Piecewise constructions of inverses of some permutation polynomials

Finite Fields and Their Applications 36 (2015) 151–169

Contents lists available at ScienceDirect

Finite Fields and Their Applications www.elsevier.com/locate/ffa

Piecewise constructions of inverses of some permutation polynomials ✩ Yanbin Zheng a,b , Pingzhi Yuan c , Dingyi Pei a,b,∗ a

School of Mathematics and Information Science, Guangzhou University, Guangzhou 510006, China b Key Laboratory of Mathematics and Interdisciplinary Sciences of Guangdong Higher Education Institutes, Guangzhou University, Guangzhou 510006, China c School of Mathematics, South China Normal University, Guangzhou 510631, China

a r t i c l e

i n f o

Article history: Received 17 February 2015 Received in revised form 14 July 2015 Accepted 25 July 2015 Available online 11 August 2015 Communicated by Rudolf Lidl MSC: 11T06 94A60

a b s t r a c t It is a hard problem to find the inverse of a nontrivial class of permutation polynomials of finite fields. In this paper the piecewise method is employed to construct the inverses of permutation polynomials, although piecewise constructing permutation polynomials is not a new idea. A formula for the inverses of some permutation polynomials of finite fields is presented. © 2015 Elsevier Inc. All rights reserved.

Keywords: Permutation polynomial Inverse Piecewise function

✩ This work was supported by National Natural Science Foundation of China (Grant Nos. 11371106, 11271142) and the Guangdong Provincial Natural Science Foundation (Grant No. S2012010009942). * Corresponding author at: School of Mathematics and Information Science, Guangzhou University, Guangzhou 510006, China. E-mail addresses: [email protected] (Y. Zheng), [email protected] (P. Yuan), [email protected] (D. Pei).

http://dx.doi.org/10.1016/j.ffa.2015.07.006 1071-5797/© 2015 Elsevier Inc. All rights reserved.

152

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

1. Introduction For q a prime power, let Fq denote the finite field containing q elements, and Fq [x] the ring of polynomials over Fq . A polynomial f (x) ∈ Fq [x] is called a permutation polynomial (PP) of Fq if it induces a bijection of Fq . We define a polynomial f −1 (x) as the inverse of f (x) over Fq if f −1 (f (c)) = c for all c ∈ Fq , or equivalently f −1 (f (x)) ≡ x (mod xq − x). The polynomial f −1 (x) is unique in the sense of the reduction modulo xq − x. One of the major applications of PPs of finite fields is cryptography [7,8,11,12,16]. Let M be a message (an element of Fq ) which is to be sent securely from Alice to Bob. If f (x) is a PP of Fq , then Alice sends to Bob the field element N = f (M ). Since f (x) is bijective, Bob can recover the message M by computing f −1 (N ) = f −1 (f (M )) = M . In order to be useful in a cryptosystem, f (x) must have some additional properties [10]. An important property is that Bob can obtain f −1 (x) so that M = f −1 (N ) can be recovered. In fact, finding the inverse of a PP of Fq is a challenging problem except for the well known classes such as the inverses of linear polynomials, monomials, and Dickson polynomials (in some special cases). There are only several papers on the inverses of some special classes of PPs, see [14,18] for the inverse of PPs of the form xr h(x(q−1)/d ), [20,21] for the inverse of linearized PPs, [4,22] for the inverses of two classes of bilinear PPs, [17] for the inverses of more general classes of PPs. It is not a new idea to partition a finite field into subsets and to study the permutation property of a polynomial through its behavior on the subsets [2,15]. But the piecewise method is still currently being used to find new PPs of finite fields [1,5,6,9,19,23,24]. In this paper, the piecewise method is employed to construct the inverses of PPs of finite fields. Let D1 , . . . , Dm be a partition of Fq , let f1 (x), . . . , fm (x) be all PPs of Fq , and define ⎧ ⎪ ⎨ f1 (x) for x ∈ D1 , .. .. f (x) = . . ⎪ ⎩ fm (x) for x ∈ Dm .

(1)

Using the piecewise method, we work out a formula for the inverse of f (x) of the form (1) in Section 3. In Section 4, we illustrate our approach and find the inverses of some known classes of PPs found by Zha and Hu [24], Fernando and Hou [5], Yuan and Ding [23], Cao, Hu and Zha [1]. Moreover, two new classes of self-inverse PPs are given. 2. Preliminaries The idea of piecewise constructions of PPs was summarized in [1, Proposition 3] by Cao, Hu and Zha, which can also be applied to construct PPs over finite rings. For later convenience, the following lemma expresses [1, Proposition 3] in terms of finite fields.

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

153

Lemma 2.1. (See [1, Proposition 3].) Let D1 , . . . , Dm be a partition of Fq , and f1 (x), . . . , fm (x) ∈ Fq [x]. Define f (x) =

m 

fi (x) IDi (x),

i=1

where IDi (x) is the characteristic function of Di , i.e., IDi (x) = 1 if x ∈ Di and IDi (x) = 0 otherwise. Then f (x) is a PP of Fq if and only if (i) fi is injective on Di for 1 ≤ i ≤ m; and (ii) fi (Di ) ∩ fj (Dj ) = ∅ for all 1 ≤ i = j ≤ m. Obviously, f (x) = fi (x) for x ∈ Di , i.e., f (x) is a piecewise polynomial function composed of fi (x) as pieces. We denote by F∗q the set of nonzero elements of Fq . The next lemma is needed in the sequel. Lemma 2.2. Let a ∈ F∗q and q − 1 = ds for some positive integers d and s. Then (i) (x − a)q−1 = (ii) 1 − (xs −

q−1

j j=0 (x/a) . d as )q−1 ≡ (1/d) j=1 (xs /as )j

(mod xq − x).

