extend Galois Theory notes: add various 'tools'(useful theorems that don't appear in the book), add t^6-7\in Q example

3 weeks ago · 348300f108
6 changed files with 310 additions and 10 deletions
--- a/README.md
+++ b/README.md
@ -2,19 +2,31 @@

 Notes, code and documents done while reading books and papers.

 ## mathematics

 - [Notes on "Abstract Algebra" book, by Charles C. Pinter](abstract-algebra-charles-pinter-notes.pdf)
 - [Notes on Caulk & Caulk+ papers](notes_caulk.pdf)
 - [Notes on Weil pairing](weil-pairing.pdf)
 - [Notes on Galois Theory](galois-theory-notes.pdf)


 In-between math & crypto:

 - [Notes on the DFT & FFT](fft-notes.pdf)
 - [Notes on NTT](notes_ntt.pdf)
 - [Notes on Reed-Solomon codes](notes_reed-solomon.pdf)

 ## cryptography

 - [Notes on Caulk & Caulk+ papers](notes_caulk.pdf)
 - [Notes on the BLS signatures](notes_bls-sig.pdf)
 - [Notes on IPA from Halo paper](notes_halo.pdf)
 - [Notes on Sonic paper](notes_sonic.pdf)
 - [Notes on Weil pairing](weil-pairing.pdf)
 - [Notes on Sigma protocol and OR proofs](sigma-or-notes.pdf)
 - [Notes on Reed-Solomon codes](notes_reed-solomon.pdf)
 - [Notes on FRI and STIR](notes_fri_stir.pdf)
 - [Notes on Spartan](notes_spartan.pdf)
 - [Notes on Nova](notes_nova.pdf)
 - [Notes on HyperNova](notes_hypernova.pdf)
 - [Notes on NTT](notes_ntt.pdf)

 ## code
 Also some Sage implementations can be found in the `*.sage` files of this repo.
 Also some of the algorithms and schemes can be found implemented (mostly in Rust language) in various repositories of the github https://github.com/arnaucube .
--- a/galois-theory-notes.pdf
+++ b/galois-theory-notes.pdf
--- a/galois-theory-notes.tex
+++ b/galois-theory-notes.tex
@ -5,6 +5,7 @@
 \usepackage{amsmath}
 \usepackage{enumerate}
 \usepackage{hyperref}
 \usepackage{amssymb}

 \begin{filecontents}[overwrite]{galois-theory-notes.bib}
@misc{ianstewart,
@ -12,6 +13,14 @@
  title = {{Galois Theory, Third Edition}},
  year = {2004}
 }

@misc{dihedral,
  author = {Gaurab Bardhan and Palash Nath and Himangshu Chakraborty}
  title = {Subgroups and normal subgroups of dihedral group up to isomorphism}
  year = {2010},
  note = {\url{https://scipp.ucsc.edu/~haber/ph251/Dn_subgroups.pdf}},
  url = {https://scipp.ucsc.edu/~haber/ph251/Dn_subgroups.pdf}
 }
 \end{filecontents}
 \nocite{*}

@ -46,7 +55,7 @@

 \title{Galois Theory notes}
 \author{arnaucube}
 \date{2023-2024}
 \date{2025}

 \begin{document}

@ -63,6 +72,7 @@
 \tableofcontents

 \section{Recap on the degree of field extensions}
 (Definitions, theorems, lemmas, corollaries and examples enumeration follows from Ian Stewart's book \cite{ianstewart}).

 \begin{defn}{4.10}
  A \emph{simple extension} is $L:K$ such that $L=K(\alpha)$ for some $\alpha \in L$.
@ -112,7 +122,7 @@
  \end{enumerate}
 \end{eg}

 \begin{thm}{6.4}\emph{(Short Tower Law)}
 \begin{thm}{6.4}\emph{(Short Tower Law)} \label{shorttowerlaw}
  If $K, L, M \subseteq \mathbb{C}$, and $K \subseteq L \subseteq M$, then $[M:K]=[M:L]\cdot [L:K]$.
 \end{thm}
 \begin{proof}
@ -140,10 +150,279 @@
  \end{enumerate}
 \end{proof}

