Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Coding theory lectures
Document related concepts
Transcript
Coding theory lectures
By Dr. Mohammed M. AL-Ashker
Associated professor
Mathematics Department
E.mail:mashker @ mail.iugaza.edu
Islamic University of Gaza P.O.Box 108, Gaza, Palestine
1
Contents
1 Basic concepts of linear codes
4
1.1
Three fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
5
1.2
Linear codes, generators and parity check matrices . . . . . . . . . . . . . .
6
1.2.1
Subcode: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
9
1.3
Dual codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
9
1.4
Weights and distances: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.5
New codes from old . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
1.5.1
Puncturing codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
1.5.2
Extending codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
1.5.3
Shortening codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
1.5.4
Direct sums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
1.5.5
The ( u|u + v) construction . . . . . . . . . . . . . . . . . . . . . . 27
1.6
Permutation equivalent codes: . . . . . . . . . . . . . . . . . . . . . . . . . 29
1.7
Hamming codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
1.8
The Golay codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
1.9
1.8.1
The Golay code G24 . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
1.8.2
The ternary Golay codes . . . . . . . . . . . . . . . . . . . . . . . . 36
Reed- Muller codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
1.10 Encoding, decoding, and Shannon’s theorem . . . . . . . . . . . . . . . . . 38
1.10.1 Decoding and shannon’s theorem . . . . . . . . . . . . . . . . . . . 41
1.11 Sphere packing bound, covering radius and perfect codes . . . . . . . . . . 49
2
2 Bounds on the size of codes
51
2.1
Aq (n, d) and Bq (n, d) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
2.2
Singleton upper bound and MDS codes.
2.3
Lexicodes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
3 Finite fields
. . . . . . . . . . . . . . . . . . . 53
58
3.1
Introduction to finite fields . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
3.2
Polynomials and the Euclidean algorithm . . . . . . . . . . . . . . . . . . . 59
3.3
Primitive elements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
3.4
Constructing finite fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
3.5
Subfields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
3.6
Field automorphisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
3.7
Cyclotomic cosets and minimal polynomilals . . . . . . . . . . . . . . . . . 69
4 Cyclic codes
75
4.1
Factoring xn − 1
4.2
Basic theory of cyclic codes . . . . . . . . . . . . . . . . . . . . . . . . . . 78
4.3
Idempotent and multipliers . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
4.4
Zeros of a cyclic code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
4.5
Meggitt decoding of cyclic codes . . . . . . . . . . . . . . . . . . . . . . . . 96
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
3
Chapter 1
Basic concepts of linear codes
Introduction:
Coding theory began in the late 1948’s with work of C.Shannon, hamming, Golay and
others. Historically coding theory originated as the mathematical foundation for transmission of messages over noisy channels. In fact a multitude of diverse applications have
been discovered such as the minimization of noise from compact disc recording, the transmission of financial information a cross telephone lines, data transfer from one computer
to another and so on. Coding theory deals with the problem of detecting and correcting
transmission errors caused by noise on the channel. The following diagram provides a
rough idea of a general information transmission system.
Information
source
→
(Transmitter)
Encoder
→
Communication
Channel
↑
→
(Receiver)
Decoder
→
Information
sink
Noise
Communication channel
The most important part of the diagram, as far as we are concerned is the noise, for
4
without it there would be no need for the theory.
1.1
Three fields
A field F is an algebraic structure consisting of a set together with two operations, usually
called addition (+) and multiplication (·) which satisfy certain axioms
1) (F, +) is an abelian group
2) · is associative a · (b · c) = (a · b) · c for all a, b, c in F
3)· is left and right distributive over +, a · (b + c) = a · b + a · c and (b + c) · c = b · c + c · a.
If F is commutative over · and F∗ = F/0 is a group over, then f is a field. The three fields
that are very common in the study of linear codes are the binary field Z2 = F2 = {0, 1}
with tow elements, the ternary field with three elements Z3 = F3 = {0, 1, 2} and the
quaternary field with four elements is F4 = {0, 1, ω, ω̄ = 1 + ω = ω 2 } the addition and
multiplication tables of the above fields are:
The field F2
+
0 1
·
0 1
0
0 1
0
0 0
1
1 0
1
0 1
The field F3
+
0 1 2
·
0 1 2
0
0 1 2
0 0 0 0
1
1 2 0
1 0 1 2
2
2 0 1
2 0 2 1
And addition and multiplication table for F4 are
5
+
0
1
ω
ω̄
·
0
1
ω
ω̄
0
0
1
ω
ω̄
0
0
0
0
0
1
1
0
ω̄
ω
1
0
1
ω
ω̄
ω
ω
ω̄
0
1
ω
0 ω
ω̄
1
ω̄
ω̄
ω
1
0
ω̄
0 ω̄
1
ω
1.2
Linear codes, generators and parity check matrices
Let Fnq be denote the vector space of all n−tuples over the finite field Fq . n is the length
of the vectors in Fnq witch is the dimension of Fnq . An (n, M ) code C over Fq is a subset
of Fnq of size M , that is |C| = M = (the number of all codewords in C)
Remark 1.2.1. We write the vectors (a1 , a2 · · · , an ) in Fnq in the form a1 a2 · · · an and call
the vectors in C codewords.
The codes over Z2 = F2 are called binary codes and the codes over Z3 = F3 are called
ternary codes and over F4 are called quaternary codes. Also the term quaternary has also
been used to refer to codes over Z4 the integers modulo 4.
Definition 1.2.1. Linear codes: If C is a k− dimensional subspace of Fnq , then C will
be called an [n, k] linear code over Fq . and the linear [n, k] code C has q k codewords
Definition 1.2.2. Generator matrices and parity check matrices: A generator matrix for
an [n, m] code C is any k × n matrix G whose rows form a basis for C.
Remark 1.2.2. In general for any code C there are many generator matrices of size k × n.
If C is any [n, k]-code, with generator matrix G, then the codewords in C are the
linear combination of the rows of G.
6
Example 1.2.1. : Consider the binary code with
1 1 0
G= 0 1 1
1 0 1
generator matrix
0
1 ,
0
this matrix has three rows, then the dimension of the code is 3 and has 23 codewords.
Definition 1.2.3. For any set of k independent columns of a generator matrix G, the
corresponding set of coordinates form an information set of C. and the remaining r = n−k
coordinates are called the redundancy set and r is called the redundancy of C.
Definition 1.2.4. a generator matrix of the form
h
i
G=
Ik A , where Ik is the k × k identity matrix of size k
is said to be in the standard form.
Example 1.2.2. : The binary [7, 4]-code
1 0
0 1
G=
0 0
0 0
with generator matrix
0 0 1 0 1
0 0 1 0 0
,
1 0 1 1 0
0 1 0 1 1
in standard form the first 4 coordinates form information set.
Definition 1.2.5. Let C be a linear [n, k] code. The set C ⊥ = {x ∈ Fnq : x · c =
0 for all c ∈ C} is called the dual code of C. If C is a linear code with k × n generator
matrix
h
G=
i
Ik
in standard form, and if H is the matrix
h
H=
−A>
A
i
In−k
,
where A> is the transpose of A. Then HG> = −A> + A> = 0. Hence the rows of H are
orthogonal to the rows of G and since rank H=n − k=dim (C ⊥ ), we deduce that H is a
7
generator matrix for the dual code C ⊥ . The matrix H is called the parity check matrix
for the [n, k]− code C of size (n − k × n).
The matrix H is defined also by
C = {x ∈ Fnq : Hx> = 0}.
The code C is the kernel of the linear transformation L : x −→ Hx> ,
dim(ker L)=dim C = k, because H has rank n − k.
h
i
Theorem 1.2.1. If G =
Ik A is a generator matrix for the [n, k] code C in standard
h
i
>
form then H =
In−k ,is a parity check matrix for C.
−A
Example 1.2.3. Binary repetition code:
The repetition code C is [n, 1] binary linear code if it consisting only the two codewords
0 = 00 · · · 0 and 1 = 11 · · · 1. This code can correct up to e = b (n−1)
c errors.
2
The generator matrix of the repetition code is
h
i
G=
1 1 1 ··· 1
in standard form.
The parity
check matrix
has the form
1
1
.
H = .. In−1
1
1
The first coordinate is an information set and the last n − 1 coordinates form a redundancy set.
Example 1.2.4. The matrix
1 0
h
G=
0 1
A , where G =
0 0
0 0
i
Ik
0
0
0 1
0 0
1 0
1 0
1 1
0 1
1 1
8
1
1
0
1
is a generator matrix in standard form for a [7, 4] binary code that we denote by H3 . The
parity check matrix for
H3 is
0 1 1 1 1 0 0
h
i
H=
A> I3 = 1 0 1 1 0 1 0 .
1 1 0 1 0 0 1
This code H3 is called the [7, 4] Hamming code.
1.2.1
Subcode:
If C is not linear code, a subcode of C is any subset of C. If C is linear, a sub code will
be a subset of C which must also be linear, in this case a subcode of C is a subspace of
C.
1.3
Dual codes
Inner products: Let x = x1 x2 · · · xn , y = y1 y2 · · · yn ∈ Fqn be two vectors, then the inner
P
product is denoted by the formula x · y = ni=1 xi yi = x1 y1 + · · · + xn yn . If C is a code
over Fq then
C ⊥ = {x ∈ Fqn : x · c = 0 for all c ∈ C},
is the dual code of C. If G is the generator matrix for [n, k] code C then H is the generator
matrix for [n, n − k] code C ⊥ .
Example 1.3.1. The generator matrix for the repetition code C [n, 1] is
h
i
G=
1 1 1 1 · · · 1 1 and the generator matrix for the dual code C ⊥ [n, n−1]
1
1
..
is H = . In−1
1
1
9
H consists of all binary n−tuples a1 a2 · · · an−1 b, where b = a1 + a2 + · · · + an−1 . (The nth
coordinate b is an over all parity check for the first n − 1 coordinates chosen, therefore so
that the sum of all the coordinates equal 0). Then G is the parity check matrix for C ⊥ .
Remark 1.3.1. The code C ⊥ has the property that a single transmission error can be
detected (since the sum of the coordinates will be 0) but not corrected (since changing
any one of the received coordinates will give a vector whose sum of coordinates will be 0.)
Definition 1.3.1. A code C is self-orthogonal if C ⊆ C ⊥ and is self-dual if C = C ⊥ .
The length n of a self-dual code is even and the dimension is
n
2
because dim(C) +
dim(c⊥ ) = n and C = C ⊥ so dim(C) = n2 .
The [7, 4] Hamming code H3 is presented by the generator matrix
1 0 0 0 0 1 1
0 1 0 0 1 0 1
length 7, dimension 4.
G=
0 0 1 0 1 1 0
0 0 0 1 1 1 1
c3 be the code of length 8 and dimension 4 obtained from H3 by adding an over all
Let H
parity check coordinate to each vector of G
1 0 0
0 1 0
b
G=
0 0 1
0 0 0
and thus to each codeword H3 . Then
0 0 1 1 1
0 1 0 1 1
,
0 1 1 0 1
1 1 1 1 0
c3 , we can easy verify that H
c3 is self-dual because n = 8,
is a generator matrix for H
c3 is equal
dimension of H
n
2
= 4 and all codewords are orthogonal in pairs and in there
self.
Example 1.3.2. The ternary [4, 2] code H3,2 is called tetracode has generator matrix in
standard form given by
G=
1 0
1
0 1
1 -1
10
1
.
This code is also self dual because n = 4, dimension of H3,2 is equal
n
2
= 2 and all
codewords are orthogonal in pairs and in there self.
Definition 1.3.2. The Hermitian inner product over the quaternary field F4 is given by
hx, yi = x · ȳ =
n
X
xi ȳi ,
i=1
¯ = ω, ω̄ = ω 2 = 1 + ω.
where¯, called conjugation and is given by 0̄ = 0, 1̄ = 1, ω̄
Definition 1.3.3. The Hermitian dual of a quaternary code C by C ⊥H = {x ∈ F4n :
hx, ci = x · c̄ = 0 for all c ∈ C}.
Definition 1.3.4. We define the conjugate of C to be C̄ = {c̄|c ∈ C}. where c̄ =
c¯1 c¯2 · · · c¯n when c = c1 cc · · · cn .
⊥
C ⊥H = C̄ .
Remark 1.3.2.
Definition 1.3.5. The code C is called self-orthogonal if C ⊆ C ⊥H
and is called Hermitian self-dual if C = C ⊥H .
Example 1.3.3. The [6, 3] quaternary code G6 has generator matrix G6 in standard form
given
by
1
G6 = 0
0
This code is
1.4
0 0
1
ω
ω
1 0 ω 1 ω .
0 1 ω ω ω
called the hexacode. It is Hermitian self-dual.
Weights and distances:
Definition 1.4.1. The Hamming distance d(x, y) between two vectors x, y ∈ Fqn is
defined to be the number of coordinates in which x and y differ and is denoted by d. For
example if x = 10112, and y = 20110, then d(x, y) = 2.
11
Theorem 1.4.1. The distance function d(x, y) satisfies the following four properties:
(i) (non-negativity) d(x, y) ≥ 0 for all x, y ∈ Fnq .
(ii) d(x, y) = 0, if and only if x = y.
(iii) (Symmetry), d(x, y) = d(y, x)∀x, y ∈ Fnq .
(iv) (Triangle inequality), d(x, z) ≤ d(x, y) + d(y, z) for all x, y, z ∈ Fnq .
Proof. (i),(ii) and (iii) are obvious from the definition of the Hamming distance. It is
enough to prove (iv) when n = 1. If x = z then (iv) is obviously true since d(x, z) = 0.
If x 6= z, then either y 6= x or y 6= z, so (iv) is again true.
Remark 1.4.1. (C, d) is a metric space.
Definition 1.4.2. The minimum distance of a code C is the smallest Hamming distance
d(x, y), where x 6= y.
Definition 1.4.3. The minimum weight of x ∈ Fnq , wt(x) is the number of nonzero
coordinates in x which equals d(x, 0).
Theorem 1.4.2. If x, y ∈ Fnq , then d(x, y) = wt(x − y). If C is a linear code, the
minimum distance d is the same as the minimum weight of the nonzero codewords of C.
Proof. d(x, y) = d(0, y − x) = wt(y − x) or wt(x − y) where y − x ∈ C.
So the minimum distance {d(x, y), where x 6= y, x, y ∈ C} = the minimum weight {wt(x−
y), where x 6= y, x, y ∈ C}.
Then the minimum distance d(C) = the minimum weight of nonzero codeword of C =
minimum{wt(a) : a 6= 0, a ∈ C}.
Remark 1.4.2. If the minimum distance of the [n, k]− code C is d then the code will now
be defined as [n, k, d] code.
Definition 1.4.4. If x = x1 x2 · · · xn and y = y1 y2 · · · yn are binary words then x ∩ y =
(x1 y1 , x2 y2 , · · · , xn yn ). Thus x ∩ y has a 1 in the ith position if and only if both x, y
have a 1 in the ith position.
12
Theorem 1.4.3. The following hold:
(i) If x, y ∈ Fn2 , then wt(x + y) = wt(x) + wt(x) − 2wt(x ∩ y), where x ∩ y is a vector
in Fn2 , which has 1’s precisely in those positions where both x and y have 1’s
(ii) If x, y ∈ Fn2 , then wt(x ∩ y) ≡ x · y mod 2.
(iii) If x ∈ Fn2 , then wt(x) ≡ x · x mod 2.
(iv) If x ∈ Fn3 , then wt(x) ≡ x · x mod 3.
(v) If x ∈ Fn4 , then wt(x) ≡ hx · xi mod 2.
Proof.
(i) If x, y ∈ Fn2 , then wt(x + y) = wt(x − y) = d(x − y, 0)
= the number of nonzero coordinates of x+the number of nonzero coordinates of y−
2(the number of nonzero coordinates of x ∩ y) = wt(x) + wt(y) − 2wt(x ∩ y).
(ii) wt(x ∩ y) = wt(x1 y1 , x2 y2 , · · · , xn yn ) = the number of nonzero coordinates of (x ∩ y) ≡
(x1 y1 + x2 y2 + · · · + xn yn ) (mod 2).
(iii) If x ∈ Fn2 , then wt(x) =
(iv) If x ∈ Fn3 , then wt(x) =
(v) If x ∈ Fn4 , then wt(x) =
P
xi 6=0
P
xi 6=0
P
xi 6=0
xi =
xi =
xi =
P
xi 6=0
P
xi 6=0
P
xi 6=0
x2i ≡ x · x (mod 2).
x2i ≡ x · x (mod 3).
x2i ≡ x · x̄ (mod 2) ≡ hx · xi (mod 2).
Definition 1.4.5. Let Ai or Ai (C) be the number of codewords of weight i in C. The list
Ai for 0 ≤ i ≤ n is called the weight distribution or weight spectrum of C.
Example 1.4.1. Let C be the binary code
1 1
G= 0 0
0 0
with generator matrix
0 0 0 0
1 1 0 0 .
0 0 1 1
13
All codewords are
000000, 110000, 111100, 110011, 001111, 111111, 001100, 000011.
The weight distribution of C are A0 = 1, A6 = 1, A2 = 3, A4 = 3
Theorem 1.4.4. Let C be an [n, k, d] code over Fq , then
(i) A0 (C) + A1 (C) + · · · + An (C) = q k .
(ii) A0 (C) = 1 and A1 (C) = A2 (C) = · · · = Ad−1 (C) = 0.
(iii) If C is a binary code containing the codeword 1 = 11 · · · 1, then Ai (C) = An−i (C) for
0 ≤ i ≤ n.
(iv) If C is a binary self-orthogonal code, then each codeword has even weight, and C ⊥
contains the codeword 1 = 11 · · · 1.
(v) If C is a ternary self-orthogonal code, then the weight of each codeword is divisible
by three.
(vi) If C is a quaternary Hermitian self-orthogonal code, then the weight of each codeword
is even.
Proof.
(i) Since Ai (C) ranges over all codewords of C then A0 (C)+A1 (C)+· · ·+An (C) =
qk .
(ii) If d is the minimum distance of C then the minimum weight of C is d and no codeword
in C with weight less than d so A0 (C) = 1 and A1 (C) = A2 (C) = · · · = Ad−1 (C) = 0.
(iii) If C is binary code and 1 = 11 · · · 1 is a codeword in C, then if x ∈ C 3 wt(x) = i
then wt(x + 1) = wt(y) = n − i, where y = x + 1 has weight n − i, then the
number of words of weight i equals the number of words of weight n − i, that is
Ai (C) = An−i (C).
14
(iv) Let C ⊆ C ⊥ and C be binary code, if x ∈ C then x · x ≡ 0 (mod 2), then wt(x) is even
and 1 = 11 · · · 1 ∈ C ⊥ , because it is orthogonal to any codeword x ∈ C and because
x has even weight so x · 1 ≡ 0 (mod 2).
(v) If C ⊆ C ⊥ and C is any ternary code, if x ∈ C, =⇒ wt(x) = x · x ≡ 0 (mod 3),
then wt(x) is divisible by 3.
(vi) If C ⊆ C ⊥H and C is quaternary code then hx, xi ≡ 0 (mod) 2 =⇒ wt(x) is even,
because wt(x) = hx, xi ≡ 0 (mod) 2.
Remark 1.4.3. The subset of codewords of a binary self-orthogonal code C that have
weight divisible by four form a subspace of C, this is not necessarily the case for non-selforthogonal codes.
Theorem 1.4.5. Let C be an [n, k] self-orthogonal binary code. Let C0 be the set of
codewords in C whose weights are divisible by four then either:
(i) C = C 0 or
(ii) C0 is an [n, k − 1] subcode of C and C = C0 ∪ C1 , where C1 = x + C0 for any codeword
x whose weight is even but not divisible by four. Furthermore C1 consists of all
codewords of C whose weights are not divisible by four.
Proof. Since C is self-orthogonal then all codewords have even weight, then either (i) holds
or there exists a codeword x of even weight but not of weight a multiple of four.
Assume the later and let y be another codeword whose weight is even but not a multiple
of four, then by previous theorem (3.3) =⇒ wt(x + y) = wt(x) + wt(y) − 2wt(x ∩ y) ≡
2+2−2wt(x ∩ y) )(mod 4). But wt(x ∩ y) ≡ x · y (mod 2) ≡ 0 (mod 2). Hence wt(x + y)
is divisible by 4 then x + y ∈ C0 . this shows that y ∈ x + C0 and C = C0 ∪ (x + C0 ). That
is C0 is a subcode of C and that C1 = x + C0 consists of all codewords of C whose weight
are not divisible by 4 follow from a similar argument.
15
Theorem 1.4.6. Let C be an [n, k] binary code. Let Ce be the set of codewords in C whose
weights are even. Then either
(i) C = Ce or,
(ii) Ce is an [n, k] subcode of C and C = Ce ∪ C0 , where C0 = x + Ce for any codeword
x whose weight is odd. Furthermore C0 consists of all codewords of C whose weight
are odd.
Theorem 1.4.7. Let C be a binary linear code.
(i) If C is self-orthogonal and has a generator matrix each of whose rows has weight
divisible by 4, then every codeword of C has weight divisible by 4.
(ii) If every codeword of C has weight divisible by four, then C is self-orthogonal.
Proof.
(i) Let x, y be tow rows of a generator matrix G, then wt(x + y) = wt(x) +
wt(y) − 2wt(x ∩ y) ≡ 0 + 0 − 2wt(x ∩ y) ≡ 0 + 0 − 2(x · y) ≡ 0(mod 4). We proceed
by induction as every codeword is a sum of rows of the generator matrix.
(ii) Let x, y ∈ C, then by previous theorem wt(x ∩ y ≡ x · y(mod 2) =⇒ 2(x · y) ≡
2wt(x ∩ y) ≡ 2wt(x ∩ y) − wt(x) − wt(y) ≡ −wt(x + y) ≡ 0 (mod 4) =⇒ x · y ≡
0(mod 2) =⇒ C is self-orthogonal.
Example 1.4.2. The dual of the [n, 1] binary repetition code C, consists of all the even
weight vectors of length n and has generator matrix
1 1
1
1 0
1 In−1
=
H=
.. ..
..
. .
.
1
1 0
0
···
0
1
..
.
···
..
.
0
..
.
0
···
1
.
If n > 2 this code is not self-orthogonal because any two different codewords are not
orthogonal.
16
Theorem 1.4.8. Let C be a code over Fnq , with q = 3 or 4.
(i) when q = 3, every codeword of C has weight divisible by three if and only if C is
self-orthogonal.
(ii) when q = 4, every codeword of C has weight divisible by two if and only if C is
Hermitian self-orthogonal.
Proof.
(i) If C is self-orthogonal. Then the codewords have weights divisible by three (
by theorem (1.3.4)(v).)