Proof. (i) It follows from a ∈ F∗q that aq−1 = 1. Then (x − a)

q−1  (x/a)j = (xq /aq−1 ) − a = ((xq /aq−1 ) − a)aq−1 = (x − a)q . j=0

q−1 Therefore (x − a)q−1 = (x − a)q /(x − a) = j=0 (x/a)j . (ii) q − 1 = ds implies that s = −1/d in Fq . Since (xs )kd+i ≡ (xs )i (mod xq − x) for 0 ≤ k < s and 1 ≤ i ≤ d, we obtain (xs − as )q−1 = 1 +

q−1 s−1    s s kd+1 (xs /as )j = 1 + (x /a ) + · · · + (xs /as )kd+d j=1

k=0

1 s s j (x /a ) (mod xq − x). d j=1 d

≡ 1 + s[(xs /as ) + · · · + (xs /as )d ] ≡ 1 − Hence 1 − (xs − as )q−1 ≡ (1/d)

d

j=1 (x

s

/as )j (mod xq − x). 2

3. Main results It is hard to find the inverse of f (x) in Lemma 2.1 without additional restrictions on the piece functions f1 (x), . . . , fm (x). Under the condition that fi (x), 1 ≤ i ≤ m, are all PPs of Fq , we obtain the main result on the inverse of f (x).

154

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

Theorem 3.1. Let D1 , . . . , Dm be a partition of Fq , let f1 (x), . . . , fm (x) ∈ Fq [x] be all PPs of Fq , and let fi−1 (x) be the inverse of fi (x) over Fq . Define f (x) =

m 

fi (x) IDi (x),

i=1

where IDi (x) is the characteristic function of Di , i.e., IDi (x) = 1 if x ∈ Di and IDi (x) = 0 if x ∈ / Di . Then f (x) is a PP of Fq if and only if the system of polynomial equations

IDi (fi−1 (x)) = 1 IDj (fj−1 (x)) = 1

has no solution in Fq for all 1 ≤ i = j ≤ m. In this case the inverse of f (x) over Fq is given by f −1 (x) =

m 

fi−1 (x) IDi (fi−1 (x)).

i=1

Proof. Clearly, f (x) is a PP of Fq if and only if f1 (D1 ), . . . , fm (Dm ) is a partition of Fq . Since fi (Di ) = {x ∈ Fq | IDi (fi−1 (x)) = 1} for 1 ≤ i ≤ m, the first statement holds true. For the formula for f −1 (x), we have f −1 (x) =

m 

fi−1 (x)Ifi (Di ) (x) =

i=1

m 

 fi−1 (x) IDi fi−1 (x) .

2

i=1

Theorem 3.1 provides a new method to construct the inverses of PPs, although it is a strict condition that f1 (x), . . . , fm (x) are all PPs of Fq . The inverses of some classes of PPs presented in [1,5,9,19,23,24] can be found by application of Theorem 3.1, which will be shown in the next section. The characteristic function IDi (x) can take many forms (see [1]). In this paper we only consider the case that IDi (x) = 1 − (θ(x) − ei )q−1 . Theorem 3.2. Let θ(x) ∈ Fq [x] induce a map from Fq to its subset {e1 , . . . , em }, and let f1 (x), . . . , fm (x) ∈ Fq [x] be all PPs of Fq , and let fi−1 (x) be the inverse of fi (x) over Fq . Then f (x) =

m 

 fi (x) 1 − (θ(x) − ei )q−1

i=1

is a PP of Fq if and only if the system of polynomial equations

(2)

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169



155

θ(fi−1 (x)) = ei θ(fj−1 (x)) = ej

has no solution in Fq for all 1 ≤ i = j ≤ m. In this case the inverse of f (x) over Fq is given by m 

f −1 (x) =

 fi−1 (x) 1 − (θ(fi−1 (x)) − ei )q−1 .

(3)

i=1

Proof. Let θ−1 (ei ) = {x ∈ Fq | θ(x) = ei }. Then θ−1(e1 ), . . . , θ−1(em ) form a partition of Fq , and Iθ−1 (ei ) (x) = 1 − (θ(x) − ei )q−1 . Hence Iθ−1 (ei ) (fi−1 (x)) = 1 is equivalent to θ(fi−1 (x)) = ei . The theorem is now a consequence of Theorem 3.1. 2 Theorem 3.2 allows one to construct PPs and their inverses from simple PPs. The polynomials f (x) and f −1 (x) in Theorem 3.2 can sometimes be rewritten in very simple forms (see Section 4). To this end, we make two useful remarks. Remark 3.3. In Theorem 3.2, let e1 = 0 and ei = 0 for i > 1. By Lemma 2.2, 1 − (θ(x) − ei )

q−1

=1−

q−1 

j

θ(x)

e−j i

=−

j=0

q−1 

θ(x)j e−j i .

j=1

Therefore f (x) in (2) can be rewritten in the form q−1 m    j f (x) = f1 (x) 1 − θ(x)q−1 − fi (x) e−j i θ(x) . i=2

j=1

Similarly, f −1 (x) in (3) can be reformulated as q−1 m     −1 j f −1 (x) = f1−1 (x) 1 − θ(f1−1 (x))q−1 − fi−1 (x) e−j i θ fi (x) . i=2

j=1

Remark 3.4. It is observed from (3) that if the equations θ(fi−1 (x)) = ei and hi (x) = ci have the same solutions in Fq for all 1 ≤ i ≤ m, then f −1 (x) can be written as f −1 (x) = m −1 q−1 ]. i=1 fi (x)[1 − (hi (x) − ci ) When θ(x) = φ(x)(q−1)/d , we obtain the next result. Theorem 3.5. Let φ(x) ∈ Fq [x] and θ(x) = φ(x)(q−1)/d . Let f0 (x), f1 (x), . . . , fd (x) ∈ Fq [x] be such that f1 (x), . . . , fd (x) are all PPs of Fq , and f0 (c) = f1 (c) = · · · = fd (c) for all

156

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

c ∈ θ−1 (0). Define f (x) = f0 (x)(1 − θ(x)d ) +

d 

fi (x)[1 − (θ(x) − ω i )q−1 ],

i=1

where ω ∈ Fq is an element of order d. Then f (x) is a PP of Fq if and only if θ(fi−1 (x)) = ω i and θ(fj−1 (x)) = ω j have no common solutions in Fq for all 1 ≤ i = j ≤ d. In this case the inverse of f (x) over Fq is given by f −1 (x) =

d d−1   j 1  −1 fi (x) ω −ij θ fi−1 (x) . d i=1 j=0

(4)

In particular, if d = 2 then f −1 (x) = 12 f1−1 (x)[1 − θ(f1−1 (x))] + 12 f2−1 (x)[1 + θ(f2−1 (x))]. In Theorem 3.2, we need to calculate the inverse of f0 (x), and check the condition that θ(f0−1 (x)) = 0 and θ(fi−1 (x)) = ω i have no common solutions in Fq for all 1 ≤ i ≤ d. These two operations can be omitted on the assumption of Theorem 3.5. The main q−1 purpose of Theorem 3.5 is to deal with the polynomials of the form h(x) = φ(x) d +1 + ψ(x). Indeed, let θ(x) = φ(x)(q−1)/d . Then

h(x) =

for x ∈ θ−1 (0), f0 (x) := ψ(x) i fi (x) := ω φ(x) + ψ(x) for x ∈ θ−1 (ω i ).