 \begin{cor}{6.6}\emph{(Tower Law)}\\
 \begin{cor}{6.6}\emph{(Tower Law)}\\ \label{towerlaw}
  If $K_0 \subseteq K_1 \subseteq \ldots \subseteq K_n$ are subfields of $\mathbb{C}$, then
  $$[K_n:K_0] = [K_n:K_{n-1}] \cdot [K_{n-1}:K_{n-2}] \cdot \ldots \cdot [K_1: K_0]$$
 \end{cor}
 \begin{proof}
  From \ref{shorttowerlaw}.
 \end{proof}

 [...]


 \newpage

 \section{Tools}
 This section contains tools that I found useful to solve Galois Theory related problems, and that don't appear in Stewart's book.

 \subsection{De Moivre's Theorem and Euler's formula}\label{demoivre}
 Useful for finding all the roots of a polynomial.

 Euler's formula:
 $$e^{i \psi} = cos \psi + i \cdot sin \psi$$

 The n-th roots of a complex number $z=x + i y = r (cos \theta + i \cdot sin \theta)$ are given by

 $$z_k = \sqrt[n]{r} \cdot \left(cos(\frac{\theta + 2k \pi}{n}) + i \cdot sin(\frac{\theta + 2k \pi}{n}) \right)$$
 for $k=0, \ldots, n-1$.

 So, by Euler's formula:
 $$z_k = \sqrt[n]{r} \cdot e^{i (\frac{\theta + 2 k \pi}{n})}$$

 \subsection{Einsenstein's Criterion} \label{einsenstein}
 \emph{reference: Stewart's book}

 Let $f(t) = a_0 + a_1 t + \ldots + a_n t^n$, suppose there is a prime $q$ such that
 \begin{enumerate}
  \item $q \nmid a_n$
  \item $q | a_i$ for $i=0, \ldots, n-1$
  \item $q^2 \nmid a_0$
 \end{enumerate}
 Then, $f$ is irreducible over $\mathbb{Q}$.

 \emph{TODO proof \& Gauss lemma.}


 \subsection{Elementary symmetric polynomials}
 \emph{TODO from orange notebook, page 36}

 \subsection{Cyclotomic polynomials} \label{cyclotomicpoly}
 \emph{TODO theory from brown muji notebook, page 82}

 Examples:

 \begin{align*}
  \Phi_n(x) &= x^{n-1} + x^{n-2} + \ldots + x^2 + x + 1 = \sum_{i=0}^{n-1} x^i\\
  \Phi_{2p}(x) &= x^{p-1} + \ldots + x^2 - x + 1 = \sum_{i=0}^{p-1} (-x)^i\\
  \Phi_m(x) &= x^{m/2} + 1, ~~\text{when $m$ is a power of $2$}
 \end{align*}


 \subsection{Lemma 1.42 from J.S.Milne's book}
 \emph{TODO add reference to Milne's book}

 Useful for when dealing with $x^p - 1$ with $p$ prime.

 Observe that

 $$x^p -1 = (x-1)(x^{p-1} + x^{p-2} + \ldots + 1)$$

 Notice that
 $$\Phi_p(x) = x^{p-1} + x^{p-2} + \ldots + 1$$
 is the $p$-th Cyclotomic polynomial.

 \begin{lemma}{1.42}
  If $p$ prime, then $x^{p-1} + \ldots + 1$ is irreducible; hence $\mathbb{Q}[e^{2 \pi i /p}]$ has degree $p-1$ over $\mathbb{Q}$.
 \end{lemma}
 \begin{proof}
  Let $f(x) = (x^p - 1)/(x-1) = x^{p-1} + \ldots + 1$
  then
  $$
  f(x+1) = \frac{(x+1)^p -1}{x+1-1} = \frac{(x+1)^p -1}{x} = x^{p-1} + \ldots + a_i x^i + \ldots + p
  $$

  with $a_i = \left( \stackrel{p}{i+1} \right)$.

  We know that $p | a_i$ for $i= 1, \ldots, p-2$, therefore $f(x+1)$ is irreducibe by Einsenstein's Criterion.