For the converse let x, y ∈ C and x, y has weight divisible by three. We need to show
that x · y = 0. We can view the codewords x and y having the following parameters.
x : ∗ 0 =6= 0
y : 0 ∗ =6= 0
: a b c d e.
Where there are a coordinates where x is non zero and y is zero, b coordinates
where y is nonzero and x is zero, c coordinates where both agree and are nonzero, d
coordinates where both disagree and are nonzero, and e coordinates where both are
zero. So wt(x + y) = a+b+c and wt(x − y) = a+b+d, but x ± y ∈ C =⇒ a+b+c ≡
a + b + d ≡ 0(mod 3). In particular c ≡ d (moa 3) =⇒ x · y = c + 2d ≡ 0 (mod 3)
(because x · y = 0 + 0 + c + 2d ≡ 0 (mod 3) and because c ≡ d (mod 3)).
(ii) If C is Hermitian self-orthogonal, then the codewords have even weights, by the
(1.3.4)(vi) wt(x) = hx, xi ≡ 0 (mod 2). For the converse, let x ∈ C. If x has a 0’s b
1’s, cw’s and dω̄’s then b + c + d is even as wt(x) = a + c + d. However hx, xi also
equals b + c + d (as an element of F4 ), then hx, xi = 0 for all x ∈ C.
Now let x, y ∈ C. So both x + y and ωx + y are in C. We have 0 = hx + y, x + yi =
hx, xi + hx, yi + hy, xi + hy, yi = 0 + hx, yi + hy, xi + 0.....(1)
Also 0 = hωx + y,ωx + yi = hx, xi + ωhx, yi + ω̄hy, xi + hy, yi = ωhx, yi +
17
ω̄hy, xi...(2)
From (1) and (2) 0 = (1 + ω)hx, yi + (1 + ω̄)hy, xi = ω̄hx, yi + ωhy, xi =⇒ hx, yi =
0 and hy, xi = 0 =⇒ C is self-orthogonal.
Theorem 1.4.9. Let C be a binary code with a generator matrix each of whose rows has
even weight. Then every codeword of C has even weight.
Proof. Let x, y be rows of the generator matrix wt(x + y) = wt(x)+wt(y)−2wt(x ∩ y) ≡
0 + 0 − 2wt(x ∩ y) ≡ 0(mod 2) =⇒ wt(x + y) is even, so we proceed by induction every
codeword is a sum of rows of the generator matrix.
Definition 1.4.6. Binary codes for which all codewords have weight divisible by 4 are
called doubly even and by theorem 1.4.7 doubly even codes are self-orthogonal.
A self-orthogonal code must be even by theorem 1.4.4(iv).
The code that is not doubly even is called singly even.
Definition 1.4.7. A vector x = x1 x2 · · · xn ∈ Fnq is called even-like if
n
X
xi = 0 and is
i=1
called odd like otherwise. A binary vector is even like if and only if it has even weight for
F33 the vector (1, 1, 1) ∈ F33 is even like but not of even weight. Also (1, ω, ω̄) ∈ F33 is even
like but not of even weight.
Definition 1.4.8. A code is even like if it has only even like codewords, a code is odd
like if it is not even like.
Theorem 1.4.10. Let C be an [n, k] code over Fq , let Ce be the set of even like codewords
in C, then either.
(i) C = Ce or,
(ii) Ce is an [n, k − 1] subcode of C.
P
P
Proof. Either (i) holds or if x, y ∈ Ce and α, γ ∈ Fq =⇒ α ni=1 xi = 0, γ ni=1 yi = 0 =⇒
Pn
i=1 αxi + γyi = 0 =⇒ αx + γy is even like =⇒ αx + γy ∈ Ce =⇒ Ce is a subcode of C.
18
If z is odd like codeword, then z + Ce is a code of odd like codewords. Let C1 = z + Ce =⇒
C = Ce ∪ C1 and dimCe = k − 1.
The relation ship between the weight of a codeword and a parity check
matrix for a linear code.
Theorem 1.4.11. Let C be a linear code with parity check matrix H. If c ∈ C, the columns
of H corresponding to the nonzero coordinates of C are linearly dependent. Conversely
if a linear dependence relation with nonzero coefficients exists among w columns of H,
then there is a codeword in C of weight w whose nonzero coordinates correspond to these
columns.
Proof. If G is a generator matrix of size k × n for the code C and H is the parity check
matrix for C, then H is of size n − k × n and rank(H) = n − k. If c = c1 c2 · · · cn ∈ C and
if H1 , H2 , · · · Hn are the columns of H, then
c
1
h
i c2
>
Hc =
H1 H2 · · · Hn
.. = 0 =⇒ c1 H1 + c2 H2 + · · · + cn Hn = 0.
.
cn
Since c = c1 c2 · · · cn is non zero codeword so there exists i, 1 ≤ i < n 3 ci 6= 0 then
the columns of H corresponding to the nonzero coordinates of C are linearly dependent.
Conversely if there exists some i such that ci 6= 0 and c1 H1 + c2 H2 + · · · + cw Hw = 0 where
H1 , H2 , · · · , Hw are the w columns of H which are linearly dependent, then there exists
c = c1 c2 · · · cn 6= 0 ∈ C such that Hc> = 0 and wt(c) = w.
Corollary 1.4.12. A linear code has minimum weight d if and only if its parity check
matrix has a set of d linearly dependent columns but no set of d − 1 linearly dependent
columns.
h
Proof. Let H =
i
H1
H2
···
Hn
and c = c1 c2 · · · cn be a codeword in C with
Hamming weight w > 0. Let J = {j1 , j2 , · · · , jw } be the set of indexes of the nonzero
19
>
entries in c. Since Hc = 0 then
linearly dependent.
w
X
cji Hji = 0 =⇒ the columns of H indexed by J are
i=1
Conversely, every set of w linearly dependent columns of H correspond to at least one
nonzero codeword c ∈ C with wt(c) ≤ w.
Let d = the minimum distance of C then no nonzero codewords of C has Hamming weight
less than d, but there is at least one codeword in C whose hamming weight is d.
Example 1.4.3. Consider the generator matrix
1 0
i
h
0 1
G=
In A =
0 0
0 0
0 0
0 1
0
0
1 0
1
0
1 1
0
1
1 1
1
1
0
1
for the Hamming binary [7, 4] code H3 its parity check matrix H is of the form
0 1 1 1 1 0 0
h
i
>
H=
A
I3 = 1 0 1 1 0 1 0 .
1 1 0 1 0 0 1
Every two columns in H are linearly independent and so, the minimum distance of the
Hamming code H3 is at least 3. In fact the minimum distance is exactly 3 since there are
three dependent columns which are (001)> , (0, 1, 0)> , (011)> .
Theorem 1.4.13. If C is an [n, k, d] code, then every n−d+1 coordinate position contains
an information set. Furthermore, d is the largest number with this property.
Proof. Let G be a generator matrix for C, consider any set X of s coordinate positions.
Assume that X is the set of the last s positions. Suppose X does not contain an inh
i
formation set. Let G =
A B , where A is k × (n − s) and B is k × s. Then the
column rank of B and the row rank of B, is less than k. Hence there exists a non trivial
linear combination of the rows of B which equals 0, and hence a codeword c which is 0
in the last s positions. Since the rows of G are linearly independent, c 6= 0 and hence
d ≤ n − s =⇒ s ≤ n − d. Then the theorem now follows.
20
Remark 1.4.4. for theorem 1.4.13.
The parity check matrix H of an [n, k, d] linear code C is (n−k)×n matrix such that every
d−1 columns of H are linearly independent. Since the columns of H have length n−k, we
can never have more than n−k independent columns, then d−1 ≤ n−k =⇒ k ≤ n−d+1.
1.5
New codes from old
1.5.1
Puncturing codes
Definition 1.5.1. Let C be an [n, k, d] code over Fq , we can puncture C by deleting the
same coordinate i in each codeword. the puncture code of C denoted bey C ∗ has length
n − 1.
Theorem 1.5.1. Let C be an [n, k, d] code over Fq , and let C ∗ be the code C punctured on
the ith coordinate.
(i) If d > 1, C ∗ is an [n − 1, k, d∗ ] code where d∗ = d − 1 if C has a minimum weight
codeword with a non zero ith coordinate and d∗ = d otherwise.
(ii) When d = 1, C ∗ is an [n − 1, k, 1] code, if C has no codeword of weight 1 whose
nonzero entry is in coordinate i; otherwise, if k > 1, C ∗ is an [n − 1, k − 1, d∗ ] code
with d∗ ≥ 1.
Example 1.5.1. Let C be the [5, 2, 2] binary code with generator matrix
1 1 0 0 0
.
G=
0 0 1 1 1
Let C1∗ and C5∗ be the code C punctured on coordinate 1 and 5, respectively, they have
generator matrices
G∗1 =
1 0 0 0
0 1 1 1
G∗5 =
,
So C1∗ is a [4, 2, 1] code, while C5∗ is a [4, 2, 2] code.
21
1 1
0
0
0 0
1
1
.
Example 1.5.2. Let D be the [4, 2, 1] binary code with generator matrix
1 0 0 0
.
G=
0 1 1 1
Let D1∗ and D4∗ be the code D punctured on coordinate 1 and 4, respectively, they have
generator matrices
D1∗ =
i
h
1 1
1
D4∗ =
,
1
0
0
0
1
1
.
So D1∗ is a [3, 1, 3] code, while D4∗ is a [3, 2, 1] code.
In General a code C can be punctured on the coordinate set T by deleting T components in all codewords of C. If T has size t, the resulting code, which we will often
denoted C T is an [n − t, k ∗ , d∗ ] where k ∗ ≥ k − t, d∗ ≥ d − t
1.5.2
Extending codes
We can create longer codes by adding a coordinate.
Definition 1.5.2. If C is an [n, k, d] code over Fq , define the extended code Cˆ to be the
code
Cˆ = {x1 x2 · · · xn+1 ∈ Fn+1
|x1 x2 · · · xn ∈ C with x1 + x2 + · · · + xn+1 = 0}.
q
ˆ code, where dˆ = d or d + 1. If G and H be generator and parity
In fact Cˆ is an [n + 1, k, d]
check matrices for C, then a generator matrix Ĝ of Cˆ can be obtained from G by adding
an extra column to G, so the sum of the coordinates of each row of Ĝ is 0. A parity check
matrix for Cˆ is the matrix
1 1
···
H
1
0
..
.
.
0
This construction is referred to as adding an over all parity check.
22
Remark 1.5.1.
* If C is an [n, k, d] binary code, then the extended code C contains
ˆ code, where dˆ equals d if d is even
only even weight vectors and is an [n + 1, k, d]
and equals d + 1 if d is odd.
** If C is an [n, k, d] code over Fq , call the min. weight of the even-like codewords,
respectively the odd-like codewords, the min. even-like weight, respectively the
min. odd-like weight of the code. Denote the min. even like weight by de and the
min. odd-like weight by d0 . So d = min[de , d0 ]. If de ≤ d0 , then Cˆ has min. weight
dˆ = de . If d0 < de , then dˆ = d0 + 1.
Example 1.5.3. The tetracode H3,2 is a [4, 2, 3] code over F3 with generator matrix G
and parity check matrix H given by
1 0 1 1
-1 -1
and H =
G=
0 1 1 -1
-1 1
1
0
0
1
.
The codewords (1, 0, 1, 1) extends to (1, 0, 1, 1, 0) and the codeword (0, 1, 1, −1) extends
to (0, 1, 1, −1, −1). Hence d = de = d0 = 3 and dˆ = 3. the generator and parity check
matrices for Ĥ3,2 are
Ĝ =
1
1
and Ĥ =
-1 -1
0 1 1 -1 -1
-1 1
1 0 1
1
0
1
1
1
0
0
1
1
0 .
0
Remark 1.5.2. If we extend a code and then puncture the new coordinate, we obtain the
original code, but if we performing the operations in the other order will in general result
in a different code.
Example 1.5.4. If we puncture the binary code C with generator matrix
1 1 0 0 1
G=
0 0 1 1 0
on its last coordinate and extend on the right, the resulting code has generator matrix
1 1 0 0 0
.
G=
0 0 1 1 0
23
1.5.3
Shortening codes
Definition 1.5.3. Let C be an [n, k, d] code over Fq and let T be any set of t coordinates.
Consider the set C(T ) of codewords which are 0 on T ; this set is a subcode of C, puncturing
C(T ) on T gives a code over Fq of length n − t called the code shortened on T and denoted
CT .
Example 1.5.5. Let C be the [6, 3, 2] binary code
1 0 0 1
G = 0 1 0 1
0 0 1 1
with generator matrix
1 1
1 1 .
1 1
C ⊥ is also [6, 3, 2] code with generator matrix
1 1 1 1 0 0
G⊥ = 1 1 1 0 1 0 .
1 1 1 0 0 1
If the coordinates are labeled 1, 2, · · · 6, let t = {5, 6}, then the generator matrices for the
shortened code CT and the punctured code C > are
1 0 0 1
and GT =
GT =
0 1 0 1
0 1 1 0
0 0 1 1
1 0 1 0
because the set C(T ) of codewords which are zero on T are
1 1 0 0 0 0
1 0 1 0 0 0
0 1 1 0 0 0 .
By puncturing C(T ) on T gives the code CT whose generator matrix is GT .
The shortening and puncturing the dual code gives the code (C ⊥ )T and (C ⊥ )T which have
24
generator matrices
³
(G⊥ )T = 1 1 1 1
´
1
1
1
1
.
and (G⊥ )T =
1 1 1 0
From the generator matrices GT and GT , we find that the duals of CT and C T have generator matrices
(GT )⊥ =
1 1 1 0
0 0 0 1
³
´
and (GT )⊥ = 1 1 1 1 .
Notice that these matrices show that (C ⊥ )T = (C T )⊥ and (C ⊥ )T = (CT )⊥ .
Theorem 1.5.2. Let C be an [n, k, d] code over Fq . Let T be a set of t coordinates. Then:
(i) (C ⊥ )T = (C T )⊥ and (C ⊥ )T = (CT )⊥ , and
(ii) if t < d, then C T and (C ⊥ )T have dimensions k and n − t − k, respectively;
(iii) if t = d and T is the set of coordinates where a minimum weight codeword is non
zero, then C T and (C ⊥ )T have dimensions k − 1 and n − d − k + 1, respectively.
Proof.
(i) Let C be a codeword of C ⊥ which is 0 on T and c∗ the codeword with
coordinates in T removed. So c∗ ∈ (C ⊥ )T . If x ∈ C, then 0 = x · c = x∗ · c∗ where x∗
is the codeword x punctured on T . Thus (C ⊥ )T ⊆ (C T )⊥ .....(1). Any vector c ∈
(C T )⊥ can be extended to the vector ĉ by inserting 0,s in the position of T . If x ∈ C,
puncture x on T to obtain x∗ . As 0 = x∗ · c = x · ĉ, c ∈ (C ⊥ )T =⇒ (C T )⊥ ⊆
(C ⊥ )T .....(2). Thus from (1) and (2) we have (C ⊥ )T = (CT )⊥ . We complete the proof
of (i)
(ii) Assume t < d. Then n − d + 1 ≤ n − t, implying any n − t coordinates of C contain
an information set (By theorem 1.4.13). Therefore C T must be k− dimensional and
hence (C ⊥ )T = (C T )⊥ has dimension n − t − k this proves (ii).
(iii) As in (ii), (iii) is completed if we show that C T has dimension k − 1. If S ⊂ T with S
of size d − 1, C S has dimension k by part (ii) clearly C S has minimum distance 1 and
25
C T is obtained by puncturing C S on the nonzero coordinate of a weight 1 codeword
in C S . By theorem 1.5.1 C T has dimension k − 1.
1.5.4
Direct sums
For i ∈ {1, 2} let Ci be an [ni , ki , di ] code, both over the same finite field Fq . Then their
direct sum is the [n1 + n2 , k1 + k2 , min{d1 , d2 }] code
C1 ⊕ C2 = {(c1 , c2 )|c1 ∈ C1 , c2 ∈ C2 }.
If Ci has generator matrix Gi and parity check matrix Hi , then
G1 0
H
0
and H1 ⊕ H2 = 1
G1 ⊕ G2 =
0 G2
0 H2
are a generator matrix and parity check matrix for C1 ⊕ C2 .
Example 1.5.6. Let C be the binary code with
1 1 0 0
1 0 1 0
G = 1 0 0 1
1 0 1 0
1 0 0 1
generator matrix
1 1 0
1 0 1
1 1 0 .
1 1 0
0 1 1
Give another generator matrix for C that shows that C is a direct sum of two binary codes.
26
Solution:By elementary row operations G has equivalent matrix in the form
1 1 0 0 0 0 0
0 1 1 0 0 0 0
0 0 1 1 0 0 0 ,
0 0 0 0 0 1 1
0 0 0 0 1 1 0
which is equivalent to
G1 ⊕ G2 =
G1
0
0
G2
,
where
1 1 0 0
G1 = 0 1 1 0 is a generator matrix for [4, 3, 2] − code C1 and
0 0 1 1
G2 =
1.5.5
0 1 1
1 1 0
is a generator matrix for [3, 2, 2] − code C2 .
The ( u|u + v) construction
Two codes of the same length can be combined to form a third code of twice of length in
a way similar to the direct sum construction. Let Ci be an [n, ki , di ] code for i ∈ {1, 2}
over Fq . Then the ( u|u + v) construction produces the [2n, k1 + k2 , min{2d1 , d2 }]- code
C = {(u|u + v)|u ∈ C1 , v ∈ C2 }.
If Ci has the generator matrix Gi and the parity check matrix Hi , then the generator
matrix and the parity check matrices for C are
H
0
G G1
.
and 1
1
−H2 H2
0 G2
27
Example 1.5.7. Consider the [8, 4, 4]−
1 0 1
0 1 0
0 0 1
0 0 0
binary code C with generator matrix
0 1 0 1 0
1 0 1 0 1
.
1 0 0 1 1
0 1 1 1 1
Then C can be produced from the [4, 3, 2] code C1 and the [4, 1, 4] code C2 with generator
matrices
1 0 1 0
´
³
G1 = 0 1 0 1 , and G2 = 1 1 1 1 ,
0 0 1 1
respectively using the ( u|u + v) construction. Notice that the code C1 is also constructed
using the ( u|u + v) construction from the [2, 2, 1] code C3 and the [2, 1, 2] code C4 with
generator matrices
G3 =
1 0
0 1
³
´
and G4 = 1 1 .
Remark 1.5.3. The ( u|u + v) construction are used to construct the family of Reed
Muller codes.
Example 1.5.8. Prove that the ( u|u + v) construction using [n, ki , di ] codes Ci produces
a code of dimension k = k1 + k2 and minimum weight d = min[2d1 , d2 ].
Proof. Let x1 = (u1 |u1 + v1 ) and x2 = (u2 |u2 + v2 ) be distinct two codewords in the (
u|u + v) construction.
If v1 = v2 , then
d(x1 , x2 ) = 2d(u1 , u2 ) ≥ 2d1 .
On the other hand, if v1 6= v2 then
d(x1 , x2 ) = wt(x1 − x2 ) = wt(u1 − u2 )+wt(u1 − u2 + v1 − v2 ) ≥ wt(v1 − v2 ) = d(v1 , v2 ) ≥ d2 .
Hence the minimum distance of the ( u|u + v) construction code d ≥ min[2d1 , d2 ], since
equality can hold in all cases, then d = min[2d1 , d2 ]. The dimension of C is equal k1 + k2
from the generator matrix of ( u|u + v) construction.
28
1.6
Permutation equivalent codes:
Definition 1.6.1. two linear codes C1 and C2 are called permutation equivalent provided
there is a permutation of coordinates which sends C1 to C2 . This permutation can be
described using a permutation matrix, which is a square matrix with exactly one 1 in
each row and column and 00 s elsewhere.
* C1 and C2 are permutation equivalent provided that there is a permutation matrix
P such that G1 is a generator matrix of C1 if and only if G1 P is a generator matrix
of C2 .
** If P is a permutation sending C1 to C2 we will write C1 P = C2 when C1 P = {y|y =
xP for x ∈ C1 }.
Example 1.6.1. If C1 and C2 are permutation equivalent codes then
(1) C1⊥ P = C2⊥ .
(2) If C1 is self dual, so is C2 .
Proof.
(1) C1⊥ = {x ∈ Fnq : x · c1 = 0 ∀c1 ∈ C1 }, then
C1⊥ P = {xP ∈ Fnq : xP · c1 P = 0 ∀c1 ∈ C1 } = {y ∈ Fnq : y · c2 ∀c2 ∈ C2 } = C2 ,
where xP = y and c2 = c1 P.
(2) Let C1 = C1⊥ =⇒ C1⊥ P = C2⊥ =⇒ C1 P = C2⊥ =⇒ C2 = C2⊥ . so C2 is self dual.
Example
1
G1 = 0
0
1.6.2. Let C1 , C2 and C3 be binary codes
1 0 0 0
1 0 0 0 0
0 1 1 0 0 , G2 = 0 0 1 1
0 1 0 0
0 0 0 1 1
with generator matrices
1 1 0 0 0 0
0 1
and
G
1 0 1 0 0 0 .
0 0
3
1 1 1 1 1 1
1 0
These codes have weight distributions A0 = A6 = 1 and A2 = A4 = 3. The permutation
switching columns 2 and 6 sends G1 to G2 , showing that C1 and C2 are permutation
29
equivalent. C1 and C2 are self-dual. C3 is not self-dual so C1 and C3 are not permutation
equivalent.
Theorem 1.6.1. Let C be a linear code.
(i) C is permutation equivalent to a code which has generator matrix in standard form.
(ii) If and I and R are information and redundancy positions for C, then R and I are
information and redundancy positions respectively for the dual code C ⊥ .
Proof.
(i) If we apply the elementary row operations to any Generator matrix of C. This will
produce a new generator matrix of C which has columns the same as those in Ik ,
but possibly in a different order. Now choose a permutation of the columns of the
new generator matrix so that these columns are moved to the order that produces
[Ik |A]. The code generated by [Ik |A] is equivalent to C.
(ii) If I is an information set for C, then by row reducing a generator matrix for C,
we obtain columns in the information positions that are the columns of Ik in some
order. As above, choose a permutation matrix P to move the columns so that CP
has generator matrix [Ik |A]; P has moved I to the first k coordinate positions.
By previous theorem (2.1.2) (CP )⊥ has the last n − k coordinates as information
positions, but (CP )⊥ = C ⊥ P , imply that R is a set of information positions for C ⊥ .
Let Symn be the set of all permutations of the set of n coordinates. If σ ∈ Symn and
x = x1 x2 · · · xn , define
xσ = y1 y2 · · · yn where yj = xjσ−1 for 1 ≤ j ≤ n.
So xσ = xP, where P = [pi,j ] is the permutation matrix given by
1 if j = iσ,
pi,j =
0 otherwise.