Since θ(x) = 0 implies φ(x) = 0, we have f0 (c) = fi (c) for c ∈ θ−1 (0). Theorem 3.5 can be employed to simplify the proof for h(x) to be a PP of Fq , and simplify the expression of h−1 (x) by without using the inverse of f0 (x). We close this section with the following proof. Proof of Theorem 3.5. We consider the following polynomial d   F (x) = f1 (x) 1 − θ(x)d + fi (x)[1 − (θ(x) − ω i )q−1 ]. i=1

It is easy to show that f1 (x)(1 − φ(x)q−1 ) ≡ f0 (x)(1 − φ(x)q−1 ) (mod xq − x). Hence F (x) ≡ f (x) (mod xq − x), and so they induce the same mapping on Fq . Since θ(x) = φ(x)(q−1)/d induces a mapping from Fq to {0, ω 1 , . . . , ω d },

F (x) =

f1 (x) for x ∈ θ−1 (0), fi (x) for x ∈ θ−1 (ω i ).

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

157

We show next that f1 (θ−1 (0)) ∩ fi (θ−1 (ω i )) = ∅ for 1 ≤ i ≤ d. If θ−1 (0) = ∅ then we are done. If θ−1 (0) = ∅, by f1 (c) = fi (c) for c ∈ θ−1 (0), we have f1 (θ−1 (0)) = fi (θ−1 (0)).

(5)

Since fi (x) is a PP of Fq , it follows that fi (θ−1 (0)) ∩ fi (θ−1 (ω i )) = ∅. Therefore f1 (θ−1 (0)) ∩ fi (θ−1 (ω i )) = ∅. As fi (x) is a PP of Fq , fi (x) is injective on θ−1 (ω i ). According to Lemma 2.1, F (x) is a PP if and only if fi (θ−1 (ω i )) ∩ fj (θ−1 (ω j )) = ∅ for 1 ≤ i = j ≤ d. Since fi (θ−1 (ω i )) = {x ∈ Fq | θ(fi−1 (x)) = ω i }, F (x) is a PP if and only if θ(fi−1 (x)) = ω i and θ(fj−1 (x)) = ω j have no common solutions for 1 ≤ i = j ≤ d. We are now in a position to calculate F −1 (x). From Remark 3.3,

F

−1

(x) =

f1−1 (x)(1

−

θ(f1−1 (x))d )

−

d  i=1

fi−1 (x)

q−1 

ω −ij θ(fi−1 (x))j .

j=1

Since ω kd+i = ω i , θ(x)kd+i ≡ θ(x)i (mod xq − x), we have F −1 (x) = f1−1 (x)(1 − θ(f1−1 (x))d ) +

d d  1  −1 fi (x) ω −ij θ(fi−1 (x))j . d i=1 j=1

Assume that the following formula holds for all 1 ≤ i ≤ d:   f1−1 (x) 1 − θ(f1−1 (x))d ≡ fi−1 (x) 1 − θ(fi−1 (x))d

(mod xq − x).

(6)

Substituting (6) into the expression of F −1 (x) yields that d d   1 F −1 = f1−1 1 − θ(f1−1 )d + fi−1 ω −ij θ(fi−1 )j d i=1 j=1

≡

d d d  1 1  −1  fi 1 − θ(fi−1 )d + fi−1 ω −ij θ(fi−1 )j d i=1 d i=1 j=1

≡

d d−1 d   j  d   1  −1 fi 1 − θ fi−1 + ω −ij θ fi−1 + θ fi−1 d i=1 j=1

d d−1 1  −1  −ij  −1 j ≡ f ω θ fi d i=1 i j=0

(mod xq − x).

Finally, we prove the formula (6) which is equivalent to that   f1−1 (c) 1 − θ(f1−1 (c))d = fi−1 (c) 1 − θ(fi−1 (c))d

(7)

158

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

for all c ∈ Fq . It follows from (5) that f1 (θ−1 (0)) = fi (θ−1 (0)) = {x ∈ Fq | θ(fi−1 (x)) = 0}. If c ∈ / f1 (θ−1 (0)), then θ(fi−1 (c)) = 0 and φ(fi−1 (c)) = 0. Hence 1 − θ(fi−1 (c))d = 1 − φ(fi−1 (c))q−1 = 0, and so (7) holds. If c ∈ f1 (θ−1 (0)), then θ(fi−1 (c)) = 0, and c = f1 (x ) for some x ∈ θ−1 (0). Since f1 (e) = fi (e) for all e ∈ θ−1 (0), we have c = f1 (x ) = fi (x ). Because f1 (x) and fi (x) are PPs of Fq , f1−1 (c) = f1−1 (f1 (x )) = x = fi−1 (fi (x )) = fi−1 (c). It means that (7) holds. This completes the proof. 2 4. Applications In this section, we will demonstrate our methodology by using simple piece functions and characteristic functions. The following lists these simple functions: (i) (ii) (iii) (iv) (v)

fi (x) = ai x and θ(x) = x(q−1)/2 . fi (x) = ai xr and θ(x) = H(x(q−1)/d ). ki n fi (x) = ai xp + ci and θ(x) = (L(x) + c)(p −1)/d . 2 fi (x) = ai xq + bi x + ci and θ(x) = (xq + x + c)(q −1)/d . j fi (x) = (L(x) + a)s + i and θ(x) = (TrF2n/F2j (x) + b)2 −1 .

