Open Problems for Polynomials over Finite Fields and Applications

Chapter

Abstract

We survey open problems for univariate polynomials over finite fields. We first comment in some detail on the existence and number of several classes of polynomials. The open problems in that part of the survey are of a more theoretical nature. Then, we center on classes of low-weight (irreducible) polynomials. The conjectures here are more practically oriented. Finally, we give brief descriptions of a selection of open problems from several areas including factorization of polynomials, special polynomials (APN functions, permutations), and relations between rational integers and polynomials.

1 Background and Goals of This Chapter

1.1 Introduction

We introduce a series of open problems for univariate polynomials over finite fields. The list is incomplete but still provides several topics of current research on this type of polynomials.

This chapter is an extended transcription of the author’s invited talk at the Open Problems in Mathematics and Computer Science Conference, Istanbul 2013. The topics presented in this chapter have been selected mainly from the Handbook of Finite Fields by Mullen and Panario [50]. Further problems on polynomials over finite fields are presented in that reference.

1.2 Background on Finite Fields

In order to make this survey self-contained, we briefly review fundamental notions and results in finite fields. Research on finite fields bridges the gap between several branches of mathematics like:
  • algebra (field extensions and Galois theory);

  • discrete mathematics and combinatorics (representing finite field elements as combinatorial objects; algorithms in finite fields; finite field constructions of combinatorial arrays);

  • number theory (counting special finite field elements; analogies between polynomials over finite fields and rational integers).

Many projects undertaken in finite fields can be applied almost immediately to “real-world” problems. Finite fields are used extensively in:
  • coding theory;

  • public key cryptography;

  • communications and electrical engineering;

  • computer science.

The interested reader is referred to the handbooks of cryptography, coding theory, and combinatorial designs for further results and connections of finite fields to those areas [8, 11, 48, 53].

Next we recall the definition of finite fields as well as several basic results that we need in this chapter.

Definition 1

A field\((F,+,\cdot )\) is a set F together with binary operations “+” and “⋅ ” such that:
  1. 1.

    (F, +) is an abelian group;

     
  2. 2.

    \((F\setminus \{0\},\cdot )\) is an abelian group;

     
  3. 3.
    distributive laws hold, that is, for a, b, c ∈ F, we have
    $$\displaystyle\begin{array}{rcl} a \cdot (b + c)& =& a \cdot b + a \cdot c, {}\\ (b + c) \cdot a& =& b \cdot a + c \cdot a. {}\\ \end{array}$$
     

If # F is finite, then we say that Fn is a finite field.

It is well known that
$$\displaystyle{\mathbb{Z}/(p)\text{ is a field if and only if }p\text{ is a prime}.}$$
Up to isomorphisms, there exists exactly one finite field with q = pn elements, denoted by \(\mathbb{F}_{q}\), for all primes p and positive integers n. The characteristic of the finite field \(\mathbb{F}_{q}\) is p.

We also need the well-known fact that the multiplicative group of \(\mathbb{F}_{q}\) is cyclic. The generators of this multiplicative group are primitive elements and play a fundamental role in many applications.

Polynomials As usual, a monic polynomial over \(\mathbb{F}_{q}\) of degree n is of the form \(x^{n} + a_{n-1}x^{n-1} + \cdots + a_{1}x + a_{0}\) with \(a_{i} \in \mathbb{F}_{q}\) for 0 ≤ i < n.

Irreducible polynomials are the most fundamental polynomials. A polynomial \(f \in \mathbb{F}_{q}[x]\) is irreducible over \(\mathbb{F}_{q}\) if f = gh with \(g,h \in \mathbb{F}_{q}[x]\) implies that g or h is in \(\mathbb{F}_{q}\). Through unique factorization, irreducible polynomials play the rôle to polynomials that prime numbers play to rational integers; we comment on this relation in more detail in Sect. 4.4. Moreover, we can construct \(\mathbb{F}_{q^{n}}\) by taking the quotient of \(\mathbb{F}_{q}[x]\) by an irreducible polynomial f of degree n over \(\mathbb{F}_{q}\), that is, \(\mathbb{F}_{q^{n}}\mathop{\cong}\mathbb{F}_{q}[x]/(f)\). The finite field elements are represented as polynomials of degree less than n with coefficients in \(\mathbb{F}_{q}\). In this extension field, addition is performed term-wise; multiplication is taken (mod f). There are other ways of representing elements over a finite field, but in this chapter we focus only on polynomials. One of the most prominent and practical of those other representations is normal bases; see Chap. 5 of [50] for an account on normal bases results.

1.3 Outline of the Chapter

We focus on open problems for univariate polynomials over finite fields.
  • In Sect. 2, we comment in some detail on the existence and number of several classes of polynomials. The open problems here are more of a theoretical nature.

  • Then, in Sect. 3, we center in classes of low-weight (irreducible) polynomials. The conjectures here are more practically oriented.

  • Finally, in Sect. 4, we give brief descriptions of a selection of open problems from several areas including factorization of polynomials, special polynomials (APN functions, permutation), iterations of polynomials, and relations between integer numbers and polynomials.

To know more about basics of finite fields, the reader is referred to the textbook Finite Fields by Lidl and Niederreiter [44].

Remark

Given the amount of work already done on the topics presented in this chapter, we are intentionally vague on the statement of the open problems. Including precise statements would make for a quite long presentation. However, the reader should check the references cited before each open problem to find exact results known so far. We note that for each open problem given in this chapter, there is still considerably work to be done to completely solve the problem.