  This implies that $f(x)$ is irreducible.
 \end{proof}


 \subsection{Dihedral groups - Groups of symmetries} \label{dihedral}
 Source: Wikipedia and \cite{dihedral}.

 Dihedral groups ($\mathbb{D}_n$) represent the symmetries of a regular $n$-gon.

 Properties:
 \begin{itemize}
  \item are non-abelian (for $n>2$), ie. $rs \neq sr$
  \item order $2n$
  \item generated by a rotation $r$ and a reflextion $s$
  \item $r^n = s^2 = id,~~~(rs)^2=id$
 \end{itemize}
 Subgroups of $\mathbb{D}_n$:
 \begin{itemize}
  \item rotation form a cyclic subgroup of order $n$, denoted as $<r>$
  \item for each $d$ such that $d|n$, $\exists~ \mathbb{D}_d$ with order $2d$
  \item normal subgroups
    \begin{itemize}
      \item for $n$ odd: $\mathbb{D}_n$ and $<r^d>$ for every $d|n$
      \item for $n$ even: $2$ additional normal subgroups
    \end{itemize}
  \item Klein four-groups: $\mathbb{Z}_2 \times \mathbb{Z}_2$, of order 4
 \end{itemize}

 \vspace{0.3cm}
 Total number of subgroups in $\mathbb{D}_n$: $d(n) + s(n)$, where $d(n)$ is the number of positive disivors of $n$, and $s(n)$ is the sum of those divisors.

 \begin{eg}{}
 For $\mathbb{D}_6$, we have $\{1,2,3,6\} | 6$, so $d(n) = d(6) = 4$, and
 $s(6) = 1+2+3+6 = 12$; henceforth, the total amount of subgroups is $d(n)+s(n) = 4+12 = 16$.
 \end{eg}

 \vspace{0.3cm}
 For $n \geq 3, ~~\mathbb{D}_n \subseteq \mathbb{S}_n$ (subgroup of the Symmetry group).



 \newpage

 \section{Exercises}

 \subsection{Galois groups}

 \subsubsection[t6-7]{$t^6-7 \in \mathbb{Q}$}

 This exercise comes from a combination of exercises 12.4 and 13.7 from \cite{ianstewart}.

 First let's find the roots. By De Moivre's Theorem (\ref{demoivre}), $t_k =
 \sqrt[6]{7} \cdot e^{i \frac{2 \pi k}{6}}$.

 From which we denote $\alpha = \sqrt[6]{7}$, and $\zeta = e^{\frac{2 \pi i}{6}}$, so that the
 roots of the polynomial are $\{ \alpha, \alpha \zeta, \alpha \zeta^2, \alpha \zeta^3, \alpha \zeta^4, \alpha \zeta^5\}$, ie. 
 $\{ \alpha \zeta^k \}_0^5$.

 Hence the \emph{splitting field} is $\mathbb{Q}(\alpha, \zeta)$.

 \emph{Degree of the extension}

 In order to find $[\mathbb{Q}(\alpha, \zeta) : \mathbb{Q}$, we're going to split it in tow
 parts. By the Tower Law (\ref{towerlaw}),

 $$[\mathbb{Q}(\alpha, \zeta) : \mathbb{Q}] = [\mathbb{Q}(\alpha, \zeta) : \mathbb{Q}(\alpha)] \cdot [\mathbb{Q}(\alpha) : \mathbb{Q}]$$

 To find each degree, we will find the minimal polynomial of the adjoined term over the base field of the extension:

 \begin{enumerate}[i.]
  \item minimal polynomial of $\alpha$ over $\mathbb{Q}$\\
    By Einsenstein's Criterion (\ref{einsenstein}), with $q=7$ we have that $q
    \nmid 1$, $7 | {-7,0,0,\ldots}$, and $7^2 \nmid -7$, hence $f(t)$ is
    irreducibe over $\mathbb{Q}$, thus is the minimal polynomial
    $$m_i(t)= f(t) =t^6-7$$
    which has roots $\{ \alpha \zeta^k \}_0^5$.
  \item minimal polynomial of $\zeta$ over $\mathbb{Q}(\alpha)$\\
    Since $\zeta$ is the primitive $6$th root of unity, we know that the minimal
    polynomial will be the $6$th cyclotomic polynomial (\ref{cyclotomicpoly}):
    $$m_{ii}(t) = \Phi_6(t) = t^2 - t + 1$$
    which has roots $\zeta, -\zeta$.

