Construction of Self-Dual Integral Normal Bases in Abelian Extensions of Finite and Local Fields
Let be a finite Galois extension of fields with abelian Galois group . A self-dual normal basis for is a normal basis with the additional property that for . Bayer-Fluckiger and Lenstra have shown that when , then admits a self-dual normal basis if and only if is odd. If is an extension of finite fields and , then admits a self-dual normal basis if and only if the exponent of is not divisible by . In this paper we construct self-dual normal basis generators for finite extensions of finite fields whenever they exist.
Now let be a finite extension of , let be a finite abelian Galois extension of odd degree and let be the valuation ring of . We define to be the unique fractional -ideal with square equal to the inverse different of . It is known that a self-dual integral normal basis exists for if and only if is weakly ramified. Assuming , we construct such bases whenever they exist.
Let be a finite Galois extension of fields with abelian Galois group . For we let be the trace of in . We define to be the symmetric non-degenerate -bilinear form associated to the trace map (i.e., ) which is -invariant in the sense that for all in .
For we say that is a normal basis generator for over if is a generator of as a -module. If, in addition, for all , we say that is a self-dual normal basis generator for over . In [Bayer-Lenstra], Bayer-Fluckiger and Lenstra prove that when , then admits a self-dual normal basis if and only if is odd. If is an extension of finite fields and , then admits a self-dual normal basis if and only if the exponent of is not divisible by . We remark that if is a self-dual element, i.e., for all , then is necessarily a normal basis generator for over .
In this paper we give explicit constructions for self-dual normal bases at a field level for extensions of finite fields . We also give explicit constructions at an integral level for abelian extensions of local fields , giving generators of the unique Galois module whose square is equal to the inverse different. As these two subjects may be of interest to people with very different backgrounds we have tried to treat the two cases as separately as possible. However, some crossover is unavoidable.
Aside from their intrinsic interest, self-dual normal bases for extensions of finite fields are of use in encryption and have been used by Wang for constructing the Massey-Omura finite-field multiplier (see [Wang]). There are results in the literature constructing such bases, see [Gao], [Nogami_et_al] and [Wang] but all put some restrictions on the degree of the extension or the characteristic of the base field. We present here constructions for self-dual normal bases for any extension of finite fields for which they exist. The method we use for these constructions is to describe normal basis generators and then modify them slightly to give self-dual elements. We use results of Semaev, [Semaev], to describe these normal bases, however there is a large amount of literature concerning normal basis generators for finite fields, see, [Lenstra], [Lenstra-Schoof], [Sidel'nikov], [Stepanov-Shparlinsky] and [von_zur_Gathen-Giesbrecht].
We now assume to be a finite extension of and let be a finite Galois extension. Let be the different of the extension . When has an even valuation we define to be the unique fractional ideal such that
and remark that when is unramified. The Galois module, , is self-dual with respect to the trace form, i.e.,
For odd, always has an even valuation (see [Serre], IV Prop. 4) and Erez has proved, in [Erez2], that an integral normal basis for exists if and only if is at most weakly ramified. In other words, there exists an such that generates as an -module if and only if the second ramification group of is trivial. Inspired by the results of Erez and Bayer-Fluckiger and Lenstra, we ask two questions about self-dual integral normal bases for . Firstly, when do such bases exist? Secondly, when they do exist, can we describe them explicitly?
The first question is now completely answered. With as above, no such basis will exist if is even ([Bayer-Lenstra] Theorem 6.1a) and if is odd then such a basis exists if and only if is at most weakly ramified ([Fainsilber+Morales], Corollary 4.8 and [Erez2], Theorem ).
There are only two results on the explicit construction of self-dual normal bases of known to us. The first is due to Erez, with and contained in some cyclotomic extension of , [Erez]. The second is due to the author and is a generalisation of Erez’s results using Dwork’s power series in extensions of local fields generated by Lubin-Tate formal groups, [Pickett]. Specifically, the author studies cyclic degree extensions, , of local fields where is unramified. Dwork’s exponential power series can be used to explicitly describe generators of Kummer extensions, , with . If is such a Kummer generator, then is a self-dual normal basis generator for . In comparison, the main method used in this paper is to construct a normal basis generator for , with abelian, and then use Galois resolvends to modify it to give a self-dual normal basis generator. We remark that this method is not needed in the tamely ramified case as then will be Kummer and such a basis can be described directly in terms of generators of .
We use these methods to give explicit constructions for self-dual integral normal bases for whenever is abelian and . We remark that some of our constructions still work for and the only case needed for completeness is unramified with where is an odd prime and . We should also remark that the constructions in [Erez] and [Pickett] are probably a lot more useful in terms of calculations of invariants such as resolvents and Galois Gauss sums.