2 Prescribed Coefficients

2.1 Irreducible Polynomials

The number Iq(n) of monic irreducible polynomials of degree n over \(\mathbb{F}_{q}\) is
$$\displaystyle{I_{q}(n) = \frac{1} {n}\sum _{d\vert n}\mu (d)q^{n/d} = \frac{q^{n}} {n} + O(q^{n/2}),}$$
where \(\mu: \mathbb{N} \rightarrow \mathbb{N}\) is the Möbius function, given by
$$\displaystyle{\mu (n) = \left \{\begin{array}{cl} 1 &\mbox{ if $n = 1$,} \\ (-1)^{k}&\mbox{ if $n$ is a product of $k$ distint primes,} \\ 0 &\text{otherwise.} \end{array} \right.}$$
This is known for almost 150 years, but if we prescribed some coefficient to some value, can we characterize and count those type of irreducible polynomials? We briefly introduce in the following some results on this direction; a wealth of references to these and related problems on irreducible polynomials over finite fields can be found on Chap. 3 of [50].

2.2 Irreducibles with Prescribed Coefficients: Existence

The Hansen–Mullen conjecture [32] states the existence of irreducibles over \(\mathbb{F}_{q}\) with any one coefficient prescribed to a fixed value. Wan [61] proved the Hansen–Mullen conjecture using Dirichlet characters and Weil bounds. Generalizations have been given for the existence of irreducibles with the trace and norm coefficients (i.e., the coefficients of xn−1 and x0, respectively) prescribed as well as with few more coefficients prescribed; see Sect. 3.5 of [50].

On the other hand, there are also results for up to half coefficients prescribed [35] and variants, for example, prescribing precisely upper and lower coefficients of the polynomial:

However, experiments show that we could prescribe almost all coefficients and still obtain irreducible polynomials!

Open Problem 1

Prefix some coefficients of a polynomial over a finite field to some values; prove that there exist irreducible polynomials with those coefficients prescribed to those values.

We remark that the techniques used so far for existence results are from number theory (characters, bounds on character sums).

2.3 Irreducibles with Prescribed Coefficients: Number

There are far less results proved about the number of irreducible polynomials with coefficients prescribed than about existence. Results so far include exact estimates for the number of irreducibles with up to 2 coefficients (xn−1 and x0, or xn−1 and xn−2) prescribed over any finite field.

Over \(\mathbb{F}_{2}\), in addition to the previous results, there are formulas for the number of irreducible polynomials
  • with up to the three most significant coefficients (\(x^{n-1},x^{n-2},x^{n-3}\)) prescribed to any value,

  • conjectures for the four most significant coefficients prescribed.

Open Problem 2

Give exact (or asymptotic) counting for irreducible polynomials with prescribed coefficients.

The techniques used for these estimates are more elementary than the ones for existence results, and they come from several areas of discrete mathematics.

The long-term goal here is to provide existence and counting results for irreducibles with any number of prescribed coefficients to any given values. This goal is completely out of reach at this time. Incremental steps seem doable, but it would be most interesting if new techniques were introduced to attack these problems.

2.4 Primitive Polynomials with Prescribed Coefficients

A polynomial \(f \in \mathbb{F}_{q}[x]\) of degree n ≥ 1 is primitive if it is the minimal polynomial of a primitive element of \(\mathbb{F}_{q^{n}}\). These polynomials are fundamental in many applications in engineering involving sequences and LFSRs (linear feedback shift registers).

Primitive polynomials exist for any degree n ≥ 1 and any finite field \(\mathbb{F}_{q}\). As it is easy to check, the number of primitive polynomials of degree n over \(\mathbb{F}_{q}\) is \(\phi (q^{n} - 1)/n\), where ϕ denotes Euler’s function. However, if we prescribe some coefficients, only some partial results are known. We comment on some results for this type of polynomials; more references can be found on Chap. 4 of [50].

The Hansen–Mullen conjecture for primitive polynomials asks whether primitive polynomials exist with any coefficient prescribed to a given value. This conjecture was proved for n ≥ 9 by Cohen [7] and without restrictions by Cohen and Prešern [9]. There are generalizations to few prescribed coefficients but no exact results for the number of primitive polynomials with prescribed coefficients.

Open Problem 3

Prefix some coefficients of a primitive polynomial over a finite field to some values; prove that there exist (or give the number of) primitive polynomials with those coefficients prescribed to those values.

One can require for a polynomial to be primitive and also hold other algebraic conditions. Primitive normal polynomials are an important class of this type of polynomials. A polynomial is primitive normal if its roots form a normal basis and are primitive elements. We recall that an element α in \(\mathbb{F}_{q^{n}}\) is normal if \(\{\alpha,\alpha ^{q},\ldots,\alpha ^{q^{n-1} }\}\) is a basis of \(\mathbb{F}_{q^{n}}\) over \(\mathbb{F}_{q}\).

The existence of primitive normal polynomials was established by Carlitz [5], for sufficiently large q and n, Davenport [13] for prime fields, and finally for all (q, n) by Lenstra and Schoof [41]. A proof without the use of a computer was later given Cohen and Huczynska [10]. Gauss sums, hybrids of additive and multiplicative characters sums, are employed in primitive normal results.