    Since $\mathbb{Q}(\alpha) \subseteq \mathbb{R}$, and the roots of
    $\Phi_6(t)=t^2 - t +1$ are in $\mathbb{C}$, $\Phi_6(t)$ remains irreducible
    over $\mathbb{Q}(\alpha)$.
 \end{enumerate}

 \vspace{0.5cm}
 Therefore, by the tower of law,
 $$[\mathbb{Q}(\alpha, \zeta) : \mathbb{Q}] = \deg{\Phi_6(t)} \cdot \deg{f(t)} = 2 \cdot 6 = 12$$
 and by the Fundamental Theorem of Galois Theory, we know that
 $$|\Gamma( \mathbb{Q}(\alpha, \zeta) : \mathbb{Q} )| = [\mathbb{Q}(\alpha, \zeta) : \mathbb{Q}] = 12$$
 which tells us that there exist $12$ $\mathbb{Q}$-automorphisms of the Galois group.


 \vspace{0.5cm}
 Let's find the $12$ $\mathbb{Q}$-automorphisms. Start by defining $\sigma$ which
 fixes $\zeta$ and acts on $\alpha$, sending it to another of the roots of the
 minimal polynomial of $\alpha$ over $\mathbb{Q}$, $f(t)$, choose $\alpha \zeta$.

 Now define $\tau$ which fixes $\alpha$ and acts on $\zeta$, sending it into
 another root of the minimal polynomial of $\zeta$ over $\mathbb{Q}(\alpha)$,
 choose $-\zeta$.

 \vspace{0.3cm}
 \begin{tabular}{@{}l l@{}}
    $\begin{aligned}
      \sigma: \alpha &\mapsto \alpha \zeta \\
      \zeta &\mapsto \zeta
    \end{aligned}$
  &
    $\begin{aligned}
      \tau: \alpha &\mapsto \alpha\\
      \zeta &\mapsto -\zeta = \zeta^{-1}
    \end{aligned}$
 \end{tabular}

 In other words, we have $12$ $\mathbb{Q}$-automorphisms, which are the
 combination of $\sigma$ and $\tau$:

 $$\begin{aligned}
  \sigma^k \tau^j:~~&\alpha \mapsto \alpha \zeta^k\\
 		    &\zeta \mapsto \zeta^j
 \end{aligned}$$

 for $0 \leq k \leq 5$ and $j = \pm 1$.

 \vspace{0.5cm}
 \emph{TODO diagram}
 \vspace{0.5cm}

 Observe, that $\Gamma$ is generated by the combination of $\sigma$ and $\tau$,
 and it is isomorphic to the group of symmetries of order 12, the dihedral
 group (\ref{dihedral}) of order 12, $\mathbb{D}_6$, ie. $\Gamma \cong \mathbb{D}_6$.

 \vspace{0.5cm}

 Let's find the subgroups of $\Gamma$, and the fixed fields of $\mathbb{Q}(\alpha, \zeta)$.

 We know that $\Gamma \cong \mathbb{D}_6$, and we know from the properties
 of the dihedral group (\ref{dihedral}) that the number of subgroups of
 $\mathbb{D}_6$ will be $d(6) + s(6) = 4 + 12 = 16$ subgroups.


