Cosets and Syndromes

Suppose \(C\) is a linear code, and a code word \(w\) is sent, and \(r\) is received.

• If you can find the coset \(r + C\), then its coset leader \(e\) gives you the nearest neighbor \(r+e\).
• You can compute the syndrome \(rH^T\), and this can help you find the coset leader (given a table).

Recall: Perfect codes

Hamming sphere packing bound

Theorem. A binary \((n,M,d)\) code with \(d \geq 2t+1\) satisfies \[ M \leq \frac{2^n}{\sum_{j=0}^t \binom{n}{j}}. \]

Definition. A binary code with \(d = 2t+1\) that achieves the above bound is called perfect.

That is, a perfect code is an \((n,M,d)\) code that corrects \(t\) errors such that \[M = \frac{2^n}{\sum_{j=0}^t \binom{n}{j}}.\]

Minimum distance of Hamming codes

Lemma. Let \(C\) be a systematic linear binary code, and let \(H\) be its parity check matrix.

1. If \(C\) contains a codeword of weight 1, then \(H\) contains a zero column.
2. If \(C\) contains a codeword of weight 2, then \(H\) has two identical columns.

Hamming codes are perfect

Corollary: The minimum distance of a Hamming code is 3, and they’re perfect.

Proof: Hamming codes are constructed by forming \(H\) first, where \(H\) has \(2^m-1\) different nonzero columns, so the minimum distance is greater than 2, by the Lemma. The code has length \(n = 2^m-1\), and \(M = 2^k\) code words, where \(k = 2^m-1-m\). Observe:

\[ \frac{2^n}{\binom{n}{0} + \binom{n}{1}} = \frac{2^n}{1+n} = \frac{2^{2^m-1}}{2^m} = 2^k = M \]

Therefore \(d > 3\) is impossible, because \(M\) would then exceed the Hamming bound. So \(d = 3\), and the code is perfect.

Hamming Syndrome Decoding

• The nonzero syndromes are the columns of the parity check matrix \(H\). Proof:
  • Hamming codes can correct 1 error.
    • If \(r\) has one error, then \(r = w+\delta_i\), where \(w \in C\).
    • \(\delta_i\) is the vector with a 1 in the \(i\)th position, 0s elsewhere.
  • Syndrome of \(r\) is \(rH^T = wH^T + \delta_iH^T = \delta_iH^T\), the \(i\)th column of \(H\).
    • This accounts for \(n+1 = 2^m\) syndromes (including \(\mathbf{0}\)).
    • The cosets have size \(M = 2^k\). So this accounts for \(2^m\cdot 2^k = 2^n\) possible bit strings (i.e. all of them). So these are all the syndromes.
• For nearest neighbor decoding, the column of the syndrome is the location of the error. Proof:
  • For any coset, the coset leader must be \(\delta_i\).

Example: The Hamming (7,4) code

hamH

     [,1] [,2] [,3] [,4] [,5] [,6] [,7]
[1,]    1    1    0    1    1    0    0
[2,]    1    0    1    1    0    1    0
[3,]    0    1    1    1    0    0    1

Correct the error in \((1,0,1,0,1,1,1)\)

(c(1,0,1,0,1,1,1) %*% t(hamH)) %% 2

     [,1] [,2] [,3]
[1,]    0    1    0

The error is in position 6: \(w = (1,0,1,0,1,0,1)\)

More structure \(\Rightarrow\) Faster decoding

• For a general code, finding the nearest neighbor of a length \(n\) code word is NP-hard.
• Linear codes allow for syndrome decoding, which is faster than searching for the nearest neighbor.
• The Hamming codes have additional constraints allowing for faster decoding.
• Other codes with more algebraic structure also have faster decoding algorithms.

Cyclic codes

Definition. A code is cyclic if it is closed under cyclic shift: \[ (c_1, c_2, \ldots, c_{n-1}, c_n) \in C \Rightarrow (c_n, c_1, c_2, \ldots, c_{n-1}) \in C \]

Examples: 8th bit parity check, \(k\)-fold repetition code

Group Exercise: For each given code word, find the smallest cyclic linear code containing the code word.

1. \(\begin{bmatrix} 1 & 0 & 0 & 1 \end{bmatrix}\)

2. \(\begin{bmatrix} 1 & 1 & 0 & 0 & 1 & 0 & 1 \end{bmatrix}\)

Code words and polynomials

Let’s start indexing at zero.

• A bit string \((c_0, c_1, \ldots, c_{n-1})\) corresponds to a polynomial \(c_0 +c_1x + \cdots + c_{n-1}x^{n-1}\).
• Adding polynomials corresponds to adding bit strings in \(\mathbb{Z}_2^n\).
• How about shifting?

