A Fast Algorithm to Determine Normal
Polynomial over Finite Fields
Chih-Hua Chien, Trieu-Kien Truong, Yaotsu Chang and Chih-Hsuan Chen
Abstract--Normal basis in finite fields has proved to
be very useful for fast arithmetic computations. The
elements in a normal basis are exactly the roots of a
normal polynomial. Hence a normal polynomial is just
another way of describing a normal basis. In this paper, we
give some computational results of normal polynomial up
to degree n  19 according to the fast algorithm from
Chang et al. [1].
Keywords: normal basis, normal polynomial, finite field
of normal polynomial up to degree n  19 according to
the fast algorithm from Chang et al. [1].
This paper is organized as follows: Some
mathematical background is introduced in section 2.
Section 3 shows how the fast algorithm determines the
normal polynomials. Finally, some conclusions and
results are given in section 4. Finally, table 1 shows the
normal polynomials with non-zero trace up to degree
n  19 and the flowchart of the fast algorithm is given
at the end of this paper.
Ⅱ. MATHEMATICAL BACKGROUND
Ⅰ. INTRODUCTION
Efficient computations in finite fields and their
architectures are important in many applications,
including coding theory, computer algebra systems and
public-key cryptosystems
(e.g.
elliptic
curve
cryptosystems). Although all finite fields of the same
cardinality are isomorphic, their arithmetic efficiency
depends greatly on the choice of bases for field element
representations. Consider a basis representation of the
field elements, addition operation is relatively
inexpensive, whereas the multiplication is usually
considered the most important finite field arithmetic
operation and one of the most complex and
time-consuming operations. Therefore, some different
basis representation for elements of Galois field are
needed. Among them, the most popular bases
representation are the canonical, normal and dual bases.
Normal basis is an important representation and used in
many ways, such as multiplication representation and
inverse representation.
Normal basis was first introduced without proof
by Eisenstein [2] in 1850, and Schönemann [3] gave its
proof later in 1850 for the case GF(p), where p is prime.
In 1888, Hensel [4] proved for all arbitrary finite fields
the exact numbers of normal elements in the extensions
over finite fields. Perlis [5] proved that when n is a
power of a prime p, an irreducible polynomial of degree
n is normal if and only if its trace is non-zero. Later in
1986, Pei et al. [6] proved that when n  2 r p k and 2 is
a primitive root modulo p k , an irreducible polynomial
of degree n over GF(p) is normal if and only if its trace
is non-zero
The elements in a normal basis are exactly the
roots of a normal polynomial. Hence a normal
polynomial is just another way of describing a normal
basis. In this paper, we give some computational results
Let p be a prime number and m  2 be an integer.
The finite field E = GF(pm) of order pm can be viewed as
a vector space of dimension m over F = GF(p). A basis
of
the form  , p ,, p
m1
is called a normal basis,
and  is called a normal element of E over F. A monic,
f (x ) F[x] of degree m is
irreducible polynomial
called a normal polynomial if it is the minimal
polynomial of some normal element.
Let α E be a root of a monic, irreducible
polynomial
f (x )
of
degree
m.
The
elements
m 1
 ,  p ,,  p are all roots of f (x) and
f (x )
m 1
( x   )( x   p )( x   p )
=
m 1
= x m  (   p     p ) x m1    (1) m  p  p
The sum of all roots of
m 1
.
f (x ) is called the trace of
f (x ) , or the trace of α and can be denoted by tr(f) or
tr(), respectively.
The existence of a normal basis over F is
equivalent to the existence of a normal polynomial in
F[x]. If f (x)  F[x] is a normal polynomial over F, it is
obvious that tr(f) is not zero. To introduce the fast
algorithm, we need to derive the p-polynomial and the
definition as follows.
Defintion 2.1 A polynomial of the form  in0 ci x p is
i
called a p-polynomial over F=GF(p). Two forms of
p-polynomial will be used throughout this paper,
namely,
Ⅲ. FAST ALGORITHM
The fast algorithm makes it easy to distinguish if a
polynomial f ( x)  F [ x] is normal or not.
L p ( x n  1)  x p  x , and
n
g n ( x)  L p ( x n 1  ...  x  1)
 xp
n 1
 xp
n2
   x p  x.