 \vspace{0.4cm}

 \hspace*{-3.5cm}
 \begin{tabular}{ c c c c | p{7.5cm} }
  \hline
  generators & order & group & fixed field & notes (check fixed field)\\
 \hline
  $\langle \rangle = \langle \sigma^6 \rangle=\langle \tau^2 \rangle$ & 1 & id & $\mathbb{Q}(\alpha,\zeta)$ & \\
  $\langle \sigma \rangle = \langle \sigma^5 \rangle$ & 6 & $\mathbb{Z}_6$ & $\mathbb{Q}(\zeta)$ & \\
  $\langle \sigma^2 \rangle=\langle \sigma^4 \rangle$ & 3 & $\mathbb{Z}_3$ & $\mathbb{Q}(\alpha^3, \zeta)$ & $\sigma^2(\alpha^3)=\alpha^3 \zeta^{3\cdot 2}=\alpha^3 \zeta^6 = \alpha^3 \cdot 1 = \alpha^3$\\
  $\langle \sigma^3 \rangle$ & 2 & $\mathbb{Z}_2$ & $\mathbb{Q}(\alpha^2,\zeta)$ & $\sigma^3(\alpha^2)=(\alpha\zeta^3)^2=\alpha^2\zeta^6=\alpha^2$\\
  \hline
  $\langle \tau \rangle$ & 2 & $\mathbb{Z}_2$ & $\mathbb{Q}(\alpha)$ & \\
  \hline
  $\langle \sigma\tau \rangle$ & 2 & $\mathbb{Z}_2$ & $\mathbb{Q}(\alpha+\alpha\zeta)$ &
      $\sigma\zeta(\alpha+\alpha\zeta)=\sigma(\alpha+\alpha\zeta^{-1}) = \alpha\zeta + \alpha\zeta^{-1}\zeta=\alpha\zeta+\alpha$\\
  $\langle \sigma^2\tau \rangle$ & 2 & $\mathbb{Z}_2$ & $\mathbb{Q}(\alpha+\alpha\zeta^2), \mathbb{Q}(\alpha\zeta)$ &
      $\sigma^2\tau(\alpha+\alpha\zeta^2) = \sigma(\alpha+\alpha\zeta^{-2})=\alpha\zeta^2+ \alpha\zeta^{-2}\zeta^2=\alpha\zeta^2+\alpha$\\
  $\langle \sigma^3\tau \rangle$ & 2 & $\mathbb{Z}_2$ & $\mathbb{Q}(\alpha+\alpha\zeta^3)$ &
      $\sigma^3\tau(\alpha+\alpha\zeta^3) = \sigma(\alpha+\alpha\zeta^{-3})=\alpha\zeta^3+ \alpha\zeta^{-3}\zeta^3=\alpha\zeta^3+\alpha$\\
  $\langle \sigma^4\tau \rangle$ & 2 & $\mathbb{Z}_2$ & $\mathbb{Q}(\alpha+\alpha\zeta^4), \mathbb{Q}(\alpha\zeta^2)$ &
      $\sigma^4\tau(\alpha+\alpha\zeta^4) = \sigma(\alpha+\alpha\zeta^{-4})=\alpha\zeta^4+ \alpha\zeta^{-4}\zeta^4=\alpha\zeta^4+\alpha$\\
  $\langle \sigma^5\tau \rangle$ & 2 & $\mathbb{Z}_2$ & $\mathbb{Q}(\alpha+\alpha\zeta^5)$ &
      $\sigma^5\tau(\alpha+\alpha\zeta^5) = \sigma(\alpha+\alpha\zeta^{-5})=\alpha\zeta^5+ \alpha\zeta^{-5}\zeta^5=\alpha\zeta^5+\alpha$\\
  \hline
  $\langle \sigma, \tau \rangle = \langle \sigma^5,\tau \rangle$ & $6\cdot2=12$ & $\mathbb{D}_6$ & $\mathbb{Q}$ & \\
  $\langle \sigma^2, \tau \rangle = \langle \sigma^4,\tau \rangle$ & $3\cdot2=6$ & $\mathbb{D}_3$ & $\mathbb{Q}(\alpha^3)$ &
      $\sigma^2(\alpha^3)=\alpha^3\zeta^{3\cdot 2}=\alpha^3$ and $\tau(\alpha^3)=\alpha^3$\\
  $\langle \sigma^3, \tau \rangle$ & $2\cdot2=4$ & $\mathbb{D}_2$ & $\mathbb{Q}(\alpha^2)$ &
      $\sigma^3(\alpha^2)=\alpha^2\zeta^{2\cdot 2}=\alpha^2$ and $\tau(\alpha^2)=\alpha^2$\\
  \hline
  $\langle \sigma^2, \sigma\tau \rangle$ & $3\cdot 2=6$ & $\mathbb{D}_3$ & $\mathbb{Q}(\alpha^3+\alpha^3\zeta^3)$ &
      $\sigma^2(\alpha^3 + \alpha^3 \zeta^3) = \alpha^3\zeta^3 + \alpha^3 \zeta^3\zeta^3 = \alpha^3\zeta^3 + \alpha^3\zeta^6 = \alpha^3\zeta^3+\alpha^3$\\
  $\langle \sigma^3, \sigma\tau \rangle$ & $2\cdot2=4$ & $\mathbb{Z}_2 \times \mathbb{Z}_2$ & $\mathbb{Q}(\alpha^2\zeta^2),\mathbb{Q}(\alpha^2+\alpha^2\zeta^2)$ &
      $\sigma^3(\alpha^2+\alpha^2\zeta^2)=\alpha^2\zeta^{2\cdot3}+\alpha^2\zeta^{2\cdot3}\zeta^2=\alpha^2+\alpha^2\zeta^2$
      and
      $\sigma\tau(\alpha^2+\alpha^2\zeta^2)=\alpha^2\zeta^2+\alpha^2\zeta^{-2}\zeta^2 = \alpha^2\zeta^2+\alpha^2$\\
  $\langle \sigma^3, \sigma^2\tau\rangle$ & $2\cdot2=4$ & $\mathbb{Z}_2 \times \mathbb{Z}_2$ & $\mathbb{Q}(\alpha^2\zeta^4),\mathbb{Q}(\alpha^2+\alpha^2\zeta^4)$ &
      $\sigma^2\zeta(\alpha^2\zeta^4)=\alpha^2\zeta^2\zeta^{-4}=\alpha^2\zeta^{-2}=\alpha^2\zeta^4$
      and $\sigma^3(\alpha^2\zeta^4)=\alpha^2\zeta^{2\cdot3}\zeta^4=\alpha^2\zeta^4$
 \end{tabular}