30
Example 1.6.3. Let n = 3, x = x1 x2 x3 , σ = (1, 2, 3).
−1
−1
Then 1σ −1
= 3, 2σ = 1, 3σ = 2, so xσ = x3 x1 x2 .
0 1 0
Let P = 0 0 1 .
1 0 0
Then xP also equals x3 x1 x2 .
Definition 1.6.2. The set of coordinate permutation that map a code C to itself forms
a group. That is a set with an associative binary operation which has an identity and
all elements have inverses, called permutation automorphism group of C. This group is
denoted by PAut(C). So if C is a code of length n, then PAut(C) is a subgroup of the
symmetric group Symn .
Example 1.6.4. Show that (1, 2)(5, 6), ( (1, 2, 3)(5, 6, 7) and (1, 2, 4, 5, 7, 3, 6)
are automorphisms of the [7, 4] binary code H3 which has the following generator matrix,
1 0 0 0 0 1 1
0 1 0 0 1 0 1
.
0 0 1 0 1 1 0
0 0 0 1 1 1 1
The Automorphism (1, 2)(5, 6) gives
0
1
0
0
the generator matrix of the form
1 0 0 1 0 1
0 0 0 0 1 1
.
0 1 0 1 1 0
0 0 1 1 1 1
This generator matrix is the same as the above generator matrix if we interchange rows
1 and 2.
Theorem 1.6.2. Let C, C1 and C2 be codes over Fq . Then:
(i) PAut(C) = PAut(C ⊥ ).
31
(ii) If q = 4, PAut(C) = PAut(C ⊥H )
(iii) If C1 P = C2 for a permutation matrix P , then P −1 PAut(C1 )P = PAut (C2 ).
Proof.
(i) Let φ ∈ PAut(C) =⇒ φ(C) = C, then there exists a permutation matrix P 3 CP = C.
But (CP )⊥ = C ⊥ P = C. Then P is a permutation matrix for C ⊥ corresponding to
φ, so φ ∈ PAut(C ⊥ ) =⇒ PAut(C) ⊆ PAut(C ⊥ )..........(1).
Similarly if α ∈ PAut(C ⊥ ) =⇒ αC ⊥ = C ⊥ =⇒ (αC ⊥ )⊥ = (C ⊥ )⊥ = C.
then αC = C =⇒ α ∈ PAut(C) =⇒ PAut(C ⊥ ) ⊆ PAut(C)..........(2).
From (1) and (2) we have PAut(C) = PAut(C ⊥ ).
(ii) Same as (i)
(iii) If C1 P = C2 for a permutation matrix P , then P −1 PAut(C1 )P = PAut(C2 ),
for P 6∈ PAut(C1 ).
If Q ∈ PAut(C1 ) =⇒ QC1 = C1 =⇒ P −1 QC1 P = P −1 C1 P
=⇒ P −1 QC2 = P −1 C1 P.
Then P P −1 QC2 = P P −1 C1 P = In C1 P = C2
=⇒ QC2 = C2 =⇒ Q ∈ PAut(C2 ) =⇒ P −1 PAut(C1 )P ⊆ PAut(C2 )..........(1).
Let Q ∈ PAut(C2 ) =⇒ QC2 = C2 =⇒ QC1 P = C1 P =⇒ QC1 P P −1 = C1 P P −1 =⇒
QC1 = C1 =⇒ Q ∈ PAut(C1 ) =⇒ PAutC2 ⊆ P −1 PAutC1 P..........(2) From (1) and
(2) we have P −1 PAut(C1 )P = PAut (C2 ).
1.7
Hamming codes
We have obtained the parity check matrix of
0 1 1
H= 1 0 1
1 1 0
32
the Hamming code H3 , [7, 4, 3] in the form
1 1 0 0
1 0 1 0 .
1 0 0 1
Notice that the columns of this parity check matrix are all the distinct nonzero binary
columns of length 3. So H3 is equivalent to the
0 0 0 1
0
H = 0 1 1 0
1 0 1 0
code with parity check matrix,
1 1 1
0 1 1 .
1 0 1
Whose columns are the numbers 1 through 7 written as binary numerals (with leading
0;s as necessary to have a 3-tuple in their natural order.
We generalize this form in the following.
Let n = 2r − 1 with r ≥ 2. Then the r × (2r − 1) matrix Hr whose columns are
1, 2, · · · 2r − 1 written as binary numerals is the parity check matrix of the hamming
code [n = 2r − 1, k = n − r] binary code. Any arrangement of columns of Hr gives an
equivalent code, these codes denoted by Hr or H3r .
The columns of Hr are distinct and nonzero, the minimum distance is at least 3. Since
there are three columns linearly dependent, so the minimum distance of the Hamming
code is 3. So Hr is a binary [2r − 1, 2r − 1 − r, 3] code and these codes are unique.
Theorem 1.7.1. Any [2r −1, 2r −1−r, 3] binary code is equivalent to the binary hamming
code Hr .
Proof. The parity check matrix is r × (2r − 1), so dim(C ⊥ ) = r and the maximum number
of linearly independent columns is 2, so d = 3 and dim(C) = 2r − 1 − r.
Hamming codes Hq,r can be defined over an arbitrary finite field Fq . For r ≥ 2, Hq,r
has parity check matrix Hq,r defined by choosing for its columns a non zero vector from
each 1-dimensional subspace of Frq . There are
Hq,r has length n =
(q r −1)
q−1
(q r −1)
q−1
1-dimensional subspaces. Therefore
, dimension n − r, redundancy r. No two columns are multiple
of each other. So Hq,r has minimum distance 3.
r
r
−1) (q −1)
Theorem 1.7.2. Any [ (qq−1
, q−1 − r, 3] code over Fq is monomially equivalent to the
Hamming code Hq,r
33
Remark 1.7.1. The duals of the Hamming codes are called simplex codes. They are
r
−1
[ qq−1
, r] codes, denoted by Sr and has minimum weight q r−1 .
r
−1
Theorem 1.7.3. The non zero codewords of the [ qq−1
, r] simplex code over Fq all have
weights q r−1 .
Construction of binary simplex code.
Let G2 be the matrix
G2 =
0 1 1
1 0 1
,
for r ≥ 3, define Gr inductively by
0···0
Gr =
Gr−1
1 1···1
0
..
.
Gr−1
.
0
Gr has nr = 2r − 1 distinct nonzero columns. The weight of the simplex code is 2r−1 .
We claim the code Sr generated by Gr is the dual of the Hamming code Hr . Since Gr has
one more row than Gr−1 and, as G2 has 2 rows, Gr has r rows, let Gr have nr columns. So
n2 = 22 − 1 and nr = 2nr−1 + 1; by induction nr = 2r − 1. The columns of G2 are nonzero
and distinct; by construction the columns of Gr are nonzero and distinct if the columns
of Gr−1 are also nonzero and distinct. So by induction Gr has 2r − 1 distinct nonzero
columns of length r. But there are only 2r − 1 possible distinct nonzero r− tuples; these
are the binary expansions of 1, 2, · · · , 2r − 1. So Sr = Hr⊥ .
The nonzero codewords S2 have weight 2. Assume the nonzero codewords of Sr−1 have
weight 2r−2 . Then the nonzero codewords of the subcode generated by the last r − 1
rows of Gr have weight (a, 0, b), where a, b ∈ Sr−1 . So these codewords have weight
2 · 2r−2 = 2r−1 . Also the top row of Gr has weight 1 + 2r−1 − 1 = 2r−1 . The remaining
non zero codewords of Sr have the form (a, 1, b + 1), where a, b ∈ Sr−1 . As wt(b + 1) =
2r−2 − 1, wt(a, 1, b + 1) = 2r−2 + 1 + 2r−2 − 1 = 2r−1 . Thus by induction Sr has all
nonzero codewords of weight 2r−1 .
34
1.8
The Golay codes
The binary codes of length 23 and the ternary code of length 11 were first described by
Golay in 1949.
1.8.1
The Golay code G24
We let G24 be the [24, 12] code with generator matrix G24 = [I12 |A] in standard form were
I12 is the identity matrix and A is a
0 1 1
1 1 1
1 1 0
1 0 1
1 1 1
1 1 1
A=
1 1 0
1 0 0
1 0 0
1 0 1
1 1 0
1 0 1
matrix of size 12 × 12 defined by
1 1 1 1 1 1 1 1 1
0 1 1 1 0 0 0 1 0
1 1 1 0 0 0 1 0 1
1 1 0 0 0 1 0 1 1
1 0 0 0 1 0 1 1 0
0 0 0 1 0 1 1 0 1
.
0 0 1 0 1 0 0 1 1
0 1 0 1 1 0 1 1 1
1 0 1 1 0 1 1 1 0
0 1 1 0 1 1 1 0 0
1 1 0 1 1 1 0 0 0
1 0 1 1 1 0 0 0 1
Lable the columns of A by ∞, 0, 1, 2, · · · 10. The first row contains 0 in column ∞ and
1 elsewhere. To obtain the second row, a 1 is placed in column ∞ and a 1 is placed in
columns 0, 1, 3, 4, 5 and 9, these numbers are the squares of the integers modulo 11. That
is 02 = 0, 12 = 102 ≡ 1 (mod 11), 22 ≡ 92 ≡ 4 (mod 11) etc.
The first third row of A is obtained by putting a 1 in column ∞ and then shifting the
components in the second row one place to the left and wrapping the entry in column 0
around to column 10, and so on all other rows.
35
Remark 1.8.1.
(1) All rows has weight divisible by 4 and dim G24 = 12, it is self-dual
binary code.
(2) The minimum weight of G24 is 8
(3) If we puncture in any of the coordinates we obtain a [23, 12, 7] binary code G23 called
binary Golay code has minimum weight 7
(4) The extended code of G23 is G24 so G24 is called extended Golay code.
1.8.2
The ternary Golay codes
The ternary Golay code G12 is [12, 6, 6] code over F3 with generator matrix G12 = [I6 |A]
in standard form where
A=
0
1
1
1
1
1
0
1 −1 −1
1
1
1
0
1 −1 −1
1 −1
1
0
1 −1
1 −1 −1
1
0
1
1 −1 −1
1
0
1
Remark 1.8.2.
1
(1) The G12 is self-dual ternary code [12, 6, 6]
(2) The G11 is a [11, 6, 5] code obtained from G12 by puncturing
(3) The extended code of G11 is not G12 it will give either a [12, 6, 6] code or a [12, 6, 5]
code depending upon the coordinate.
1.9
Reed- Muller codes
Definition 1.9.1. Let m be a positive integer and r a nonnegative integer with r ≤ m.
The binary codes we construct will have length 2m . For each length there will be m + 1
linear codes denoted by R(r, m) and called the rth order Reed-Muller or RM , code of
36
length 2m .
* The codes R(0, m) R(m, m) are trivial codes the first is called 0th order RM code
R(0, m) which is a binary repeation code of length 2m with bases [1], and the mth
m
order RM code R(m, m) is the entire space F22 .
** For 1 ≤ r ≤ m, define
R)(r, m) = {(u, u + v)|u ∈ R(r, m − 1), v ∈ R(r − 1, m − 1)}.
*** Let G(0, m) = [11 · · · 1] and G(m, m) = I2m be the generator matrices for R(0, m)
and R(m, m) respectively for 1 ≤ r < m, using (u|u + v) construction, a generator
matrix G(r, m) for R(r, m) is
G(r, m) =
G(r, m − 1)
G(r, m − 1)
0
G(r − 1, m − 1)
Example 1.9.1. The generator matrices for R(r, m) with
1
G(1, 1) G(1, 1)
=
G(1, 2) =
0
0
G(0, 1)
0
and
1 ≤ r ≤ 3 : are
0 1 0
1 0 1
0 1 1
1 0 1 0 1 0 1 0
0 1 0 1 0 1 0 0
G(1, 2) G(1, 2)
G(1, 3) =
=
0 0 1 1 0 0 1 1
0
G(0, 2)
0 0 0 0 1 0 1 0
37
and
G(2, 2) G(2, 2)
=
G(2, 3) =
0
G(1, 2)
1 0 0 0 1 0 0 0
0 1 0 0 0 1 0 0
0 0 1 0 0 0 1 0
0 0 0 1 0 0 0 1
0 0 0 0 1 0 1 0
0 0 0 0 0 1 0 1
0 0 0 0 0 0 1 1
Note:(1) R(1, 2) and R(2, 3) are both the set of all even weight vectors in F4 and F8
respectively.
(2)R(1, 3) is an [8, 4, 4] self-dual code which must be the extended Hamming code Ĥ3 .
Theorem 1.9.1. Let r be an integer with 0 ≤ r ≤ m. Then the following are hold:
(i) R(i, m) ⊆ R(j, m) if 0 ≤ i ≤ j ≤ m.
(ii) The dimension of R(r, m) equals
m
m
m
+
+ ··· +
.
0
1
r
(iii) The minimum weight of R(r, m) equals 2m−r .
(iv) R(m, m)⊥ = {0}, and if 0 ≤ r < m, then R(r, m)⊥ = R(m − r − 1, m).
1.10
Encoding, decoding, and Shannon’s theorem
Let C be an [n, k] linear code over the field Fq , with generator matrix G. This code has
q k codewords which will be in one to one correspondence with q k messages. The simplest
way to view these messages is as k− tuples x ∈ Fkq .
To encode the message x as a codeword c = xG, if G = [Ik |A] in standard form, then the
first k coordinates of the codeword C are the information symbol x; the remaining n − k
38
symbols are the parity check symbols, that is a redundancy added to x in order to help
recover x if errors occur.
If G is not in standard form then there exists indices i1 , i2 , · · · , ik such that the k × k
matrix consisting of these k columns of G is the k × k identity matrix consisting of those
k columns of G. Then the message is found in the k− coordinates i1 , i2 , · · · , ik of the
codeword scrambled but otherwise unchanged, that is the message symbol xj is in the
component ij of the codeword. This encoder is called systematic.
Encoder
Let x be a message x = x1 x2 · · · xk .
Let G = [Ik |A], H = [−A> |In−k ]. Suppose x = x1 x2 · · · xk is encoded as a codeword
c = c1 c2 · · · cn as G in standard form, c1 c2 · · · ck = x1 x2 · · · xk . So we need to determine
the n − k parity check symbols (redundancy symbols) ck+1 ck+2 · · · cn .
As 0 = HC > = [−A> |In−k ]C > =⇒ 0 = −A> x> + In−k [ck+1 · · · cn ]> =⇒ A> x> =
[ck+1 · · · cn ]>
Example 1.10.1. Let G be the [6, 3, 3] binary code with generator matrix and parity check
matrices
1 0 0 1 0 1
1 1 0 1 0 0
G = 0 1 0 1 1 0 and H = 0 1 1 0 1 0
0 0 1 0 1 1
1 0 1 0 0 1
Let x = x1 x2 x3 to obtain the codeword C = c1 c2 · · · c6 using G to encode yields C = xG =
(x1 , x2 , x3 , x1 + x2 , x2 + x3 , x1 + x3 ). Using H to encode 0 = HC > leads to the system
0 = c1 + c2 + c4
0 = c2 + c3 + c5
0 = c1 + c3 + c6
As G in standard form c1 c2 c3 = x1 x2 x3 and solving this system clearly gives the same
codeword
c4 = c1 + c2 = x1 + x2
c5 = c2 + c3 = x2 + x3
c6 = c1 + c3 = x1 + x3
39
∴ C = (x1 , x2 , x3 , x1 + x2 , x2 + x3 , x1 + x3 ).
If G is not in standard form, since G has k independent rows, so there exists n × k
matrix K such that GK = Ik , K is called a right inverse for G and is not necessarily
unique. As c = xG =⇒ cK = xGK = xIk = x.
40
Figure 1.1: B.S.C
1.10.1
Decoding and shannon’s theorem
The process of decoding, that is, determining which codeword was sent when a vector y
is received.
Binary symmetric channel is a mathematical model of a channel that transmits binary
data. This model is called (BSC) with crossover probability p and illustrated in figure
1.1.
If 0 or 1 is sent, the probability it received without error is 1 − p, If a 0 (respectively 1)
is sent, the probability that a1 (respectively 0) is received is p, where 0 ≤ p <
1
2
< 1.
1 − p, if y = c ;
i
i
Prob(yi was received|ci was sent) =
p,
if yi 6= ci ,
where yi , ci ∈ F2 .
Discrete memoryless channel (or DMC) a channel in which inputs and outputs are
discrete and the probability of error in one bit is independent of previous bits. 0 ≤ p < 12 .
conditional probability
41
Assume c ∈ Fn2 is sent and y ∈ Fn2 is received and decoded as ĉ ∈ Fn2 .
prop(c|y) =
prop(y|c)prop(c)
prop(y)
where prop(c) is the probability that c is sent and prop(y) is received.
There is two choice of the decoder
(1) The decoder could choose ĉ = c for the codeword c with prop(c|y) max. Such
decoder is called a maximum a posteriori probability or (MAP) decoder, in symbols
MAP decoder makes the decision ĉ = arg max prob(c|y). Here arg max prob(c|y),
c∈C
c∈C
is the argument c of the probability function prob(c|y) that maximizes this probability.
(2) The decoder could choose ĉ = c for the codeword c with prob(y|c) maximum, such
a decoder is called a maximum likelihood (or ML) decoder in symbols, a ML decoder
makes the decision ĉ = arg max prob(y|c).
c∈C
Consider ML decoding over a B.S.C. if y = y1 y2 · · · yn ∈ Fn2 , and c = c1 c2 · · · cn ∈ Fnn
prob(y|c) =
n
Y
prob(yi |ci ) = pd(y,c) (1 − p)n−d(y,c) = (1 − p)n (
i=1
where o < p <
1
,
2
0<
p
1−p
p d(y,c)
)
,
1−p
< 1.
So prob(y|c) is maximum when d(y, c) is minimum. That is finding the codeword c
is closest to the received vector y in Hamming distance, this is called nearest neighbor
decoding. Hence A B.S.C, maximum likelihood and nearest neighbor decoding are the
same.
Let e = y − c so that y = c + e, where e is an error vector added to the codeword c on
the effect of noise in the communication channel.
The goal of decoding is to determine e.
Nearest neighbor decoding is equivalent to finding a vector e of smallest weight such that
y − e is in the code.
e need not be unique since there may be more than one codeword closest to y.
42
When we have a decoder capable of finding all codewords nearest to the received vector
y, then we have a complete decoder.
Sphere of radius r A set of words in Fnq at Hamming distance r or less from a given
codeword u ∈ Fnq is called a sphere of radius r.
Sr (u) = {v ∈ Fnq | d(u, v) ≤ r}.
The number of words or vectors in Sr (u) or the volume of Sr (u) is equal
r
X
n
(q − 1)i .
i
i=0
Theorem 1.10.1. If d is the minimum distance of a code c (linear or non linear) and
t = b d−1
c, then spheres of radius t a bout distinct codewords are disjoint.
2
Proof. If z ∈ St (c1 ) ∩ St (c2 ), where c1 , c2 are codewords, then by triangle inequality
d(c1 , c2 ) = d(c1 − z, c2 − z) ≤ d(c1 , z) + d(c2 , z) ≤ 2t ≤ d − 1 < d contradiction so
c1 = c2 .
Corollary 1.10.2. with the notation of previous theorem, if a codeword c is sent and y
is received where t or fewer errors have occurred, then c is the unique codeword closest
to y. In particular, nearest neighbor decoding uniquely and correctly decodes any received
vector in which at most t errors occurred in transmission.
Proof. Let c and y be the transmitted codeword and received word, respectively, and
write y = c + e where wt(e) ≤
d−1
,
2
suppose that c0 6= c and c0 is closest to y in C also,
d(c0 , y) ≤ d(c, y) ≤
d−1
.
2
By triangle inequality
d ≤ d(c0 , c) ≤ d(c, y) + d(c0 , y) ≤ d − 1
which is a contradiction, so c0 = c.
Remark 1.10.1.
(1) Given n and d, a code with largest number of codewords, with
highest dimension and high minimum weight is an efficient code for decoding
43
(2) Since the minimum distance of C is d, there exist two distinct codeword such that
the spheres of radius t + 1 a bout them are not disjoint. Therefore if more than t
errors occur, nearest neighbor decoding may yield more than one nearest codeword.
Thus C is a t-error correcting code but not (t + 1)− error correcting code.
(3) The packing radius of a code is the largest radius of spheres centered at codewords
so that the spheres are pairwise disjoint.
Theorem 1.10.3. Let C be an [n, k, d] code over Fq . The following hold:
(i) The packing radius of C equals t = b d−1
c.
2
(ii) The packing radius t of C is characterized by the property that nearest neighbor
decoding always decode correctly a received vector in which t or fewer errors have
occurred but will not always decode correctly a received vector in which t + 1 errors
have occurred.
The decoding problem becomes one of finding an efficient algorithm that will correct
up to t errors one of the most obvious decoding algorithm is to examine all codewords
until one is found with distance t or less from the received vector. But this is efficient for
codes of number of codewords.
Another obvious algorithm is to make a table consisting of a nearest codeword for each
of the q n vectors in Fnq and then look up a received vector in the table in order to decode
it. This is impractical if q n is very large.
Syndrome decoding for [n, k, d] linear code C
We can devise an algorithm using a table with q n−k rather than q n entries where one can
find the nearest codeword by looking up one of those q n−k entries.
The code C is abelian subgroup of the additive group Fnq .
If x ∈ Fnq , then x + C is a coset of C.
The cosets of C form a partition of Fn into q n−k sets, each of size q n .
Two vectors x, y ∈ Fnq belong to the same coset if and only if y − x ∈ C.
The weight of a coset is the smallest weight of a vector in the coset.
44
A coset leader is the vector in the coset of smallest weight.
The zero vector is the unique coset leader of the code C.
In general every coset of weight at most t = b d−1
c has a unique coset leader.
2
Definition 1.10.1. Let H be the parity check matrix for C. The syndrome of a vector
x in Fnq with respect to the parity check matrix H is the vector in Fqn−k defined by
syn(x) = Hx> .
The code C consists of all vectors whose syndrome equal 0.
As rank H = n − k every vector in Fn−k
is a syndrome.
q
Theorem 1.10.4. Two vectors belong to the same coset if and only if they have the same
syndrome.
Proof. If x1 , x2 ∈ Fnq are in the same coset of C, then x1 − x2 = c ∈ C =⇒ x1 = x2 + c.
>
>
Therefore syn(x1 ) = H(x2 + c)> = Hx>
2 + Hc = Hx2 = syn(x2 ), then x1 , x2 have the
same syndrome and then lie on the same coset of C.
If syn(x1 ) = syn(x2 ) =⇒ H(x1 − x2 )> = 0 =⇒ x2 − x1 ∈ C =⇒ x2 ∈ x1 + C. So x1 , x2
lie on the same coset of C.
