Probabilistic verification Mario Szegedy, Rutgers www/cs.rutgers.edu/~szegedy/07540 Lecture 3

Fields A set F with two operations: + (addition), x (multiplication) (F, +) is an Abelian group with unit element 0. (F\{0}, x) is an Abelian group with unit element 1. For all x, y, z Є F: (x+y)z = xz + yz. (Distributivity) (We get the same definition if the multiplicative part is not restricted to Abelian.)

Characteristic Let F be a field (finite or infinite). Let U = + = {0, 1, 1+1, 1+1+1,…}, if |F| is finite |U| is the characteristic of F. If |U| is infinite then the characteristic is 0. (1 + 1)(1+1+1) = (1+1+1) + ( ). Similarly, product of any two elements from U is also from U by distributivity. Let |U| = p, finite. Then U is isomorphic with Z/pZ with respect to. addition and multiplication. In this case p is a prime, otherwise F would have a zero divisor, so U= F p. And F p is also called the prime subfield of F. LEMMA: If a field (finite or infinite) has finite characteristic p, then p is a prime. A finite field F has positive characteristic p for some prime p.positivecharacteristicprime

Size of a finite field Theorem 1.1 The cardinality of F is p n where n = [F : F p ] and F p denotes the prime subfield of F.cardinalityprime subfield Proof. The prime subfield F p of F is isomorphic to the field Z/pZ of integers mod p. Since the field F is an n-dimensional vector space over F p for some finite n, it is set-isomorphic to F p n and thus has cardinality p n.isomorphic integersvector space

(Uni-variate) Polynomials P(x) = x n + a n-1 x n-1 + … + a 1 x + a 0 (deg P = n) a i s are the coefficients. Roots: P(c) = 0 → P(x) = (x-c) Q(x) (deg Q = n-1) → P(x) can have at most n roots Reducibility: P(x) = Q(x)S(x) (deg Q, deg S < n) If there are no factors Q,S as above, then P is irreducible.

Theorem: the multiplicative group of every finite field is cyclic Let |F| = q. The theorem says that there is g Є F such that F = { 0, g, g 2,…, g q-1 } We need to prove that there is a g with order q-1 (smallest power that is 1). Let ORD(a) = { z | ord(z) = a}. ORD(a) is empty unless a|q-1. LEMMA: | ORD(a) | = φ(a), where φ(a) is the number of those residue classes mod a That are relatively prime to a. REMARK: The lemma immediately gives the theorem, since φ(q-1) ≥ 1.

Proof of the lemma: We proceed by induction on a. ORD(1) = {1}. Consider a > 1. z Є F is a root of x a -1 ↔ for some a’|a it holds that z Є ORD(a’). → x a -1 = Π a’|a Π f Є ORD(a’) (x-f). → ∑ a’|a |ORD(a’)| = a. From the inductional hypothesis: |ORD(a)| = a - ∑ a’|a; a’<a φ(a). To prove |ORD(a)| = φ(a) it is sufficient to show that: LEMMA: ∑ a’|a φ(a) = a. Proof of the lemma: Classify all numbers in {1,2,…,a} according to its greatest common divisor with a, and for every b|a let β(b) = | { z | (a,z) = b}|. Clearly, ∑ b|a β(b) = a. We claim β(b) = φ(a/b). (If so, we are done, since {a/b | b|a} = {b | b|a}). Indeed, (a,z) = b ↔ z = λb, where (λ, a/b) = 1.

Field extensions Transcendental extension: F(x) = { q(x)/r(x), where q,r are polynomials} Algebraic extension (with a root of some irreducible polynomial, s(x)): F(α) = {q(x) | q is a polynomial over F such that deg q < deg s} q( α) ↔ q(x) mod s(x) Alternative notation: F(α) ↔ F[x]/(s(x)) Inverse of r(x) for an algebraic extension: If xists r’(x) such that r’(x) r(x) + s’(x)s(x) = 1 → r’(x) r(x) = 1 (mod s(x)) → r’ = r -1

Splitting field F’ is the splitting field of a polynomial r(x) in F 1. if r(x) decomposes into linear factors in F’. 2. F’ is the smallest field with this property Remark: if (r’(x),r(x)) = 1, then all linear factors are different.

Linear spaces (classical approach) S = F n (dimension =n) S = {(x 1,x 2,…,x n ) | x i Є F } Subspace: S’ ≤ S, iff S’ is closed under linear combinations: x,y Є S → λx + μy Є S

Affine subspaces 1 dimensional affine subspaces = lines L x,y = { x+λy | λ Є F } 2 dimensional affine subspaces = planes P x,y,z = { x+λy+μz | λ,μ Є F } n-1 dimensional affine subspaces = hyperplanes S = { a 1 x 1 + a 2 x 2 + … + a n x n =b}