In mathematics, specifically the algebraic theory of fields, a normal basis is a special kind of basis for Galois extensions of finite degree, characterised as forming a single orbit for the Galois group.
In algebraic number theory, the study of the more refined question of the existence of a normal integral basis is part of Galois module theory.
The classical normal basis theorem states that there is an element
forms a basis of K, considered as a vector space over F. That is, any element
A field extension K / F with Galois group G can be naturally viewed as a representation of the group G over the field F in which each automorphism is represented by itself.
Representations of G over the field F can be viewed as left modules for the group algebra F[G].
generates a normal basis of K over F. The normal basis theorem therefore amounts to the statement saying that if K / F is finite Galois extension, then
denote the field of q elements, where q = pm is a prime power, and let
a cyclic group generated by the q-power Frobenius automorphism
is a basis of K over F. In case the Galois group is cyclic as above, generated by
the normal basis theorem follows from two basic facts.
are linearly independent in the K-vector space of mappings.
as an element of the matrix algebra Mn(F); since its powers
are linearly independent (over K and a fortiori over F), its minimal polynomial must have degree at least n, i.e. it must be
The second basic fact is the classification of finitely generated modules over a PID such as
(Note this is an isomorphism of F-linear spaces, but not of rings or F-algebras.)
Note that this proof would also apply in the case of a cyclic Kummer extension.
The proof above clarifies the choice of normal bases in terms of the structure of K as a representation of G (or F[G]-module).
means we have a direct sum of F[G]-modules (by the Chinese remainder theorem):
In terms of the G-orbits of K, which correspond to the irreducible factors of:
, while the normal basis, which in this case is unique, is given by the roots of the remaining factor
is not diagonalizable, the module L has nested submodules given by generalized eigenspaces of
The normal basis is frequently used in cryptographic applications based on the discrete logarithm problem, such as elliptic curve cryptography, since arithmetic using a normal basis is typically more computationally efficient than using other bases.
Now we can square elements by doing a left circular shift,
This makes the normal basis especially attractive for cryptosystems that utilize frequent squaring.
is a finite Galois extension of the infinite field F. Let [K : F] = n,
We see that D is a non-zero polynomial, and therefore it has only a finite number of roots.
A primitive normal basis of an extension of finite fields E / F is a normal basis for E / F that is generated by a primitive element of E, that is a generator of the multiplicative group K×.
(Note that this is a more restrictive definition of primitive element than that mentioned above after the general normal basis theorem: one requires powers of the element to produce every non-zero element of K, not merely a basis.)
Lenstra and Schoof (1987) proved that every extension of finite fields possesses a primitive normal basis, the case when F is a prime field having been settled by Harold Davenport.