Theorem 1.1   A finite field $F$ has positive characteristic $p > 0$ for some prime $p$ . The cardinality of $F$ is $p^n$ where $n := [F:\F_p]$ and $\F_p$ denotes the prime subfield of $F$ .

Proof. The characteristic of $F$ is positive because otherwise the additive subgroup generated by $1$ would be an infinite subset of $F$ . Accordingly, the prime subfield $\F_p$ of $F$ is isomorphic to the field $\Z/p\Z$ of integers mod $p$ . The integer $p$ is prime since otherwise $\Z/p\Z$ would have zero divisors. Since the field $F$ is an $n$ -dimensional vector space over $\F_p$ for some finite $n$ , it is set-isomorphic to $\F_p^n$ and thus has cardinality $p^n$ .

Lemma 2.1   In any field $F$ with $m$ elements, the equation $x^m = x$ is satisfied by all elements $x$ of $F$ .

Proof. The result is clearly true if $x = 0$ . We may therefore assume $x$ is not zero. By definition of field, the set $F^\times$ of nonzero elements of $F$ forms a group under multiplication. This set has $m-1$ elements, and by Lagrange's theorem $x^{m-1} = 1$ for any $x \in F^\times$ , so $x^m = x$ follows.

Theorem 2.2   For each prime $p > 0$ and each natural number $n \in \N$ , there exists a finite field of cardinality $p^n$ , and any two such are isomorphic.

Proof. For $n=1$ , the finite field $\F_p := \Z/p\Z$ has $p$ elements, and any two such are isomorphic by the map sending $1$ to $1$ .

In general, the polynomial $f(X) := X^{p^n} - X \in \F_p[X]$ has derivative $-1$ and thus is separable over $\F_p$ . We claim that the splitting field $F$ of this polynomial is a finite field of size $p^n$ . The field $F$ certainly contains the set $S$ of roots of $f(X)$ . However, the set $S$ is closed under the field operations, so $S$ is itself a field. Since splitting fields are minimal by definition, the containment $S \subset F$ means that $S = F$ . Finally, $S$ has $p^n$ elements since $f(X)$ is separable, so $F$ is a field of size $p^n$ .

For the uniqueness part, any other field $F'$ of size $p^n$ contains a subfield isomorphic to $\F_p$ . Moreover, $F'$ equals the splitting field of the polynomial $X^{p^n} - X$ over $\F_p$ , since by Lemma 2.1 every element of $F'$ is a root of this polynomial, and all $p^n$ possible roots of the polynomial are accounted for in this way. By the uniqueness of splitting fields up to isomorphism, the two fields $F$ and $F'$ are isomorphic.

Corollary 2.3   Every finite field $F$ is a normal extension of its prime subfield $\F_p$ .

Proof. This follows from the fact that field extensions obtained from splitting fields are normal extensions.

Theorem 3.1   The multiplicative group $\F_q^*$ consisting of nonzero elements of the finite field $\F_q$ is a cyclic group.

Proof. We begin with the formula \begin{equation}\label{sum} \sum_{d \div k} \phi(d) = k, \end{equation}where $\phi$ denotes the Euler totient function. It is proved as follows. For every divisor $d$ of $k$ , the cyclic group $C_k$ of size $k$ has exactly one cyclic subgroup $C_d$ of size $d$ . Let $G_d$ be the subset of $C_d$ consisting of elements of $C_d$ which have the maximum possible order of $d$ . Since every element of $C_k$ has maximal order in the subgroup of $C_k$ that it generates, we see that the sets $G_d$ partition the set $C_k$ , so that $$ \sum_{d \div k} |G_d| = |C_k| = k. $$ The identity () then follows from the observation that the cyclic subgroup $C_d$ has exactly $\phi(d)$ elements of maximal order $d$ .

We now prove the theorem. Let $k = q-1$ , and for each divisor $d$ of $k$ , let $\psi(d)$ be the number of elements of $\F_q^*$ of order $d$ . We claim that $\psi(d)$ is either zero or $\phi(d)$ . Indeed, if it is nonzero, then let $x \in \F_q^*$ be an element of order $d$ , and let $G_x$ be the subgroup of $\F_q^*$ generated by $x$ . Then $G_x$ has size $d$ and every element of $G_x$ is a root of the polynomial $x^d - 1$ . But this polynomial cannot have more than $d$ roots in a field, so every root of $x^d - 1$ must be an element of $G_x$ . In particular, every element of order $d$ must be in $G_x$ already, and we see that $G_x$ only has $\phi(d)$ elements of order $d$ .

We have proved that $\psi(d) \leq \phi(d)$ for all $d \div q-1$ . If $\psi(q-1)$ were 0, then we would have $$ \sum_{d \div q-1} \psi(d) < \sum_{d \div q-1} \phi(d) = q-1, $$ which is impossible since the first sum must equal $q-1$ (because every element of $\F_q^*$ has order equal to some divisor $d$ of $q-1$ ).

Corollary 3.2   Every extension of finite fields is a primitive extension.

Proof. By Theorem 3.1, the multiplicative group of the extension field is cyclic. Any generator of the multiplicative group of the extension field also algebraically generates the extension field over the base field.

Theorem 4.1   The Galois group of the field extension $\F_{q^m}/\F_q$ is a cyclic group of size $m$ generated by the $q^{\rm th}$ power Frobenius map $\Frob_q$ .

Proof. The fact that $\Frob_q$ is an element of $\Gal(\F_{q^m}/\F_q)$ , and that $(\Frob_q)^m = \Frob_{q^m}$ is the identity on $\F_{q^m}$ , is obvious. Since the extension $\F_{q^m}/\F_q$ is normal and of degree $m$ , the group $\Gal(\F_{q^m}/\F_q)$ must have size $m$ , and we will be done if we can show that $(\Frob_q)^k$ , for $k = 0, 1, \ldots, m-1$ , are distinct elements of $\Gal(\F_{q^m}/\F_q)$ .

It is enough to show that none of $(\Frob_q)^k$ , for $k = 1, 2, \ldots, m-1$ , is the identity map on $\F_{q^m}$ , for then we will have shown that $\Frob_q$ is of order exactly equal to $m$ . But, if any such $(\Frob_q)^k$ were the identity map, then the polynomial $X^{q^k} - X$ would have $q^m$ distinct roots in $\F_{q^m}$ , which is impossible in a field since $q^k < q^m$ .

Theorem 4.2   The field extension $\F_{q^m}/\F_q$ contains exactly one intermediate field isomorphic to $\F_{q^d}$ , for each divisor $d$ of $m$ , and no others. In particular, the subfields of $\F_{p^n}$ are precisely the fields $\F_{p^d}$ for $d \div n$ .

Proof. By the fundamental theorem of Galois theory, each intermediate field of $\F_{q^m}/\F_q$ corresponds to a subgroup of $\Gal(\F_{q^m}/\F_q)$ . The latter is a cyclic group of order $m$ , so its subgroups are exactly the cyclic groups generated by $(\Frob_q)^d$ , one for each $d \div m$ . The fixed field of $(\Frob_q)^d$ is the set of roots of $X^{q^d} - X$ , which forms a subfield of $\F_{q^m}$ isomorphic to $\F_{q^d}$ , so the result follows.

The subfields of $\F_{p^n}$ can be obtained by applying the above considerations to the extension $\F_{p^n}/\F_p$ .