Elements of high order in Artin-Schreier extensions of finite fields F q
aa r X i v : . [ m a t h . N T ] F e b ELEMENTS OF HIGH ORDER IN ARTIN-SCHREIEREXTENSIONS OF FINITE FIELDS F q F. E. BROCHERO MART´INEZ AND LUCAS REIS
Abstract.
In this article, we find a lower bound for the order of the coset x + b in the Artin-Schreier extension F q [ x ] / ( x p − x − a ), where b ∈ F q satisfiesa generic special condition. Introduction
For many important applications (for example, see [1]), it is interesting to findan element of very high order in a finite extension field F q n . Ideally, one wouldchoose a primitive element, but actually finding such an element is a notoriouslyhard computation problem. In fact, in order to verify that an element is primitive,we need to know the factorization of the integer q n − F q n . Now, with the tools currently known these two problemare very hard and they are the basis of modern cryptography.On one hand, there are several methods used to find a small set of elements of F q n with at least one primitive element: In [13], assuming the extended Riemannhypothesis (ERH), Shoup has showed a deterministic polynomial-time search pro-cedure in order to find a primitive element of F p ; Also using ERH, Bach [3] givesan efficiently algorithm in order to construct a set of O ((log p ) / (log log p ) ) ele-ments, that contain at least one generator of F ∗ p ; In [7], Gao has given an algorithmto construct high order elements for almost all extensions F q n of finite fields F q ,being the lower bound no less than n log q n q (2 log q n ) − . Chen [4] showed how to find, inpolynomial time in N , an integer n in the interval [ N, qN ] and an element α ∈ F q n with order greater than 5 . n/ log q n .On the order hand, many works have been done in order to find elements forwhich a reasonably large lower bound of the order can be guaranteed: Ahmadi,Shparlinski and Voloch [2] showed that if θ ∈ F q n is a primitive r -th root of theunity, where r = 2 n + 1 is a prime, then the Gauss period α = θ + θ − has orderexceeding exp (cid:18)(cid:18) π q p − p + o (1) (cid:19) √ n (cid:19) , where p is a characteristic of the field(for other works about the order of Gauss period, see [5, 6]). Popovych [8, 9]improved the previous bound and gave a lower bound for elements of the moregeneral forms θ e ( θ f + a ), ( θ − f + a )( θ f + a ) and θ − e ( θ − f + a )( θ f + a ) − , where a ∈ F ∗ q . In particular, he proved that the multiplicative order of the Gauss period β = θ + θ − is not less than 5 √ ( r − / − , for all p ≥ Date : August 24, 2018.2010
Mathematics Subject Classification.
Key words and phrases.
Multiplicative order, Gauss period, Artin-Schreier extensions.
Finally, Popovych [10] considered the Artin-Schreier extension F p p of finite field F p and found that an element of order larger than 4 p by an elementary method.We emphasize that this Popovych’s result is weaker than the one, point out forShparlinski in Voloch’s article [14], where, he say that the order of any root t of x p − x − F p p exceeds 2 . p ≈ . p . Unfortunately, that article does notcontain the proof of that limitation and making the computational calculations ofthat bound, using Sage Mathematics Software , we verify that it is true only in thecase that p > x p − x − a is an irreduciblepolynomial of F q [ x ], where p is a characteristic of F q and a ∈ F p . We find alower bound for the multiplicative order of an element of the form ( θ + b ), where θ represents the coset of x in the Artin-Schreier extension F q [ x ] / ( x p − x − a ) and b satisfies an special condition. We also prove that, the probability that an elementof F q satisfies such special condition is close to 1 when q is large enough.Finally, in the case q = p , we show a lower bound which improves the resultobtained by Popovych, but our lower bound does not reach the one appointed byShparlinski-Voloch. 2. Preliminaries
Throughout this paper, F q denotes a finite field of order q , where q = p n is apower of an odd prime p .For each irreducible polynomial f ( x ) ∈ F q [ x ], it is known that F q [ x ] / ( f ) is afinite field with q d elements, where d = deg( f ). Reciprocally, every vector field F q d is isomorphic to F q [ x ] / ( f ) with f an irreducible polynomial of degree d .There are few known results to ensure the irreducibility of polynomials in a finitefield. For example, Theorems 2.47 and 3.75 in [11] show the necessary and sufficientconditions for irreducibility of cyclotomic polynomials Φ r ( x ) and binomials x t − a ,respectively. Other well-known result about the irreducibility of other family ofpolynomials is the following. Lemma 2.1.