To clarify an ambiguity in the presentation of our results: in some of the following results we make citations in the style of “see Theorem ‘x’ . . . ” to refer to a result in another paper where the construction of the considered PP was obtained. However the inverses given in the statements of these results are ours. 4.1. Monomial piece functions In this subsection, monomial piece functions are investigated, such as fi (x) = ai x or fi (x) = ai xr . First, we make the following definition. Definition 4.1. A PP f (x) of Fq is called a self-inverse PP of Fq if f −1 (x) = f (x), or equivalently, f (f (c)) = c for all c ∈ Fq . In a symmetric cryptosystem, the decryption function f −1 (x) is usually the same as the encryption function f (x). Hence self-inverse PPs would be potentially useful in symmetric cryptosystems. In this paper we will give two classes of self-inverse PPs of finite fields; see Theorems 4.2 and 4.12. Theorem 4.2. Let a ∈ Fq and q be odd. It is well-known that f (x) = x(q+1)/2 + ax is a PP of Fq if and only if (a2 − 1)(q−1)/2 = 1 (see [13, Theorem 7.11]). In this case the

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

159

inverse of f (x) over Fq is given by

f

−1

(x) =

(a2 − 1)−1 (ax + x(q+1)/2 )

for (a + 1)(q−1)/2 = −1,

(a2 − 1)−1 (ax − x(q+1)/2 )

for (a + 1)(q−1)/2 = 1.

In particular, if a2 = 2 and (a+1)(q−1)/2 = (a−1)(q−1)/2 = −1, then f (x) is a self-inverse PP of Fq . Proof. Let θ(x) = x(q−1)/2 . Then θ(x) = −1 or 1 according as x is a non-square or a nonzero square in Fq . Therefore ⎧ ⎪ ⎨ f0 (x) := 0 f (x) = f1 (x) := (a − 1)x ⎪ ⎩ f (x) := (a + 1)x 2

for x = 0, for x ∈ θ−1 (−1), for x ∈ θ−1 (1).

If f (x) is a PP of Fq , then (a + 1)(a − 1) = 0 and (a + 1)(q−1)/2 = (a − 1)(q−1)/2 . Hence both f1 (x) and f2 (x) are PPs of Fq , and f1−1 (x) = x/(a − 1),

f2−1 (x) = x/(a + 1).

Obviously f0 (0) = f1 (0) = f2 (0). By Theorem 3.5, f −1 (x) = 12 f1−1 (x)[1 − θ(f1−1 (x))] + 12 f2−1 (x)[1 + θ(f2−1 (x))] = 12 (x/(a − 1))[1 − (x/(a − 1))(q−1)/2 ] + 12 (x/(a + 1))[1 + (x/(a + 1))(q−1)/2 ] = (1/(a2 − 1))[ax − (a + 1)(q−1)/2 x(q+1)/2 ].

2

In Theorem 4.2, let q = 7 and a = 4. Then x4 + 4x is a self-inverse PP of F7 . Let q = 17 and a = 6. Then x9 + 6x is a self-invertible PP of F17 . The next result extends Theorem 4.2 by considering fi (x) = ai xr and H(x) an arbitrary polynomial over Fq . Theorem 4.3. Let d, r, r ∈ Z with d | q − 1, r r ≡ 1 (mod q − 1). Let H(x) ∈ Fq [x] be an arbitrary polynomial, and let H(x(q−1)/d ) induce a map from Fq to its subset {e1 , . . . , em }. Let a1 , . . . , am , b ∈ F∗q be such that ai

r (q−1)/d

f (x) =

m 

= b for 1 ≤ i ≤ m. Then

 ai xr 1 − (H(x(q−1)/d ) − ei )q−1

i=1

is a PP of Fq , and the inverse of f (x) over Fq is given by f −1 (x) =

m   (x/ai )r 1 − (H(xr (q−1)/d /b) − ei )q−1 . i=1

160

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

Proof. Let θ(x) = H(x(q−1)/d ) and θ−1 (ei ) = {x ∈ Fq | θ(x) = ei }. Since ei ’s are all distinct, f (x) = ai xr for x ∈ θ−1 (ei ). Let fi (x) = ai xr . Then fi (x) is a PP of Fq and fi−1 (x) = (x/ai )r . It follows from ai

r (q−1)/d

= b that

 r (q−1)/d θ(fi−1 (x)) = H xr (q−1)/d /ai = H(xr (q−1)/d /b). Because ei ’s are all distinct, H(xr (q−1)/d /b) = ei and H(xr (q−1)/d /b) = ej have no common solutions for i = j. By Theorem 3.2, f (x) is a PP of Fq . Substituting fi−1 (x) and θ(fi−1 (x)) into (3), we obtain f −1 (x). 2 4.2. Binomial piece functions Now we consider the inverses of PPs consisting of binomial piece functions. Theorem 4.4. Let a, b, c ∈ Fpn with p an odd prime, k, n ∈ Z with 1 ≤ k < n. Then k

f (x) = (axp − bx + c)

pn +1 2

k

− axp − bx

is a PP of Fpn if and only if ab is a nonzero square. In this case the inverse of f (x) over Fpn is given by   pn −1 pn −1 f −1 (x) = 12 u(x) 1 − g(x) 2 + 12 v(x) 1 + g(x) 2 , n−k

x+c p where u(x) = ( −2a )

, v(x) =

x−c −2b

and g(x) = av(x) − au(x).

Proof. If a = b = 0 then f (x) is not a PP. If a = 0 and b = 0 then f (x) = (−bx + c)

pn +1 2

− bx.

pn −1

Let θ(x) = (−bx + c) 2 . Then θ induces a map from Fpn to {0, −1, 1}. For any x ∈ θ−1 (0), i.e., θ(x) = 0, we obtain −bx + c = 0 and f (x) = −bx = −c. Further,

f (x) =

−c −2bx + c

for x ∈ θ−1 (−1) or θ−1 (0), for x ∈ θ−1 (1).

Since −bx + c is a PP of Fpn , #θ−1 (0) = 1 and #θ−1 (1) = #θ−1 (−1) = (pn − 1)/2. Hence the number of the preimage of −c under f is (pn + 1)/2, and so f (x) is not a PP of Fpn . Similarly, f (x) is not a PP when a = 0 and b = 0. k

Now consider the case ab = 0. Let θ(x) = (axp − bx + c) ⎧ k ⎪ ⎪f0 (x) := −axp − bx ⎨ f (x) =

k

f1 (x) := −2axp − c ⎪ ⎪ ⎩f (x) := −2bx + c 2

pn −1 2

. Then

for x ∈ θ−1 (0), for x ∈ θ−1 (−1), for x ∈ θ−1 (1).