There is one to one correspondence between cosets of C and syndromes.
We denote by Cs the coset of C consisting of all vectors in Fnq with syndrome s. So there
is a one to one correspondence between the q n−k cosets of C in Fnq and the q n−k possible
values of the syndromes.
The trivial coset C corresponding to the syndrome 0.
Nearest codeword decoding can thus be performed by the following steps:
(1) Let y be a received vector, we seek an error vector e of smallest weight such that
c = y − e ∈ C. We find the syndrome of (the coset of) the received vector y ∈ Fnq .
That is we compute s = syn(y) = Hy> .
45
(2) Finding a coset leader e in the coset of the received vector y. Find a minimum
weight vector e ∈ Fnq such that
s = syn(y) = H(c + e)> = Hc> + He> = He> .
(3) Create a table pairing the syndrome with the coset leader, y is decoded as the code
word y − e. The table is used to look up the syndrome and find the coset leader.
How do we construct a table of syndromes in step (1).
Let C be t correcting code of [n, k, d], with parity check matrix H, we construct the
syndromes as follows.
(1) The coset of weight 0 has coset leader 0.
(2) Consider the n cosets of weight 1.
(3) Choose an n- tuple with a 1 in position i and 00 s elsewhere, the coset leader is the
n- tuple and the associated syndrome is column i of H.
n
(4) For the cosets of weight 2, choose an n-tuple with two 1’s in positions i and
2
j, with i < j and the rest 0’s, the coset leader is the n-tuple and the associated
syndrome is the sum of columns i and j of H.
(5) continue in this manner through the cosets of weight t.
(6) We could choose to stop. if we do we can decode any received vector with t or fewer
errors.
Remark 1.10.2. To find the syndrome s = He> = syn(y) is equivalent to finding a smallest
set of columns in H whose linear span contains the vector s.
The syndrome decoding for binary Hamming codes [2r − 1, 2r − 1 − r, 3] takes the form.
(i) After receiving a vector y, compute its syndrome s using the parity check matrix Hr
of the Hamming code Hr .
(ii) If s = 0, then y is in the code and y is decoded as y; otherwise, s is the binary
46
numeral for some positive integer i and y is decoded as the codeword obtained from y by
adding 1 to its ith bit.
Example 1.10.2. Construct the parity check matrix of the binary Hamming code H4 of
length 15 where the columns are the binary numbers 1, 2, · · · , 15 in that order. Using this
parity check matrix decode the following vectors, and then check that your decoded vectors
are actually codewords.
(a) y1 = 001000001100100
(b) y2 = 101001110101100,
(c) y3 = 000100100011000.
Solution:
0 0
0 0
H=
0 1
1 0
0 0 0 0 0 1 1 1 1 1 1 1 1
0 1 1 1 1 0 0 0 0 1 1 1 1
1 0 0 1 1 0 0 1 1 0 0 1 1
1 0 1 0 1 0 1 0 1 0 1 0 1
(a) Let y1 = 001000001100100 Then
1
1
>
Hy1 =
= col13 .
0
1
So e1 = 000000000000100
∴ c1 = y1 − e1 = 001000001100000.
(b)
0
0
>
Hy2 =
= col2
1
0
47
.So e2 = 010000000000000
∴ c2 = y2 − e2 = 111001110101100.
Example 1.10.3. Let C be a linear [5, 2, 3] code over F2 with generator matrix
1 0 1 1 0
.
G=
0 1 0 1 1
The cosets of the code C are shown in the following table.
00000
10110
01011
11101
00001
10111
01010
11100
00010
10100
01001
11111
00100
100010 01111
11001
01000
11110
00011
10101
10000
00110
11011
01101
00101
10011
01110
11000
10001
00111
11010
01100
Each row in the table is a coset of C and the first vector in each row is the coset leader of
minimum weight. The last two rows could start with any of the words 00101, 11000, 10001, or 01100.
Suppose that the received word is y = 01111. This word appears in the fourth row and
the third column. The coset leader of the fourth row is 00100, and the decoded codeword
is 01011, which is the first entry in the third column.
We can use the syndrome decoding to decode the receive word y by using the parity check
matrix
1 0 1 0 0
H= 1 1 0 1 0
0 1 0 0 1
Hy> = H(01111)> = (100)> = col3 .
e = (00100) so c = y − e = (01111) − (00100) = (01011).
48
1.11
Sphere packing bound, covering radius and perfect codes
Definition 1.11.1. Given n and d, the maximum number of codewords in a code over
Fq of length n and minimum distance d is denoted by Aq (n, d).
For binary field it is denoted by A2 (n, d) or A(n, d).
Definition 1.11.2. For linear codes the maximum number of codewords is denoted by
Bq (n, d) and B(n, d) for binary case.
Theorem 1.11.1. (Sphere packing bound)
Bq (n, d) ≤ Aq (n, d) ≤
t
X
qn
n
i
i=0
(q − 1)i
wher t = b d−1
c.
2
Proof. Let C be a code over Fq of length n and minimum distance d (possibly nonlinear).
Suppose that C contains M codewords. By previous theorem 1.10.1, the spheres of radius
t a bout distinct codewords are disjoint.
Since the volume of any sphere contains α =
t
X
i=0
n
i
(q − 1)i total vectors, and the
n
spheres are disjoint M α cannot exceed the number q of vectors in Fnq , then
M α ≤ q n =⇒ M ≤
qn
qn
=
α
t
X
n
(q − 1)i
i
i=0
Definition 1.11.3. If
M=
t
X
i=0
qn
n
i
(q − 1)i
then the code is called perfect code. That is Fnq is filled by disjoint spheres of radius t.
49
Example 1.11.1. Consider the Hamming code Hq,r over Fq with parameters [n =
q r −1
,k
q−1
=
n − r, d = 3], then t = 1. Since n(q − 1) = q r − 1 then
q r = n(q − 1) + 1 =⇒
1
X
i=0
qn
n
i
qn
qn
= r = q n−r = q k
1 + n(q − 1)
q
=
(q − 1)i
but M = q k so Hq,r is a perfect code.
Example 1.11.2. Prove that the [23, 12, 7] binary and the [11, 6, 5] ternary Golay codes
are perfect.
As n = 23, k = 12, t = b 7−1
c = 3. Then
2
3
X
223
23
i=0
i
= 212 = 2k so [23, 12, 7] is
(2 − 1)i
perfect code.
Definition 1.11.4. The covering radius ρ = ρ(C) is the smallest integer s such that Fnq
is the union of the spheres of radius s centered at the codewords of C.
ρ(C) = maxn min d(x, c).
x∈Fq
c∈C
t ≤ ρ(C), and t = ρ(C) if and only if C is a perfect code. So the code is perfect if the
packing radius equals the covering radius.
If C is a code with packing radius t and covering radius t + 1, C is called quasi-perfect.
There is no general classification of quasi-perfect.
50
Chapter 2
Bounds on the size of codes
2.1
Aq (n, d) and Bq (n, d)
An (n, M, d) code C over Fq is a code of length n with M codewords whose minimum
distance is d.
If C is linear it is an [n, k, d] code, where k = logq M .
Definition 2.1.1. A code of length n over Fq and minimum distance at least d will called
optimal if it has Aq (n, d) codewords or (Bq (n, d) codewords in the case that C is linear).
Theorem 2.1.1. Bq (n, d) ≤ Aq (n, d) and Bq (n, d) is a nonnegative integer of q.
Bq (n, d) is a lower bound for Aq (n, d) and An (n, d) is an upper bound for Bq (n, d). The
sphere packing bound is an upper bound on Aq (n, d) and hence on Bq (n, d).
Theorem 2.1.2. Let d > 1. Then
(i) Aq (n, d) ≤ Aq (n − 1, d − 1) and Bq (n, d) ≤ Bq (n − 1, d − 1) and
(ii) If d is even, A2 (n, d) = A2 (n−1, d−1) and B2 (n, d) = B2 (n−1, d −1), Furthermore
(iii) If d is even and M = A2 (n, d) then there exists a binary (n, M, d) code such that all
codewords have even weight and the distance between all pairs of codewords is also
even.
51
Proof.
(i) Let C be a code (linear or non linear) with M codewords and minimum
distance d. Puncturing on any coordinate gives a code C ∗ , also with M codewords;
otherwise if C ∗ has fewer codewords, there would exist two codewords of C which
differ in one position implying d = 1. Contradiction because d > 1. Then Aq (n, d) ≤
Aq (n − 1.d − 1) and Bq (n, d) ≤ Bq (n − 1.d − 1).
(ii) To complete (ii) we only need to show that A2 (n, d) ≥ A2 (n−1, d−1) or (Bn (n, d) ≥
B2 (n − 1, d − 1) where C is linear).
Let C be a binary code with M codewords, length n − 1, minimum distance d − 1.
Extend C by adding an over all parity check to obtain a code Cˆ of length n and
minimum distance d, since d − 1 is odd, then d is even. Because Cˆ has M codewords,
A2 (n, d) ≥ A2 (n − 1, d − 1) or B2 (n, d) ≥ B2 (n − 1, d − 1) then B2 (n, d) = B2 (n −
1, d − 1) and A2 (n, d) = A2 (n − 1, d − 1).
(iii) If C is a binary (n, M, d) code with d even, the punctured code C ∗ is an (n−1, M, d−1)
code, extending C ∗ produces an (n, M, d) code Cˆ∗ , since d − 1 is odd.
Further this code has only even weight codewords, since d(x, y) = wt(x + y) =
wt(x) + wt(y) − 2wt(x ∩ y), the distance between codewords of even weight is even.
Example 2.1.1. Let n = 7, d = 4, t = b d−1
c =⇒ A2 (7, 4) ≤ 16.
2
If n = 6, d = 3, t = 1 then the Sphere Packing bound wields
64
7
implying that A2 (6, 3) ≤ 9.
But by theorem 2.1.2(ii) A2 (n, d) ≤ A2 (n − 1, d − 1) so 9 is an upper bound for both
A2 (7, 4), A2 (6, 3).
Theorem 2.1.3. A2 (n, 2) = B2 (n, 2) = 2n−1 .
Proof. By theorem 2.1.2(ii) A2 (n, 2) = A2 (n − 1, 1), but A( n − 1, 1) ≤ 2n−1 , and the entire
space Fn−1
is a code of length n−1 and minimum distance 1, implying A2 (n−1, 1) = 2n−1 ,
2
as Fn−1
is linear 2n−1 = B2 (n − 1, 1) = B2 (n, 2).
2
Theorem 2.1.4. Aq (n, n) = Bq (n, n) = q.
52
Proof. The linear code of size q consisting of all multiple of all one vector of length n
(that is the repetition code) has minimum distance n. So q ≤ Bq (n, n) ≤ Aq (n, n). If
Aq (n, n) > q, there exists a code with more than q codewords and minimum distance
n. Hence at least two of the codewords agree on some coordinate, but then these two
codewords are less than distance n a part, a contradiction. So Aq (n, n) = Bq (n, n) = q.
Theorem 2.1.5. Aq (n, d) ≤ qAq (n − 1, d) and Bq (n, d) ≤ qBq (n − 1, d).
Proof. Let C be a (possibly nonlinear) code over Fq of length n and minimum distance at
least d with M = Aq (n, d) codewords.
Let C(α) be the subcode of C in which every codeword has α in coordinate n. Then,
for some α, C(α) contains at least
M
q
codewords. Puncturing this code on coordinate n
produces a code of length n − 1 and minimum distance d. Therefore
M
q
≤ Aq (n − 1, d)
giving Aq (n, d) = M ≤ qAq (n − 1, d).
Theorem 2.1.6. Let C Be either a code over Fq with Aq (n, d) codewords or a linear code
over Fq with Bq (n, d) codewords. Then C has covering radius d − 1 or less.
Proof. t = b d−1
c ≤ ρ(C) where ρ(C) is the covering
2
radius
which is greater than t.
t
X n
n
(q − 1)i =⇒ αAq (n − 1, d − 1) ≤
Aq (n, d) ≤ Aq (n − 1, d − 1) ≤ qα where α =
i
i=0
n
q =⇒ ρ(C) = d − 1 or less.
2.2
Singleton upper bound and MDS codes.
Theorem 2.2.1. Singleton bound. for d ≤ n, Aq (n, d) ≤ q n−d+1 . Furthermore if an
[n, k, d] linear code over Fq exists then k ≤ n − d + 1.
Proof. When d = n, then Aq (n, n) = q. Assume that d ≤ n, by theorem 2.1.5 Aq (n, d) ≤
qAq (n − 1, d). Inductively we have that Aq (n, d) ≤ q n−d Aq (d, d). Since Aq (d, d) = d then
Aq (n, d) ≤ q n−d+1 .
Example 2.2.1. For the code [6, 3, 4] over F4 , k = 3 = 6 − 4 + 1 = n − d + 1 and Singleton
bound is met so A4 (6, 4) = 43 .
53
Definition 2.2.1. A code for which equality holds in the singleton bound is called maximum distance separable (MDS). That is if k = n − d + 1 holds then a code is called
(MDS).
Remark 2.2.1. No code of length n and minimum distance d has more codewords than
(MDS) with n, d.
Theorem 2.2.2. Let C be an [n, k] code over Fq with k ≥ 1. Then the following are
equivalent:
(i) C is MDS.
(ii) Every set of k coordinates is an information set for C.
(iii) C ⊥ is MDS.
(iv) Every set of n − k coordinates is an information set for C ⊥ .
Proof. (i) =⇒ (ii) as [n, k] is MDS if and only if k = n − d + 1, so any set n − d + 1
contains an information set if and only if every k columns of the generator matrix are
linearly independent if and only if every n − k columns of the parity check matrix are
linearly independent.
Similarly the last two items are equivalent, (ii) =⇒ (iv).
if I and R are the information and the redundancy positions for the code C then R and
I are the information and redundancy positions for C ⊥ . So every set of n − k coordinates
is an information set for C ⊥ .
(ii) =⇒ (iii). Since any (n − k) × (n − k) sub-matrix of H is invertible and all nontrivial
linear combinations of the rows of H have at most n − k − 1 zero coordinates, therefore all
non trivial linear combinations of rows of H have weight at least n − (n − k − 1) = k + 1.
Since d for C is equal d = n−k +1, for C ⊥ , d = n−(n−k)+1 == n−dim (C ⊥ )+1 = k +1.
So C ⊥ is MDS.
Definition 2.2.2. We say that C is a trivial MDS code over Fq if and only if C = Fnq or
C is monomially equivalent to the code generated by 1 or its dual.
54
Theorem 2.2.3. Let C be an [n, k, d] binary code.
(i) If C is MDS, then C is trivial.
(ii) If 3 ≤ d and 5 ≤ k, then k ≤ n − d − 1.
Proof.
(i) Let C be MDS, then B2 (n, d) = 2n−d+1 but B2 (n, d) = 2n or 21 or 2n−1 .
Then n − d + 1 = n =⇒ d = 1 or n − d + 1 = 1 =⇒ d = n or n − d + 1 =
n − 1 =⇒ d = 2. The C = Fn2 or C = [n, 1, n] is repeation code. So if C is MDS then
[n, n, 1], [n, 1, n], [n, n − 1, 2] are binary trivial codes.
(ii)
2.3
Lexicodes
The algorithm for constructing lexicodes of length n and minimum distance d proceeds
as follows:
(I) Order all n− tuples in lexicographic order
0 0 ···
0 0 0
0 0 ···
0 0 1
0 0 ···
0 1 0
0 0 ···
0 1 1
0 0 ···
..
.
1 0 0
(ii) Construct the class L of vectors of length n as follows:
(a) Put the zero vector 0 in L.
(b) Look for the first vector x of weight d in the lexicographic ordering. Put x in
L.
55
(c) Look for the next vector in the lexicographic ordering whose distance from
each vector in L is d or more and add this to L.
(d) Repeat (c) until there are no more vectors in the lexicographic list to look at.
The set L is a linear code, called the lexicode of length n and minimum distance
d.
Note: If u and v are binary vectors of length n, we say u < v provided that u comes
before v in the lexicographic order.
Lemma 2.3.1. If u, v and w are binary vectors of length n with u < v + w and v < u + w,
then u + v < w.
Proof. If u < v + w then u and v + w have the same leading entries after which u has a
0 and v + w has a 1. We can represent this as follows:
u = a0 · · ·
v + w = a1 · · ·
Similarly as v < u + w, we have
v = b0 · · · ,
u + w = b1 · · · ,
However, we do not know that the length i of a and the length j of b are the same.
Assume they are different and by symmetry, that i < j. Then we have
v = b0 x · · · ,
u + w = b0 x · · · ,
where b0 is the first i entries of b. Computing w in two ways, we obtain
w = u + (u + w) = (a + b0 )x · · · ,
w = v + (v + w) = (a + b0 )(1 + x) · · · ,
a contradiction. So a and b are the same length, giving
u + v = (a + b)0 · · · ,
w = (a + b)1 · · · ,
showing u + v < w.
56
Theorem 2.3.2. Label the vectors in the lexicode in the order in which they are generated
so that c0 is the zero vector.
(i) L is a linear code and the vectors c2i are a basis of L.
(ii) After c2i is chosen, the next 2i −1 vectors generated are c1 +c2i , c2 +c2i , · · · , c2i −1 +
c2i .
(iii) Let Li = {c0 , c1 , · · · , c2i −1 }. Then Li is an [n, i, d] linear code.
Proof. If we prove (ii), we have (i) and (iii). Then proof of (ii) is by induction on i.
Clearly it is true for i = 1. Assume the first 2i vectors generated are as claimed. The Li
is linear with basis {c1 , c2 , · · · , c2i−1 }. We show that Li+1 is linear with next 2i vectors
generated in order by adding c2i to each of the previously chosen vectors in Li . If not,
there is an r < 2i such that c2i +r 6= c2i + cr . choose r to be the smallest such value. As
d(c2i + cr , c2i + cj ) = d(cr , cj ) ≥ d for j < r, c2i + cr was a possible vector to be chosen.
Since it was not, it must have come too late in the lexicographic order, so
c2i +r < c2i + cr ............(1)
As d(cr + c2i +r , cj ) = d(c2j +r , cr + cj ) ≥ d for j < 2i by linearity of Li , cr + c2i +r could
have been chosen to be in the code instead of c2i (which it cannot equal). So it must be
that
c2i < cr + c2i +r ......(2).
If j < r, then c2i +j = c2i + cj by the assumption on r. Hence d(c2i +r + c2i , cj ) =
d(c2i +r , c2i +j ) ≥ d for i < r. So c2i +r + c2i could have chosen to be a codeword instead of
cr . The fact that it was not implies that
cr < c2i +r + c2i .....(3).
But then (2) and (3) with previous lemma 2.3.1 imply c2i + cr < c2i +r contradicting
(1).
Note: The codes Li satisfy the inclusions L1 < L2 < · · · < Lk = L, where k is the
dimension of L.
57
Chapter 3
Finite fields
3.1
Introduction to finite fields
Definition 3.1.1. A Field is a set F together with two operations + and . which satisfy
the following axioms:
(1) F is an abelian group under + with additive identity called zero denoted by 0.
(2) F∗ = F/{0} is an abelian group under multiplication with multiplicative identity
called one and denoted by 1;
(3) multiplication distributes over addition.
If p is a prime we let GF (p) (Galois field with p elements) denote the integer ring
modulo p.
Zp = {0, 1, 2, · · · , p − 1}, group under + mod p, the order of Zp is p.
Z∗ = {1, 2, · · · , p − 1} = Zp /{0} is cyclic group under multiplication mod p and order
Zp /{0} = p − 1.
Zp = Fp = Z/pZ = GF (p).
p is called the characteristic of Fp .
Fields of order q = pm :
58
Let Fp be a field, the set F[x] of all polynomials over Fp , is a P.I.D (principal ideal domain).
Definition 3.1.2. A polynomial f (x) is called irreducible in Fp [x] if f cannot be written
as the product of two non constant polynomial in Fp [x].
Let f (x) be irreducible polynomial over Fp of degree m, then hf (x)i is a maximal ideal
in Fp [x] generated by f (x).
hf (x)i = {q(x)f (x) : q(x) ∈ Fp [x]} =⇒ Fp [x]/hf (x)i is a field = {hf (x)i+g(x) : g(x) ∈ Fp [x]}.
Where g(x) = q(x)f (x) + r(x) where r(x) = 0 or deg r(x) < deg f (x)
Fp [x]/hf (x)i = {hf (x)i+r(x) : r(x) = 0 or deg r(x) < m} = {a0 +a1 x+· · · am−1 xm−1 : ai ∈ Fp [x].}
We denote this field by Fq where q = pm or Fq = GF (pm ) the Galois field of order q = pm
which is the extension of the prime field Fp . The characteristic of Fpm is p.
The field Fpm is a vector space over Fp of dim m and Fp is a prime subfield of Fq .
Theorem 3.1.1. Let Fq be a finite field with q elements. Then
(i) q = pm for some prime p,
(ii) Fq contains the subfield Fp ,
(iii) Fq is a vector space over Fp of dimension m,
(iv) pα = 0 for all α ∈ Fq , and
(v) Fq is unique up to isomorphism.
3.2
Polynomials and the Euclidean algorithm
The polynomial f (x) =
n
X
= ai xi = a0 + a1 x + · · · + an xn ∈ Fq , where ai ∈ Fq is called
i=0
a polynomial of degree n over Fq .
59
The coefficient of the highest degree term is called the leading coefficient.
The polynomial is called monic if its leading coefficient is 1.
Let f (x), g(x) ∈ Fq [x] we say that f (x)|g(x) if there exists a polynomial h(x) ∈ Fq [x]
such that g(x) = f (x)h(x).
If g(x), f (x) 6= 0 then gcd(f (x), g(x)) is the monic polynomial in Fq [x] of largest degree
dividing both f (x) and g(x).
If gcd(f (x), g(x)) = 1, then f (x), g(x) are called relatively prime, and deg gcd(f (x), g(x)) =
0.
Theorem 3.2.1. Let f (x), g(x) be in Fq [x] with g(x) non-zero.
(i) (Division algorithm) There exist unique polynomials h(x), r(x) ∈ Fq [x] such that
f (x) = g(x)h(x) + r(x), where deg r(x) < deg g(x) or r(x) = 0.
(ii) If f (x) = g(x)h(x) + r(x), then gcd(f (x), g(x)) = gcd(g(x), r(x)).
Theorem 3.2.2. (Euclidean algorithm)
Let f (x), g(x) be polynomials in Fq [x] with g(x) nonzero
(i) Perform the following sequence of steps until rn (x) = 0 for some n:
f (x)
=
g(x)h1 (x) + r1 (x),
where
deg r1 (x) < deg g(x),
g(x)
=
r1 (x)h2 (x) + r2 (x),
where
deg r2 (x) < deg r1 (x),
r1 (x)
=
r2 (x)h3 (x) + r3 (x),
..