The polynomial x p − x − a ∈ F q [ x ] is irreducible, if and only if, ithas no roots in F q . For the proof of this result, see (Theorem 3.78, [11]). In particular we have that
Proposition 2.2.
Let n be positive integer and a ∈ F ∗ p . The polynomial f ( x ) = x p − x − a is irreducible in F q [ x ] , if and only if, such that p ∤ n .Proof: By Theorem 2.25 in [11], it is known that a = b p − b , for some b ∈ F q ,if and only if, T r F q | F p ( a ) = a + a p + · · · + a p n − = 0. Since a ∈ F p , it follows that T r F q | F p ( a ) = na . But T r F q | F p ( a ) = 0, if and only if, p does not divide n . (cid:3) The main results of this paper is the following one:
Theorem 2.3.
Let x p − x − a be an irreducible polynomial of F q , with q = p n ( n ≥ ) and a ∈ F p . If θ is the coset of x in the Artin-Schreier extension F q [ x ] / ( x p − x − a ) and b ∈ F q satisfies that b / ∈ F p m , for all m proper divisor of n , then themultiplicative order of θ + b is lower bounded by π ( p − r n + 12 n − (cid:18) (2 n + 1) n +1 (2 n − n − (cid:19) ( p − / exp (cid:18) − p − (cid:16) n n − (cid:17)(cid:19) . LEMENTS OF HIGH ORDER IN ARTIN-SCHREIER EXTENSIONS 3
In particular, for every ǫ > and n > N ǫ , |h θ + b i| > πp (( e − ǫ )(2 n + 1)) p − . And for the case p = q , i.e., n = 1, we obtain Theorem 2.4.
Let a = 0 and b be arbitrary elements of F p . Then the multiplicativeorder of ( θ + b ) in F p [ x ]( x p − x − a ) is lower bounded by √ πp e − (cid:0) (cid:1) p . Observe that using the fields isomorphism τ : F q [ x ]( x p − x − a ) → F q [ x ]( x p − x − h ( x ) h ( ax )we only need to prove the Theorem in the case a = 1.3. The finite field F q [ x ] / ( x p − x − x p − x − F q [ x ], where q = p n , gcd( p, n ) = 1. Also, θ represents the coset of x in the Artin-Schreierextensions K := F q [ x ] / ( x p − x −
1) and b ∈ F q \ A n , where A n = [ m | nm = n F p m . Before we estimate the order of θ + b , let us show that almost all element of F q satisfies the condition that we are imposing on b . Theorem 3.1.
The number of elements of F q \ A n is X d | n p d µ ( n/d ) , where µ is theM¨obius function. In particular, the probability that a chosen element in F q does notbelong to A n is greater than − log r nq − /r , where r is the smallest prime divisor of n .Proof: For each positive integer m , let g : N ∗ → N be the function defined by g ( m ) = | F p m \ A m | . Clearly, for each positive integer m , g ( m ) counts the number of elements in F p m ,which are not in any proper subfield of F p m . Since each proper field is of the form F p l , where l | m , then X d | m g ( d ) = | F p m | = p m . By the M¨obius Inversion Formula, it follows that g ( m ) = X d | m p d µ ( m/d ) . Now, let us calculate an upper bound for the number of elements in A n . Let ussuppose that p α . . . p α s s is the factorization of n in prime factors, where p < · · ·
Therefore, the probability that a chosen element in F q does not belong to A n isgreater than 1 − |A n | q ≥ − log p ( n ) q (1 − /p ) . (cid:3) This theorem proves that almost all element in F q satisfies the condition that weimposed on b . Now, we need the following technical lemmas: Lemma 3.2.
