refer 4.3

In AES, Galois field arithmetic is used in most layers, especially in the S-Box and theMixColumn layer.

In order to have all four basic arithmetic operations (i.e., addition, subtraction, multiplication, division) in one structure, we need a set which contains an additive and a multiplicative group. This is what we call a field.

## Definition 4.3.2 Field

A field F is a set of elements with the following properties:

• 加法结构：加群===Abelian Group

All elements of F form an additive group with the group operation “+” and the neutral element 0.

满足：

• Closure
• Associative
• Inverse Exist
• Commutative
• 乘法结构：乘“群”

All elements of F except 0 form a multiplicative group with the group operation “×” and the neutral element 1.

• Closure

• Associative

• Multiplicative Identity Exist

∀ x ∈ F\{0}, ∃ x-1∈ F, s.t. x◦x-1=x-1◦x=i

通过分配律可以证明，

a(b+c) = (ab)+(ac)，让c=0

a(b+0) = (ab)+(a0) => ab = ab + a0 两边加上ab的加法逆 -ab => a0=0，再通过满足交换律得到0a=0，

所以0跟任何元素相乘都是0，都不会是multiplicative identity，所以0不存在乘法逆

• Commutative

• Distributivity

When the two group operations are mixed, the 分配律 distributivity law holds, i.e., for all a,b,c ∈ F: a(b+c) = (ab)+(ac).

The set R of real numbers is a field with the neutral element 0 for the additive group and the neutral element 1 for the multiplicative group. Every real number a has an additive inverse, namely −a, and every nonzero element a has a multiplicative inverse 1/a.

https://en.wikipedia.org/wiki/Field_(mathematics)#Constructing_fields_from_rings

## Prime Fields

Z = {0,1, -1, 2, -2, . . .}

 Fp , p = 2, 3, 5, 7 ,11, 13, ….. Fp = p

Z/(pZ)

 pZ={np n∈Z} = {0, p, -p, 2p, -2p,………}

Theorem 4.3.2

Let p be a prime. The integer ring Zp is denoted as GF(p) and is referred to as a prime field, or as a Galois field(or Finite Fields) with a prime number of elements. All nonzero elements of GF(p) have an inverse. Arithmetic in GF(p) is done modulo p.

## Finite Field

https://en.wikipedia.org/wiki/Finite_field

Fields with a finite number of elements, which we call finite fields or Galois fields. The number of elements in the field is called the order 阶 or cardinality of the field. Roughly speaking, a Galois field is a finite set of elements in which we can add, subtract, multiply and invert.

### Theorem 4.3.1 prime power

A field with order m only exists if m is a prime power, i.e., m = pn, for some positive integer n and prime integer p. p is called the characteristic 特征 of the finite field.

the characteristic of any field is either 0 or a prime number. A field of non-zero characteristic is called a field of finite characteristic or positive characteristic or prime characteristic.

n=1 => Prime Fields

n>1 => Non-Prime Fields

Prime fields vs non-prime fields https://crypto.stackexchange.com/questions/78422/prime-fields-vs-non-prime-fields

Example:

This theorem implies that there are, for instance, finite fields with 11 elements(11=111, or with 81 elements (since 81 = 34) or with 256 elements (since 256 = 28, and 2 is a prime). However, there is no finite field with 12 elements since 12 = 22 · 3, and 12 is thus not a prime power.

#### Prove?

https://www.quora.com/Why-must-a-finite-field-have-prime-power-order

Note that the order of the field must be a power of a prime, which is the characteristic (additive order) of every non-zero element. Short answer, because it’s finite, and because it’s a field. I know, that sounds ridiculous, but pretty much that’s all the proof uses. What we prove is that any finite field is “a vector space over a subfield of prime order”.

The field has a multiplicative identity, 1, and an additive identity, 0. Since the field is finite then there is a minimal number N such that 1+1+…+1=0 for N ones. Suppose N were composite. Then we could find two integers greater than 1, such that pq=N, and then there are two elements of the field 1+1+…+1, one with p 1’s, and one with q. Those two elements are not 0, since p,q<N. Their product is 0, which cannot be true in a field. (This is called the “scalar field”. It’s a subfield, isomorphic to integers modulo N). So N must be prime. From there it’s a quick application of the distributive law to show the additive order of every non-zero element in the field must be N, a prime.

Finally, you inductively construct the elements of the field in the form a0⋅1+a1x1+a2x2+…, for ai∈0…p−1. (After k steps you have found an additive subgroup of the field with pk elements. If this is not every element in the field, simply take another element of the field as xk. The only detail you need to make this proof rigorous is to prove that the elements so generated are distinct, which is not difficult.)

example: Let’s try it with a composite number, 12. We have 3⋅4 mod 12 =0, so

0=3−1⋅0=3−1⋅(3⋅4)=(3−1⋅3)⋅4=1⋅4=4.

That’s why it does not work with composite numbers. Why it does work with prime numbers is a more substantial thing: How do you prove everything except 0 has a multiplicative inverse in that case? That involves the quotients in Euclid’s algorithm.

If the characteristic were p’, a composite, say p’=pn′, then 0=pn′. This shows p is a zero-divisor and therefore not a unit.

If p were a unit, you would have 0=p−1⋅0=p−1pn′=n′ 0=p−1⋅0=p−1pn′=n′.

？https://math.stackexchange.com/questions/633056/the-proof-that-a-finite-field-has-a-prime-power-order#:~:text=As%20the%20field%20is%20finite,field%20has%20order%20pn.

### 有限域乘法|加法结构

1．有限域的乘法结构 [3]

https://math.stackexchange.com/questions/837562/why-is-the-multiplicative-group-of-a-finite-field-cyclic

2．有限域的加法结构 [3]