.
where
deg r3 (x) < deg r2 (x),
rn−3 (x) = rn−2 (x)hn−1 (x) + rn−1 (x), where deg rn−1 (x) < deg rn−2 (x),
rn−2
=
rn−1 (x)hn (x) + rn (x),
where
rn (x) = 0.
Then gcd(f (x), g(x)) = crn−1 (x), where c ∈ Fq [x] is chosen so that crn−1 (x) is
monic.
(ii) There exist polynomials a(x), b(x) ∈ Fq [x] such that a(x)f (x)+b(x)g(x) = gcd(f (x), g(x)).
60
By applying theorem 3.2.1(ii) repeatedly, we have that crn−1 (x) = gcd(rn−2 (x), rn−3 (x)) =
gcd(rn−3 (x), rn−4 (x)) = · · · = gcd(f (x), g(x)).
Part (ii) is obtained by beginning with the next to last equation rn−3 (x) = rn−2 hn−1 (x) +
rn−1 (x) and solving for rn−1 (x) in terms of rn−2 (x) and rn−3 (x) using the previous equations, solve rn−2 (x) and substitute into the equation for rn−1 (x) to obtain rn−1 (x) as a
combination of rn−3 (x) and rn−4 (x). Continue up through the sequence until we obtain
rn−1 (x) as a combination of f (x) and g(x).
Example 3.2.1. Let f (x) = x4 + x2 + x + 1, and g(x) = x3 + 1 in F2 [x]. Compute
gcd(f (x), g(x)) and find a(x), b(x) ∈ F2 [x] 3 a(x)f (x) + b(x)g(x) = gcd(f (x), g(x)).
Solution: Divide x4 + x2 + x + 1, by x3 + 1 we get
x4 + x2 + x + 1 = x(x3 + 1) + (x2 + 1).
Now divide x3 + 1 by the remainder x2 + 1 we get
x3 + 1 = x(x2 + 1) + x + 1.
Now divide x2 + 1 by x + 1 we get
x2 + 1 = (x + 1)(x + 1).
gcd(x4 + x2 + x + 1, x3 + 1) = x + 1.
To find a(x) and b(x), by reversing the above steps we get,
gcd(f (x), g(x)) = x + 1 = x3 + 1 + x(x2 + 1)
= (x3 + 1) + x[x4 + x2 + x + 1 + x(x3 + 1)]
= x(x4 + x2 + x + 1) + (x3 + 1)(1 + x2 )
= a(x)f (x) + b(x)g(x).
Where a(x) = x and b(x) = x2 + 1.
61
Remark 3.2.1. (x−α)|f (x) if and only if α is a root of f (x) =⇒ there exist k(x) ∈ Fq [x] 3
f (x) = (x − α)k(x).
3.3
Primitive elements
The set F∗q = Fq /{0} is the set of non zero elements in Fq and it is a multiplicative group.
Theorem 3.3.1.
(i) The group F∗q is cyclic of order q − 1 under the multiplication of Fq .
(ii) If γ is a generator of this cyclic group, then Fq = {0, 1 = γ 0 , γ, γ 2 , · · · , γ q−2 } and
γ i = 1 if and only if (q − 1)|i.
Definition 3.3.1. A generator γ ∈ F∗q is called a primitive element of Fq .
Theorem 3.3.2. Let Fq be a finite field. For every a ∈ Fq , a|Fq | = aq = a.
Proof. 0|Fq | = 0, and by Lagrange theorem applied to the multiplicative group F∗q , we
∗
have a|Fq | = aq−1 = 1 =⇒ aq = a.
If γ is a primitive element of Fq . Then γ q−1 = 1, hence (γ i )q−1 = 1 for 0 ≤ i ≤ q − 1,
then any element of F∗q are roots of the polynomial xq−1 − 1 ∈ Fq [x] and hence xq − x,
and 0 is a root of xq − x, so all elements of Fq are roots of xq − x.
Theorem 3.3.3. The elements of Fq are precisely the roots of xq − x.
Definition 3.3.2. The field Fq with q = pm elements is the smallest field containing Fq
and all the roots of xq − x. Such a field is called a splitting field of the polynomial xq − x
over Fq containing all the roots of the polynomial xq − x. in general splitting fields of a
fixed polynomial over a given field are isomorphic.
Definition 3.3.3. Let φ(n) be the number of integers i with 1 ≤ i ≤ n such that the
gcd(i, n) = 1. φ is called the Euler φ -function.
62
Definition 3.3.4. If G is any cyclic group of order n with generator g, then the generators
of G are the elements g i where gcd(i, n) = 1. So φ(n) = the number of generators of G.
Definition 3.3.5. If α ∈ G where G is a group of order n. Then the order of α, o(α)
is the smallest positive integer i such that αi = 1 and an element of G has order d if
and only if d|n. If g is a generator of G then g i has order d =
n
gcd(i,n)
and there are φ(d)
elements of order d.
Theorem 3.3.4. Let γ be a primitive element of Fq .
(i) There are φ(q−1) primitive elements in Fq ; these are the elements γ i where gcd(i, q−
1) = 1.
(ii) For any d where d|(q − 1), there are φ(d) elements in Fq of order d; these are the
elements γ (q−1)i/d where gcd(i, d) = 1.
Definition 3.3.6. An element ξ ∈ Fq is an nth root of unity provided ξ n = 1, and is a
primitive nth root of unity if in addition ξ s 6= 1 for 0 < s < n.
A primitive element γ ∈ Fq is a primitive (q − 1)st root of unity. By theorem 3.3.1 the
field Fq contains primitive nth root of unity if and only if n|(q − 1), in which case γ (q−1)/n
is a primitive nth root of unity.
3.4
Constructing finite fields
Definition 3.4.1. An integral domain is a commutative ring R with unity such that the
product of two nonzero elements in the ring is also nonzero. In fact Fq [x] is an integral
domain.
Definition 3.4.2. A non constant polynomial f (x) ∈ Fq [x] is irreducible over Fq provided
it dose not factor into a product of two polynomials in Fq [x] of smaller degree.
Definition 3.4.3. The ring Fq [x] is a unique factorization domain and every polynomial
in Fq [x] is factored into a product of irreducible polynomials in unique form.
63
Theorem 3.4.1. Let f (x) be a non constant polynomial. Then
f (x) = p1 (x)a1 p2 (x)a2 · · · pakk (x),
where each pi (x) is irreducible, the pi (x)0 s are unique up to scalar multiplication and the
a0i s are unique
Definition 3.4.4. An ideal I in a commutative ring R is a nonempty subset of the ring
that is closed under subtraction such that the product of an element in I with an element
in R is always in I.
Definition 3.4.5. The ideal I is a principal ideal in a ring R if there exists a ∈ R, such
that I = {ra|r ∈ R}, this is denoted by (a). A principal ideal domain is an integral
domain in which each ideal is principal. In fact Fq [x] is a principal ideal domain.
Theorem 3.4.2. Let F be a field. The ideal (f (x)) is maximal in Fq [x] if and only if f (x)
is irreducible polynomial.
Theorem 3.4.3. Every P ID is U F D.
Theorem 3.4.4. If f (x) is irreducible of degree m in Fp [x], then the residue class ring
Fp [x]/(f (x)) is a field contains q = pm elements.
Every element in the field Fp [x]/(f (x)) is a coset g(x) + (f (x)) where deg g(x) ≤ m − 1.
We can write each coset or each element in Fq [x] = Fp [x]/(f (x)) as a vector in Fm
p with
the correspondence,
gm−1 xm−1 + gm−2 xm−2 + · · · g1 x + g0 + (f (x)) ↔ gm−1 gm−2 · · · g1 g0 .
Example 3.4.1. We construct the field GF (24 ) as a ring of polynomials over F2 = {0, 1}
modulo the polynomial f (x) = x4 + x + 1. f (x) is irreducible polynomial over F2 , so
F16 = F2 [x]/(f (x)), the elements of F16 are given the following table, where x = α =
0α3 + 0α2 + 1α + 0 · 1.
64
Cosets
elements
Vectors in F42
0 + (f (x))
0
0000
1 + (f (x))
α0 = 1
0001
x + (f (x))
α
0010
x2 + (f (x))
α2
0100
x3 + (f (x))
α3
1000
x + 1 + (f (x))
α + 1 = α4
1000
x2 + 1 + (f (x))
α2 + 1 = α8
0101
x3 + 1 + (f (x))
α3 + 1 = α14
1001
x2 + x + (f (x))
α2 + α = α5
0110
x3 + x + (f (x))
α3 + α = α9
1010
x3 + x2 + (f (x))
α3 + α2 = α6
1100
x3 + x + 1 + (f (x))
α3 + α + 1 = α7
1011
x3 + x2 + 1 + (f (x))
α3 + α2 + 1 = α13
1101
x2 + x + 1 + (f (x))
α2 + α + 1 = α10
0111
x3 + x2 + x + (f (x))
α3 + α2 + α = α11
1110
x3 + x2 + x + (f (x)) α3 + α2 + α + 1 = α12
1111
Where α4 = α + 1, α5 = αα4 = α(α + 1) = α2 + α, α9 = α5 α4 = (α2 + α)(α + 1) =
α3 + α2 + α2 + α = α3 + α.
Adding x + (f (x)) to x3 + x + 1 + (f (x)) gives x3 + 1 + (f (x)), which corresponds to adding
0010 to 1011 and obtaining 1001 ∈ F42 .
How we multiply?. To multiply g1 (x) + (f (x)) times g2 (x) + (f (x)), first use the
division algorithm to write,
g1 (x)g2 (x) = f (x)h(x) + r(x) when deg r(x) ≤ m − 1 or r(x) = 0 (g1 (x) + (f (x)))(g2 (x) +
(f (x))) = r(x) + (f (x)).
We can simplify if we replace x by α and let f (α) = 0, g1 (α)g2 (α) = r(α) and we extend
our correspondence to
gm−1 gm−2 · · · g1 g0 = gm−1 αm−1 + gm−2 αm−2 · · · g1 α + g0 .
65
So to multiply in Fq we simply multiply polynomials in α in the ordinary way and use
the equation f (α) = 0 to reduce powers of α higher than m − 1 to polynomials in α of
degree less than m.
The subset {0αm−1 + 0αm−2 + · · · + 0α + a0 : a0 ∈ Fp } = {a0 : a0 ∈ Fp } = Fp .
We describe the construction of obtaining Fq from Fp by adjoining a root α of f (x) to Fp ,
this root is given by α = x + (f (x)) in Fq = Fp [x]/(f (x)) therefore g(x) + (f (x)) = g(α)
and f (α) = f (x + (f (x))) = f (x) + (f (x)) = 0 + (f (x)).
Definition 3.4.6. An irreducible polynomial over Fp of degree m is called primitive
provided if it has a root that is primitive element of Fq = Fpm
Theorem 3.4.5. For any prime p and any positive integer m, there exists a finite field,
unique up to isomorphism, with q = pm elements.
Remark 3.4.1. In the construction of Fq by adjoining a root of an irreducible polynomial
f (x) to Fp , the field Fp can be replace by any finite field Fr , where r is a power of p and
f (x) be an irreducible polynomial of degree m in Fr [x] for some positive integer m. The
field constructed contains Fr as a subfield is of order rm .
3.5
Subfields
Let Fq be a field with primitive element of order q − 1 = pm − 1. If Fs is a subfield
of Fq then Fs has a primitive element of order s − 1 where (s − 1)|(q − 1) because the
identity element 1 is the same for both Fq and Fs . Fs has charactrristic p and s = pr . So
(pr − 1)|(pm − 1).
Lemma 3.5.1. Let a > 1 be an integer. Then (ar − 1)|(am − 1) if and only if r|m.
m
r
Proof. If r|m, then m = rh and a − 1 = (a − 1)
h−1
X
i=0
arh − 1
am − 1 = (ar − 1) r
.
a −1
66
ir
a because
h−1
X
i=0
air =
arh − 1
=⇒
ar − 1
Conversely, by division algorithm, let m = rh + n, 0 ≤ u < r, then
am − 1
arh+u − 1
arh+u − 1 + au − au
arh · au − au au − 1
au (arh − 1) au − 1
=
=
=
+
=
+ r
.
ar − 1
ar − 1
ar − 1
ar − 1
ar − 1
ar − 1
a −1
Since r|rh, =⇒
au −1
ar −1
arh −1
ar −1
is integer, also
< 1 a contradiction, since
am −1
ar −1
is integer, then
au −1
ar −1
= 0 =⇒ u = 0 =⇒ r|m.
Remark 3.5.1. (xs−1 − 1)|(xq−1 − 1) if and only if (s − 1)|(q − 1) thus (xs − x)|(xq − x) if
and only if (s − 1)|(q − 1). So if s = pr , q = pm , (xs − x)|(xq − x) if an only if r|m.
Lemma 3.5.2. Let s = pr , q = pm . Then (xs − x)|(xq − x) if an only if r|m.
Proof. (xs − x)|(xq − 1) if and only if xs−1 − 1|xq−1 − 1 if and only if s − 1|q − 1 if and
only if pr − 1|pm − 1 if and only if r|m.
Theorem 3.5.3. When q = pm ,
(i) Fq has a subfield of order s = pr if and only if r|m,
(ii) the elements of the subfield Fs are exactly the elements of Fq that are roots of xs − x,
and
(iii) for each r|m there is only one subfield Fpr of Fq .
Proof. Let s = pr and q = pm . Then by previous lemma 3.5.2 (xs − x)|(xq − x) if and
only if r|m if and only if pr − 1|pm − 1.
Since xq − x siplits into linear factors over Fq = Fpm , so does xs − x siplits into linear
factors over Fs = Fpr . So Fq contains all the roots of xr − x in Fs implies Fs is a subfield
of Fq and Fs contains s = pr elements which are the roots of xs − x.
Corollary 3.5.4. If γ is a primitive element of Fq and Fs is a subfield of Fq , then the
elements of Fs are {0, 1, α, · · · , αs−2 }, where α = γ (q−1)/(s−1) .
Proof. The elements of Fs are the roots of the polynomial xs − x = x(xs−1 − 1), so Fs
has s elements. If x = 0 then 0s = 0. If x 6= 0, x = α = γ (q−1)/(s−1) =⇒ xs−1 = αs−1 =
γ q−1 = 1 =⇒ xs = x =⇒ α is a root of xs − x, and α is a generator of F∗s so all elements
of Fs are {0, 1, α, · · · , αs−2 }
67
3.6
Field automorphisms
Definition 3.6.1. An automorphism σ of Fq is a bijection (isomorphism) σ : Fq =⇒ Fq
such that σ(α + β) = σ(α) + σ(β) and σ(αβ) = σ(α)σ(β) for all, α, β ∈ Fq .
Definition 3.6.2. (Frobenius automorphism) is defined by
σp (α) = αp for all α ∈ Fq . σp (αβ) = σp (α)σp (β) and σp (α + β) = σp (α) + σp (β),,
ker(σp ) = {0}. So σp is an automorphism of Fq , called the Frobenius automorphism.
r
Simellarly σpr (α) = αp is also a Frobenius automorphism.
Definition 3.6.3. The set of all aoutomorphism of a field Fq onto itself is a group under
composition of functions denoted by Gal(Fq ) called the Galois group of Fq .
Theorem 3.6.1.
(i) Gal(Fq ) is cyclic of order m and is generated by the Forbenius automorphism σp .
(ii) The prime subfield of Fq is precisely the set of elements in Fq such that σp (α) = α.
(iii) The subfield Fq of Fqt is precisely the set of elements in Fqt such that σq (α) = α.
Proof.
(i) Let γ be a primitive element of Fq = Fpm . Thus γ has order q − 1 = pm − 1,
2
m −1
and its minimal polynomial m(x) has roots, γ, γ p , γ p , · · · , γ p
.
Now let f (x) be a polynomial over Fp . Since an automorphism τ of Fpm over Fp
fixes the coefficients of f (x), we see that f (α) = 0 if and only if f (τ (α)) = 0. In
otherwords, τ permutes the roots of f (x) that lie in Fpm . In particular, τ σ must send
i
the root γ of m(x) to another root, say τ (γ) = γ q . But since γ is a primitive element
i
of Fpn , τ is completely determend by its value on γ, and since σpi (γ) = γ p = τ (γ).
We denote τ = σpi . Hence all automorphism of Fq = Fpn over Fp have the form σpi
for some i.
(ii) Let F = {α ∈ Fq : σp (α) = α}. Let a, b ∈ F, then σp (a − b) = σp (a) − σp (b) = a − b.
σp (ab) = σp (a)σp (b). So a − b ∈ F, ab ∈ F.
68
(iii) Let Fq = {α ∈ Fqt : σq (α) = α}. Let a0 , b0 ∈ Fq then σq (a0 − b0 ) = σq (a0 ) − σq (b0 ) =
a0 − b0 .
Also σq (a0 b0 ) = σq (a0 )σq (b0 ) = a0 b0 ∈ Fq
∴ Fq is a subfield of Fpt .
Remark 3.6.1. Gal(Fq ) is a cyclic group (denote automorphism of Fq = Fpm with Fp fixed).
The generator of Gal(Fq ) is the Frobinous automprphism.
Remark 3.6.2. We use σp to denote the Forbenius automorphism of any field of characteristic p. If E and F are fields of characteristic p with E an extension field of F, then the
Forbenius automorphism of E when restricted to F is the Frobenius automorphism of F.
An element α ∈ F is fixed by an automorphism σ of F provided σ(α) = α. Let r|m. Then
σpr generates a cyclic subgroup of Gal(Fq ) of order m/r. The elements of Fq fixed by this
subgroup are precisely the elements of the subfield of Fpr . We let Gal(Fq : Fpr ) denote
automorphisms of Fq which fix Fpr .
Theorem 3.6.2. Gal(Fq : Fpr ) is the cyclic group generated by σpr .
Proof. The Forbinous automorphism is a generator of the cyclic group Gal(Fq : Fp ).
Gal(Fq ) = Gal(Fq : Fp ) = {σ i : 0 ≤ i ≤ m−1}. The group Gal(Fq : Fpr ) is a subgroup of Gal(Fq )
r
because σpr (α) = αp
= σpr (α) ∈ Gal(Fq : Fpr ) =⇒ σpr ∈ Gal(Fq ) =⇒ Gal(Fq :
Fpr ) ⊆ Gal(Fq ). The subgroups of Gal(Fq ) are cyclic, so ◦(σpr ) = ◦(σpr ) = m/r. Since
m
(σpr (α))m/r = σpm (α) = αp
= α, so (σpr )m/r = σpm =⇒ σpr is a generator of Gal(Fq :
Fpr ) =⇒ |Gal(Fq : Fpr )| = m/r.
3.7
Cyclotomic cosets and minimal polynomilals
Definition 3.7.1. If E is the extension field Fq , then E is a vector space over Fq , and
t
E = Fqt for some positive t. Each element α ∈ E is a root of the polynomial xq − x. Thus
there is a monic polynomial Mα (x) in Fq [x] of smalest degree which has α as a root, this
polynomial is called the minimal polynomial of α over Fq .
69
Theorem 3.7.1. Let Fqt be an extension field of Fq and let α be an element of Fqt with
minimal polynomail polynomial Mα (x) in Fq [x]. The following hold:
(i) Mα (x) is irreducible over Fq .
(ii) If g(x) is any polynomial in Fq [x] satisfying g(α) = 0, then Mα (x)|g(x).
(iii) Mα (x) is unique, that is there is only one monic polynomial in Fq [x] of smallest
degree which has α as a root.
Proof.
(i) If Mα (x) is reducible then Mα (x) = u(x)v(x), with degu(x) < degMα (x)
and degv(x) < degMα (x). Then u(α)v(α) = 0. So either u(α) = 0 or v(α) = 0.
Contradictin, because Fq [x] is an integral domain and Mα (x) is of minimal degree
over Fq [x] having α as a root.
(ii) Let I = {g(x) ∈ Fq [x] : g(α) = 0}. I is an ideal of Fq [x] because if g1 (x), g2 (x) ∈ I
then g1 (α) − g2 (α) = 0 =⇒ g1 (x) − g2 (x) ∈ I and if g(x) ∈ I and f (x) ∈ Fq [x] =⇒
g(α)f (α) = 0 =⇒ g(x)f (x) ∈ I then I is an ideal of Fq [x].
Also I 6= 0 because α is a root of a non zero polynomial over Fq , where α ∈ Fqt with
minimal polynomial Mα (x). But Fq [x] is P.I.D, hence there exist a generator h(x)
for I. I = hh(x)i. Let p1 (x) be the polynomial of minimal degree that generates I.
If p1 (x) = a0 + a1 x + · · · + at xt then Mα (x) =
1
(p1 (x))
at
is a monic polynomial that
generates I having minmal degree. I = hMα (x)i and Mα (x) is of minimal degree.
Let g(x) ∈ I, since Mα (x) 6= 0, so by division algorithm there exists q(x), r(x) ∈
Fq [x] 3 g(x) = q(x)Mα (x) + r(x), where r(x) = 0 or deg r(x) < deg Mα (x), but
g(α) = g(α)Mα (α) + r(α) =⇒ r(α) = 0. If r(x) 6= 0, then we get a contradiction,
because Mα (x) is of minimal degree, hence r(x) = 0 and so g(x) = q(x)Mα (x), so
Mα (x)|g(x).
0
0
(iii) Assume that hMα (x)i = hMα (x)i where Mα (x) and Mα (x) are monic irreducible
0
polynomial. Then Mα (x) = Mα (x) since both are monic generated the same ideal,
so Mα (x) is unique.
70
Theorem 3.7.2. Let f (x) be a monic irreducible polynomial over Fq of degree r. Then
(i) all the roots of f (x) lie in Fqr and any field containing Fq along with one root of
f (x),
r
Y
(ii) f (x) =
(x − αi ), where αi ∈ Fqr for 1 ≤ i ≤ r, and
i=1
qr
(iii) f (x)|x − x.
Proof.
(i) Let α be a root of f (x) which we adjoin to Fq to form a field Eα with q r
elements. If β is another root of f (x), not in Eα it is a root of some irreducible factor,
over Eα of f (x). Adjoining β to Eα forms an extension field E of Eα . However, inside
E, there is a subfield Eβ obtained by adjoining β to Fq . Eβ must have q r elements
because f (x) is irreducible of degree r over Fq . Since Eα and Eβ are subfields of E
of same size, then by theorem 3.5.3(iii) Eα = Eβ proving that all roots of f (x) lie
in Fqr . Since any field containing Fq and one root of f (x) contains Fqr , so part (i)
follows.