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

161

It is easy to check that f0 (c) = f1 (c) = f2 (c) for c ∈ θ−1 (0). Clearly both f1 (x) and x+c pn−k f2 (x) are PPs of Fpn , f1−1 (x) = ( −2a ) and f2−1 (x) = x−c −2b . Next we compute θ(fi−1 (x)). Since

x + c

a(f1−1 (x))p + c = a k

−2a

x − c +c=b = bf2−1 (x), −2b

it follows that  pn −1 θ(f1−1 (x)) = bf2−1 (x) − bf1−1 (x) 2 , θ(f2−1 (x)) = (a(f2−1 (x))p − bf2−1 (x) + c) k

= (a(f2−1 (x) − f1−1 (x))p ) k

≡ (af2−1 (x) − af1−1 (x))

(8)

pn −1 2

pn −1 2

pn −1 2

2

(mod xq − x).

(9)

According to Theorem 3.5, f (x) is a PP of Fpn if and only if ⎧ pn−1 ⎨ (bf2−1 (x) − bf1−1 (x)) 2 = −1 ⎩

(af2−1 (x) − af1−1 (x))

pn−1 2

(10)

=1

is unsolvable in Fpn . We show next that the latter is equivalent to ab is a square. If n n ab is a square, then a(p −1)/2 = b(p −1)/2 , and so Eq. (10) is unsolvable. On the other n n hand, if ab is a non-square, then a(p −1)/2 = −b(p −1)/2 . Next, we need to prove that n n both (f2−1 (x) − f1−1 (x))(p −1)/2 = 1 and (f2−1 (x) − f1−1 (x))(p −1)/2 = −1 are solvable. Clearly, f2−1 (x) − f1−1 (x) = αxp

n−k

n−k

where α = (1/2a)p

− βx + γ,

n−k

, β = 1/2b and γ = (c/2a)p α−1 β = (2a)p

n−k

+ (c/2b). Then

(2b)−1 = (ab)(ap

n−k

−1 −2

b

).

Also note that ab is a non-square and p is odd. Hence α−1 β is a non-square, and so α−1 β is not a (pn−k − 1)-th power of an element of Fpn . Therefore n−k

αxp

n−k

− βx = αx(xp

−1

− α−1 β)

only has the root 0. It is thus a PP of Fpn , and (f2−1 (x) − f1−1 (x))(p −1)/2 = ±1 has (pn − 1)/2 solutions in Fpn . It is now obvious that f (x) is a PP if and only if ab is a nonzero square. n

162

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

Finally, we calculate the inverse of f (x). If f (x) is a PP then ab is a nonzero square, n n therefore a(p −1)/2 = b(p −1)/2 and, by (8) and (9), θ(f1−1 (x)) ≡ θ(f2−1 (x)) ≡ (af2−1 (x) − af1−1 (x))

pn −1 2

2

(mod xq − x).

The inverse of f (x) is now a direct consequence of Theorem 3.5.

2

Using the same argument as in the proof of Theorem 4.4, we can easily carry out the proof of the following result. Corollary 4.5. Let a, b, c ∈ Fpn with p an odd prime, k, n ∈ Z with 1 ≤ k < n. Then k

f (x) = (axp − bx + c)

pn +1 2

k

+ axp + bx

is a PP of Fpn if and only if ab is a nonzero square (see [23, Theorem 4.1]). In this case the inverse of f (x) over Fpn is given by   pn −1 pn −1 f −1 (x) = 12 u(x) 1 − g(x) 2 + 12 v(x) 1 + g(x) 2 , where u(x) =

x+c 2b ,

n−k

p v(x) = ( x−c 2a )

and g(x) = au(x) − av(x).

Corollary 4.5 gives the inverse of the PP in [23, Theorem 4.1] which is a generalization of [24, Theorem 1] and [9, Theorem 2]. Inspired by the work of Fernando and Hou [5], we obtain the next theorem, in which f (x) is composed of d + 1 piece functions fi (x) = ai σi (x) + ai hi (x) + bi . Theorem 4.6. Let q n − 1 = ds, σ1 , . . . , σd ∈ Aut(Fqn/Fq ), L(x) ∈ Fq [x] a linearized polynomial. Let h1 (x), . . . , hd (x) ∈ Fq [x] be such that σi (x) + hi (x) is a PP of Fqn , L(hi (x)) = 0 for 1 ≤ i ≤ d. Let a1 , . . . , ad ∈ F∗qn , b1 , . . . , bd , c, E ∈ Fqn be such that L(ai x) = ai L(x), L(bi ) − ai σi (c) = E, asi σi (ω i ) are all distinct for 1 ≤ i ≤ d, where ω ∈ Fqn is an element of order d. Then  n f (x) = (ak σk (x) + ak hk (x) + bk ) 1 − (L(x) + c)q −1 +

d   n (ai σi (x) + ai hi (x) + bi ) 1 − ((L(x) + c)s − ω i )q −1 i=1

is a PP of Fqn for any 1 ≤ k ≤ d, and the inverse of f (x) over Fqn is given by  n f −1 (x) = (σk + hk )−1 ((x − bk )/ak ) 1 − (L(x) − E)q −1 +

d  i=1

 n (σi + hi )−1 ((x − bi )/ai ) 1 − ((L(x) − E)s − asi σi (ω i ))q −1 .

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

163

Proof. Let θ(x) = (L(x) + c)s . Then θ induces a map from Fqn to {0, ω, . . . , ω d }. Therefore

f (x) =

fk (x) := ak σk (x) + ak hk (x) + bk

for x ∈ θ−1 (0),

fi (x) := ai σi (x) + ai hi (x) + bi

for x ∈ θ−1 (ω i ) .