Let i and j be integers such that ≤ i, j ≤ np − . If i = j , then i + b p i = j + b p j .Proof: Let i (respectively j ) be the remainder of i (respectively j ) divided by n . We can suppose, without loss of generality, that i ≥ j . Clearly, b p i = b p i and b p j = b p j . Now suppose, by contradiction, that i + b p i = j + b p j and therefore(1) ( j − i ) = b p i − b p j . In the case when i = j , we have that j ≡ i (mod n ), i.e., j = i + nk for someinteger k and(2) 0 = b p j − b p i = i − j = nk. It follows that p divides k , what is impossible because 0 < | i − j | < np .Thus 0 < i − j < n , and taking the p n − j − th power in (2), we have j − i = b p n + i − j − b = b p i − j − b. Thereby, there exists 0 ≤ t < n such that b p t − b ∈ F p , or equivalently b p t +1 − b p =( b p t − b ) p = b p t − b . This last equation can be rewritten as b p − b = ( b p − b ) p t , i.e., b p − b is an element of F p t . Furthermore, if b / ∈ F p t , by Lemma 2.1, the polynomial x p − x − ( b p − b ) is an irreducible polynomial of F p t . We obtain, in any case, that b ∈ F p pt . Since b is also in F p n , we conclude that b belongs to F p pt ∩ F p n = F p gcd( pt,n ) = F p gcd( t,n ) , where gcd( t, n ) < n is a proper divisor of n and so we have a contradiction withthe choice of b
6∈ A n . (cid:3) Lemma 3.3.
Let t, s be nonnegative integers such that ≤ t + s ≤ p − and let I s,t be the subset of Z np such that ~r := ( r , r , . . . , r np − ) ∈ I s,t if and only if X ≤ j ≤ np − rj< ( − r j ) ≤ t and X ≤ j ≤ np − rj> r j ≤ s Then the function
Λ : I s,t → G~r Q ≤ j ≤ np − ( θ + b ) r j p j , where G = h θ + b i ≤ K ∗ , is one to one.Proof: Since θ is the coset of x in the quotient field K = F q [ x ] x p − x − , then eachelement of K is the coset of a unique h ( θ ), where h is a polynomial in F q [ x ] ofdegree at most p −
1. In addition, θ p = θ + 1 and, accordingly, for all j ∈ N , θ p j +1 = ( θ p ) p j = ( θ + 1) p j = θ p j + 1 . LEMENTS OF HIGH ORDER IN ARTIN-SCHREIER EXTENSIONS 5
It follows, inductively, that θ p j = θ + j for all j ≥ ~r = ( r , . . . , r np − ) ∈ I s,t Λ( ~r ) = Y ≤ i ≤ np − ( θ + b ) r i p i = Y ≤ i ≤ np − ( θ + i + b p i ) r i . Now, suppose that ~s = ( s , . . . , s np − ) is another element of I s,t such that Λ( D ) =Λ( E ), i.e., Y ≤ i ≤ np − ( θ + i + b p i ) r i = Y ≤ j ≤ np − ( θ + j + b p j ) s j , thus, the polynomial F ( x ) = Y ≤ i ≤ np − ri> ( x + i + b p i ) r i Y ≤ j ≤ np − sj< ( x + j + b p j ) − s j is congruent to the polynomial G ( x ) = Y ≤ j ≤ np − sj> ( x + j + b p j ) s j Y ≤ i ≤ np − ri< ( x + i + b p i ) − r i modulo x p − x − F ) ≤ s + t ≤ p − G ) ≤ s + t < p −
1, it follows that F ( x ) = G ( x ). Further, by Lemma 3.2, we know that x + i + b p i = x + j + b p j , forall 0 ≤ i < j ≤ np −
1, therefore ~r = ~s , as we want to prove. (cid:3) We emphasize that, in the last step of Lemma, is essential the condition that weimposed on b . Lemma 3.4.
