Zech's logarithm

Tool for a fast finite-field arithmetic

Zech logarithms are used to implement addition in finite fields when elements are represented as powers of a generator $\alpha$ .

Zech logarithms are named after Julius Zech,^[1]^[2]^[3]^[4] and are also called Jacobi logarithms,^[5] after Carl G. J. Jacobi who used them for number theoretic investigations.^[6]

Definition

Given a primitive element $\alpha$ of a finite field, the Zech logarithm relative to the base $\alpha$ is defined by the equation $\alpha ^{Z_{\alpha }(n)}=1+\alpha ^{n},$ which is often rewritten as $Z_{\alpha }(n)=\log _{\alpha }(1+\alpha ^{n}).$ The choice of base $\alpha$ is usually dropped from the notation when it is clear from the context.

To be more precise, $Z_{\alpha }$ is a function on the integers modulo the multiplicative order of $\alpha$ , and takes values in the same set. In order to describe every element, it is convenient to formally add a new symbol $-\infty$ , along with the definitions $\alpha ^{-\infty }=0$ $n+(-\infty )=-\infty$ $Z_{\alpha }(-\infty )=0$ $Z_{\alpha }(e)=-\infty$ where $e$ is an integer satisfying $\alpha ^{e}=-1$ , that is $e=0$ for a field of characteristic 2, and $e={\frac {q-1}{2}}$ for a field of odd characteristic with $q$ elements.

Using the Zech logarithm, finite field arithmetic can be done in the exponential representation: $\alpha ^{m}+\alpha ^{n}=\alpha ^{m}\cdot (1+\alpha ^{n-m})=\alpha ^{m}\cdot \alpha ^{Z(n-m)}=\alpha ^{m+Z(n-m)}$ $-\alpha ^{n}=(-1)\cdot \alpha ^{n}=\alpha ^{e}\cdot \alpha ^{n}=\alpha ^{e+n}$ $\alpha ^{m}-\alpha ^{n}=\alpha ^{m}+(-\alpha ^{n})=\alpha ^{m+Z(e+n-m)}$ $\alpha ^{m}\cdot \alpha ^{n}=\alpha ^{m+n}$ $\left(\alpha ^{m}\right)^{-1}=\alpha ^{-m}$ $\alpha ^{m}/\alpha ^{n}=\alpha ^{m}\cdot \left(\alpha ^{n}\right)^{-1}=\alpha ^{m-n}$ These formulas remain true with our conventions with the symbol $-\infty$ , with the caveat that subtraction of $-\infty$ is undefined. In particular, the addition and subtraction formulas need to treat $m=-\infty$ as a special case.

This can be extended to arithmetic of the projective line by introducing another symbol $+\infty$ satisfying $\alpha ^{+\infty }=\infty$ and other rules as appropriate.

For fields of characteristic 2, $Z_{\alpha }(n)=m\iff Z_{\alpha }(m)=n.$

Uses

For sufficiently small finite fields, a table of Zech logarithms allows an especially efficient implementation of all finite field arithmetic in terms of a small number of integer addition/subtractions and table look-ups.

The utility of this method diminishes for large fields where one cannot efficiently store the table. This method is also inefficient when doing very few operations in the finite field, because one spends more time computing the table than one does in actual calculation.

Examples

Let $\alpha \in \mathrm {GF} (2^{3})$ be a root of the primitive polynomial $x^{3}+x^{2}+1$ . The traditional representation of elements of this field is as polynomials in $\alpha$ of degree $2$ or less.

Here is a table of Zech logarithms for this field.

$Z_{\alpha }(-\infty )=0$ $Z_{\alpha }(0)=-\infty$ $Z_{\alpha }(1)=5$ $Z_{\alpha }(2)=3$ $Z_{\alpha }(3)=2$ $Z_{\alpha }(4)=6$ $Z_{\alpha }(5)=1$ $Z_{\alpha }(6)=4$

The multiplicative order of $\alpha$ is $7$ , so the exponential representation works with integers modulo $7$ .