(ii) If αi ∈ Fqr is a root of f (x) for 1 ≤ i ≤ r then (x − αi ) is a factor of f (x), then
r
Y
f (x) = (x − α1 )(x − α2 ) · · · (x − αr ) =
(x − αi ).
i=1
r
(iii) Every element of Fqr is a root of the polynomial xq − x, therefore x − α is a factor
r
Y
Y
r
qr
q
of x − x ∀α ∈ Fqr =⇒ x − x =
(x − α). Since f (x) =
(x − αi ), then
α∈Fqr
r
i=1
f (x)|xq − x.
Theorem 3.7.3. Let Fqt be an extension field of Fq and let α be an element of Fqt with
minimal polynomial Mα (x) in Fq [x]. The following hold:
t
(i) Mα (x)|xq − x.
(ii) Mα (x) has distinct roots all lying in Fqt .
(iii) The degree of Mα (x) divides t.
71
t
(iv) xq − x =
Y
Mα (x) where α runs through some subset of Fqt which enumerates the
α
minimal polynomial of all elements of Fqt exactly once.
t
(v) xq − x =
Y
f (x), where f runs through all monic irreducible polynomials over Fq
f
whose degree divides t.
Proof.
(i) If α ∈ Fqt and if g(x) is any polynomial in Fq [x] satisfying g(α) = 0, then
t
t
Mα (x)|g(x). But g(x)|xq − x =⇒ Mα (x)|xq − x.
t
t
(ii) Since the roots of xq − x are the q t elements of Fqt , xq − x has distinct roots and so
by part (i) and part (i) of theorem 3.7.2 implies Mα (x) has distinct roots all lying
in Fqt .
(iii) If Mα (x) has degree r, adjoining α to Fq gives the subfield Fqr = Fpmr of Fqt = Fpmt
then by theorem 3.5.3 mr|mt then r|t.
t
(iv) There exist irreducible polynomial pi (x) over Fq such that xq − x =
n
Y
pi (x). As
i=1
t
xq − x has distinct roots, the factors pi (x) are distinct. By scaling them, we assume
t
that each is monic as xq − x is monic. So pi (x) = Mα (x) for any α ∈ Fqt , with
Y
t
pi (α) = 0 =⇒ xq − x =
Mα (x).
α
(v) Follows from (iv) if we show that every monic irreducible polynomial over Fq of
t
t
degree r dividing t is a factor of xq − x. But f (x)|xq − x by theorem 3.7.2 (iii).
Y
r
t
t
Since mr|mt, xq − x|xq − x =⇒ xq − x =
f (x).
f
Definition 3.7.2. Two elements of Fqt which have the same minimal polynomial in Fq [x]
are called conjugate over Fq .
Remark 3.7.1. All the roots of Mα (x) are distinct and lie in Fqt , so they are conjugates,
we can fiend them by the following theorem.
Theorem 3.7.4. Let f (x) be a polynomial in Fq [x] and let α be a root of f (x) in some
extension field Fqt . Then:
72
(i) f (xq ) = f (x)q , and
(ii) αq is also a root of f (x) in Fq .
n
X
ai xi . Since q = pm , where p is the charactrristic of Fq , then
Proof. (i) Let f (x) =
q
f (x) = (
n
X
i=0
i q
ai x ) =
i=0
n
X
aqi xiq , but aqi = ai ∀ai ∈ Fq because the elements in Fq are
i=0
q
q
the roots of x − x =⇒ f (x) =
n
X
ai xiq = f (xq ).
i=0
q
(ii) f (α ) =
n
X
i=0
iq
ai α =
n
X
ai αi = f (α) = 0 = f (α)q =⇒ αq is a root of f (x) in Fq .
i=0
2
Remark 3.7.2. By theorem 3.7.4 α, αq , αq , · · · are all roots of Mα (x). This sequence will
r
stop after r terms, where αq = α.
r
If γ is a primitive element of Fqt . Then α = γ s for some s.Hence αq = α if and only if
r
γ sq = γ s if and only if γ sq
r −s
= 1. By theorem 3.3.1 (γ i = 1 if and only if q − 1|i), So
q t − 1|sq r − s =⇒ sq r ≡ s(mod q t − 1).
Definition 3.7.3. The set of q- cyclotomic cosets of s modulo q t − 1 is the set Cs =
{s, sq, · · · , sq r−1 } (mod q t − 1), where r is the smallest positive integer such that sq r ≡
s (mod q t − 1). the set Cs partition the set {0, 1, 2, · · · , q t − 2} of integers into disjoint
sets.
Example 3.7.1. The 2- cyclotomic cosets modulo 15 are C0 = {0}, C1 = {1, 2, 4, 8}, C3 =
{3, 6, 12, 9}, C5 = {5, 10} and C7 = {7, 14, 13, 11}.
Remark 3.7.3. The roots of Mα (x) = Mγ s (x) include {γ i |i ∈ Cs }. In fact these are all the
roots of mα (x). So if we know the size of Cs , we know the degree of Mγ s (x), as these are
the smae.
Theorem 3.7.5. If γ is a primitive element of Fqt , then the minimal polynomial of γ s = α
over Fq is
Mγ s (x) =
Y
i∈Cs
73
(x − γ i ).
Proof. We will claim that,
Y
f (x) =
(x − γ i ) =
X
f j xj
j
i∈Cs
is a polynomial in Fq [x] not in Fqt [x].
Y
Y
Let g(x) = f (x)q . Then g(x) =
(x − γ i )q =
(xq − γ qi )( Because if q = pr , (x −
r
r
i∈Cs
r
γ i )p = xp − γ ip = xq − γ iq ).
i∈Cs
As Cs is a q− cyclotomic coset, qi runs through Cs as i does. Then g(x) = f (xq ) =
P
P
P q qj
qj
q
q
j q
j fj x , but g(x) = f (x ) = f (x) = (
j fj x ) =
j fj x . Equating coefficients, we
have fjq = fj and hence by theoerm 3.6.1 (iii)(The subfield Fq of Fqt is precisely the set
of elements in Fqt such that σq (α) = α), then f (x) ∈ Fq [x].
Example 3.7.2. We are constructed F16 previously using the irreducible polynomial x4 +
x+1 over F2 . With α as a root of this polynomial, we give the minimal polynomial over F2
of each element of F16 and the associated 2− cyclotomic coset modulo 15 in the table below.
Rooots
Minimal polynomial
2-cyclotomic coset
0
x
1
x+1
{0}
α, α2 , α4 , α8
x4 + x + 1
{1, 2, 4, 8}
α3 , α6 , α9 , α12
x4 + x3 + x2 + x + 1
{3, 6, 9, 12}
α5 , α10
x2 + x + 1
{5, 10}
α7 , α11 , α13 , α14
x4 + x3 + 1
{7, 11, 13, 14}
The factorization of x15 − 1 into irreducible polynomials in F2 [x] is
(x + 1)(x4 + x + 1)(x4 + x3 + x2 + x + 1)(x2 + x + 1)(x4 + x3 + 1).
74
Chapter 4
Cyclic codes
Introduction
A linear code C of length n over Fq is cyclic provided that for each vector c = c0 c1 · · · cn−2 cn−1
in C the vector cn−1 c0 c1 · · · cn−2 obtained from c by the cyclic shift of coordinate i 7−→
i + 1 (mod n), is also in C. So a cyclic code contains all n cyclic shifts of any codeword.
We will represent the codewords in a polynomial form. If c0 c1 · · · cn−2 cn−1 ∈ Fnq then
c(x) = c0 + c1 x + · · · + cn−1 xn−1 ∈ Fq [x] of degree at most n − 1. We order the terms of
our polynomial from smallest to largest degree.
If c(x) = c0 + c1 x + · · · + cn−1 xn−1 , then xc(x) = cn−1 xn c0 x + c1 x2 + · · · + cn−2 xn−1 which
would represent the codeword c cyclically shifted one to right, if xn = 1.
Cylcic code C is invariant under a cyclic shift implies that if c(x) is in C, then so is xc(x)
provided we multiply modulo xn − 1.
Remark :
(1) A linear code C is cyclic if and only if c(x) ∈ C =⇒ x · c(x) (mod xn − 1) ∈ C.
It follows that when c(x) is a codeword in a cyclic code, so are the words xi ·
c(x)(mod xn − 1) for i ≥ 0.
(2) By linearity we conclude that in a cyclic code C, c(x) ∈ C =⇒ u(x)c(x)(mod xn −
1) ∈ C for every u(x) ∈ Fq [x], hence C is an ideal in Rn = Fq [x]/(xn − 1).
75
4.1
Factoring xn − 1
For f (x) = a0 + a1 x + · · · + an xn ∈ Fq [x] define the formal derivative of f (x) to be the
polynomial f 0 (x) = a1 + 2a2 x + · · · + nan xn−1 ∈ Fq [x]. From this definition, show that the
following rules hold:
(a) (f + g)0 (x) = f 0 (x) + g 0 (x)
(b) (f g)0 (x) = f 0 (x)g(x) + f (x)g 0 (x).
(c) f (x)m )0 = m(f (x)m−1 )f 0 (x) for all positive integers m.
(d) If f1 (x)a1 f2 (x)a2 · · · fn (x)an , where a1 , · · · , an are positive integers and f1 (x), · · · , f2 (x)
are distinct and irreducible over Fq , the
f (x)
= f( x) · · · fn (x).
gcd(f (x), f 0 (x))
(e) Show that f (x) has no repeated irreducible factors, if and only if f (x) and f 0 (x) are
relatively prime.
(f) Show that xn − 1 has no repeated irreducible factors, if and only if q and n are
relatively prime.
Proof. (f)
Let c be a root of xn − 1 in an extension field E of Fq . Then xn − 1 = (x − c)(xn−1 +
cxn−2 + c2 xn−3 + · · · cn−2 x + cn−1 ).
Let f (x) = xn−1 + cxn−2 + · · · + cn−1 , f (c) = cn−1 + c · cn−2 + · · · + cn−1 = ncn−1 . Since
q - n =⇒ f (c) 6= 0 =⇒ c is not a root of f (x) =⇒ xn − 1 has no repeated roots.
⇐= if f (c) = ncn−1 and q|n =⇒ f (c) = 0 =⇒ xn − 1 has repeated root. A contradiction.
So q and n are relatively prime.
A method of factoring xn − 1:
Let Fqt be a field extension of Fq that contains all of the roots of xn − 1. Fqt contains a
primitive nth root of unity when n|q t − 1.
76
Definition 4.1.1. The order ordn (q) of q modulo n is the smallest positive integer a such
that q a ≡ 1(mod n). That is if q a ≡ 1(mod n) =⇒ ordn (q) = a.
If t = ordn (q), then Fqt contains a primitive nth root of unity α, but no smaller extension
field of Fq contains such a primitive root.
As αi are distinct for 0 ≤ i < n and (αi )n = 1, Fqt contains all the roots of xn − 1. So Fqt
is called a splitting field of xn − 1 over Fq . So the irreducible factors of xn − 1 over Fq
must be the product of the distinct minimal polynomials of the roots of unity in Fq .
Suppose γ is a primitive element of Fqt . Then α = γ d is a primitive nth root of unity where
d=
q t −1
.
n
2
The roots of mα (x) are {γ ds , γ dsq , γ dsq , · · · , γ dsq
r−1
2
} = {αs , αsq , αsq , · · · , αsq
r−1
},
where r is the smallest positive integer such that dsq r ≡ ds(mod q t −1) (by theorem 3.7.6).
But dsq r ≡ ds(mod q t −1) if and only if sq r ≡ s(mod n), because (dsq r ≡ ds(mod dn) =⇒
sq r ≡ s(mod n)).
This leads us to extend the notion of q-cyclotomic cosets.
Let s be an integer with 0 ≤ s < n. The q-cyclotomic cosets of s modulo n is the
set Cs = {s, sq, · · · , sq r−1 } (mod n), where r is the smallest positive integer such that
sq r ≡ s (mod n). It follows that Cs is the orbit of the permutation i 7−→ iq (mod n)
that contins s. The distinct q− cyclotomic cosets modulo n partition the set of integers
{0, 1, 2, · · · , n − 1} into disjoint sets.
Theorem 4.1.1. Let n be a positive integer relatively prime to q. Let t = ordn (q). Let α
be a primitive nth root of unity in Fqt .
(i) For each integer s with 0 ≤ s < n, the minimal polynomial of αs over Fq is Mαs (x) =
Q
i
i∈Cs (x − α ), where Cs is the q-cyclotomic cosets of s modulo n.
(ii) The conjugates of αs are the elements αi with i ∈ Cs .
(iii) Furthermore xn − 1 =
Q
s
Mαs (x) in the factorization of xn − 1 into irreducible
factors over Fq , where s runs through a set of representation of the q-cyclotomic
cosets modulo n.
77
Example 4.1.1. Consider the polynomial x9 −1 over F2 . Since q = 2 and n = 9, then the
2− cyclotomic cosets of 9 are C0 {0}, C1 = {1, 2, 4, 8, 7, 5}, C3 = {3, 6}. So ordn (2) = 6
and the primitive ninth root of unity lie in F64 but no smaller extension field of F2 . Hence
x9 − 1 factors into an irreducible factors as
x9 − 1 = (x3 )3 − 1 = (x3 − 1( x6 + x3 + 1) = (x − 1)(x + x + 1)(x6 + x3 + 1).
The polynomial mα0 (x) = M1 (x) = x + 1, Mα (x) = x6 + x3 + 1, Mα3 (x) = x2 + x + 1,
where α is a primitive ninth root of unity in F64 . The only irreducible polynomial of degree
2 over F2 is x2 + x + 1 = Mα3 (x) (α3 is a primitive third root of unity in F64 .
Theorem 4.1.2. The size of each q- cyclotomic coset is a divisor of ordn (q). Furthermore
the size of C1 is ordn (q).
Proof. Let t = ordn (q) and let m be the size of Cs . Then Mαs (x) has degree m where
α is a primitive nth root of unity, so m|t by theorem 3.7.3 there exists a subfield Fqm =
Fpmr of Fqt = Fpmt =⇒ mr|mt =⇒ m|t. The fact that the size of C1 is ordn (q) follows
directly from the definitions of q− cyclotomic cosets and ordn (q) as mentioned prior to
theorem 4.1.1, because C1 = {1, q, q 2 , · · · , q r−1 } (mod q t − 1), where r is the smallest
positive integer such that q r ≡ 1 (mod q t − 1) =⇒ r = t.
4.2
Basic theory of cyclic codes
The cyclic codes of length n over Fq are precisely the ideals of Rn = Fq [x]/(xn − 1), Fq [x]
is principal ideal domain also the ring Rn is principal, hence cyclic codes are the principal
ideal of Rn , when writing a codeword of a cyclic code as c(x), we technically mean the
coset c(x) + (xn − 1) in Rn . We think the elements of Rn as the polynomial in Fq [x] of
degree less than n with multiplication being carried out modulo xn − 1.
To multiply two polynomials we multiply them as we would in Fq [x] and then replace any
term of the form axni+j where 0 ≤ j < n by axi .
Theorem 4.2.1. Let C be a nonzero cyclic code in Rn . There exists a polynomial g(x) ∈ C
with the following properties:
78
(i) g(x) is the unique monic polynomial of minimum degree in C,
(ii) C = hg(x)i, and
(iii) g(x)|(xn − 1).
let k = n − deg g(x), and let g(x) =
Pn−k
i=0
gi xi , where gn−k = 1. Then:
(iv) The dimension of C is k and {g(x), xg(x), · · · , xk−1 g(x)} is a basis for C,
(v) every element of C is uniquely expressible as a product g(x)f (x), where f (x) = 0 or
deg f (x) < k,
(vi)
g g1
0
0 g0
G=
···
0
g2
···
g1
···
···
···
g0
···
gn−k
0
gn−k−1 gn−k
···
···
↔
g(x)
xg(x)
···
gn−k
xk−1 g(x)
is a generator matrix for C, and
(vii) if α is a primitive nth root of unity in some extension field of Fq , then
g(x) =
Y
Mαs (x).
s
Where the product is over a subset of representatives of the q-cyclotomic cosets
modulo n.
Proof. Let g(x) be a monic polynomial of minimum degree in C. Since C is nonzero, such a
polynomial exists. If c(x) ∈ C, then by division algorithm in Fq [x], c(x) = g(x)h(x)+r(x),
where either r(x) = 0 or deg r(x) < deg g(x). As C is an ideal in Rn , r(x) ∈ C and the
minimality of degree of g(x) implies r(x) = 0 =⇒ C = hg(x)i.
To proof uniqueness: let g1 , g2 be two distinct monic polynomials of minimum degree m
then g1 − g2 = 0 or deg g1 − g2 < m, a contradiction, then g1 = g2 . This gives (i) and (ii).
(iii) By division algorithm xn −1 = g(x)h(x)+r(x), where r(x) = 0 or deg r(x) < deg g(x)
79
in Fq [x]. As xn −1 corresponds to the zero codeword in C and C is an ideal in Rn , r(x) ∈ C,
a contradiction, unless r(x) = 0 =⇒ g(x)|xn − 1, proving (iii).
Suppose that deg g(x) = n − k. By parts (ii) and (iii), if c(x) ∈ C with c(x) = 0 or
deq c(x) < n, then c(x) = g(x)f (x) ∈ Fq [x]. If c(x) = 0, then f (x) = 0. If c(x) 6=
0, deg c(x) < n implies that deg f (x) < k, (because the degree of the product of two
polynomials is the sum of degrees of polynomials.) Therefore C = {g(x)f (x)|f (x) =
0 or deg f (x) < k}. So C has dimension at most k and {g(x), xg(x), · · · , xk−1 g(x)} spans
C. Since these k polynomials are of different degrees they are independent in Fq [x]. Since
they are of at most n − 1, they remain independent in Rn , yielding (iv) and (v). The
codewords in this basis, written as n− tuples, give G in part (vi). Part (vii) follows from
theorem 4.1.1.
Remark 4.2.1.
(i) Rn = Fq [x]/(xn − 1) is a principal ideal ring.
(ii) Part (vii) requires that gcd(n, q) = 1 because xn − 1 has no repeated roots if and
only if gcd(n, q) = 1.
Corollary 4.2.2. Let C be nonzero cyclic code in Rn . The following are equivalent:
(i) g(x) is monic polynomial of minimum degree in C.
(ii) C = hg(x)i, g(x) is monic, and g(x)|xn − 1.
Proof. (i) =⇒ (ii) was shown in the proof of theorem 4.2.1.
Assume (ii). Let g1 (x) be monic polynomial of minimum degree in C. By part (i) and (ii) of
theorem 4.2.1 g(x) = g1 (x)h(x) + r(x), deg r(x) < deg g1 (x) or r(x) = 0 =⇒ g1 (x)|g(x)
in Fq [x] and C = hg1 (x)i. As g1 (x) ∈ C = hg(x)i, g1 (x) = g(x)a(x)(mod xn − 1) =⇒
g1 (x) = g(x)a(x) + (xn − 1)b(x) ∈ Fq [x]. Since g(x)|xn − 1 =⇒ g(x)|g(x)a(x) + (xn −
1)b(x) or g(x)|g1 (x). As both g1 (x) and g(x) are monic and divide one another in Fq [x] =⇒
g1 (x) = g(x).
Definition 4.2.1. The monic polynomial g(x)|xn −1, generating C is called the generator
matrix polynomial of the cyclic code C. So there exists one to one correspondence between
the nonzero cyclic codes and the divisors of xn − 1, not equal to xn − 1.
80
Remark 4.2.2. The generator of the zero cyclic code {0} is xn − 1.
Corollary 4.2.3. The number of cyclic codes in Rn equals 2m is the number of q−
cyclotomic cosets modulo n. Moreover, the dimension of cyclic codes in Rn are all possible
sums of sizes of the q-cyclotomic cosets modulo n.
Example 4.2.1. We showed that, over F2 , x9 − 1 = (x + 1)(1 + x + x62)(1 + x3 + x6 ),
and so there are eight binary cyclic codes Ci of length 9 with generator polynomials gi (x)
are given in the following table
i
dim
gi (x)
0
0
1 + x9
1
1
(1 + x + x2 )(1 + x3 + x6 ) = 1 + x + x2 + x3 + x4 + x5 + x6 + x7 + x8
2
2
(1 + x)(1 + x3 + x6 ) = 1 + x + x3 + x4 + x6 + x7
3
3
1 + x3 + x 6
4
6
(1 + x)(1 + x + x2 ) = 1 + x3
5
7
1 + x + x2
6
8
1+x
7
9
1
Corollary 4.2.4. Let C1 and C2 be cyclic codes over Fq with generator polynomials g1 (x)
and g2 (x) respectively. Then C1 ⊆ C2 if and only if g2 (x)|g1 (x).
Proof. Let deg g1 (x) = t1 , deg g2 (x) = t2 . If g2 (x)|g1 (x) =⇒ deg g2 ≤ deg g1 =⇒
−deg g1 ≤ −deg g2 =⇒ n − deg g1 ≤ n − deg g2 =⇒ dimC1 ⊆ dimC2 .
⇐= if C1 ⊆ C2 =⇒ n − deg g1 ≤ n − deg g2 =⇒ deg g2 ≤ deg =⇒ g2 |g1 .
Example 4.2.2. Consider R3 = F2 [x]/hx3 − 1i and consider the cyclic code C = h1 + xi,
then dim C = 3 − 1 = 2 and C contains the codewords, 0, 1 + x, x(1 + x) = x + x2 , x2 (1 +
x) = x2 +x3 = x2 +1 = (x+1)(x+1), because x3 = 1. Thus C = {0, 1+x, 1+x2 , x+x2 } =
{000, 110, 101, 011}. Also we can verify that
h1 + x2 i = {f (x)(1 + x2 )|f (x) ∈ R3 } = C
and so C is generated by the polynomial 1 + x2 as well.
81
Example 4.2.3. x9 − 1 factors over F2 into irreducible factors x9 − 1 = (x + 1)(x2 + x +
1)(x6 + x3 + 1).
Consider C = hx6 + x3 + 1i, therefore dim C = 9 − 6 = 3
x6 + x3 + 1
1 0 0 1
G = x(x6 + x3 + 1) = 0 1 0 0
2 6
3
x (x + x + 1)
0 0 1 0
and has generator matrix,
0 0 1 0 0
1 0 0 1 0
0 1 0 0 1
Theorem 4.2.5. The dual code of a cyclic code is cyclic.
Proof. If a · b = 0, then π(a) · π(b) = 0, where π is the cyclic shift. As a · b = a0 b0 + a1 b1 +
· · ·+an bn then π(a)·π(b) = an bn +a1 b1 +· · ·+a0 b0 = 0. Consider the cyclic code C which is
generated by the word v; so C = {v, π(v), π ( v), · · · , π n−1 (v)}. If u ∈ C ⊥ =⇒ π i (v) · u = 0,
for i = 0, · · · , n − 1. However this means that π i+1 (v).π(u) = 0 =⇒ π(u) is orthogonal to
C, because π n (v) = v. Since u ∈ C ⊥ =⇒ π(u) ∈ C ⊥ =⇒ C ⊥ is cyclic.