 \bibliographystyle{unsrt}
 \bibliography{galois-theory-notes.bib}
--- a/notes_ntt.pdf
+++ b/notes_ntt.pdf
--- a/weil-pairing.pdf
+++ b/weil-pairing.pdf
--- a/weil-pairing.tex
+++ b/weil-pairing.tex
@ -37,9 +37,18 @@
 \maketitle

 \begin{abstract}
  Notes taken from \href{https://sites.google.com/view/matanprasmashomepage/publications}{Matan Prasma} math seminars and also while reading about Bilinear Pairings. Usually while reading papers and books I take handwritten notes, this document contains some of them re-written to $LaTeX$.

 	The notes are not complete, don't include all the steps neither all the proofs. I use these notes to revisit the concepts after some time of reading the topic.
  Notes taken from
  \href{https://sites.google.com/view/matanprasmashomepage/publications}{Matan
  Prasma} math seminars and while reading about Bilinear Pairings, Matan's
  course seminars are available at the following youtube playlist:\\
  \href{https://www.youtube.com/watch?v=JYSQYaAhJYc&list=PLV91V4b0yVqQ_inAjuIB5SwBNyYmA9S6M}{https://www.youtube.com/watch?v=JYSQYaAhJYc&list=PLV91V4b0yVqQ_inAjuIB5SwBNyYmA9S6M}
  and in his website there are the full notes on that course, named
  \emph{Elliptic curves over finite fields and their pairings, an elementary and rigorous account}\\
  \href{https://sites.google.com/view/matanprasmashomepage/publications}{https://sites.google.com/view/matanprasmashomepage/publications};
  highly recommended!

  Usually while learning I take handwritten notes, this document contains some of them re-written to $LaTeX$.
  The notes are not complete, don't include all the steps neither all the proofs. I use these notes to revisit the concepts after some time of reading the topic.
 \end{abstract}

 \tableofcontents