Clearly, fi (x) is a PP of Fqn and fi−1 (x) = (σi + hi )−1 ((x − bi )/ai ) for 1 ≤ i ≤ d. Since σi ∈ Aut(Fqn/Fq ), L(x) ∈ Fq [x] and L(hi (x)) = 0, we obtain that L ◦ (σi + hi ) = L ◦ σi + L ◦ hi = L ◦ σi = σi ◦ L, and so L = σi ◦ L ◦ (σi + hi )−1 . Substituting a−1 i x into the formula L(ai x) = ai L(x) −1 −1 gives rise to L(ai x) = ai L(x). Consequently,  σi L(fi−1 (x)) + c = (σi ◦ L ◦ (σi + hi )−1 )(a−1 i (x − bi )) + σi (c) = L(a−1 i (x − bi )) + σi (c) = a−1 i L(x − bi ) + σi (c)  = a−1 L(x) − L(bi ) + ai σi (c) i = a−1 i (L(x) − E), where L(bi ) − ai σi (c) = E for 1 ≤ i ≤ d. Notice that θ(x) = (L(x) + c)s . Apply σi to the equation θ(fi−1 (x)) = ω i , we obtain that  s  s σi (ω i ) = σi (θ(fi−1 (x))) = σi L(fi−1 (x)) + c = a−1 i (L(x) − E) . Thus θ(fi−1 (x)) = ω i is equivalent to (L(x) − E)s = asi σi (ω i ) for 1 ≤ i ≤ d. Similarly, θ(fk−1 (x)) = 0 is equivalent to (L(x) −E)s = 0. Hence θ(fk−1 (x)) = 0 and θ(fi−1 (x)) = ω i have no common solutions for 1 ≤ i, k ≤ d. As asi σi (ω i ) = asj σj (ω i ),

θ(fi−1 (x)) = ω i θ(fj−1 (x)) = ω j

i.e.,

(L(x) − E)s = asi σi (ω i ) (L(x) − E)s = asj σj (ω j )

is unsolvable for 1 ≤ i = j ≤ d. Hence f (x) is a PP of Fqn for any 1 ≤ k ≤ d. The inverse of f (x) is an immediate consequence of Remark 3.4. 2 Remark 4.7. In Theorem 4.6, f (x) and f −1 (x) can be rewritten as  n f (x) = (ak σk (x) + ak hk (x) + bk ) 1 − (L(x) + c)q −1 +

d d  1 (ai σi (x) + ai hi (x) + bi ) ω −ij (L(x) + c)js , d i=1 j=1

(11)

164

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

  n f −1 (x) = (σk + hk )−1 (x − bk )/ak 1 − (L(x) − E)q −1 j   1 (σi + hi )−1 (x − bi )/ai (L(x) − E)s /asi σi (ω i ) . d i=1 j=1 d

+

d

In fact, since ω is an element of order d, we assume ω = ξ s , where ξ is a primitive element of Fqn . Then ω i = (ξ i )s and asi σi (ω i ) = (ai σi (ξ i ))s . By Lemma 2.2, 1  −ij ≡ ω (L(x) + c)js (mod xq − x), d j=1 d

i q n −1

1 − [(L(x) + c) − ω ] s

j 1  (L(x) − E)s /asi σi (ω i ) (mod xq − x). d j=1 d

1 − [(L(x) − E)s − asi σi (ω i )]q

n

−1

≡

Therefore we obtain the above expressions of f (x) and f −1 (x). Let hi (x) = 0 in Theorem 4.6. Then we obtain the following result. Corollary 4.8. Let q n − 1 = ds, σ1 , . . . , σd ∈ Aut(Fqn/Fq ), L(x) ∈ Fq [x] a linearized polynomial. Let a1 , . . . , ad ∈ F∗qn , b1 , . . . , bd , c, E ∈ Fqn such that L(ai x) = ai L(x), L(bi ) − ai σi (c) = E, asi σi (ω i ) are all distinct for 1 ≤ i ≤ d, where ω ∈ Fqn is an element of order d. Then  n f (x) = (ak σk (x) + bk ) 1 − (L(x) + c)q −1 +

d d  1 (ai σi (x) + bi ) ω −ij (L(x) + c)js d i=1 j=1

is a PP of Fqn for any 1 ≤ k ≤ d, and the inverse of f (x) over Fqn is given by  n f −1 (x) = σk−1 ((x − bk )/ak ) 1 − (L(x) − E)q −1 +

d d   j 1  −1 σi ((x − bi )/ai ) (L(x) − E)s /asi σi (ω i ) . d i=1 j=1

Corollary 4.8 is a generalization of [5, Theorem 2.5] (where a1 = · · · = ad = 1 and c ∈ Fqn \ L(Fqn ) are required). In Theorem 4.6, let hi (x) = 0 and b1 = · · · = bd = c = 0, we can establish the following necessary and sufficient condition for f (x) to be a PP of Fqn , which generalizes [5, Theorem 2.4] (where a1 = · · · = ad = 1 is considered). Theorem 4.9. Let q n − 1 = ds, σ1 , . . . , σd ∈ Aut(Fqn/Fq ), L(x) ∈ Fq [x] a linearized polynomial. Let a1 , . . . , ad ∈ F∗qn be such that L(ai x) = ai L(x) for 1 ≤ i ≤ d, and let

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

165

ω ∈ Fqn be an element of order d. Then f (x) =

d d  1 ai σi (x) ω −ij L(x)js d i=1 j=1

is a PP of Fqn if and only if L(x) is a PP of Fqn and asi σi (ω i ), 1 ≤ i ≤ d, are all distinct. In this case the inverse of f (x) over Fqn is given by f −1 (x) =

d d  j  1  −1 σi (x/ai ) L(x)s /asi σi (ω i ) . d i=1 j=1

Proof. If f (x) is a PP of Fqn , then L(x) has only the root 0, and L(x) is a PP of Fqn since L(x) is a linearized polynomial. Hence the condition that L(x) is a PP is necessary. Assume L(x) is a PP of Fqn , to prove the theorem it suffices to show that f (x) is a PP of Fqn if and only if asi σi (ω i ), 1 ≤ i ≤ d, are all distinct. Since L(x) is a PP of Fqn , L(x)s induces a surjection from Fqn to {0, ω, . . . , ω d }. Clearly, E = 0, and asi σi (ω i ) is a power of ω. Hence the system of equations (11) has no solution if and only if asi σi (ω i ), 1 ≤ i ≤ d, are all distinct. It means that f (x) is a PP of Fqn if and only if asi σi (ω i ), 1 ≤ i ≤ d, are all distinct. 2 Remark 4.10. Theorems 2.4, 2.5 in [5] require that L(x) ∈ Fq [x] is an q-linearized polynomial. In fact, they hold also for any linearized polynomial L(x) ∈ Fq [x]. 4.3. Trinomial piece functions In this subsection, we give the inverses of two classes of PPs which are constructed from trinomial piece functions. i