This paper is structured into three sections. In Section 2 we prove some key results that describe how to modify normal basis generators so that they generate self-dual normal bases. We give statements for both local and finite fields, but the methods of proof are very similar. In Section 3 we study extensions of finite fields of characteristic . We reduce the problem to that of studying extensions with degree coprime to and extensions with degree a th power. We then give constructions for self-dual normal bases for finite extensions of finite fields whenever they exist. In Section 4 we study abelian extensions of local fields where is an extension of . We reduce the problem to the separate cases of totally ramified extensions and unramified extensions. We then construct self-dual integral normal bases for ; whenever they exist in the totally ramified case; with the assumption that in the unramified case.
2 Key Results
Let be an odd prime. Let be a finite extension of with valuation ring and residue field . Let be some power of and let be the finite field of elements. Let be a finite abelian group. We begin by proving a number of results which will be key to constructing self-dual normal basis generators for extensions of or with Galois group isomorphic to . Most of the results for finite fields follow immediately by considering the residue fields in the corresponding result for local fields. We state the results separately to make the theory for finite fields complete in its own right.
Since is a finite abelian group we can let where is the -primary component of and .
Let (resp. ) be the Jacobson radical of (resp. ) and be the residue field of , we then have the the following exact sequences.
Proof. Let be a uniformising parameter for . We define a homomorphism of groups as the map generated by sending to for all then reducing modulo .
We observe that and that , and so is surjective.
From [Karpilovsky] Theorem 1, we know that the ideal will be generated by the set , therefore we clearly have .
Let be an element of , i.e., for some . We see that
and so .
From [Karpilovsky] Theorem 1, we have that will be generated by the set . If we let be such that , the exactness of the second sequence now follows from the first by factoring through by .
For any field we let be the -linear group algebra involution defined by the -linear extension of for . When there is no confusion we shall refer to simply as and for ease of notation we will usually denote by . We now define as the cyclic group of order generated by the group algebra involution.
Using Tate cohomology, the augmentation map on (resp. ) induces the following isomorphisms:
Proof. We only prove the first result as the second follows immediately by letting be such that and factoring through by at every step.
For ease of notation we let . From the short exact sequence in Lemma 2.1 we obtain the following long exact sequence (see [Brown] VI §5 for details).
We restrict the norm map associated to to the map , where Then, by definition, and See [Brown] VI §4 for full details.
We see that . If then , and so . We know that is a pro- group and , therefore, from [Ribes-Zalesskii] IV Proposition 4.2.1, for is a group automorphism of . As , we know . If we let we have . The group is abelian so is a group automorphism on , therefore and as is an automorphism of , we have . We then have which implies that . We therefore see that .
Now let , this means and therefore . As above, we can write for some . Therefore , so . Therefore, if then it is represented by in so we must have .
The group is a finite cyclic group so from [Brown] III §1, we know that for all odd . Therefore, and are trivial and the long exact sequence above shows us that we have an isomorphism induced by the map . As a result we observe that the prime-to- projection map will induce an isomorphism .
Recall that the group is abelian, of odd order and . We can decompose as
where the and are all unramified extensions of and the coefficient in is obtained by the map given by for . The group algebra involution, , will be an element of and will act on the by switching the components.
As is a unit in we know that is the unique maximal order in , see [Reiner] Chapter 9, §41 Theorem 41.1. Therefore,
If then so . We then have so .
Standard theory also gives us , where is the residue field of (see for example, [Serre] V §2 Prop 3 and XIII §2). Therefore, the map induces an isomorphism . Combining this with the isomorphism we see that the augmentation map on induces the desired isomorphism.
Let be a Galois extension of fields and let . We define the resolvend of as
and let be defined as
We now let and be Galois abelian extensions of fields and let and .
Let be an integral normal basis generator for , i.e., (this means that we suppose is at most weakly ramified). Then
Let be a normal basis generator for over , i.e., . Then
Proof. Part 1.
By definition, we know that , so clearly .
Let be the regular representation of the group . For , the matrix will have a in the position for all and a in every other position. As the trace form is a -invariant symmetric form, and as is abelian we know that
for all . If we use as a basis for we see that the matrix , representing must have the coefficient in the position for all . Therefore, after relabeling, is represented by the matrix .
Since is a basis for over , we know that
(see [Frohlich-Taylor] III 2.8), but , so must be a unit.
We now let be the group of irreducible characters of over a fixed algebraic closure of . The regular representation, , is equal to the sum of the irreducible representations so we know that
The group is finite and abelian so there exists a finite extension , over which the irreducible characters of are realisable. We then have and the isomorphism is given by . For more details see, for example, [serrereps] §6.2.