Let I s,t be as in the Lemma 3.3. Then (3) | I s,t | = t X j =0 s X i =0 (cid:18) npi (cid:19)(cid:18) np − ij (cid:19)(cid:18) si (cid:19)(cid:18) tj (cid:19) . In particular, | I s,t | > (cid:18) np + t − st (cid:19)(cid:18) np + ss (cid:19) . Proof:
Observe that, for each j ≤ t and i ≤ s , we can select j coordinates of ~r to be negative and i coordinates to be positive and this choice can be done of (cid:0) npi (cid:1)(cid:0) np − ij (cid:1) ways. Besides, the number of positive solution of x + x + · · · + x i ≤ s is (cid:0) si (cid:1) and the number of positive solution of x + x + · · · + x j ≤ t is (cid:0) tj (cid:1) . Thus, foreach pair i, j , there exist (cid:0) npi (cid:1)(cid:0) np − ij (cid:1)(cid:0) si (cid:1)(cid:0) tj (cid:1) elements of I s,t and then, adding over all F.E. BROCHERO MART´INEZ AND LUCAS REIS i and j , we conclude the equality (3). In addition | I s,t | ≥ s X i =0 (cid:18) si (cid:19)(cid:18) npi (cid:19)(cid:16) t X j =0 (cid:18) np − ij (cid:19)(cid:18) tj (cid:19)(cid:17) = s X i =0 (cid:18) si (cid:19)(cid:18) npi (cid:19)(cid:18) np + t − it (cid:19) > (cid:18) np + t − st (cid:19) s X i =0 (cid:18) si (cid:19)(cid:18) npi (cid:19) = (cid:18) np + t − st (cid:19)(cid:18) np + ss (cid:19) (cid:3) Before proceeding to prove the main Theorems, we need the following technicalLemma, that is essentially a good application of Stirling approximation.
Lemma 3.5 ([12] Corollary 1) . For all s > and r > , we have c r · d sr · √ s · Θ( r, s ) < (cid:18) rss (cid:19) < c r · d sr · √ s , where c r = r r π ( r − , d r = r r ( r − r − and Θ( r, s ) = exp (cid:18) − s (cid:18) r ( r − (cid:19)(cid:19) . We emphasize that these upper and lower bounded are very close when s ≫ Proof of Theorem 2.3
By Lemma 3.3, we know that |h θ + b i| ≥ | I s,t | , for all nonnegative integers s and t such that s + t ≤ p −
1. So, by Lemma 3.4, we have that |h θ + b i| > max ≤ s + t ≤ p − (cid:18) np + t − st (cid:19)(cid:18) np + ss (cid:19) > (cid:18) np ( p − / (cid:19)(cid:18) np + ( p − / p − / (cid:19) . (4)Now, using Lemma 3.5, each binomial coefficient can be bounded by (cid:18) np ( p − / (cid:19) > (cid:18) n ( p − / p − / (cid:19) > s nπ (2 n − p − (cid:18) (2 n ) n (2 n − n − (cid:19) p − ˜Θ(2 n − (cid:18) np + ( p − / p − / (cid:19) > (cid:18) (2 n + 1)( p − / p − / (cid:19) > s n + 1 π (2 n )( p − (cid:18) (2 n + 1) n +1 (2 n ) n (cid:19) p − ˜Θ(2 n + 1) LEMENTS OF HIGH ORDER IN ARTIN-SCHREIER EXTENSIONS 7 where ˜Θ( z ) = exp (cid:16) − p − (cid:16) z ( z − (cid:17)(cid:17) .Multiplying these two inequalities and simplifying, we conclude that |h θ + b i| > π ( p − r n + 12 n − (cid:18) (2 n + 1) n +1 (2 n − n − (cid:19) ( p − / exp (cid:18) − p − (cid:16) n n − (cid:17)(cid:19) . Therefore, we obtain the first part of the Theorem.For the second part, observe that the sequence { a n } n ∈ N defined for each n ≥ a n := (cid:16) n +12 n − (cid:17) (2 n − p − , is an increasing sequence satisfying a > r
53 (2 . p − and lim n →∞ a n = e p − . Therefore, for n ≥
2, we can find a simpler but weaker estimate |h θ + b i| > π ( p −
1) ( a n (2 n + 1)) p − exp (cid:18) − p − (cid:16) n n − (cid:17)(cid:19) > √ √ π ( p −