j

q 3 +1

Theorem 4.11. Let q = 3n and c ∈ Fq . Then fij (x) = xq + (xq − x + c) 2 is a PP of Fq3 for i = 0, 1, 2 and j = 1, 2 (see [24, Theorem 2]). The inverse of fij (x) over Fq3 is given by  i q 3 +1 q i j 2 −1 fij (x) = xq − (xq − x + c) 2 + xq + xq + x. The inverse of fij (x) is an immediate consequence of Theorem 3.5, and the tedious manipulation is omitted here. Now we present the second class of self-inverse PPs. Theorem 4.12. Let k, d, n ∈ Z with d | 2n − 1 and 0 ≤ k ≤ d − 1. Then n

f (x) = (x2 + x + c) is a self-inverse PP of F22n for any c ∈ F2n .

2k(2n −1) +1 d

+x

166

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

Proof. Let q = 2n and θ(x) = (xq + x + c)2(q−1)/d . For c ∈ Fq and x ∈ Fq2 , it follows that xq + x + c ∈ Fq and (xq + x + c)2 = (xq + x + c)q+1 . Hence θ(x) ≡ (xq + x + c)(q

2

−1)/d

2

(mod xq − x),

and θ induces a map from Fq2 to {ω ∞ , ω, ω 2 , . . . , ω d }, where ω ∈ Fq2 is an element of order d and ω ∞ denotes 0 in Fq2 . Then

f (x) =

f∞ (x) := x

for x ∈ θ−1 (ω ∞ ),

fi (x) := ω ik (xq + x + c) + x for x ∈ θ−1 (ω i ) and i ∈ {1, . . . , d}.

Since ω d = 1 and d | q − 1, (ω ik )q = ω ik . Also note that cq = c. Thus q   fi (fi (x)) = ω ik ω ik (xq + x + c) + x + (ω ik + 1) ω ik (xq + x + c) + x + ω ik c   ≡ ω ik ω ik (xq + x + c) + xq + (ω ik + 1) ω ik (xq + x + c) + x + ω ik c ≡ ω ik (xq + x + c) + ω ik xq + (ω ik + 1)x + ω ik c 2

≡ x (mod xq − x). Therefore fi (x) is a PP of Fq2 for each i ∈ {∞, 1, . . . , d}, and fi−1 (x) = fi (x). Next we show θ(fi−1 (x)) = ω i and θ(fj−1 (x)) = ω j have no common solutions in Fq2 −1 for i = j ∈ {∞, 1, . . . , d}. Clearly θ(f∞ (x)) = (xq + x + c)(q −1 substituting fi (x), namely fi (x), into xq + x + c yields



2

−1)/d

. For i ∈ {1, . . . , d},

q  ω ik (xq + x + c) + x + ω ik (xq + x + c) + x + c

≡ ω ik (xq + x + c) + xq + ω ik (xq + x + c) + x + c ≡ xq + x + c

2

(mod xq − x).

Combining the above formula and θ(x) = (xq + x + c)(q θ(fi−1 (x)) ≡ (xq + x + c)(q

2

−1)/d

2

−1)/d

, we get that 2

(mod xq − x)

for i ∈ {∞, 1, . . . , d}. Hence θ(fi−1 (x)) = ω i and θ(fj−1 (x)) = ω j have no common solutions for i = j ∈ {∞, 1, . . . , d}. By Theorem 3.2, f (x) is a PP of Fq2 . Notice that fi−1 (x) = fi (x), θ(fi−1 (x)) ≡ θ(x) (mod xq − x) for i ∈ {∞, 1, . . . , d}. According to Theorem 3.2, it follows that f −1 (x) = f (x). 2 4.4. Multinomial piece functions We will find the inverse of the PP in [1, Proposition 6] whose piece functions are in the form of (L(x) + a)s + i. Before this, a lemma is needed.

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

167

Lemma 4.13. If L(x) ∈ Fq [x] is a linearized PP of Fq , then its inverse L−1 (x) is also a linearized PP of Fq . Theorem 4.14. Let n, i, j, s be positive integers such that gcd(n, i) = 2j, n/2j is odd, and s(2i + 1) ≡ 1 (mod 2n − 1). Let a ∈ F2n and b ∈ F2j , and let L(x) ∈ F2j [x] be a linearized PP of F2n . Then j

f (x) = (L(x) + a)s + (TrF2n/F2j(x) + b)2

−1

is a PP of F2n (see [1, Proposition 6]). The inverse of f (x) over F2n is given by  2j −1  i  i i f −1 (x) = L−1 x2 +1 + a + L−1 x2 + x + 1 TrF2n/F2j(L−1 (x2 +1 + a)) + b . Proof. By [3, Lemma 2.1], gcd(2k + 1, 2n − 1) = 1 if and only if n/gcd(n, k) is odd. Thus j gcd(2i + 1, 2n − 1) = 1. Let θ(x) = (TrF2n/F2j (x) + b)2 −1 . Then θ(x) = 0 or 1 for x ∈ F2n . Hence

f (x) =

f0 (x) := (L(x) + a)s

for x ∈ θ−1 (0),

f1 (x) := (L(x) + a)s + 1

for x ∈ θ−1 (1).

 i i Clearly f0−1 (x) = L−1 (x2 +1 + a) and f1−1 (x) = L−1 (x + 1)2 +1 + a . We now show that θ(f0−1 (x)) = θ(f1−1 (x)). By Lemma 4.13, L−1 (x2

i

+1

+ x2 + x + 1 + a) = L−1 (x2 i

i

+1

+ a) + L−1 (x2 + x + 1). i

Therefore f1−1 (x) = f0−1 (x) + L−1 (x2 + x + 1). i

(12)

Since 2j | n, there exists k ∈ Z such that 2n = (2j )2k . Thus TrF2n/F2j (1) = 2k · 1 = 0. Because L(x) ∈ F2j [x] is a linearized polynomial, we have L(TrF2n/F2j(x)) = TrF2n/F2j(L(x)). Hence   L TrF2n /F2j (L−1 (1)) = TrF2n /F2j L(L−1 (1)) = TrF2n /F2j (1) = 0. Since L(x) only has the root 0 in F2n , TrF2n /F2j (L−1 (1)) = 0. Furthermore,  i TrF2n /F2j L−1 (x2 + x + 1)  i = TrF2n /F2j L−1 (x2 ) + L−1 (x) + L−1 (1)

168

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

= TrF2n /F2j (L−1 (x2 )) + TrF2n /F2j (L−1 (x)) + TrF2n /F2j (L−1 (1)) i

= TrF2n /F2j (L−1 (x))2 + TrF2n /F2j (L−1 (x)) i

= TrF2n /F2j (L−1 (x)) + TrF2n /F2j (L−1 (x)) = 0.