Hansen–Mullen also conjectured that primitive normal polynomials with one prescribed coefficient exist for all q and n. Fan and Wang [18] proved the conjecture for n ≥ 15. There are generalizations for two coefficients (norm and trace) and for three coefficients but not much is known beyond those cases; see Sect. 4.2 of [50].

An element α in \(\mathbb{F}_{q^{n}}\) is completely normal if α is a normal element of \(\mathbb{F}_{q^{n}}\) over \(\mathbb{F}_{q^{d}}\), for every subfield \(\mathbb{F}_{q^{d}}\) (hence d | n). The minimal polynomial of α over \(\mathbb{F}_{q}\) is a completely normal polynomial. Not much is known about these polynomials even in the case when no prescribed condition on the coefficients is included. Morgan and Mullen [49] conjectured that for any n ≥ 2 and any prime power q there exists a completely normal primitive basis of \(\mathbb{F}_{q^{n}}\) over \(\mathbb{F}_{q}\).

Open Problem 4

Prove the Morgan and Mullen conjecture for completely normal primitive bases.

This conjecture is still wide open though major advances on this problem have been done by Hachenberger [30, 31]. The methods here are algebraic and allow the derivation of lower bounds.

3 Low-Weight Polynomials

3.1 Introduction

A particular important case of prescribed coefficients occurs when most coefficients are set to zero. The weight of a polynomial is the number of nonzero coefficients of the polynomial. Loosely speaking, a polynomial has low weight when “most” coefficients are zero.

This case is relevant in practice where we prefer sparse irreducible polynomials, like trinomials (polynomials with 3 monomials) or pentanomials (polynomials with 5 monomials) over \(\mathbb{F}_{2}\), to construct the extension fields. These are, for example, the recommendations of IEEE [36]. Among same degree irreducible trinomials or pentanomials, for reasons of confidence, we choose polynomials following a lowest lexicographical order selection. However, Scott [56] shows that the irreducible with the optimal performance for a given implementation does not necessarily follow the lowest lexicographical order!

3.2 Conjectures and Open Problems

The state of affairs for low-weight polynomials is very poor. Indeed the following open problem presents several old questions that are still not mathematically answered.

Open Problem 5

  • What is the density of n’s such that there is an irreducible trinomial of degree n over \(\mathbb{F}_{2}\)?

  • Are there irreducible pentanomials over \(\mathbb{F}_{2}\) for all n ?

  • Are there irreducible tetranomials over \(\mathbb{F}_{q}\), q ≥ 3, for all n ≥ 3 ?

Experimentally, there are only about 50 % of n with irreducible trinomials of degree n over \(\mathbb{F}_{2}\). However, there seems to be a pentanomial for every n. There are tables of trinomials and pentanomials, using Magma, for the following values of q and n:

q

n ≤  

q

n ≤  

q

n ≤  

q

n ≤ 

 

2

120, 000

3

50, 000

4, 5, 7

2, 000

9 ≤ q ≤ 127

1, 000

 

Those experiments suggest that the existential questions raised in Open Problem 5 should have a positive answer, but there are no proofs in sight for any of those problems.

A sedimentary polynomial is a polynomial over \(\mathbb{F}_{q}\) of the form \(f(x) = x^{n} + g(x)\) with g of degree close to logqn.

Open Problem 6

Prove that for every positive integer n, there exists a polynomial g of degree at most logqn + 3 such that\(f(x) = x^{n} + g(x)\)is irreducible over\(\mathbb{F}_{q}\).

These polynomials have been used, for example, by Coppersmith [12] to represent elements in \(\mathbb{F}_{2^{n}}\) in a subexponential algorithm for discrete logarithm computations in finite fields. Again, experiments [27] seem to imply the existence of sedimentary polynomials as stated in Open Problem 6, but no proof of this fact is available at this time.

3.3 Reducibility of Low-Weight Polynomials

Swan [58] characterizes the parity of the number of irreducible factors of a trinomial over \(\mathbb{F}_{2}\) relating it to the discriminant of the trinomial (due to Pellet and Stickelberger). Obviously, if the number of irreducible factors of a polynomial is even, the trinomial is then reducible.

In principle one could use this to provide reducibility conditions. However there is a main problem with this approach: the calculation of the discriminant of the polynomial is hard even when the polynomial has a moderate number of terms.

We exemplify in the following a typical result in this area.

Theorem 1 ([58])

Let n > k > 0. Assume precisely one of n,k is odd. Then if r is the number of irreducible factors of\(f(x) = x^{n} + x^{k} + 1 \in \mathbb{F}_{2}[x]\), then r is even in the following cases:
  • n even, k odd, n ≠ 2k and\(nk/2 \equiv 0,1\ (\mbox{ mod}\ 4)\);

  • n odd, k even, \(k \nmid 2n\)and\(n \equiv 3,5\ (\mbox{ mod}\ 8)\);

  • n odd, k even, \(k\mid 2n\)and\(n \equiv 1,7\ (\mbox{ mod}\ 8)\).

In other cases f has an odd number of factors.

The case where n and k are both odd can be covered using that the reverse of f has the same number of irreducible factors. If both n and k are even the trinomial is a square and has an even number of irreducible factors.

The next is an important practical consequence that asserts that there are no irreducible trinomials over \(\mathbb{F}_{2}\) for the usual computer word sizes.

Corollary 1

There are no irreducible trinomials over\(\mathbb{F}_{2}\)with degree a multiple of 8.