Quotient rings

• Recall that the ring \(\mathbb{Z}_2[x]/(x^n+1)\) consists of all polynomials in \(x\) under the “mod” relation that \(x^n + 1 = 0\), i.e., \(x^n = 1\).
• The elements of \(\mathbb{Z}_2[x]/(x^n+1)\) are the polynomials \(c_0 +c_1x + \cdots + c_{n-1}x^{n-1}\), which correspond to the \(2^n\) bit strings of length \(n\).
• Notice: \[ \small \begin{align} x(c_0 +c_1x + \cdots + c_{n-1}x^{n-1}) &= c_0x +c_1x^2 + \cdots + c_{n-2}x^{n-1} + c_{n-1}x^{n} \\ &= c_0x +c_1x^2 + \cdots + c_{n-2}x^{n-1} + c_{n-1} \\ &= c_{n-1} + c_0x +c_1x^2 + \cdots + c_{n-2}x^{n-1} \end{align} \]
• So multiplication by \(x\) is the same as shifting.

Cyclic Codes are Ideals

Definition. A cyclic linear code (i.e., a cyclic code) of length \(n\) is a subset of \(\mathbb{Z}_2[x]/(x^n+1)\) that is closed under addition and closed under multiplication by \(x\).

• (By the distributive property, closure under multiplication by \(x\) is the same as closure under multiplication by any polynomial.)
• In algebra, subsets of rings with these closure properties are called ideals.

Fact from Algebra

Fact: Every ideal \(C\) of \(\mathbb{Z}_2[x]/(x^n+1)\) has the form \[ C = \{p(x)g(x) \mid p(x) \in \mathbb{Z}_2[x]/(x^n+1) \} \] for some generating polynomial \(g(x)\) (which is the polynomial of least degree in \(C\)).

• In this case, we write \(C = \langle g(x) \rangle\), the ideal generated by \(g(x)\).
• Exercise, continued: Find the generating polynomials for these two cyclic codes.

More Algebra Facts

• If \(\gcd(g(x), x^n + 1) = 1\), then \(\langle g(x) \rangle\) is the whole ring (all the bit strings).
• The factors of \(x^n + 1\), and their products, generate all the cyclic codes.
• Example: Investigate factors of \(x^7 + 1\).

Tool: Macaulay2

i1 : R = ZZ/2[x]
o1 = R
o1 : PolynomialRing

i2 : factor(x^7+1)
              3           3    2
o2 = (x + 1)(x  + x + 1)(x  + x  + 1)
o2 : Expression of class Product

Online version: https://www.unimelb-macaulay2.cloud.edu.au/

Characterization of Cyclic Codes

• Theorem. There is a one-to-one correspondence between the divisors of \(x^n + 1\) and the cyclic codes of length \(n\).
• Theorem. If \(g(x)\) is a divisor of \(x^n + 1\) of degree \(r\), then the code words of \(\langle g(x) \rangle\) are uniquely determined by products of the form \(g(x)p(x)\), where \(p(x)\) is a polynomial of degree less than \(n-r\).
• Corollary. If \(g(x)\) is a divisor of \(x^n + 1\) of degree \(r\), then \(\langle g(x) \rangle\) is an \([n, n-r]\) cyclic code.
  • The smaller the polynomial, the bigger the code.

Parity check polynomials

Let \(C = \langle g(x) \rangle\) be a cyclic code. If \(m(x)\) is a polynomial satisfying \(m(x)g(x) = x^n+1\), then \(m(x)\) is called a parity check polynomial.

• Theorem. If \(m(x)\) is a parity check polynomial and \(p(x)\) is a message, then \(m(x)p(x) = 0\) in \(\mathbb{Z}_2[x]/(x^n+1)\) if and only if \(p(x)\) is a codeword.

Cyclic Code Examples

Over \(\mathbb{Z}_2\), \(x^7+1 = (x+1)(x^3+x+1)(x^3+x^2+1)\).

Review: Finite Fields

• If \(p(x)\) is an irreducible polynomial of degree \(n\) in \(\mathbb{Z}_2[x]\), then \(\mathbb{Z}_2[x]/(p(x))\) is a field with \(2^n\) elements, called \(\mbox{GF}(2^n)\).
• We think of the elements of \(\mbox{GF}(2^n)\) as polynomials, under the modulus relation \(p(x) = 0\).
• Equivalently, we can think of \(\mbox{GF}(2^n)\) as a field containing \(\mathbb{Z}_2\) and an element \(\alpha\), such that \(p(\alpha) = 0\). We say that \(\mbox{GF}(2^n)\) is an extension field of \(\mathbb{Z}_2\). Notation: \(\mbox{GF}(2^n) = \mathbb{Z}_2(\alpha)\)
  • Analogy: \(\mathbb{C}\) is an extension field of \(\mathbb{R}\), containing \(i\), a root of \(x^2 + 1\).
  • \(\mathbb{C} = \mathbb{R}(i)\)

Roots of polynomials

\(\mbox{GF}(2^n)\) is a field containing \(\mathbb{Z}_2\) and an element \(\alpha\), such that \(p(\alpha) = 0\). We say that \(\mbox{GF}(2^n)\) is an extension field of \(\mathbb{Z}_2\).