Theorem 3.1 Let n be a positive integer and
Defintion
2.2 The
polynomial

n
i 0
ci x p  F [ x ]
i
corresponding with the polynomial f ( x)   in0 ci xi is
called the linearized p-associate of f (x) in F[x],
denoted by L p ( f ( x)) . Conversely,  in0 ci xi is called
conventional p-associate
 in0 ci x p in F[x].
of
the
p-polynomial
i
x n  1   ti1 (hi ( x))  for some positive integer  .
Usually,
we
let
mi ( x)  ( x  1) / hi ( x)
n
Suppose
h1 ( x)  ( x  1) .
and M i ( x)  L p (mi ( x)) .
A
monic, irreducible polynomial f ( x)  F [ x] of degree n
with tr ( f )  0
is a normal polynomial if
M i ( x)  L p (mi ( x)) is not divided by f (x) for
i  2,3,..., t .
Some information about the factor of g n (x) is
given in the following proposition.
Proposition 2.3 (Chang et al. [1]) Let f (x) be an
monic irreducible polynomial of degree d and a divisor
of degree n with d n . Then one has the following:
(i) If tr ( f )  0 , g n (x) is divided by f (x) .
(ii) If tr ( f )  0 , then g n (x) is divided by f (x)
if and only if p divides d n .
Proof: Since tr ( f )  0 , by Proposition 2.4, we have
g n (x) is not divided by f (x) . Therefore, if
M i ( x)  L p (mi ( x)) is not divided by f (x) for
i  2, 3,..., t , then from Proposition 2.5 follows that
f (x ) is normal polynomial over F.
Fast Algorithm:
Step 1: Given an irreducible polynomial f  F [x]
Proposition 2.4 Let f ( x)  F [ x] be an irreducible
polynomial of degree n. If tr ( f )  0 , then g n (x) is
not divided by f (x) .
The following Proposition is well-known for
factorizing a polynomial f (x) and its linearized
p-associate L p ( f ( x)) in F [x ] .
with degree n.
Step 2: The trace of f must not be zero otherwise f is not
normal.
Step 3: If n  p k , f (x) must be a normal polynomial.
Step 4: If n  2 r p k and 2 is a primitive root modulo
p k , f (x ) must be a normal polynomial.
Step 5: Factor x n  1   ti1 (hi ( x))  . Let h1 ( x)  ( x 1)
and then find mi ( x)  ( x n  1) / hi ( x) for
i  2,3,..., t .
Proposition 2.5 (Schwarz[13]) Let f  F [x] be an
n-th degree irreducible polynomial of non-zero trace.
Then f (x) is not normal over F if and only if f (x)
divides L p ( M i ) for some i  1 , where Mi(x) is a
maximal factor of xn-1.
Step 6: Compute q-associate M i ( x)  L p (mi ( x)) for
i  2,3,..., t .
Step 7: If M i ( x)  L p (mi ( x)) is not divided by f (x)
for i  2,3,..., t , then f (x) is a normal
polynomial. Otherwise, f (x) is not normal.
The following corollaries are used in judging a
normal polynomial of degree n with zero trace.
Example 3.2 Consider when n  6 , we have
Corollary 2.6 (Perlis[5]) Let n  p k
for some
n 1
integer k and f ( x)  c0  c1 x  ...  cn1 x  cn x be
an irreducible polynomial over GF(p). Then f (x) is a
normal polynomial if and only if cn1  0 .
n
Corollary 2.7 (Pei, Wang, Omura [6]) Let n  2 r p k
and 2 is a primitive root modulo p k . Let
f ( x)  c0  c1 x  ...  cn1 x n1  cn x n be an irreducible
polynomial over F. Then f (x) is a normal polynomial
if and only if cn1  0 .
x 6  1  ( x 2  x  1) 2 ( x  1) 2
and
,
.
( x  1) /( x  x  1)  x  x  x  1
Therefore,
6
2
4
3
L p ( x 4  x 3  x  1)  x 2  x 2  x 2  x 2
4
3
1
0
.
The irreducible polynomial f (x ) of deg( f )=6 with
tr ( f )  0 are x 6  x 5  1 , x 6  x 5  x 2  x  1 ,
,
and
x6  x5  x3  x 2  1
x6  x5  x 4  x  1
6
5
4
2
x  x  x  x  1 . Among these five polynomials,
4
3
1
0
only
is
divided
by
x2  x2  x2  x2
6
5
3
2
6
5
3
2
x  x  x  x  1 and therefore x  x  x  x  1
is the only one polynomial that is not a normal
polynomial with degree 6.