By now, over \(\mathbb{F}_{2}\), we know the reducibility of few pentanomials, but not if irreducible pentanomials exist for all degrees. Over \(\mathbb{F}_{q},q > 2\), we know when binomials are reducible; we also have partial results for trinomials and tetranomials, as well as for some very special type of polynomials; see Sects. 3.4 and 3.5 in [50].

Open Problem 7

Give new reducibility results for low-weight polynomials over finite fields.

It would also be interesting to study the distribution of the discriminant for random polynomials over finite fields.

Open Problem 8

Give expected value and distributional studies for the discriminant of a random polynomial over a finite field.

Low-weight polynomials have several applications; see Sect. 14.9 of [50]. We only comment here on two of those. Consider a maximum-length shift-register sequence generated by a primitive polynomial f over a finite field. The set of its subintervals is a linear code whose dual code is formed by all polynomials divisible by f [51]. Since the minimum weight of a dual code is directly related to the strength of the corresponding orthogonal array [3], one can produce orthogonal arrays by studying divisibility of polynomials with low weight. (For information on orthogonal arrays, we refer to the book [33].)

To obtain orthogonal arrays of larger strength t (equivalently dual codes of minimum weight t + 1), we need conditions on when a low-weight polynomial divides another (low) t-weight polynomial. At this moment, we only know conditions for divisibility of trinomials and pentanomials over \(\mathbb{F}_{2}\), and some similar cases over \(\mathbb{F}_{3}\).

In addition, low-weight multiples of a public polynomial compromise the private key for the \(\mathcal{T}\mathcal{C}\mathcal{H}o\)cryptosystem, and its security therefore rests on the difficulty of finding low-weight multiples [2, 34].

Open Problem 9

Study the divisibility of a low-weight polynomial over a finite field by another low-weight polynomial over the same finite field.

4 Potpourri of Polynomial Topics and Problems

4.1 Factorization of Polynomials

Given a monic univariate polynomial \(f \in \mathbb{F}_{q}[x]\), the factorization problem asks to find monic distinct irreducible fi and positive integers ei, 1 ≤ i ≤ r, such that \(f = f_{1}^{e_{1}}\cdots f_{r}^{e_{r}}\). Much work has been done in this area; see [23, 24].

A standard method for this task uses three steps:
  1. 1.

    Elimination of repeated factors (ERF) replaces a polynomial by a square-free one which contains all the irreducible factors of the original polynomial with exponents reduced to 1.

     
  2. 2.

    Distinct-degree factorization (DDF) splits a square-free polynomial into a product of polynomials whose irreducible factors have all the same degree.

     
  3. 3.

    Equal-degree factorization (EDF) completely factors a polynomial whose irreducible factors have the same degree.

     

All efficient practical versions use a probabilistic algorithm for EDF. The next is a long-standing problem of a main theoretical interest.

Open Problem 10

Find a polynomial time deterministic algorithm for factoring polynomials over finite fields.

We remark that this problem is open even assuming the generalized Riemann hypothesis (GRH) [37]. So far, the techniques used to answer this question are mostly algebraic.

In terms of fast practical versions of the general methodology commented above based on three steps, it has been well known that the bottleneck is on the second step, the distinct-degree factorization stage. A key role on the algorithmic improvements for this problem has been played by the use of fast modular compositions and interval partitions [26, 39].

By now the algorithms are very efficient, at least to factor very large degree polynomials taken uniformly at random. Advances in the next problem may improve the current best algorithm versions when the polynomials to be factored are taken at random.

Open Problem 11

Find the best interval partition for factoring a random polynomial over a finite field.

The techniques used so far for this type of probabilistic analysis come from analytic combinatorics [20]. They proceed in two steps; first generating functions for the quantities of interest are derived, and then asymptotic analyses for the extraction of coefficient asymptotics are used. This general methodology was used in [21] for the complete analysis of the algorithms above for the factorization of polynomials over finite fields; for the latest results, see [25, 52].

4.2 Special Polynomials Over Finite Fields

4.2.1 PN and APN Functions

Definition 2

Let G1 and G2 be finite abelian groups of the same cardinality and \(f: G_{1} \rightarrow G_{2}\). We say that f is a perfect nonlinear (PN) function if
$$\displaystyle{\varDelta _{f,a}(x) = f(x + a) - f(x) = b}$$
has exactly one solution for all a ≠ 0 ∈ G1 and all b ∈ G2.

PN functions provide optimal resistance to linear and differential cryptographic attacks. However, PN functions cannot exist in finite fields of characteristic 2 (the most important for implementations). They were introduced as planar functions by Dembowski–Ostrom [14]; they are also known as bent functions; see Chap. 9 of [50].

We obtain an alternate definition for almost best-possible differential structure by slightly relaxing the condition on the definition of PN function.

Definition 3

Let G1 and G2 be finite abelian groups of the same cardinality and \(f: G_{1} \rightarrow G_{2}\). We say that f is an almost perfect nonlinear function if
$$\displaystyle{ \varDelta _{f,a}(x) = f(x + a) - f(x) = b }$$
(1)
has at most two solutions for all a ≠ 0 ∈ G1 and all b ∈ G2.

As an example, the inverse function\(f: x\mapsto x^{2^{n}-2 }\) in \(\mathbb{F}_{2^{n}}\) is APN if and only if n is odd. We remark that this function is used in the Advanced Encryption Standard (AES) but in that case n = 8. If n is even, then Δf, a is close to APN; indeed, it is differential 4 uniform, that is, Eq. (1) has at most four solutions for each a and all b.