(13)

By (12) and (13), TrF2n /F2j(f1−1 (x)) = TrF2n /F2j(f0−1 (x)), so θ(f1−1 (x)) = θ(f0−1 (x)). Obviously, θ(f0−1 (x)) = 0 and θ(f1−1 (x)) = 1 have no common solutions. According to Theorem 3.2, f (x) is a PP of F2n . Finally, we calculate f −1 (x). Let u(x) = θ(f0−1 (x)) = θ(f1−1 (x)), namely,  2j−1 i u(x) = TrF2n/F2j (L−1 (x2 +1 + a)) + b . Since b ∈ F2j , u(c) = 0 or 1 for c ∈ F2n , and u(x)2 −1 ≡ u(x) (mod x2 − x). Similarly, n n (u(x) + 1)2 −1 ≡ u(x) + 1 (mod x2 − x). By Theorem 3.2, it follows that n

f −1 (x) = f0−1 (x)[1 + u(x)2

n

−1

n

] + f1−1 (x)[1 + (u(x) + 1)2

n

−1

]

≡ f0−1 (x)[1 + u(x)] + f1−1 (x)[1 + u(x) + 1] ≡ f0−1 (x)[1 + u(x)] + f1−1 (x)u(x) ≡ f0−1 (x) + (f0−1 (x) + f1−1 (x))u(x) ≡ f0−1 (x) + L−1 (x2 + x + 1)u(x) (mod x2 − x). i

n

2

5. Conclusion Using a piecewise interpolation method, we present a formula for the inverse of a class of permutation polynomials of finite fields. We demonstrate our approach and construct explicit inverses of some classes of permutation polynomials. It is expected to generate more concrete permutation polynomials and their inverses by using different forms of piece functions and characteristic functions. Acknowledgment We are grateful to the anonymous referee for useful comments and suggestions. References [1] X. Cao, L. Hu, Z. Zha, Constructing permutation polynomials from piecewise permutations, Finite Fields Appl. 26 (2014) 162–174. [2] L. Carlitz, Some theorems on permutation polynomials, Bull. Am. Math. Soc. 68 (1962) 120–122. [3] R.S. Coulter, On the equivalence of a class of Weil sums in characteristic 2, N.Z. J. Math. 28 (1999) 171–184.

Y. Zheng et al. / Finite Fields and Their Applications 36 (2015) 151–169

169

[4] R.S. Coulter, M. Henderson, The compositional inverse of a class of permutation polynomials over a finite field, Bull. Aust. Math. Soc. 65 (2002) 521–526. [5] N. Fernando, X. Hou, A piecewise construction of permutation polynomial over finite fields, Finite Fields Appl. 18 (2012) 1184–1194. [6] X. Hou, Two classes of permutation polynomials over finite fields, J. Comb. Theory, Ser. A 118 (2011) 448–454. [7] J. Levine, J.V. Brawley, Some cryptographic applications of permutation polynomials, Cryptologia 1 (1977) 76–92. [8] J. Levine, R. Chandler, Some further cryptographic applications of permutation polynomials, Cryptologia 11 (4) (1987) 211–218. [9] N. Li, T. Helleseth, X. Tang, Further results on a class of permutation polynomials over finite fields, Finite Fields Appl. 22 (2013) 16–23. [10] R. Lidl, G.L. Mullen, When does a polynomial over a finite field permute the elements of the field?, Am. Math. Mon. 95 (3) (1988) 243–246. [11] R. Lidl, On cryptosystems based on polynomials and finite fields, in: Advances in Cryptology, Springer, Berlin, 1985, pp. 10–15. [12] R. Lidl, W.B. Müller, Permutation polynomials in RSA-cryptosystems, in: Advances in Cryptology, Plenum Press, New York, 1984, pp. 293–301. [13] R. Lidl, H. Niederreiter, Finite Fields, Cambridge University Press, Cambridge, 1997. [14] A. Muratović-Ribić, A note on the coefficients of inverse polynomials, Finite Fields Appl. 13 (2007) 977–980. [15] H. Niederreiter, K.H. Robinson, Complete mappings of finite fields, J. Aust. Math. Soc. A 33 (1982) 197–212. [16] R.L. Rivest, A. Shamir, L.M. Adelman, A method for obtaining digital signatures and public-key cryptosystems, Commun. ACM 21 (1978) 120–126. [17] A. Tuxanidy, Q. Wang, On the inverses of some classes of permutations of finite fields, Finite Fields Appl. 28 (2014) 244–281. [18] Q. Wang, On inverse permutation polynomials, Finite Fields Appl. 15 (2009) 207–213. [19] Q. Wang, Cyclotomy and permutation polynomials of large indices, Finite Fields Appl. 22 (2013) 57–69. [20] B. Wu, The compositional inverse of a class of linearized permutation polynomials over F2n , n odd, Finite Fields Appl. 29 (2014) 34–48. [21] B. Wu, Z. Liu, Linearized polynomials over finite fields revisited, Finite Fields Appl. 22 (2013) 79–100. [22] B. Wu, Z. Liu, The compositional inverse of a class of bilinear permutation polynomials over finite fields of characteristic 2, Finite Fields Appl. 24 (2013) 136–147. [23] P. Yuan, C. Ding, Further results on permutation polynomials over finite fields, Finite Fields Appl. 27 (2014) 88–103. [24] Z. Zha, L. Hu, Two classes of permutation polynomials over finite fields, Finite Fields Appl. 18 (2012) 781–790.