pith. sign in

arxiv: 2601.01079 · v2 · submitted 2026-01-03 · 💻 cs.IT · math.IT

A Novel Formula for Solving Quadratic Equations over Binary Extension Fields

Leilei Yu , Yunghsiang S. Han , Pingping Li , Jiasheng Yuan This is my paper

Pith reviewed 2026-05-16 18:19 UTC · model grok-4.3

classification 💻 cs.IT math.IT
keywords quadratic equationsbinary extension fieldsReed-Muller matrixXOR computationfinite-field root findingmatrix-vector multiplication
0
0 comments X

The pith

A single matrix-vector product over GF(2) yields the roots of every quadratic x² + x + c in F_{2^m}.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper shows that the roots of any quadratic equation x² + x + c over the binary extension field with 2^m elements can be recovered by a fixed binary matrix multiplication that depends only on m. The same construction works for every positive integer m without splitting into odd or even cases or requiring exponentiation. The multiplication is performed entirely with XOR operations and costs at most m² - 2m + 1 gates; in parallel it finishes after ceil(log₂ m) gate delays. Because quadratic root finding appears inside cubic and quartic solvers and many coding algorithms, a uniform low-cost method removes the need for case-by-case implementations.

Core claim

The roots of x² + x + c ∈ F_{2^m}[x] are obtained exactly by multiplying the bit vector of c by a specific m-by-m binary matrix whose rows are the Reed-Muller evaluations of the coordinate functions; the resulting m-bit string gives the root coordinates whenever a root exists.

What carries the argument

The Reed-Muller matrix characterization of evaluations that converts quadratic root finding into a single binary matrix-vector multiplication performed with XORs.

If this is right

  • The same matrix construction applies uniformly to every positive integer m with no case distinctions.
  • Total gate count remains bounded by m² - 2m + 1 XOR operations for any m.
  • Parallel implementation depth is at most ceil(log₂ m) XOR layers.
  • The method directly supplies the root-finding subroutine needed by cubic and quartic solvers over the same fields.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Hardware implementations can hard-wire the matrix for fixed m values such as 8, 16 or 32 to obtain constant-time, constant-energy solvers.
  • If the matrix possesses additional recursive structure, the quadratic XOR bound may be improvable for large m.
  • The same linear-algebra reduction could be examined for higher-degree trace or norm equations that also reduce to linear conditions over GF(2).

Load-bearing premise

The chosen Reed-Muller matrix correctly maps the quadratic condition into an equivalent linear system over GF(2) for every field size m.

What would settle it

An explicit pair (m, c) in which the matrix-vector product produces a vector that does not satisfy x² + x + c = 0 in F_{2^m}.

read the original abstract

Solving quadratic equations over finite fields is a fundamental task in algebraic coding theory and serves as a key subroutine for computing the roots of cubic and quartic polynomials. Notably, any quadratic polynomial over binary extension fields can be transformed into the reduced form $x^2+x+c\in \mathbb{F}_{2^m}[x]$, for which existing formula-based methods rely on heavy exponentiation or case distinctions on $m$ (odd/even or powers of two), limiting uniformity and efficiency. This paper presents a unified, formula-based solution for all positive integers $m$ that uses only exclusive-OR operations (XORs). The approach leverages a Reed-Muller matrix characterization of evaluations and transforms the problem into computing a binary matrix-vector multiplication. The total cost is at most $m^2-2m+1$ XORs, and under parallelism, the latency is $\lceil \log_2 m\rceil$ XORs, making the method attractive for low-power, low-latency applications.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

1 major / 0 minor

Summary. The manuscript claims to provide a unified, formula-based method for solving quadratic equations of the form x² + x + c = 0 over GF(2^m) for every positive integer m. It transforms the problem via a Reed-Muller matrix characterization of evaluations into a binary matrix-vector multiplication that uses only XOR operations, with total cost bounded by m²-2m+1 XORs and parallel latency ceil(log₂ m).

Significance. If the central reduction holds for all m, the result would supply a uniform, exponentiation-free solution that eliminates case distinctions on the structure of m and connects quadratic root-finding to Reed-Muller codes. This could be useful for low-power, low-latency hardware implementations in algebraic coding theory.

major comments (1)
  1. [Abstract and transformation description] The central claim that the Reed-Muller matrix applied to the vector representation of c directly yields a root x of x² + x + c = 0 via binary matrix-vector multiplication for every m (including even and composite m) is load-bearing. No derivation is supplied showing how the matrix entries are obtained from the polynomial evaluations or why the output always satisfies the original equation when a root exists; any mismatch in the basis or image of the map x ↦ x² + x would invalidate the formula.

Simulated Author's Rebuttal

1 responses · 0 unresolved

We thank the referee for the careful reading and for recognizing the potential utility of a uniform, exponentiation-free method. The central concern is addressed by expanding the derivation; we commit to a major revision that supplies the requested details without altering the core claims.

read point-by-point responses

  1. Referee: The central claim that the Reed-Muller matrix applied to the vector representation of c directly yields a root x of x² + x + c = 0 via binary matrix-vector multiplication for every m (including even and composite m) is load-bearing. No derivation is supplied showing how the matrix entries are obtained from the polynomial evaluations or why the output always satisfies the original equation when a root exists; any mismatch in the basis or image of the map x ↦ x² + x would invalidate the formula.

    Authors: We agree that an explicit derivation is essential. In the revised manuscript we will insert a new subsection (Section 3.2) that constructs the matrix explicitly from the Reed-Muller evaluation map. Let {1, α, …, α^{m-1}} be the polynomial basis. The map L(x) = x² + x is GF(2)-linear; its matrix representation M_L in this basis has columns given by the coordinate vectors of L(α^j). The Reed-Muller matrix A we employ is a right inverse of M_L restricted to the image of L (the hyperplane Tr(c)=0). Its entries are obtained by solving the dual system that interpolates the linear functionals corresponding to the first-order Reed-Muller codewords; this yields A with at most m²-2m+1 ones. Direct verification shows L(A c) = c whenever Tr(c)=0, because A M_L acts as the identity projector onto the image. The construction is basis-independent once the evaluation ordering is fixed and holds for every m, as the trace condition and linearity are field-independent. We will include the explicit 4×4 and 5×5 matrices together with the general proof that the composition recovers c on the image. revision: yes

Circularity Check

0 steps flagged

No circularity: Reed-Muller characterization treated as external algebraic fact

full rationale

The derivation begins from the standard reduction of any quadratic to x² + x + c over GF(2^m) and invokes a Reed-Muller matrix characterization of evaluations to convert root-finding into a binary matrix-vector product. No quoted step defines the matrix entries in terms of the target root x, fits parameters to solution data, or relies on a self-citation whose content is itself the claimed formula. The complexity bounds (m²-2m+1 XORs, ⌈log₂ m⌉ latency) follow directly from the matrix dimensions and parallel addition depth once the transformation is granted; they are not presupposed. The central claim therefore remains non-tautological with respect to its inputs.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 0 invented entities

The approach relies on standard mathematical structures without introducing new parameters or entities.

axioms (2)
  • standard math Finite fields GF(2^m) satisfy standard arithmetic properties including x^{2^m} = x for all elements x
    Standard property of finite fields used in the reduction to x^2 + x + c form.
  • standard math Reed-Muller codes provide a matrix characterization of polynomial evaluations over GF(2)
    The paper leverages this known characterization to transform the root-finding task.

pith-pipeline@v0.9.0 · 5478 in / 1379 out tokens · 69550 ms · 2026-05-16T18:19:29.959104+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.