In most applications, candidate functions for use in symmetric key cryptosystems must be permutations. Furthermore, for implementation purposes, functions over \(\mathbb{F}_{2^{e}}\) with e even are preferred. There are no PN permutations in these fields. Hence, combining these criteria, the most desirable candidate functions for cryptographical applications are APN permutations over\(\mathbb{F}_{2^{e}}\)where e is even. Currently, there is only one known APN permutation over\(\mathbb{F}_{2^{e}}\), when e is even. This function for \(\mathbb{F}_{2^{6}}\) was given by Dillon and collaborators [4].

Open Problem 12

Find APN permutations over\(\mathbb{F}_{2^{e}}\), when e is even.

4.2.2 Permutation Polynomials Over Finite Fields

Definition 4

A polynomial \(f \in \mathbb{F}_{q}[x]\) is a permutation polynomial (PP) of \(\mathbb{F}_{q}\) if the function \(f: c \rightarrow f(c)\) from \(\mathbb{F}_{q}\) into itself induces a permutation.

There have been massive amount of work on PPs since the nineteenth century. Many results have appeared on the last 30 years, some of them due to the many cryptographic applications of PPs; see Chap. 8 of [50]. However, many questions are still not fully answered [42, 43] even though substantial work have been done on these problems.

Some well-known classes of PPs include monomials xn when \(\gcd (n,q - 1) = 1\), Dickson polynomials \(D_{n}(x,a) =\sum _{ j=0}^{\lfloor n/2\rfloor } \frac{n} {n-j}\binom{n - j}{j}(-a)^{j}x^{n-2j}\) when \(\gcd (n,q^{2} - 1) = 1\), and linearized polynomials \(L(x) =\sum _{ s=0}^{n-1}a_{s}x^{q^{s} } \in \mathbb{F}_{q^{n}}[x]\) when \(\det (a_{i-j}^{q^{j} })\not =0\), 0 ≤ i, j ≤ n − 1.

Open Problem 13

  1. 1.

    Find new classes of PPs.

     
  2. 2.

    Find PPs with some prescribed coefficients to some values.

     

Let Nn(q) denote the number of PPs of \(\mathbb{F}_{q}\) of degree n. It is easy to show that \(N_{1}(q) = q(q - 1)\), Nn(q) = 0 if n is a divisor of q − 1 larger than 1, and ∑ Nn(q) = q! where the sum is taken over all 1 ≤ n < q − 1 such that n is either 1 or is not a divisor of q − 1. However, in general, Nn(q) is still not known.

Open Problem 14

Find the number Nn(q) of PPs of degree n.

If the polynomial is not a permutation, it is interesting to find its value set, that is, the distinct values that the function takes. The value sets of some functions have been studied, but, in general, similar questions as above have only been partially studied; see Sect. 8.3 of [50].

4.3 Iteration of Polynomials Over Finite Fields

Given a polynomial \(f \in \mathbb{F}_{q}[x]\), one can define the functional graph of f as a directed graph on q nodes labelled by elements of \(\mathbb{F}_{q}\) where there is an edge from a to b if and only if f(a) = b. This graph has one or more connected components, and each connected component contains one cycle with trees attached to some of the cycle nodes. The cycle may be of length 1, a fixed point. The graph of a polynomial f encodes characteristics of the map like the distribution and length of periodic points (points in the cycle of a connected component) and pre-periodic points (points in the trees, not in the cycle).

A key motivation on this area is to better understand Pollard’s ρ-algorithm [55] for integer factorization. In the analysis of that algorithm, a composite integer \(m\) is given, and we are interested in the properties of the polynomial mappings \(x\mapsto x^{2} - 1(\text{mod }p)\), where \(p\vert m\). If \(p\) is prime, this mapping has the property that every image has at most \(2\) preimages. This type of property can also be desirable for mappings used in cryptographic hash functions. The quadratic mappings x2 and x2 − 2 has been studied in [60], but the shape of more generic quadratic maps has not been fully understood.

Some nonquadratic maps have also been studied. The dynamics of the maps xn over finite fields has been analyzed [6, 57]. Iterations of Chebyshev polynomials of the first kind has also been studied [28], as well as rational maps of the form \(x + x^{-1}\) over small finite fields [59].

Open Problem 15

Describe the graphs of iterations of polynomials over finite fields.

It is not clear what is the proper heuristic model to describe Pollard’s ρ-algorithm. A study of general random maps was executed by Flajolet and Odlyzko [19]. A model with restrictions on the number of preimages, that would in principle adapt better to Pollard’s ρ-algorithm, is in [1, 45]. However, a model that can fully explain Pollard’s ρ-algorithm is still not available.

Open Problem 16

Develop a heuristic model to completely describe Pollard’s ρ-algorithm.

4.4 Relations Between Integers and Polynomials

The unique factorization of polynomials into irreducibles allow the derivation of analogous results to the ones for the decomposition of integers into prime numbers. For example, one can study properties such as:
  • expected number of irreducible factors of a polynomial (number of primes of an integer);

  • probability of a factorization pattern;

  • expected largest and smallest degree irreducible factor (largest and smallest prime);

  • irreducibles (primes) in arithmetic progression.