Definition 4.2.2. The generator matrix of the dual code of cyclic code C is the parity
check matrix of the original cyclic code.
Theorem 4.2.6. Let C be an [n, k] cyclic code with generator polynomial g(x). Let h(x) =
k
X
n
n
(x − 1)/g(x) = (x − 1)/g(x) =
hi xi . Then the generator polynomial of C ⊥ is g ⊥ (x) =
xk h(x−1 )
.
h(0)
is
i=0
Furthermore, a generator matrix for C ⊥ , and hence a parity check matrix for C
hk hk−1 hk−2 · · ·
0
H=
0
h0
h1
0
hk
hk−1 · · ·
h0
···
···
··· ··· ···
hk
···
h0
Proof. he dual of a cyclic code is cyclic, we will show that g ⊥ (x) divides xn − 1, then we
will know that it is the generator polynomial for a cyclic code hg ⊥ (x)i that has generator
matrix H, and so hg ⊥ (x)i = C ⊥ .
Let h(x)g(x) = xn − 1, then h(0)g(0) = −1 =⇒ h(0) = −1 since g(0) = 1 as g(x) =
g0 + g1 x + · · · + gn−k xn−k , gn−k = 1.
82
=⇒ h(x−1 )g(x−1 ) = x−n − 1,
xn h(x−1 )g(x−1 ) = 1 − xn ,
xk h(x−1 ) · xn−k g(x−1 ) = 1 − xn ,
xk h(x−1 )
h(0)
· xn−k g(x−1 ) = xn − 1,
g ⊥ · xn−k g(x−1 ) = xn − 1,
=⇒ g ⊥ (x)|xn − 1
∴ g ⊥ (x) is a generator polynomial of C ⊥ .
Since g(x) is the generator polynomial for C, and h(x) =
xn −1
,
g(x)
then g(x)h(x) = 0. If
c(x) ∈ C, then c(x)h(x) = 0.
Now deg (c(x)h(x) < n + k = n + n − deg g(x) = 2n − deg g(x), from this we deduce that
the coefficients of xk , xk+1 , · · · , xn−1 in the product c(x)h(x) must be 0, that is
c0 hk + c1 hk−1 + · · · + ck h0 = 0,
c1 hk + c2 hk−1 + · · · + ck+1 h0 = 0,
···
···
···
···
cn−k−1 hk + cn−k hk−1 + · · · + cn−1 h0 = 0..
But this is equivalent to c0 c1 · · · cn−1 )H ⊥ = 0, and so H generates a code C 0 that is
orthogonal to C, that is C 0 ⊂ C ⊥ . However, sim=nce hk 6= 0, it follows that dim (C 0 ) =
deg g(x) and so C 0 = C ⊥ =⇒ H is the parity check matrix for C.
Example 4.2.4. The code C = hx6 + x3 + 1i has generator polynomial g(x) = x6 + x3 + 1
and has dimension k = 9 − 6 = 3.
∴ h(x) =
x9 −1
g(x)
= (1 + x)(1 + x + x2 ) = 1 + x3 .
The generator polynomial of C ⊥ is g ⊥ (x) =
xk h(x−1 )
h(0)
83
=
x3 (1+x−3 )
1
= x3 + 1,
∴ The generator matrix for C bot is
1
0
0
H=
0
0
0
Remark 4.2.3.
0 0 1 0 0 0 0 0
1 0 0 1 0 0 0 0
0 1 0 0 1 0 0 0
0 0 1 0 0 1 0 0
0 0 0 1 0 0 1 0
0 0 0 0 1 0 0 1
(i) The polynomial h(x) is called the check polynomial for a cyclic code
C it is not the generator polynomial for C ⊥ .
(ii) The polynomial g ⊥ (x) =
xk h(x−1 )
h(0)
is called the reverse polynomial of the check poly-
nomial h(x) and g ⊥ (x) is the generator polynomial for C ⊥ .
If h(x) = h0 + h1 x + · · · + hk xk , then the generator polynomial of C ⊥ is
g ⊥ (x) =
xk h(x−1 )
h(0)
= h−1 (0)(xk )(h0 + h1 x−1 + · · · + hk x−k )
= h−1 (0)(h0 xk + h1 xk−1 + · · · + hk )= h−1 (0)(hk + hk−1 + · · · + h0 xk )
Theorem 4.2.7. Let C be a cyclic code over Fqt . Then C|Fq is also cyclic.
Proof. Since C is cyclic code over Fqt , there exists a generator polynomial g(x) over Fqt [x]
that generates C and C = hg(x)i, g(x)|xn − 1 such that gcd(q t , n) = 1 and g(x) containing
a primitive nth root of unity of the extension field Fqs of Fqt , when n|(q t )s − 1. Since
Fqt contains a primitive nth root of unity, so there exists g( x) over Fq and g1 (x)|xn − 1,
gcd(q, n) = 1 so C|Fq = hg1 (x)i, so C|Fq is cyclic.
Encoding and decoding cyclic codesThere is three ways to encode the cyclic codes.
If C is a cyclic code of length n over Fq with generator polynomial g(x) of degree n − k,
so C has dimension k.
The first way:(This method is non systematic) Let G be the generator matrix obtained
84
from the shifts of g(x) in Theorem 4.2.1
g(x)
g ···
0
xg(x) 0 g0
=
G=
···
···
xk−2 g(x)
0
gn−k
···
0
gn−k
···
g0
···
.
gn−k
To encode the message m ∈ Fkq as the codeword c = mG, let m(x) = a0 + a1 x + · · · +
ak−1 xk ∈ Fq [x]. Then to encode m(x) as a codeword c(x) by forming the product
c(x) = m(x)g(x).
Example 4.2.5. Let C be a cyclic code of length 15 with generator polynomial g(x) =
(1 + x + x4 )(1 + x + x2 + x3 + x4 ). Encode the message m(x) = 1 + x2 + x5 using the first
encoding procedure.
Solution: g(x) = (1 + x + x4 )(1 + x + x2 + x3 + x4 ) = 1 + x4 + x6 + x7 + x8 . Then
c(x) = m(x)g(x) = (1 + x2 + x5 )(1 + x4 + x6 + x7 + x8 ) = 1 + x2 + x4 + x5 + x7 + x10 +
x11 + x12 + x13 as a vector in F15
2 = (101001101001111).
The secod way of encoding cyclic codes:(This method is systematic).
The polynomial m(x) associated to the message is of degree at most k − 1 or (the
zero polynomial). The polynomial xn−k m(x) has degree at most n − 1 and has its
first n − k coefficients equals to 0. Thus the message is contained in the coefficients
of xn−k , xn−k+1 , · · · , xn−1 . By the division algorithm, xn−k m(x) = g(x)a(x) + r(x), where
deg r(x) < n − k or r(x) = 0.
Let c(x) = xn−k m(x) − r(x), as c(x) is a multiple of g(x), c(x) ∈ C. Also c(x) differes
from xn−k m(x) in the coefficients of 1, x, · · · , xn−k−1 as deg r(x) < n−k. So c(x) contains
the message m in the coefficients of the terms of degree at least n − k.
Example 4.2.6. Encode the message m(x) = 1 + x2 + x5 using the second encoding procedure.( The systematic encoding).
Solution:Since from previous example g(x) = 1 + x4 + x6 + x7 + x8 , n = 15, k =
n − deg g(x) = 15 − 8 = 7
85
∴ xn−k = x15−7 = x8 =⇒ xn−k m(x) = x8 (1 + x2 + x5 ) = x8 + x10 + x13 .
By dividing x8 + x10 + x13 by g(x) = 1 + x4 + x6 + x7 + x8 we get
x13 + x10 + x8 = (x5 + x4 + x + 1)g(x) + (x6 + x + 1) where a(x) = x613 + x10 + x8 and
r(x) = x6 + x + 1.
c(x) = x13 + x10 + x8 + x6 + x + 1.
The message is contained in the coefficients
xn−k , xn−k+1 , · · · , xn−1 systematics.
The third method of encoding: this method is systematic.
Let C = hg(x)i be a cyclic code. Let g ⊥ (x) be the generator polynomial of C ⊥ and C is
an [n, k]-code. If c = (c0 c1 · · · cn−1 ) ∈ C once c0 c1 · · · ck−1 are known, then the remaining
components ck , · · · , cn−1 are determined form Hc⊥ = 0, where H is the parity check
matrix. We can scale the rows of H so that its rows are shifts of the monic polynomial
g ⊥ (x) = h00 + h01 x + · · · + h0k−1 xk−1 + xk . To encode C, we chose k information bits
k−1
X
c0 c1 · · · ck−1 , then ci = −
h0j ci−k+j , where the computation ci is performed in the order
j=0
i = k, k + 1, · · · , n − 1.
Example 4.2.7. Encode the message m(x) = 1 + x2 + x5 using the third encoding procedure.
Solution: h(x) =
x15 −1
,
g(x)
where g(x) = 1 + x4 + x6 + x7 + x8 . Then h(x) = x7 + x6 + x4 + 1.
n = 15, deg g(x) = 8 =⇒ k = 7.
g ⊥ (x) = xk h(x−1 )/h(0) = x7 (x−7 + x−6 + x−4 + 1)/1 = 1 + x + x3 + x7 .
h0 = 1, h1 = 1, h2 = 0, h3 = 1, h4 = 0, h5 = 0, h6 = 0, h7 − 1.
1 + x + x3 + x 7
x + x2 + x4 + x8
2
x + x 3 + x5 + x9
1 + x + x3 + x7
⊥
xg (x) = x(1 + x + x3 + x7 ) x3 + x4 + x6 + x10
=
H=
4
..
x + x5 + x7 + x11
.
5
7
3
7
x + x6 + x8 + x12
x (1 + x + x + x )
6
x + x7 + x9 + x13
x7 + x8 + x10 + x14
86
1 1 0
0 1 1
0 0 1
=
···
...
0 0 0
1
0
0
1
0
0
0
0
1
0
0
1
0
0
1
0
1
0
0
1
0
···
...
0
0
···
...
0
1
···
...
1
0
1
0
0
0
0 0
0 0 0 0 0
0 0 0 0 0
.
···
...
...
0 0 0 1 0
Let the information bits are (c0 c1 · · · c6 ), since m(x) = 1 + x2 + x5 ←→ (1010010). Then
6
X
c7 = −
hj c7−7+j = +(h0 c0 + h1 c2 + h2 c2 + · · · + h6 c6 ) = (c0 + c1 + 0 + c3 + 0 + 0 + 0) =
j=0
(c0 + c1 + c3 )
6
X
c8 =
hj c8−7+j = +(h0 c1 + h1 c2 + h2 c3 + · · · + h6 c7 ) = (c1 + c2 + c4 )
j=0
similarly we do for all other bits.
4.3
Idempotent and multipliers
An element e of a ring satisfying e2 = e is called an idempotent. each cyclic code in
Rn = fq [x]/h xn − 1h contains a unique idempotent which generates the ideal. This
idempotent is called the generating idempotent of the cyclic code.
Definition 4.3.1. the unity in a ring is (anon zero) multiplicative identity in the ring.
Example 4.3.1. e(x) = x3 + x5 + x6 ∈ R7 over F2 [x] =⇒ e2 (x) = (x3 + x5 + x6 )2 =
x3 + x5 + x6 .
∴ e(x) is an idempotent in R7 .
Example 4.3.2. The generating idempotent for the zero cyclic code {0} is 0, while that
for the cyclic code Rn is 1.
Theorem 4.3.1. Let C be a cyclic code in Rn . Then:
(i) there exists a unique idempotent e(x) ∈ C such that C = he(x)i, and
87
(ii) if e(x) is a nonzero idempotent in C, then C = he(x)i if and only if e(x) is a unity
of C.
Proof. If C is the zero code, then the idempotent is the zero polynomial and (i) is clear.
To prove (ii). Assume C is nonzero cyclic code. Suppose that e(x) is a unity, then
he(x)i ⊆ C as C is an ideal....(1) .
If c(x) ∈ C, then c(x)e(x) = c(x) ∈ C =⇒ c(x) ∈ he(x)i =⇒ C ⊆ he(x)i...(2).
From (1) and (2), we have C = he(x)i.
Conversely, suppose that e(x) 6= 0 idempotent such that C = he(x)i. Then every element
c(x) ∈ C can be written in the form c(x) = f (x)e(x). but c(x)e(x) = f (x)(e(x))2 =
f (x)e(x) = c(x) implying e(x) is a unity for C.
To prove (i). As C is nonzero by part (ii), if e1 (x) and e2 (x) are generating idempotents,
then both are unities and e( x) = e2 (x)e1 (x) = e2 (x) =⇒ e1 (x) = e2 (x). So the generating
idempotent is unique.
To prove the existence of generating idempotent. If g(x) is the generator polynomial for
C, then g(x)|xn − 1, by theorem 4.2.1, let h(x) =
xn −1
.
g(x)
Thus gcd(g(x), h(x)) = 1 in Fq [x]
because xn − 1 has distinct roots. Now by Euclidean algorithm there exist polynomials
a(x), b(x) ∈ Fq [x], so that a(x)g(x) + b(x)h(x) = 1. Let e(x) ≡ a(x)g(x)(mod xn − 1);
that is e(x) is the coset representative of e(x) = a(x)g(x) + (xn − 1) ∈ Rn . Then (e(x))2 ≡
a(x)g(x)(1 − b(x)h(x)) ≡ a(x)g(x) − a(x)g(x)b(x)h(x) ≡ a(x)g(x) ≡ e(x)(mod xn − 1),
(because g(x)h(x) = xn − 1). Also if c(x) ∈ C, then c(x) = f (x)g(x) implying c(x)e(x) ≡
f (x)g(x)(1 − b(x)h(x)) ≡ f (x)g(x) − f (x)g(x)b(x)h(x) ≡ f (x)g(x) ≡ c(x)(mod xn − 1).
So e(x) is a unity in C and (i) follows from (ii).
Remark 4.3.1. to find the generating idempotent e(x) for a cyclic code C from the generator polynomial g(x) is to solve 1 = a(x)g(x) + b(x)h(x) for a(x) using the Euclidean
algorithm, where h(x) =
xn −1
.
g(x)
Then reducing a(x)g(x) modulo xn − 1 produces e(x).
Theorem 4.3.2. Let C be a cyclic code over Fq with generating idempotent e(x). Then
the generator polynomial of C is g(x) = gcd(e(x), xn − 1) computed in Fq [x].
88
Proof. Let d(x) = gcd(e(x), xn − 1) in Fq [x], and let g(x) be the generator polynomial
for C. As d(x)|e(x) =⇒ e(x) = d(x)k(x) implying that every element of C = he(x)i is
also a multiple of d(x), thus C ⊆ hd(x)i....(1). By theorem 4.2.1 in Fq [x], g(x)|xn − 1 and
g(x)|e(x) as e(x) ∈ C =⇒ g(x)| gcd(e(x), xn − 1) =⇒ g(x)|d(x) =⇒ d(x) = g(x)l(x) =⇒
d(x) ∈ C. Thus hd(x)i ⊆ C...(2).
From (1) and (2) C = hd(x)i. Since d(x) is a monic divisor of xn − 1 generating C =⇒
d(x) = g(x) by corollary 4.2.2
Example 4.3.3. the following table gives all the cyclic codes Ci of length 7 over f2 together with their generator polynomials gi (x) and their generating idempotents e(x).
i
dim
gi (x)
ei (x)
0
0
1 + x7
0
1
1
1 + x + x2 + x3 + x4 + x5 + x6
1 + x + x2 + x3 + x4 + x5 + x6
2
3
1 + x2 + x3 + x4
1 + x3 + x5 + x 6
3
3
1 + x + x2 + x4
1 + x + x2 + x4
4
4
1 + x + x3
x + x2 + x4
5
4
1 + x2 + x3
x3 + x5 + x6
6
6
1+x
x + x2 + x3 + x4 + x5 + x6
7
7
1
1
To find e1 (x) if g(x) = 1 + x + x2 + x3 + x4 + x5 + x6 we first find h(x) =
x7 +1
g(x)
= x + 1.
Then we form the equation 1 = a(x)b(x) + b(x)h(x) by using Euclidean algorithm, we
divide g(x) by h(x) we get
g(x) = (x + 1)(x5 + x3 + x) + 1, then 1 = 1 · g(x) + (x + 1)(x5 + x3 + x), where
b(x) = (x5 + x3 + x) and a(x) = 1
∴ e(x) = 1 · g(x) = 1 + x + x2 + x3 + x4 + x5 + x6 .
Theorem 4.3.3. Let C be an [n, k] cyclic code with generating idempotent e(x) =
n−1
X
i=0
89
e i xi .
Then the k × n matrix
e0
e1
e2 · · · en−2 en−1
en−1
e0
e1 · · · en−3 en−2
..
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
en−k+1 en−k+2 · · · · · · en−k−1 en−k
is a generator matrix for C.
Proof. The matrix is equivalent to {e(x), xe(x), · · · , xk−1 e(x)}. The basis of C. Therefore
it suffices to show that a(x) ∈ Fq [x] has degree less than k such that a(x)e(x) = 0
then a(x) = 0. Let g(x) be the generator polynomial for C. If a(x)e(x) = 0, then 0 =
a(x)e(x)g(x) = a(x)g(x) as e(x) is the unity of C, contradiction to theorem 4.2.1(v).
Definition 4.3.2. If C1 and C2 are codes of length n over Fq , then C1 + C2 = {c1 + c2 |c1 ∈
C1 and c2 ∈ C2 } is the sum of C1 and C2 . Both the sum of and intersection of two cyclic
codes are cyclic.
Theorem 4.3.4. Let Ci be a cyclic code of length n over Fq with generator polynomial
gi (x) and generating ei (x) for i = 0 and 2. Then
(i) C1 ∩ C2 has generator polynomial lcm(g1 (x), g2 (x)) and generating idempotent e1 (x)e2 (x),
and
(ii) C1 +C2 has generator polynomial gcd(g1 (x), g2 (x)) and generating idempotent e1 (x)+
e2 (x) − e1 (x)e2 (x).
Proof. (i) Let l(x) = lcm(g1 (x), g2 (x)) =⇒ g1 (x)|l(x), g2 (x)|l(x) =⇒ e(x) = g1 (x)k1 (x), l(x) =
g2 (x)k2 (x) =⇒ e(x) ∈ C1 and l(x) ∈ C2 , since C1 ∩ C2 is cyclic, then hl(x)i ⊆ C1 ∩ C2 ....(1)
Let l0 (x) ∈ C1 ∩C2 =⇒ l0 (x) ∈ C1 , l0 (x) ∈ C2 =⇒ l0 (x) = g1 (x)f1 (x), l0 (x) = g2 (x)f2 (x) =⇒
g1 |l0 and g2 (x)|l0 (x) =⇒ l0 is a common multiple =⇒ l(x)|l0 (x) =⇒ hl0 (x)i ⊆ hl(x)i =⇒
C1 ∩ C2 ⊆ hl(x)i....(2)
From (1) and (2) we have C1 ∩C2 = lcm(g1 (x), g2 (x)), since g1 (x)|xn −1 and g2 (x)|xn −1 =⇒
l(x)|xn − 1 =⇒ l(x) is a monic polynomial and generates C1 ∩ C2 .
90
If c(x) ∈ C1 ∩ C2 =⇒ c(x) ∈ C1 , c(x) ∈ C2 and c(x)(e1 (x)e2 (x) = c(x)e2 (x) = c(x) =⇒
e1 e2 ∈ C1 ∩ C2 and e1 e2 is the unity generator idempotent of C1 ∩ C2 .
(ii) Let g(x) = gcd(g1 (x), g2 (x)) It follows from the Euclidean algorithm that g(x) =
g1 (x)a(x) + g2 (x)b(x) for some a(x) and b(x) in Fq [x]. So g1 (x) ∈ C1 + C2 . Since C1 + C2 is
cyclic, hg(x)i ⊆ C1 + C2 . On other hand g(x)|g1 (x), which shows that C1 ⊆ hg(x)i, simillarly C2 ⊆ hg(x)i implying that C1 + C2 ⊆ hg(x)i. So C1 + C2 = hg(x)i. Since g(x)|xn − 1
as g(x)|g1 (x) and g(x) is monic, g(x) is the generator polynomial for C1 + C2 . If c(x) =
c1 (x) + c2 (x) where ci (x) ∈ Ci for i = 1 and 2, then c(x)(e1 (x) + e2 (x) − e1 (x)e2 (x)) =
c1 (x) + c1 (x)e2 (x) − c1 (x)e2 (x) + c2 (x)e1 (x) + c2 (x) − c2 (x)e1 (x) = c(x).
Thus (ii) follows, since e1 (x) + e2 (x) − e1 (x)e2 (x) ∈ C1 + C2 and (e1 + e2 − e1 e2 )2 =
e1 + e2 − e1 e2 .
Example 4.3.4. If e1 (x) and e2 (x) are idempotents, so e1 (x)e2 (x), e( x)+e( x)−e1 (x)e2 (x)
and 1 − e1 (x).
Solution: (e1 e2 )2 = e21 e22 = e1 e2 and (1 − e1 )2 = 1 − 2e1 + e21 = 1 − 2e1 + e1 = 1 − e1 .
primitive idempotents: Let xn − 1 = f1 (x) · · · f2 (x), where f( x) is irreducible over Fq
for 1 ≤ i ≤ s. Then fi (x)0 s are distinct as xn − 1 has distinct roots. Let fˆi (x) =
xn −1
,
fi (x)
the ideals hfˆi (x)i of Rn are the minimal ideals of Rn .
Definition 4.3.3. An ideal I in a ring R is a minimal ideal provided there is no proper
ideal between {0} and I. The generating idempotent of hfˆi (x)i is êi (x) and is called the
primitive idempotents of Rn .
Theorem 4.3.5. The following hold in Rn .
(i) The ideals hfˆi (x)i for 1 ≤ i ≤ s are all the minimal ideals of Rn .
(ii) Rn is the vector space direct sum of hfˆi (x)i for 1 ≤ i ≤ s.
(iii) If i 6= j, then êi (x)êj (x) = 0 in Rn .
(iv)
s
X
êi = 1 in Rn .
i=1
91
(v) The only idempotents in hfˆi (x)i are 0 and êi (x).
(vi) If e(x) is a non zero idempotent in Rn , then there is a subset T of {1, 2, · · · , s} such
X
X
that e(x) =
êi (x) and he(x)i =
hfˆi (x)i.
i∈C
Proof.
i∈C
(i) Suppose that hfˆi (x)i is not a minimal ideal of Rn . So there is a generator
polynomial g(x) of a nozero ideal properly contained in hfˆi (x)i such that fˆi (x)|g(x)
g(x) 6= fˆi (x). As fˆi (x) is irreducible and g(x)|xn − 1, this is impossible, so hfˆi (x)i
is minimal ideal.