Example: \(\mbox{GF(4)} = \mathbb{Z}_2[x]/(x^2+x+1)\)

• Suppose \(\alpha\) is a root of \(x^2+x+1\).
• Then \(\alpha^2 + \alpha + 1 = 0\).
• The powers of alpha are
  • \(\alpha^1 = \alpha\)
  • \(\alpha^2 = \alpha + 1\)
  • \(\alpha^3 = \alpha^2 + \alpha = 1\)

Exploration: Powers of a root

1. Over \(\mathbb{Z}_2\), let \(\alpha\) be a root of \(x^3 + x + 1\). Compute all the powers of \(\alpha\), simplifying when possible. How many are there?

2. Over \(\mathbb{Z}_2\), let \(\alpha\) be a root of \(x^3 + x^2 + x + 1\). Compute all the powers of \(\alpha\), simplifying when possible. How many are there?

Primitive roots of unity

Facts: \(\mbox{GF}(2^n)\) contains an element \(\alpha\) such that:

• \(\alpha^{2^n-1} = 1\). (\(\alpha\) is a \((2^n-1)\)th root of unity)
• Every nonzero element of \(\mbox{GF}(2^n)\) is a power of \(\alpha\). (\(\alpha\) is primitive)
• \(\alpha\) is a root of a polynomial of degree \(n\). (a primitive polynomial)

Examples: \(\mbox{GF(4)}\), \(\mbox{GF(8)}\)

List of primitive polynomials

Factoring \(x^7 + 1\) over \(\mathbb{Z}_2\)

i1 : R = ZZ/2[x]

o1 = R

o1 : PolynomialRing

i2 : factor(x^7+1)

              3           3    2
o2 = (x + 1)(x  + x + 1)(x  + x  + 1)

o2 : Expression of class Product

Factoring \(x^7 + 1\) over \(\mbox{GF}(8)\)

i1 : R = GF(8)[x]

o1 = R

o1 : PolynomialRing

i2 : factor(x^7+1)

                         2                  2           2               2
o2 = (x + 1)(x + a)(x + a )(x + a + 1)(x + a  + a)(x + a  + a + 1)(x + a  + 1)

o2 : Expression of class Product

Which primitive polynomial is Macaulay2 using?

i1 : F = GF(8)
o1 = F
o1 : GaloisField

i2 : ambient F
        ZZ
        --[a]
         2
o2 = ----------
      3
     a  + a + 1
o2 : QuotientRing

i3 : apply(1..7, i -> a^i)
          2          2       2           2
o3 = (a, a , a + 1, a  + a, a  + a + 1, a  + 1, 1)
o3 : Sequence

Splitting \(x^n + 1\)

Fact: Let \(\alpha\) be a primitive \(n\)th root of unity in some extension field of \(\mathbb{Z}_2\). Then

\[x^n + 1 = (x+1)(x+\alpha)(x+\alpha^2)\cdots(x+\alpha^{n-1})\]

So a divisor \(g(x)\) of \(x^n+1\) (and therefore a cyclic code \(\langle g(x) \rangle\)) determines a set of powers of \(\alpha\) that are zeroes of \(g(x)\).

• Jargon: \(x^n+1\) splits over \(\mathbb{Z}_2(\alpha)\).
• Analogy: All real polynomials split over \(\mathbb{C} = \mathbb{R}(i)\).

Group Exercise

Let \(C=\langle g(x)\rangle\) be a cyclic code in \(\mathbb{Z}_2[x]/(x^{13}+1)\), and let \(\alpha\) be a primitive \(13\)th root of unity. Suppose that \(g(\alpha^4) = g(\alpha^5) = 0\).

1. Let \(p(x)\) be the parity check polynomial such that \(g(x)p(x) = x^{13} + 1\). Use the fact that \(x^{13}+1\) splits over \(\mathbb{Z}_2(\alpha)\) to explain why \(p(\alpha^4) \neq 0 \neq p(\alpha^5)\).

2. Suppose that, for some \(k\), the polynomial \(m(x) = x^k\) is a code word of weight 1. Show that this leads to a contradiction.

3. Suppose that, for some \(j,k\), the polynomial \(m(x) = x^j+ x^k\) is a code word of weight 2. Show that this leads to a contradiction.

4. Explain why the minimum distance of \(C\) is at least 3.