A basic technique from analytic combinatorics allows the derivation of such results (see [21] and Sect. 11.1 of [50]). This technique also allows the study of the distribution of the factors in the gcd of several univariate polynomials over a finite field.

Some classical number theoretic problems have been successfully translated to polynomials. This is the case of the twin prime conjecture. As in the integer case, we consider two irreducible polynomials to be twins if they differ by as little as possible. We measure the size of a monic polynomial \(f \in \mathbb{F}_{q}[x]\) of degree n with the absolute value | f |  = qn. Two polynomials f and g, both of degree n over \(\mathbb{F}_{q}\), are twin irreducible polynomials if \(\vert g - f\vert = 4\) for q = 2, or \(\vert g - f\vert = 1\) otherwise.

The twin irreducible polynomials conjecture states that if q is fixed and the degree n tends to infinity, then there are infinitely many twin irreducible polynomials. This conjecture has been proved for all finite fields of order bigger than two [15, 54].

Open Problem 17

Prove the twin irreducible polynomial conjecture in\(\mathbb{F}_{2}\).

Classical generalizations of the twin prime conjecture in the integer setting (if we consider more than two primes, or if the primes are not as close as possible) have not been given yet for polynomials over finite fields.

There have been some results about additive properties for polynomials related to the Goldbach conjecture and their generalizations (e.g., sum of three irreducibles); see [16, 17].

Many other classical problems from number theory have been treated for polynomials over finite fields. The most famous result is the polynomial version of the Generalized Riemann Hypothesis of Weil [62]; there is as well a polynomial analogue of Artin’s conjecture on primitive roots [38]

On the other hand, several recent results in number theory have not been completely translated into polynomials over finite fields yet including, for example, the ones in the following.

Open Problem 18

Give polynomial over a finite field versions for the following problems already studied for prime numbers:
  1. 1.

    divisors and shifted divisors in intervals [22, 40];

     
  2. 2.

    primes in small gaps [29, 47, 63];

     
  3. 3.

    sum of digits function [46].

     

Some of these problems may be amenable to the techniques from analytic combinatorics commented above.

Conclusions

Polynomials over finite fields are fundamental in several theoretical areas of mathematics and in many practical applications in communications. We comment on some open problems for univariate polynomials over finite fields. The selection of topics is by no means complete, but we hope is representative of the intense current research in polynomials over finite fields.