1) (2 . n + 1)) p − exp (cid:18) − p − (cid:19) . In the case n large enough, we have that( e − ǫ ) p − < a n < e p − and exp (cid:18) − p − (cid:16) n n − (cid:17)(cid:19) > − p − , therefore |h θ + b i| > p − π ( p − (( e − ǫ )(2 n + 1)) p − > πp (( e − ǫ )(2 n + 1)) p − , as we want to prove. (cid:3) The following table the lower bounded of |h θ + b i| , for some values of n , wherethe value of p appears as a parameter n πp · |h θ + b i| . p . p . p . p
10 55 . p
100 545 . p . p . p F.E. BROCHERO MART´INEZ AND LUCAS REIS Proof of Theorem 2.4
The polynomial x p − x −
1, is always an irreducible polynomial of F p [ x ] and thecondition imposed on b is empty. So, by Lemma 3.4, we have that |h θ + b i| > max s + t = p − (cid:18) p + t − st (cid:19)(cid:18) p + ss (cid:19) = max ≤ s ≤ p − (cid:18) p − − sp − − s (cid:19)(cid:18) p + ss (cid:19) . = max ≤ λ ≤ p − ppλ ∈ N (cid:18) p − − pλp − − pλ (cid:19)(cid:18) p + pλpλ (cid:19) = 12 max ≤ λ ≤ p − ppλ ∈ N (cid:18) p (2 − λ ) p (1 − λ ) (cid:19)(cid:18) p (1 + λ ) pλ (cid:19) . The same way, using Lemma 3.5, we obtain that |h θ + b i| > max ≤ λ ≤ p − ppλ ∈ N πp s λ λ (1 − λ ) (cid:18) − λ (1 + λ ) λ λ λ (cid:19) p Θ(2 , p (1 − λ ))Θ (cid:18) λλ , pλ (cid:19) , in particular, taking λ = , it follows that |h θ + b i| > √ πp e − (cid:18) (cid:19) p . (cid:3) Remark 5.1.
In summary, for the case F p p and p ≫ , we observe that lowerbound of |h θ + b i| is O (4 p ) in Popovych’s paper, O (5 . p ) in Voloch’s article and O (5 . p ) in our result. References [1] Agrawal, M., Kayal, N., Saxena, N.,
Primes is in P , Ann. of Math., (2004), 781-793.[2] Ahmadi, O., Shparlinski, I., Voloch, J. F., Multiplicative order of Gauss periods . Int. J.Number Theory (2010), 877-882.[3] Bach, E., Comments on search procedures for primitive roots . Math. Comp. (1997), no.220, 1719-1727[4] Cheng, Q., Constructing finite field extensions with large order elements.
SIAM J. DiscreteMath. (2007), 726-730.[5] Gathen, J. and Shparlinski, I.E., Orders of Gauss periods in finite fields , Appl. Algebra inEngin., Commun. and Compo (1998), 15-24[6] Gathen, J. and Shparlinski, I.E., Constructing elements of large order in finite fields . Appliedalgebra, algebraic algorithms and error-correcting codes. Lecture Notes in Comput. Sci., (1999), 404-409,[7] Gao, S.,
Elements of provable high orders in finite fields . Proc. Amer. Math. Soc. (1999),1615-1623.[8] Popovych, R.,
Elements of high order in finite fields of the form F q [ x ] / Φ r ( x ). Finite FieldsAppl. (2012), 700-710.[9] Popovych, R., Sharpening of the explicit lower bounds for the order of elements in finite fieldextensions based on cyclotomic polynomials.
Ukrainian Math. J. (2014), 916-927[10] Popovych, R., Elements of high order in Artin-Shreier extensions of finite fields.
Mat. Stud. (2013), 115-118[11] Lidl, R., Niederreiter, H., Finite Fields . Encyclopedia of Mathematics and Its Applications,Vol 20, Addison-Wesley 1983.[12] Sasv´ari, Z.,
Inequalities for binomial coefficients.
J. Math. Anal. Appl. (1999), 223-226.
LEMENTS OF HIGH ORDER IN ARTIN-SCHREIER EXTENSIONS 9 [13] Shoup, V.
Searching for primitive roots in finite fields.
Math. Comp. (1992), no. 197,369-380[14] Voloch, J. F., On some subgroups of the multiplicative group of finite rings . J. Th´eor. NombresBordeaux (2004), 233-239. Departamento de Matem´atica, Universidade Federal de Minas Gerais, UFMG, BeloHorizonte, MG, 30123-970, Brazil,
E-mail address : [email protected] E-mail address ::