Roots in a polynomial over $GF(2^8)$?

savecancel

sage: _.<x> = GF(2^8, 'a')[]       
sage: P = x^8 + x^7 + x^5 + x^3 + 1
sage: P.roots()
[(a^5 + a + 1, 1),
 (a^6 + a^5 + a^4 + 1, 1),
 (a^6 + a^5 + a^4 + a^2 + a, 1),
 (a^6 + a^5 + a^4 + a^3 + a, 1),
 (a^7 + a^5 + a^2 + 1, 1),
 (a^7 + a^5 + a^3 + a, 1),
 (a^7 + a^5 + a^4, 1),
 (a^7 + a^6 + a^5, 1)]

sage: AA.<x> = AffineSpace(GF(2^8, 'a'), 1)
sage: S = AA.subscheme(x^8 + x^7 + x^5 + x^3 + 1)
sage: S.rational_points()
[(a^5 + a + 1),
 (a^6 + a^5 + a^4 + 1),
 (a^6 + a^5 + a^4 + a^2 + a),
 (a^6 + a^5 + a^4 + a^3 + a),
 (a^7 + a^5 + a^2 + 1),
 (a^7 + a^5 + a^3 + a),
 (a^7 + a^5 + a^4),
 (a^7 + a^6 + a^5)]

If $b$ is a root (in some field of characteristic two) of a polynomial defined over the prime field GF(2), then $b$, $b^2 = F(b)$, $b^4=F^2(b), b^8=F^3(b)$, and so on are also roots. Here, $F$ is the Frobenius map.

So if $\beta^{23}$ is in the list, then $F(\beta^{23})=(\beta^{23})^2=\beta^{46}$ should be also on the list. So i suspected some typo first. At some point, i decided to look for the cited data. The net gave me an article with the following data:

<<< To be more precise, the feedback polynomial of SNOW 2.0 is given by $$\pi(x) = \alpha x^{16}+x^{14} + \alpha^{-1} x^5 +1\in F_{2^{32}}[x]\ ,$$ where $\alpha$ is a root of $x^4 + \beta^{23}x^3 + \beta^{245}x^2 +\beta^{48} x +\beta^{239}\in F_{2^8}[x]$,

and $\beta$ is a root of $x^8 + x^7 + x^5 + x^3 + 1\in\mathbb{F}_{2}[x]$ .>>>

In the wish from the post we do not have the information, that $\beta$ is a root of $P$.

But we have the other information, that $\beta^{23}, \beta^{245},\beta^{48},\beta^{239}$ are roots of $P$.

This is false, since with $\beta$ we have the other roots $\beta^n$ for n among

sage: print [ 23*2^k % 255 for k in [0..7] ]
[23, 46, 92, 184, 113, 226, 197, 139]

And we miss 245, 48, 239.