(ii) As {fˆi (x)| 1 ≤ i ≤ s} has no common irreducible factor of xn − 1 and each polynomial in the set divides xn − 1, gcd(fˆ1 (x), · · · , fˆs (x)) = 1. Applying the Euclidean
s
X
algorithm inductively, 1 =
ai (x)fˆi (x)......(1), for some ai (x) ∈ Fq [x]. So 1 is
i=1
the sum ao the ideals hfˆi (x)i, which is itself an ideal of Rn . In any ring, the only
ideal containing the identity of the ring is the ring itself. This proves that Rn is the
vector space sum of the ideals hfˆi (x)i. To prove it is a direct sum, we must show
X
hfˆj i = {0}, for 1 ≤ i ≤ s.
that hfˆi (x)i ∩
j6=i
As fi (x)|fˆj (x) for j 6= i, fj (x) - fˆj (x), and the irreducible factors of xn − 1 are
distinct, we conclude that fi (x) = gcd{fˆj (x)|1 ≤ j ≤ s, j 6= i}. Applying inducX
hfˆj (x)i. So
tion to the results of the previous theorem (ii) shows that hfi (x)i =
hfˆi i ∩
X
j6=i
hfˆj (x)i = hfˆi (x)i ∩ hfi (x)i = hlcm(fˆi (x), fi (x))i = hxn − 1i = {0} (by
j6=i
theorem 4.3.7) Then part (ii) is completed.
To complete the proof of part (i). Let M = hm(x)i be any minimal ideal of Rn .
s
X
As 0 6= m(x) = m(x) · 1 =
m(x)ai (x)fˆi (x), by (1) there is an i such that
i=1
m(x)ai (x)fˆi (x) 6= 0. Hence M ∩ hfˆi (x)i 6= {0} as m(x)ai (x)fˆi (x) ∈ M ∩ hfˆi (x)i, and
therefore M = hfˆi (x)i by minimality of M and hfˆi (x)i. Thus complets the proof of
(i).
(iii) If i 6= j, êi (x)êj (x) ∈ hfˆi (x)i ∩ hfˆj (x)i = {0} by (ii) we have êi êj = 0 in Rn .
92
(iv) By using (iii) and applying induction to theorem 4.3.7 (ii),
s
X
êi (x) is the generating
i=1
s
X
idempotent of
hfˆi (x)i = Rn , by part (ii). The generating idempotent of Rn is 1.
i=1
(v) If e(x) is a nonzero idempotent in hfˆi (x)i, then he(x)i is an ideal contained in hfˆ( x)i.
By minimality as e(x) is nonzero, hfˆi (x)i = he(x)i, implying that e(x) = êi (x) as
both are the unique unity of hfˆi (x)i.
(vi) Note that e(x)êi (x) is an idempotent in hfˆi (x)i. Thus either e(x)êi (x) = 0 or êi (x)
s
X
by (v). Let T = {i|e(x)êi (x) 6= 0}. Then by (iv), e(x) = e(x) · 1 = e(x)
êi (x) =
s
X
i=1
e(x)êi (x) =
X
i=1
X
X
ê( x). Furthermore he(x)i = h
êi (x)i =
hêi (x)i by theorem
i∈T
i∈T
4.3.7 (ii) and induction.
i∈T
Theorem 4.3.6. Let M be a minimal ideal of Rn . Then M is an extension field of Fq .
Proof. We will show that every nonzero element in M has a multiplicative invese in M.
Let a(x) ∈ M with a(x) 6= 0. Then ha(x)i is a nonzero ideal of Rn contained in M,
and hence ha(x)i = M. So e(x) is the unity of M, there is an element b(x) in Rn with
a(x)b(x) = e(x). Now c(x) = b(x)e(x) ∈ M as e(x) ∈ M. Hence a(x)c(x) = e2 (x) =
e(x).
4.4
Zeros of a cyclic code
If t = ordn (q), then Fqt is a splitting field of xn − 1, so Fqt contains a primitive nth root of
i
n
unity α, and xn − 1 = Πn−1
i=0 (x − α ) is the factorization of x − 1 into linear factors over
Fqt . Furthermore xn − 1 = Πs Mαs (x) is the factorization of xn − 1 into irreducible factors
over Fq , where s runs through a set of representatives of q− cyclotomic cosets modulo n.
Let C be a cyclic code in Rn with generator polynomial g(x). Then g(x) = Πs Mαs (x) =
Πs Πi∈Cs (x − αi ), where s runs through some subset of representatives of q− cyclotomic
93
cosets Cs modulo n.
Let T = ∪s Cs be the union of these q− cyclotomic cosets. The roots of unity Z = {αi |i ∈
T } are called the zeros of the cyclic code C and {αi |i 6∈ T } are nonzeros of C. The set T
is called defining set of C. It follows that c(x) belomgs to C if and only if c(αi ) = 0 for
each i ∈ T (because c(x) = g(x)f (x) where f (x) ∈ Fq (x) and deg f (x) < k).
Note The set T where T = ∪s Cs and hence either the set of zeros or the set of nonzeros,
completely determines the generator polynimial g(x), and since |T | = deg g(x), then
dim C = n − |T |.
Example 4.4.1. In the following table we give, generator polynomial gi (x) and generating
idempotents ei (x) for all the cyclic codes Ci of length 7 over F2 and we add in the table
the defining sets of each code relative to the primitive root α given in example 4.3.4.
i
dim
gi (x)
ei (x)
Defining set
0
0
1 + x7
0
{0, 1, 2, 3, 4, 5, 6}
1
1
1 + x + x2 + x3 + x4 + x5 + x 6
1 + x + x2 + x3 + x4 + x5 + x6
{1, 2, 3, 4, 5, 6}
2
3
1 + x2 + x3 + x4
1 + x3 + x5 + x6
{0, 1, 2, 4}
3
3
1 + x + x2 + x4
1 + x + x2 + x4
{0, 3, 5, 6}
4
4
1 + x + x3
x + x2 + x4
{1, 2, 4}
5
4
1 + x2 + x3
x3 + x5 + x6
{3, 5, 6}
6
6
1+x
x + x 2 + x3 + x4 + x5 + x6
{0}
7
7
1
1
∅
α0 , α = α, α2 = α2 , α3 = α + 1, α4 = α2 + α, α5 = α2 + α + 1, α6 = α2 + 1
Exercise: What would be the defining sets of each of the codes in the above example if
the primitive root β = α3 were used to determine the defining set rather than α?.
Solution:If β = α3 is a primitive 7 th root of unity then the defining sets for the a bove
94
codes is given in the following table
i
dim
gi (x)
Defining set
0
0
1 + x7
{0, 1, 2, 3, 4, 5, 6}
1
1
1 + x + x2 + x3 + x4 + x5 + x6
{1, 2, 3, 4, 5, 6}
2
3
1 + x2 + x3 + x4
{0, 3, 5, 6}
3
3
1 + x + x2 + x4
{0, 1, 2, 4}
4
4
1 + x2 + x3
{1, 2, 4}
5
4
1 + x + x3
{3, 5, 6}
6
6
1+x
{0}
7
7
1
∅
To explaine the code C5 . Since the generator polynomial g(x) = 1 + x + x3 , then β = α3 is
a primitive 7−th root of unity, then the roots of the cyclic code are (α3 )3 = α2 , (α3 )5 =
α, (α3 )6 = α4 , becuase g(α2 ) = 1 + α2 + α6 = 1 + α2 + 1 + α2 = 0,
g(α) = 1 + α + α3 = 1 + α + α + 1 = 0,
g(α4 ) = 1 + α4 + α12 = 1 + α2 + α + α5 = 1 + α2 + α + α2 + α + 1 = 0,
Or g(x) = (x − α2 )(x − α)(x − α4 ) = 1 + x + x3 .
Theorem 4.4.1. Let α be a primitive nth root of unity in some extension field of Fq . Let
C be a cyclic code of length n over fq with defining set T and generator polynomial g(x).
The following hold.
(i) T is a union of q-cyclotomic cosets modulo n.
((ii) g(x) = Πi∈T (x − αi ).
((iii) c(x) ∈ Rn is in C if and only if c(αi ) = 0 for all i ∈ T .
(iv) The dimension of C is n − |T |.
For a cyclic code C in Rn , there are in general many polynomials r(x) ∈ Rn such
that C = h r(x)i. However by theorem 4.2.1 and its corollary, there is exactly one such
95
polynomial, namely the monic polynomial in C of minimal degree, which also divides xn −1
and which we call the generator polynomial of C. in the next theorem we characterize all
polynomials r(x) which generates C.
Theorem 4.4.2. Let C be a cyclic code of length n over Fq with generator polynomial
g(x). Let v(x) be a polynomial in Rn .
(i) C = hv(x)i if and only if gcd(v(x), xn − 1) = g(x).
(ii) v(x) generates C if and only if the nth roots of unity which are zeros of v(x) are
precisely the zeros of C.
Proof. (i)Let g(x) = gcd(v(x), xn − 1) =⇒ g(x)|v(x), so multiples of v(x) are multiples of
g(x) in Rn and so hv(x)i ⊆ C = hg(x)i....(1).
By the Euclidean algorithm there exist polynomials a(x) and b(x) in Fq [x] such that
g(x) = a(x)v(x) + b(x)(xn − 1). Hence g(x) = a(x)v(x) in Rn and so multiples of g(x)
are multiples of v(x) in Rn implying, h v(x)i ⊇ C = hg(x)i....(2).
So from (1) and (2) we have C = hv(x)i.
Convesely, assume that C = hv(x)i. Let d(x) = gcd(v(x), xn − 1). As g(x)|v(x) and
g(x)|xn − 1 =⇒ g(x)|d(x). As g(x) ∈ C = hv(x)i, so there exist a(x) such that g(x) =
a(x)v(x) ∈ Rn . So there exists b(x) such that g(x) = a(x)v(x)+b(x)(x6n−1) in Fq [x] =⇒
d(x)|g(x). Hence as both d(x) and g(x) are monic and divide each other d(x) = g(x). and
(i) holds.
(ii) As the only roots of both g(x) and xn −1 are nth roots of unity, g(x) = gcd(v(x), xn −1)
if and only if the nth roots of unity which are zeros of v(x) are precisely the zeros of g(x),
the latter are the zeros of C.
4.5
Meggitt decoding of cyclic codes
There are several variations of Miggitt decoding; we will present two of them.
Let C be an [n, k, d] cyclic code over Fq with generator polynomial g(x) of degree n − k;
96
C will correct t = b (d−1)
c errors. Let c(x) ∈ C is transmitted and y(x) = c(x) + e(x) is
2
received, where e(x) = e0 + e1 x + · · · + en−1 x6n − 1 is the error vector with wt(e(x)) ≤ t.
The Miggitt decoder stores syndromes of erroe patterns with coordinate n− in error.
The first version of Meggitt decoding algorith described as foolws: By shifting y(x) at
most n times, the decoder finds the error vector e(x) fromthe list and corrects the errors.
In the second version, by shifting y(x) until an error appears in coordinate n − 1, the
decoder findes the error in that coordinate, correct only that error, and then corrects
errors in coordinates n − 2, n − 3, · · · , 1, 0 in that order by further shifting.
For any vector v(x) ∈ Fq [x] let Rg(x) (v(x) be the unique remainder when v(x) is divided
by g(x) according to the divison algorithm, that is Rg(x) )(v(x)) = r(x) where v(x) =
g(x)f (x) + r(x) where r(x) = 0 or deg r(x) < n − k. The function Rg(x) (v(x)) satisfies
the following properties,
Theorem 4.5.1. With the preceding notation the following hold:
(i) Rg(x) (av(x) + bv 0 (x)) = aRg(x) (v(x)) + bRg(x) (v 0 (x)) for all v(x), v 0 (x) ∈ Fq [x] and
all a, b ∈ Fq .
(ii) Rg(x) (v(x) + a(x)(xn − 1)) = Rg(x) (v(x))
(iii) Rg(x) (v(x)) = 0 if and only if v(x) mod (xn − 1) ∈ C.
(iv) If c(x) ∈ C, then Rg(x) (c(x) + e(x)) = Rg(x) (e(x))
(v) If Rg(x) (e(x)) = Rg(x) (e0 (x)), where e(x) and e0 (x) each have weight at most t, then
e(x) = e0 (x)
(vi) Rg(x) (v(x)) = v(x) if deg v(x) < n − k.
Proof.
(i) Let r(x) = Rg(x) (v(x)), r0 (x) = Rg(x) (v 0 (x)) where v(x) = g(x)f (x) + r(x),
v 0 (x) = g(x)f 0 (x) + r0 (x) with r(x) = 0 or deg r(x) < n − k, and r0 (x) = 0 or
deg r0 (x) < n − k.
r(x) = v(x) − g(x)f (x), r0 (x) = v 0 (x) − g(x)f 0 (x)..
97
ar(x) = av(x) − ag(x)f (x), br0 (x) = bv 0 (x) − bg(x)f 0 (x)
ar(x) + br0 (x) = av(x) − ag(x)f (x) + bv 0 (x) − bg(x)f 0 (x)
av(x) + bv 0 (x) = ag(x)f (x) + bg(x)f 0 (x) + ar(x) + br0 (x) = g(x)(af (x) + bf 0 (x) +
ar(x) + br0 (x)), where deg ar(x) + br0 (x) < n − k or ar(x) + br0 (x) = 0 =⇒
Rg(x) (av(x)+bv 0 (x)) = ar(x)+br0 (x) = aRg(x) (v(x))+bRg(x) (v 0 (x)) for all v(x), r0 (x) ∈
Fq [x] and a, b ∈ Fq .
(ii) Let v(x) = g(x)f (x) + r(x) where r(x) = 0 or deg r(x) < n − k. Rg(x) (v(x)) =
r(x) = v(x) − g(x)f (x) since g(x) is a generator polynomial, then g(x)|xn − 1 =⇒
xn − 1 = k(x)g(x) =⇒ a(x)(xn − 1) = a(x)k(x)g(x) =⇒ v(x) + a(x)(xn − 1) =
g(x)f (x) + r(x) + a(x)k(x)g(x) = g(x)[f (x) + a(x)k(x)] + r(x).
r(x) = Rg(x) (v(x)) = Rg(x) (v(x) + a(x)(xn −)).
(iii) If r(x) = Rg(x) (v(x)) = 0 =⇒ v(x) = g(x)f (x) =⇒ v(x)+a(x)(xn −1) ≡ g(x)f (x)+
a(x)k(x)g(x) = g(x)(f (x) + a(x)k(x)) ∈ C =⇒ v(x) mod (xn − 1) ∈ C.
Convesely, if v(x)(mod xn − 1) ∈ C =⇒ v(x) + a(x)(xn − 1) ∈ C =⇒ Rg(x) (v(x)) = 0.
(iv) If c(x) ∈ C, then Rg(x) (c(x)) = 0 and =⇒ Rg(x) (c(x))+Rg(x) (e(x)) = 0+Rg(x) (e(x))
(v) If Rg(x) (e(x)) = Rg(x) (e0 (x)) then there exists c(x) ∈ C such that Rg(x) (c(x) +
e(x)) = Rg(x) (e(x)) and Rg(x) (c(x) + e0 (x)) = Rg(x) (e0 (x)) =⇒ Rg(x) (c(x) + e0 (x)) −
Rg(x) (e0 (x)) = Rg(x) (e(x) − e0 (x)) = 0 =⇒ e(x) − e0 (x) mod (xn − 1) ∈ C where
deg (e(x) − e0 (x) < n − k but g(x) is a unique monic polynomial of minimal degree
n − k =⇒ e(x) − e0 (x) = 0 =⇒ e(x) − e0 (x).
(vi) Rg(x) (v(x)) = v(x) if deg v(x) < n − k.
If deg v(x) < n − k =⇒ v(x) = 0 · g(x) + v(x) =⇒ Rg(x) (v(x)) = v(x).
Theorem 4.5.2. Let g(x) be a monic divisor of xn − 1 of degree n − k. If Rg(x) (v(x)) =
S(x), then Rg(x) (xv(x))mod (xn −1)) = Rg(x) (xS(x)) = xS(x)−g(x)Sn−k−1 , where Sn−k−1
is the coefficient of xn−k−1 in S(x).
98
Proof. By definition v(x) = g(x)f (x) + S(x) where S(x) =
n−k−1
X
Si xi . So xv(x) =
i=0
xg(x)f (x) + xs(x) = xg(x) · f (x) + g(x)f1 (x) + S 0 (x), where S 0 (x) = Rg(x) (xS(x)). Also
xv(x) mod (xn − 1) = xv(x) − (xn − 1)vn−1 . (Because xv(x) = v0 x + · · · + vn−1 xn =⇒
xv(x) (mod xn − 1) = xv(x) − (xn − 1). Thus xv(x) mod (xn − 1) = xg(x) + f (x)f1 (x) +
S 0 (x) − (xn − 1)vn−1 = (xf (x) + f1 (x) − h(x)vn−1 )g(x) + s0 (x), where g(x)h(x) = xn · 1.
Therefore Rg(x) (xv(x)) mod (xn −1) = s0 (x) = Rg(x) (xS(x)), because deg S 0 (x) < n−k =
n−k−1
X
deg g(x). As g(x) is monic of degree n − k and xS(x)
Si xi+1 , the remainder when
i=0
xS(x) is divided by g(x) is xS(x) − g(x)Sn−k−1 , (because xS(x) = S0 x + S1 x2 + · · · +
Sn−k−1 xn−k ) = g(x)Sn−k−1 + Rg(x) (xS(x)) =⇒ Rg(x) (xS(x)) = xS(x) − g(x)Sn−k−1 .
Definition 4.5.1. The weight of a polynomial is the number of nonzero coefficients.
Definition 4.5.2. The syndrome S(v(x)) of v(x) is defined by S(v(x)) = Rg(x) (xn−k v(x)).
Remark 4.5.1. If v(x) ∈ Rn , then S(v(x)) = 0 if and only if v(x) ∈ C.
The first version of Meggitt decoding algorithm
Step I: We find all the syndrome polynomials S(e(x)) of error patterns e(x) =
n−1
X
ei xi
i=0
such that wt(e(x)) ≤ t and en−1 6= 0.
Example 4.5.1. Let C be the [15, 7, 5] binary cyclic code with defining set T = {1, 2, 3, 4, 6, 8, 9, 12}.
Let α be a 15th root of unity in F16 . Then g(x) = 1 + x4 + x6 + x7 + x8 is the generator
polynomial of C and the syndrome of e(x) is S(e(x)) = Rg(x) (x8 e(x)). Step I produces the
99
following syndrome polynomials:
e(x)
S(e(x))
x14
x7
x13 + x14
x6 + x7
x12 + x14
x5 + x7
x11 + x14
x4 + x7
x10 + x14
x3 + x7
x9 + x14
x2 + x7
x8 + x14
x + x7
x7 + x14
1 + x7
x6 + x14
x3 + x 5 + x6
x5 + x14
x2 + x4 + x 5 + x6 + x7
x4 + x14
x + x3 + x4 + x5 + x7
x3 + x14
1 + x 2 + x3 + x4 + x7
x2 + x14
x + x2 + x5 + x6
x + x14
1 + x + x4 + x5 + x6 + x7
1 + x14
1 + x4 + x6
for example tp compute S(x12 + x14 ) = Rg(x) (x8 (x12 + x14 )) = Rg(x) (x20 + x22 ) =
Rg(x) (x5 +x7 ) = x5 +x7 because deg x7 +x7 < 8 = deg g(x) also S(1+x14 ) = Rg(x) (x8 (1+
x14 )) = Rg(x) (x8 + x7 ) = Rg(x) (x8 ) + Rg(x) (x7 ) = (1 + x4 + x6 + x7 ) + x7 = 1 + x4 + x6 .
For Rg(x) (x9 ) = Rg(x) (xx8 ) by theorem 4.6.2 we have Rg(x) (x9 ) = Rg(x) (x(1 + x4 + x6 +
x7 )) = Rg(x) (x + x5 + x7 + x8 ) = Rg(x) (x + x5 + x7 + 1 + x4 + x6 + x7 ) = Rg(x) (1 + x +
x4 + x5 + x6 ) = 1 + x + x4 + x5 + x6 .
For S(x + x14 ) = Rg(x) (x8 (x + x14 ) = Rg(x) (x9 + x7 ) = Rg(x) (x9 ) + Rg(x) (x7 ) = 1 + x +
x4 + x5 + x6 + x7 .
Step II: Suppose that y(x) is the received vector, compute the syndrome S(y(x)) =
Rg(x) (xn−k y(x)), since y(x) = x(x) + e(x), with c(x) ∈ C =⇒ S(y(x)) = S(c(x)) +
S(e(x)) = 0 + s(e(x)).
100
Example 4.5.2. Let y(x) = 1 + x4 + x7 + x9 + x10 + x12 is received. Then S(y(x)) =
x + x2 + x6 + x7 .
Step III: If S(y(x)) is in the list computed in step I, then you know the error polynomial e(x) and this can be subtracted from y(x) to obtain the codeword c(x). If S(y(x))
is not in the list go on step (iv).
Step iv: Compute the syndrome polynomial of xy(x), x2 y(x), · · · in succession until the
syndrome polynomial is in the list from step I. If S(xi y(x)) is in the list and is associated
with the error polynomial e0 (x), then the received vector is decoded as y(x) − xn−i e0 (x).
The computation in step (iv) is most easily carried out using theorem 4.6.12 as
n−k−1
X
n−k
Si xi ,
Rg(x) (x y(x)) = S(y(x)) =
i=0
S(xy(x)) = Rg(x) (xn−k xy(x)) = Rg(x) (x(xn−k y(x))) = Rg(x) (xS(y(x))) = xS(y(x)) −
Sn−k−1 g(x)....(1)
We proceed in the same fashion to get the syndrome of x2 y(x) from that of xy(x).
Example 4.5.3. From example 4.5.2
S(y(x)) = x + x2 + x6 + x7 , that S(xy(x)) = x(x + x2 + x6 + x7 ) − 1 · g(x) = x2 + x3 +
x7 + x8 − (1 + x4 + x6 + x7 + x8 ) = 1 + x2 + x3 + x4 + x6 which is not in the list, from
equation (1), we have,
S(x2 y(x)) = x · S(xy(x)) − 0 · g(x)
∴ S(x2 y(x)) = x(1 + x2 + x3 + x4 + x6 ) − 0 = x + x3 + x4 + x5 + x7 , which is in the list,
which corresponds to the error x4 + x14 =⇒ y(x) is decoded as
y(x) − (x15−2 )(x4 + x14 ) = y(x) − (x17 + x27 ) = y(x) − (x2 + x15 ) = 1 + x4 + x7 + x9 +
x10 + x12 − (x2 + x12 ) = 1 + x2 + x4 + x7 + x9 + x10 .
Note: this codeword is (1 + x2 )g(x).
101