References

  1. 1.
    J. Arney, E.A. Bender, Random mappings with constraints on coalescence and number of origins. Pac. J. Math. 103, 269–294 (1982)MATHMathSciNetCrossRefGoogle Scholar
  2. 2.
    J.-P. Aumasson, M. Finiasz, W. Meier, S. Vaudenay, A hardware-oriented trapdoor cipher, in Information Security and Privacy. Lecture Notes in Computer Science, vol. 4586 (Springer, New York, 2007), pp. 184–199Google Scholar
  3. 3.
    R.C. Bose, On some connections between the design of experiments and information theory. Bull. Inst. Int. Stat. 38, 257–271 (1961)MATHGoogle Scholar
  4. 4.
    K.A. Browning, J.F. Dillon, M.T. McQuistan, A.J. Wolfe, An APN permutation in dimension six, in Finite Fields: Theory and Applications. Contemp. Math., vol. 518 (The American Mathematical Society, Providence, 2010), pp. 33–42Google Scholar
  5. 5.
    L. Carlitz, Primitive roots in a finite field. Trans. Am. Math. Soc. 73, 373–382 (1952)MATHCrossRefGoogle Scholar
  6. 6.
    W. Chou, I. Shparlinski, On the cycle structure of repeated exponentiation modulo a prime. J. Number Theory 107, 345–356 (2004)MATHMathSciNetCrossRefGoogle Scholar
  7. 7.
    S.D. Cohen, Primitive polynomials with a prescribed coefficient. Finite Fields Appl. 12, 425–491 (2006)MATHMathSciNetCrossRefGoogle Scholar
  8. 8.
    H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange, K. Nguyen, F. Vercauteren, Handbook of Elliptic and Hyperelliptic Curve Cryptography, Series on Discrete Mathematics and Its Applications (CRC Press, Boca Raton, 2006)Google Scholar
  9. 9.
    S.D. Cohen, M. Prešern, The Hansen–Mullen primitive conjecture: completion of proof, in Number Theory and Polynomials. London Math. Soc. Lecture Note Series, vol. 352 (Cambridge University Press, Cambridge, 2008), pp. 89–120Google Scholar
  10. 10.
    S.D. Cohen, S. Huczynska, The primitive normal basis theorem—without a computer. J. Lond. Math. Soc. 2nd Ser. 67, 41–56 (2003)Google Scholar
  11. 11.
    C.J. Colbourn, J.H. Dinitz, Handbook of Combinatorial Designs, 2nd edn., Series on Discrete Mathematics and Its Applications (CRC Press, Boca Raton, 2007)Google Scholar
  12. 12.
    D. Coppersmith, Fast evaluation of logarithms in fields of characteristic two. IEEE Trans. Inf. Theory 30, 587–594 (1984)MATHMathSciNetCrossRefGoogle Scholar
  13. 13.
    H. Davenport, Bases for finite fields. J. Lond. Math. Soc. 2nd Ser. 43, 21–39 (1968)Google Scholar
  14. 14.
    P. Dembowski, T.G. Ostrom, Planes of order n with collineation groups of order n 2. Math. Z. 103, 239–258 (1968)MATHMathSciNetCrossRefGoogle Scholar
  15. 15.
    G. Effinger, Toward a complete twin primes theorem for polynomials over finite fields, in Finite Fields and Applications. Contemp. Math., vol. 461 (The American Mathematical Society, Providence, 2008), pp. 103–110Google Scholar
  16. 16.
    G. Effinger, D.R. Hayes, Additive Number Theory of Polynomials over a Finite Field, Oxford Mathematical Monographs (Oxford University Press, New York, 1991)Google Scholar
  17. 17.
    G. Effinger, K. Hicks, G.L. Mullen, Integers and polynomials: comparing the close cousins \(\mathbb{Z}\) and \(\mathbb{F}_{q}[x]\). Math. Intelligencer 27, 26–34 (2005)MATHMathSciNetCrossRefGoogle Scholar
  18. 18.
    S. Fan, X. Wang, Primitive normal polynomials with a prescribed coefficient. Finite Fields Appl. 15, 682–730 (2009)MATHMathSciNetCrossRefGoogle Scholar
  19. 19.
    P. Flajolet, A.M. Odlyzko, Random mapping statistics, in Advances in cryptology—EUROCRYPT ’89. Lecture Notes in Comput. Sci., vol. 434 (Springer, New York, 1990), pp. 329–354Google Scholar
  20. 20.
    Ph. Flajolet, R. Sedgewick, Analytic Combinatorics (Cambridge University Press, Cambridge, 2009)MATHCrossRefGoogle Scholar
  21. 21.
    P. Flajolet, X. Gourdon, D. Panario, The complete analysis of a polynomial factorization algorithm over finite fields. J. Algorithms 40, 37–81 (2001)MATHMathSciNetCrossRefGoogle Scholar
  22. 22.
    K. Ford, The distribution of integers with a divisor in a given interval. Ann. Math. 168, 367–433 (2008)MATHCrossRefGoogle Scholar
  23. 23.
    J. von zur Gathen, J. Gerhard, Modern Computer Algebra, 2nd edn. (Cambridge University Press, Cambridge/New York/Melbourne, 2003)Google Scholar
  24. 24.
    J. von zur Gathen, D. Panario, Factoring polynomials over finite fields: a survey. J. Symb. Comput. 31, 3–17 (2001)Google Scholar
  25. 25.
    J. von zur Gathen, D. Panario, B. Richmond, Interval partitions and polynomial factorization. Algorithmica 63, 363–397 (2012)Google Scholar
  26. 26.
    J. von zur Gathen, V. Shoup, Computing Frobenius maps and factoring polynomials. Comput. Complex. 2, 187–224 (1992)Google Scholar
  27. 27.
    S. Gao, J. Howell, D. Panario, Irreducible polynomials of given forms, in Finite Fields: Theory, Applications, and Algorithms. Contemp. Math., vol. 225 (The American Mathematical Society, Providence, 1999), pp. 43–54 sGoogle Scholar
  28. 28.
    T.A. Gassert, Chebyshev action on finite fields. arXiv:1209.4396v3Google Scholar
  29. 29.
    D.A. Goldston, J. Pintz, C.Y. Yldrm, Primes in tuples I. Ann. of Math. 170, 819–862 (2009)MATHMathSciNetCrossRefGoogle Scholar
  30. 30.
    D. Hachenberger, Primitive complete normal bases for regular extensions. Glasgow Math. J. 43, 383–398 (2001)MATHMathSciNetCrossRefGoogle Scholar
  31. 31.
    D. Hachenberger, Primitive complete normal bases: existence in certain 2-power extensions and lower bounds. Discrete Math. 310, 3246–3250 (2010)MATHMathSciNetCrossRefGoogle Scholar
  32. 32.
    T. Hansen, G.L. Mullen, Primitive polynomials over finite fields. Math. Comput. 59, 639–643, S47–S50 (1992)MathSciNetCrossRefGoogle Scholar
