) hence, \(\alpha^{p^n-1} =1\) or \(\alpha^{p^n} -\alpha = 0\text{.}\) Since \(E\) contains \(p^n\) elements, \(E\) must be a splitting field of \(f(x)\text{;}\) however, by Corollary 9.6, the splitting field of any polynomial is unique up to isomorphism.
The unique finite field with \(p^n\) elements is called the Galois field of order \(p^n\text{.}\) We will denote this field by \(\gf(p^n)\text{.}\)
Theorem 17.7.
Every subfield of the Galois field \(\gf(p^n)\) has \(p^m\) elements, where \(m\) divides \(n\text{.}\) Conversely, if \(m \mid n\) for \(m \gt 0\text{,}\) then there exists a unique subfield of \(\gf(p^n)\) isomorphic to \(\gf(p^m)\text{.}\)
Proof.
Let \(F\) be a subfield of \(E = \gf(p^n)\text{.}\) Then \(F\) must be a field extension of \(K\) that contains \(p^m\) elements, where \(K\) is isomorphic to \({\mathbb Z}_p\text{.}\) Then \(m \mid n\text{,}\) since \([E:K] = [E:F][F:K]\text{.}\)
To prove the converse, suppose that \(m \mid n\) for some \(m \gt 0\text{.}\) Then \(p^m -1\) divides \(p^n -1\text{.}\) Consequently, \(x^{p^m -1} - 1\) divides \(x^{p^n -1} -1\text{.}\) Therefore, \(x^{p^m} - x\) must divide \(x^{p^n} - x\text{,}\) and every zero of \(x^{p^m} - x\) is also a zero of \(x^{p^n} - x\text{.}\) Thus, \(\gf(p^n)\) contains, as a subfield, a splitting field of \(x^{p^m} - x\text{,}\) which must be isomorphic to \(\gf(p^m)\text{.}\)
Example 17.8.
The lattice of subfields of \(\gf(p^{24})\) is given in Figure 17.9.
With each field \(F\) we have a multiplicative group of nonzero elements of \(F\) which we will denote by \(F^*\text{.}\) The multiplicative group of any finite field is cyclic. This result follows from the more general result that we will prove in the next theorem.
Theorem 17.10.
If \(G\) is a finite subgroup of \(F^\ast\text{,}\) the multiplicative group of nonzero elements of a field \(F\text{,}\) then \(G\) is cyclic.
Proof.
Let \(G\) be a finite subgroup of \(F^\ast\) of order \(n\text{.}\) By the Fundamental Theorem of Finite Abelian Groups (Theorem 11.47),
where \(n = p_1^{e_1} \cdots p_k^{e_k}\) and the \(p_1, \ldots, p_k\) are (not necessarily distinct) primes. Let \(m\) be the least common multiple of \(p_1^{e_1}, \ldots, p_k^{e_k}\text{.}\) Then \(G\) contains an element of order \(m\text{.}\) Since every \(\alpha\) in \(G\) satisfies \(x^r - 1\) for some \(r\) dividing \(m\text{,}\) \(\alpha\) must also be a root of \(x^m - 1\text{.}\) Since \(x^m -1\) has at most \(m\) roots in \(F\text{,}\) \(n \leq m\text{.}\) On the other hand, we know that \(m \leq |G|\text{;}\) therefore, \(m = n\text{.}\) Thus, \(G\) contains an element of order \(n\) and must be cyclic.
Corollary 17.11.
The multiplicative group of all nonzero elements of a finite field is cyclic.
Corollary 17.12.
Every finite extension \(E\) of a finite field \(F\) is a simple extension of \(F\text{.}\)
Proof.
Let \(\alpha\) be a generator for the cyclic group \(E^{\ast}\) of nonzero elements of \(E\text{.}\) Then \(E = F( \alpha )\text{.}\)
Example 17.13.
The finite field \(\gf(2^4)\) is isomorphic to the field \({\mathbb Z}_2/ \langle 1 + x + x^4 \rangle\text{.}\) Therefore, the elements of \(\gf(2^4)\) can be taken to be
Remembering that \(1 + \alpha +\alpha^4 = 0\text{,}\) we add and multiply elements of \(\gf(2^4)\) exactly as we add and multiply polynomials. The multiplicative group of \(\gf(2^4)\) is isomorphic to \({\mathbb Z}_{15}\) with generator \(\alpha\text{:}\)