For each we know that , that (see [serrereps] 6.5 Prop. ) and that is an element of . Therefore , and from Eq. (1) we know that must be a unit in .
Under the isomorphism mentioned above and is a maximal order. The element is represented in as . We have seen above that is a unit in for all , so is invertible in . As is a finite ring extension we have , see [Reiner] Ch. 6 §25. Therefore .
Part 2. We now let be a local field with . Let be the unique unramified extension of degree . We then have the residue field of , denoted , being isomorphic to . From [Serre], IV Prop. 4 we see that and so . Let be a uniformising parameter of , then the Jacobson radical of is . By assumption we have which implies that . Therefore, by Nakayama’s lemma (see [Atiyah-MacDonald], Ch.2 Prop. 2.6), we have is an integral normal basis generator for if . Using part 1. for all and therefore .
For a Galois extension of fields with Galois group we define the action of on . For and , then
We recall that the resolvend of is defined as .
A straightforward calculation then shows, for , that .
Let be an integral normal basis generator for , then for some and is a self-dual integral normal basis generator for .
Let be a normal basis generator for over , then for some and is a self-dual normal basis generator for over .
Proof. Part 1. We first note that from Lemma 2.3 we have . From Lemma 2.2 we know that the augmentation map for gives an isomorphism . We know that is invariant under , so . A straightforward calculation, left as an exercise, gives . Therefore is represented by in , and so we can now write for some fixed .
We have and is a commutative ring, so . Therefore, . We now let and note that . This means that for and, as the trace form is -invariant, for .
Finally, as , clearly . Therefore, applying [Pickett] Lemma 8, we see that is an integral self-dual normal basis element for .
Part 2. We first note that that any element with the property for is necessarily a normal basis generator for over . The result then follows from exactly the same arguments as part 1. but using the corresponding statements for finite fields in Lemmas 2.2 and 2.3.
We remark that Theorem 2.5 gives an alternative and constructive proof of the existence of a self-dual integral normal basis for both with odd, weakly ramified and abelian; and for over for and odd.
The method we shall use for the constructions in this paper (with the exception of the totally, tamely ramified case for local fields) will be to describe a normal basis generator and then calculate the units and in Theorem 2.5.
Let be a commutative ring with identity and let , i.e. is the square of some element in . Throughout we shall use to denote some element in such that . We note that need not be unique, but this does not limit the constructions described in the sequel.
3 Finite Fields
In this section we describe how to construct self-dual normal bases for any finite extension of a finite field for which they exist. We first prove a lemma which will be very useful in the sequel. We do not restrict ourselves to finite fields for this result.
Let and be abelian Galois extensions with and . For let and let be a self-dual element for in the sense that for . Then is a self-dual element for .
Proof. We first observe that, as the trace form is -equivarient, we have if and only if . With a slight abuse of notation we have with being the fixed field of when . Therefore, with we have
Let be a prime and be some power of . Let be the finite field of elements and consider a finite extension of of degree with Galois group . This extension is uniquely defined, up to isomorphism, by and is denoted with where is the cyclic group of elements. As discussed in the introduction, if , then admits a self-dual normal basis if and only if is odd. If , then admits a self-dual normal basis if and only if the exponent of is not divisible by .
We have for some and with . Any self-dual element in a field extension is necessarily a self-dual normal basis generator. Therefore, from Lemma 3.1 if we have a self-dual normal basis generator for and for then the product will be a self-dual normal basis generator for . We are thus reduced to finding self-dual normal bases when is either a power of or when is coprime to .
3.1 -extensions of finite fields
We now consider the extension of degree . In [Semaev] §4 Semaev explicitly constructs a normal basis generator for over . We include an outline here for completeness; for full details see [Semaev].
The construction makes use of the following lemma.
An element is a normal basis generator over if and only if .
Proof. See [Semaev] §4 Lemma 4.1
Assume that is an element of such that . For we define and inductively as follows.
and is an arbitrary root of . From [Semaev] §4 each polynomial is irreducible over and . Therefore, from Lemma 3.2, will generate a normal basis for over .
For any polynomial we let , then the minimal polynomial of over is
(see [Semaev] §4 for full details).
To construct we define the finite field such that , is prime to and is a power of . As above, we then construct such that is a normal basis generator for over . We can then take as is prime to .
Let be an odd prime and be any integer. Let be a normal basis generator for over constructed as above and let . Then is a square in and using Notation 2.6, then
is a self-dual normal basis generator for over .
Proof. From Lemma 2.1 we have the exact sequence
where is the augmentation map and is the Jacobson radical of . We observe that so there exists a natural embedding, which has the property . Therefore the short exact sequence is split and