Since $\alpha$ is a root of $x^{3}+x^{2}+1$ then that means $\alpha ^{3}+\alpha ^{2}+1=0$ , or if we recall that since all coefficients are in $\mathrm {GF} (2)$ , subtraction is the same as addition, we obtain $\alpha ^{3}=\alpha ^{2}+1$ .

The conversion from exponential to polynomial representations is given by $\alpha ^{3}=\alpha ^{2}+1$ (as shown above) $\alpha ^{4}=\alpha ^{3}\alpha =(\alpha ^{2}+1)\alpha =\alpha ^{3}+\alpha =\alpha ^{2}+\alpha +1$ $\alpha ^{5}=\alpha ^{4}\alpha =(\alpha ^{2}+\alpha +1)\alpha =\alpha ^{3}+\alpha ^{2}+\alpha =\alpha ^{2}+1+\alpha ^{2}+\alpha =\alpha +1$ $\alpha ^{6}=\alpha ^{5}\alpha =(\alpha +1)\alpha =\alpha ^{2}+\alpha$

Using Zech logarithms to compute $\alpha ^{6}+\alpha ^{3}$ : $\alpha ^{6}+\alpha ^{3}=\alpha ^{6+Z(-3)}=\alpha ^{6+Z(4)}=\alpha ^{6+6}=\alpha ^{12}=\alpha ^{5},$ or, more efficiently, $\alpha ^{6}+\alpha ^{3}=\alpha ^{3+Z(3)}=\alpha ^{3+2}=\alpha ^{5},$ and verifying it in the polynomial representation: $\alpha ^{6}+\alpha ^{3}=(\alpha ^{2}+\alpha )+(\alpha ^{2}+1)=\alpha +1=\alpha ^{5}.$

Visualization

Given a prime power $q=p^{n}$ and a primitive element $\alpha$ of $\mathrm {GF} (q)$ , one can visualize the Zech logarithm $Z_{\alpha }$ by plotting all elements of $\mathrm {GF} (q)$ in a directed graph, $G_{\alpha }(q)$ :

Place the element $0$ at the center.
Arrange the non-zero elements $\alpha ,\alpha ^{2},\dots ,\alpha ^{q-1}=1$ sequentially as equally spaced nodes around a circle, with $1$ at the top.
Draw a directed edge $x\to x+1$ for every $x$ in $\mathrm {GF} (q)$ .

The edges in $G_{\alpha }(q)$ correspond to the mappings in the Zech logarithm function: since $\alpha ^{Z(n)}=\alpha ^{n}+1$ , an edge connecting node $\alpha ^{n}$ to $\alpha ^{n}+1$ effectively connects the exponent $n$ to the exponent $Z(n)$ .

Here is $G_{\alpha }(8)$ , where $\alpha$ is a root of $x^{3}+x^{2}+1=0$ , and the powers of $\alpha$ are placed in counterclockwise order:

{\displaystyle \mathrm {GF} (8)} — Visualization of Zech's logarithm for $\mathrm {GF} (8)$ . $\alpha$ is a root of $x^{3}+x^{2}+1=0$ .

If one draws an edge $x\to x+c$ instead of $x\to x+1$ for every $x$ in $\mathrm {GF} (q)$ , where $c$ is any fixed element, one obtains a graph $G_{\alpha }(q;c)$ . The standard graph corresponds to $c=1$ . The graph $G_{\alpha }(q;0)$ consists of $q$ self-loops. For any $c\neq 0$ , the graph $G_{\alpha }(q;c)$ appears identical to $G_{\alpha }(q)$ , except that all edges are rotated by ${\frac {\log _{\alpha }(c)}{q-1}}\times 360^{\circ }$ around the center node.

Here is $G_{\alpha }(8;\alpha ^{2})$ , which differs from $G_{\alpha }(8)$ by a rotation of ${\frac {2}{7}}\times 360^{\circ }$ :

{\displaystyle x\to x+\alpha ^{2}} — Visualization of $x\to x+\alpha ^{2}$ for every $x$ in $\mathrm {GF} (8)$ . $\alpha$ is a root of $x^{3}+x^{2}+1=0$ . A rotation of Zech's logarithm for $\mathrm {GF} (8)$ .