  33. 33.
    A.S. Hedayat, N.J.A. Sloane, J. Stufken, Orthogonal Arrays, Theory and Applications, Springer Series in Statistics (Springer, New York, 1999)Google Scholar
  34. 34.
    M. Herrmann, G. Leander, A practical key recovery attack on basic \(\mathcal{T}\mathcal{C}\mathcal{H}o\), in Public Key Cryptography—PKC 2009. Lecture Notes in Comput. Sci., vol. 5443 (Springer, New York, 2009), pp. 411–424Google Scholar
  35. 35.
    C.-N. Hsu, The distribution of irreducible polynomials in \(\mathbf{F}_{q}[t]\). J. Number Theory 61, 85–96 (1996)MATHMathSciNetCrossRefGoogle Scholar
  36. 36.
    IEEE, Standard specifications for public key cryptography, Standard P1363-2000, Institute of Electrical and Electronics Engineering, 2000, Draft D13 available at http://grouper.ieee.org/groups/1363/P1363/draft.html
  37. 37.
    G. Ivanyos, M. Karpinski, L. Rónyai, N. Saxena, Trading GRH for algebra: algorithms for factoring polynomials and related structures. Math. Comput. 81, 493–531 (2012)MATHCrossRefGoogle Scholar
  38. 38.
    E. Jensen, M.R. Murty, Artin’s conjecture for polynomials over finite fields, in Number Theory, Trends in Mathematics (Birkhauser, Basel, 2000), pp. 167–181Google Scholar
  39. 39.
    K.S. Kedlaya, C. Umans, Fast modular composition in any characteristic, in 49th Annual IEEE Symposium on Foundations of Computer Science (2008), pp. 146–155Google Scholar
  40. 40.
    D. Koukoulopoulos, Divisors of shifted primes. Int. Math. Res. Not. IMRN 2010, 4585–4627 (2010)MATHMathSciNetGoogle Scholar
  41. 41.
    H.W. Lenstra, Jr., R.J. Schoof, Primitive normal bases for finite fields. Math. Comp. 48, 217–231 (1987)MATHMathSciNetCrossRefGoogle Scholar
  42. 42.
    R. Lidl, G.L. Mullen, When does a polynomial over a finite field permute the elements of the field? Am. Math. Mon. 95, 243–246 (1988)MATHMathSciNetCrossRefGoogle Scholar
  43. 43.
    R. Lidl, G.L. Mullen, When does a polynomial over a finite field permute the elements of the field? II. Am. Math. Mon. 100, 71–74 (1993)MATHMathSciNetCrossRefGoogle Scholar
  44. 44.
    R. Lidl, H. Niederreiter, Finite Fields, vol. 20, 2nd edn., Encyclopedia of Mathematics and its Applications (Cambridge University Press, Cambridge, 1997)Google Scholar
  45. 45.
    A. MacFie, D. Panario, Random mappings with restricted preimages, in Proceedings of LatinCrypt 2012. Lecture Notes in Comput. Sci., vol.7533 (Springer, Berlin, 2012), pp. 254–270Google Scholar
  46. 46.
    C. Mauduit, J. Rivat, Sur un problème de Gelfond: la somme des chiffres des nombres premiers. Ann. Math. 171, 1591–1646 (2010)MATHMathSciNetCrossRefGoogle Scholar
  47. 47.
    J. Maynard, Small gaps between primes. arXiv:1311.4600 (2013)Google Scholar
  48. 48.
    A.J. Menezes, P.C. van Oorschot, S.A. Vanstone, Handbook of Applied Cryptography, Series on Discrete Mathematics and its Applications (CRC Press, Boca Raton, 1997)Google Scholar
  49. 49.
    I.H. Morgan, G.L. Mullen, Completely normal primitive basis generators of finite fields. Utilitas Math. 49, 21–43 (1996)MATHMathSciNetGoogle Scholar
  50. 50.
    G.L. Mullen, D. Panario, Handbook of Finite Fields, Series on Discrete Mathematics and Its Applications (CRC Press, Boca Raton, 2013)Google Scholar
  51. 51.
    A. Munemasa, Orthogonal arrays, primitive trinomials, and shift-register sequences. Finite Fields Appl. 4, 252–260 (1998)MATHMathSciNetCrossRefGoogle Scholar
  52. 52.
    D. Panario, What do random polynomials over finite fields look like? in Finite Fields and Applications. Lecture Notes in Comput. Sci., vol. 2948 (Springer, Berlin, 2004), pp. 89–108Google Scholar
  53. 53.
    V.S. Pless, W.C. Huffman, R.A. Brualdi, Handbook of Coding Theory (North-Holland, Amsterdam, 1998)MATHGoogle Scholar
  54. 54.
    P. Pollack, A polynomial analogue of the twin primes conjecture. Proc. Am. Math. Soc. 136, 3775–3784 (2008)MATHMathSciNetCrossRefGoogle Scholar
  55. 55.
    J.M. Pollard, A Monte Carlo method for factorization, Nordisk Tidskr. Informationsbehandling (BIT) 15, 331–334 (1975)MATHMathSciNetGoogle Scholar
  56. 56.
    M. Scott, Optimal irreducible polynomials for GF(2m) arithmetic, in Software Performance Enhancement for Encryption and Decryption (SPEED 2007), Cryptology ePrint Archive (2007)Google Scholar
  57. 57.
    M. Sha, S. Hu, Monomial dynamical systems of dimension over finite fields. Acta Arith. 148, 309–331 (2011)MATHMathSciNetCrossRefGoogle Scholar
  58. 58.
    R.G. Swan, Factorization of polynomials over finite fields. Pac. J. Math. 12, 1099–1106 (1962)MATHMathSciNetCrossRefGoogle Scholar
  59. 59.
    S. Ugolini, Graphs associated with the map \(X\mapsto X + X^{-1}\) in finite fields of characteristic three and five. J. Number Theory 133, 1207–1228 (2013)MATHMathSciNetCrossRefGoogle Scholar
  60. 60.
    T. Vasiga, J. Shallit, On the iteration of certain quadratic maps over GF(p). Discrete Math. 277, 219–240 (2004)MATHMathSciNetCrossRefGoogle Scholar
  61. 61.
    D. Wan, Generators and irreducible polynomials over finite fields. Math. Comput. 66, 1195–1212 (1997)MATHCrossRefGoogle Scholar
  62. 62.
    A. Weil, Sur les Courbes Algébriques et les Variétés qui s’en dÉduisent, Actualités Sci. Ind., no. 1041; Publ. Inst. Math. Univ. Strasbourg, vol. 7 (Hermann et Cie., Paris, 1945/1948)Google Scholar
  63. 63.
    Y. Zhang, Bounded gaps between primes. Ann. Math. 170, 1121–1174 (2014)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  1. 1.School of Mathematics and StatisticsCarleton UniversityOttawaCanada

Personalised recommendations