Ⅳ. CONCLUSION
Since a normal polynomial is just another way of
describing a normal basis, we derive the fast algorithm
to distinguish if a polynomial is normal or not. Some
computational results of normal polynomials with
nonzero trace up to degree n  19 are given in the
Table1.
As one could see, when n  6 , the only
irreducible
but
not
normal
polynomial
is
x 6  x 5  x 3  x 2  1 . To simplify the result, we write it
as 109  2 6  25  23  2 2  1 . When n  7 , only two
irreducible but not normal polynomials are 241 and 253.
When n  10 , there are three irreducible but not normal
polynomials, which are 1807, 1821 and 1891. As for
n  14 or more, there are 137 or more irreducible but
not normal polynomials. We do not list the result here.
REFERENCES
[1]Y. Chang, T.K.Truong, and I.S. Reed, "Normal Bases over
GF(q)," Journal of Algebra, vol.241, pp.89-101, 2001.07.
[2] G. Eisentein, Galoissche Theorie und Darstellungstheorie,
Math. Ann. 107 (1993), 140-144..
[3] T. Schönemann, Über einige von Herry Dr. Eisenstein
aufgestellte Lehrsätze, Irreduzible Congruenzen betreffend,
J. Reine Angew. Math. 40(1850). 185-187.
[4] K. Hensel, Über die Darstellung der Zahlen eines
Gattungsbereiches für einen beliebigen Primdivisor, J.
Reine Angew. Math 103(1888), 230-237.
[5] S. Perlis, Normal bases of cyclic fields of prime power
degree, Duke Math. J. 9(1942),507-517.
[6] D. Pei, C. Wang and J. Omura, Normal bases of finite field
GF(2m), IEEE Trans. Inform. Theory 32(1986), 285-287.
[7] P. K. S. Wah and M. Z. Wang, “Realization and application
of the Massey-Omura lock” in Proc. Int. Zurich Seminar,
Mar. 1984, pp. 175-182.
[8] C. C. Wang, T. K. Truong, H. M. Shao, L. J. Deutsch, J. K.
Omura and I. S. Reed, “VLSI architecture for computing
multiplications and inverse in GF(2m)”, IEEE Trans.
Comput., vol. C-34, pp. 709-717, 1985.
[9] D. Y. Pei, C. C. Wang and J. K. Omura, “Normal basis of
finite field GF(2m),” IEEE Trans. Inform. Theory, vol. IT-21,
pp. 285-287, 1986
[10] I. Onyszchuk, R. Mullin, and S. Vanstorne,
“Computational method and apparatus for finite field
multiplication,” U. S. Patent 4 745 568, 1988.
[11] D. W. Ash, I. F. Blake, and S. A. Vanstone, “Low
complexity normal bases,” Discr. Appl. Math., vol. 25, pp.
191-210, 1989.
[12] C. C. Wang and D. Y. Pei, “A VLSI design for computing
exponentiations in GF(2m) and its applications to generate
pseudorandom number sequences,” IEEE Trans. Comput.,
vol. 39, pp. 258-262, 1990. .
[13] S. Schwarz, “Contruction of Normal Bases in Cyclic
Extensions of a Field,” Czechslovak Math. J., 38(1988),
pp. 291-312.
[14] F. J. MacWilliams & N. J. A. Slone, The Theory Of
Error-Correcting Codes. New York: North-Holland, 1977
[15]Chang, Y., P. Shiue and W. S. Chou, "On the number of
primitive polynomials over finite fields," Finite Fields
and their Applications, vol.11, pp.156-163, 2005.01
Irreducible polynomial
Normal polynomial
n=2
1
1
n=3
1
1
n=4
2
2
n=5
3
3
n=6
5
4
n=7
9
7
n=8
16
16
n=9
28
28
n=10
51
48
n=11
93
93
n=12
170
170
n=13
315
315
n=14
585
469
n=15
1091
1035
n=16
2048
2048
n=17
3855
3825
n=18
7280
5376
n=19
13797
13797
Table 1
Flowchart of Fast Algorithms