Each graph $G_{\alpha }(q;c)$ visualizes the permutation $\sigma _{c}(x)=x+c$ . The set of these $q$ permutations $\{\sigma _{c}\mid c\in \mathrm {GF} (q)\}$ forms an Elementary abelian group of order $q$ (isomorphic to the additive group of the field). The rotational symmetry of the graphs $G_{\alpha }(q;c)$ for $c\neq 0$ elegantly captures the algebraic indistinguishability of the non-zero elements in an elementary abelian group.

If $\alpha$ and $\beta$ are both primitive elements of $\mathrm {GF} (q)$ , then the graphs $G_{\alpha }(q)$ and $G_{\beta }(q)$ are identical if and only if $\alpha$ and $\beta$ are roots of the same primitive polynomial in $\mathrm {GF} (p)[X]$ . Therefore, the number of distinct graphs $G_{\alpha }(q)$ equals ${\frac {\phi (q-1)}{n}}$ , where $\phi$ is Euler's totient function. Equivalently, there exist ${\frac {\phi (q-1)}{n}}$ distinct Zech logarithm tables for a given field size.

If $\alpha$ and $\beta$ are multiplicative inverses of each other, then $G_{\alpha }(q)$ and $G_{\beta }(q)$ are reflections of each other.

When $q$ is odd, $G_{\alpha }(q)$ contains a "diagonal" edge that connects the node $-1/2$ to $1/2$ (where $2^{-1}$ denotes the multiplicative inverse of $1+1$ ).

Here are the graphs $G_{\alpha }(q)$ for all $q$ such that the graph remains invariant (up to reflection) across all primitive elements $\alpha$ :

References

^ Zech, Julius August Christoph (1849). Tafeln der Additions- und Subtractions-Logarithmen für sieben Stellen (in German) (Specially reprinted (from Vega–Hülße collection) 1st ed.). Leipzig: Weidmann'sche Buchhandlung. Archived from the original on 2018-07-14. Retrieved 2018-07-14. Also part of: Freiherr von Vega, Georg (1849). Hülße, Julius Ambrosius [in German]; Zech, Julius August Christoph (eds.). Sammlung mathematischer Tafeln (in German) (Completely reworked ed.). Leipzig: Weidmann'sche Buchhandlung. Bibcode:1849smt..book.....V. Archived from the original on 2018-07-14. Retrieved 2018-07-14.
^ Zech, Julius August Christoph (1863) [1849]. Tafeln der Additions- und Subtractions-Logarithmen für sieben Stellen (in German) (Specially reprinted (from Vega–Hülße collection) 2nd ed.). Berlin: Weidmann'sche Buchhandlung. Archived from the original on 2018-07-14. Retrieved 2018-07-13.
^ Zech, Julius August Christoph (1892) [1849]. Tafeln der Additions- und Subtractions-Logarithmen für sieben Stellen (in German) (Specially reprinted (from Vega–Hülße collection) 3rd ed.). Berlin: Weidmann'sche Buchhandlung. Archived from the original on 2018-07-14. Retrieved 2018-07-13.
^ Zech, Julius August Christoph (1910) [1849]. Tafeln der Additions- und Subtractions-Logarithmen für sieben Stellen (in German) (Specially reprinted (from Vega–Hülße collection) 4th ed.). Berlin: Weidmann'sche Buchhandlung. Archived from the original on 2018-07-14. Retrieved 2018-07-13.
^ Lidl, Rudolf; Niederreiter, Harald (1997). Finite Fields (2nd ed.). Cambridge University Press. ISBN 978-0-521-39231-0.
^ Jacoby, Carl Gustav Jacob (1846). "Über die Kreistheilung und ihre Anwendung auf die Zahlentheorie". Journal für die reine und angewandte Mathematik (in German). 1846 (30): 166–182. doi:10.1515/crll.1846.30.166. ISSN 0075-4102. S2CID 120615565. (NB. Also part of "Gesammelte Werke", Volume 6, pages 254–274.)