In mathematics, a **normal basis** in field theory is a special kind of basis for Galois extensions of finite degree, characterised as forming a single orbit for the Galois group. The **normal basis theorem** states that any Galois extension of fields has a normal basis. In algebraic number theory the study of the more refined question of the existence of a normal integral basis is part of Galois module theory.

In the case of finite fields, this means that each of the basis elements is related to any one of them by applying the *p*-th power mapping repeatedly, where *p* is the characteristic of the field. Let GF(*p*^{m}) be a field with *p*^{m} elements, and β an element of it such that the *m* elements

- $ \{ \beta, \beta^p, \beta^{p^2}, \ldots, \beta^{p^{m-1}} \} $

are linearly independent. Then this set forms a normal basis for GF(*p*^{m}).

## UsageEdit

This basis is frequently used in cryptographic applications that are based on the discrete logarithm problem such as elliptic curve cryptography. Hardware implementations of normal basis arithmetic typically have far less power consumption than other bases.

When representing elements as a binary string (e.g. in GF(2^{3}) the most significant bit represents β^{4}, the least significant bit represents β), we can square elements by doing a left circular shift with wraparound (left shifting β^{4} would give β^{8}, but since we are working in GF(2^{3}) this wraps around to β). This makes the normal basis especially attractive for cryptosystems that utilize frequent squaring.

## See alsoEdit

- Change of bases
- Dual basis in a field extension
- Polynomial basis
- Zech's logarithms for reducing high-order polynomials to those within the field

## ReferencesEdit

- Galois Theory, Ian Stewart, CRC Press, 1990 ISBN 978-0412345500