Information and Coding Theory Cyclic codes Juris Viksna, 2015

Why cyclic codes? We started with restricting our attention to linear codes: Advantages minimal distance h(C) is easy to compute if C is a linear code it is easy to specify a particular code simple enconing and (kind of :) reasonable decoding procedures Disadvantages linearity is heavy restriction, however it is not that clear whether we really could gain that much by abandoning it However, most of known "good" codes are in addition cyclic. Cyclic codes also have a simpler decoding procedures.

Relation with shift registers clock signal g0g0 g1g1 + g2g2 + g3g3 time R = N-K shift registers

Cyclic codes -definition [Adapted from B.Cherowitzo]

Cyclic codes - examples [Adapted from B.Cherowitzo]

Rings Actually we will be interested in rings that are even “more similar” to fields, i.e.: - are commutative, - have multiplicative unit “1”. A commutative ring with unity Why do we need rings? It seems that a way to do encoding with a cyclic code could be encoding of polynomial m(x) as c(x) = m(x)g(x) mod (x n  1) The set of all polynomials m(x) is a ring, but not a field.

Computation within R n Computation modulo x n – 1 Since x n  1 (mod x n -1) we can compute f(x) mod x n -1 as follow: In f(x) replace x n by 1, x n +1 by x, x n +2 by x 2, x n +3 by x 3, … Identification of words with polynomials a 0 a 1 … a n -1  a 0 + a 1 x + a 2 x 2 + … + a n -1 x n -1 Multiplication by x in R n corresponds to a single cyclic shift x (a 0 + a 1 x + … a n -1 x n -1 ) = a n -1 + a 0 x + a 1 x 2 + … + a n -2 x n - 1

Ring of polynomials - example [Adapted from B.Cherowitzo]

Ring of polynomials The set of polynomials in F q [x] of degree less than deg (f(x)), with addition and multiplication modulo f(x) forms a ring denoted F q [x]/f(x). Example Calculate (x + 1) 2 in F 2 [x] / (x 2 + x + 1). It holds (x + 1) 2 = x 2 + 2x + 1  x  x (mod x 2 + x + 1). How many elements has F q [x] / f(x)? Result | F q [x] / f(x) | = q deg (f(x)). Example Addition and multiplication in F 2 [x] / (x 2 + x + 1) +01x1 + x 001x 110 x xx 01 x10  01x X x0 x 1 0 1x

Ideals So, this a subspace of a ring that seems to satisfy the requirements of cyclic codes: - 1 and 2 (and part of 3) guarantees linearity - 3 in addition guarantees cyclicity

Ideals and cyclic codes R n - a ring of polynomials modulo x n  1 (assume that field GF(q) is fixed) Theorem A set of elements in R n corresponds to cyclic code C if and only if C is an ideal in R n. Proof Given an ideal C, linearity guarantees that C is subspace, and property 3 guarantees that all cyclic shifts of codewords also belongs to code. Similarly, if C is a code, its elements have to satisfy the definition of ideal.

Principal ideals [Adapted from B.Cherowitzo]

Principal ideals [Adapted from B.Cherowitzo] Thus, the in the ring of all polynomials any ideal is principal - i.e. it can be defined by a single generator polynomial.

Principal ideals [Adapted from B.Cherowitzo] Generally the proof doesn’t change, if we consider ring of polynomials modulo some polynomial p(x). We will be generally interested in R n (rings modulo x n  1). Every cyclic code thus can be defined by providing a single generator polynomial g(x).

Generators of ideals - example [Adapted from B.Cherowitzo]

Cyclic codes - some more definitions

Cyclic codes - some examples The code with the generator matrix has codewords c 1 = c 2 = c 3 = c 1 + c 2 = c 1 + c 3 = c 2 + c 3 = c 1 + c 2 + c 3 = and it is cyclic because the right shifts have the following impacts c 1  c 2,c 2  c 3,c 3  c 1 + c 3 c 1 + c 2  c 2 + c 3,c 1 + c 3  c 1 + c 2 + c 3,c 2 + c 3  c 1 c 1 + c 2 + c 3  c 1 + c 2

Cyclic codes - some examples Example (i) Code C = {000, 101, 011, 110} is cyclic. (ii) Hamming code Ham(3, 2): with the generator matrix is equivalent to a cyclic code. (iii) The binary linear code {0000, 1001, 0110, 1111} is not a cyclic, but it is equivalent to a cyclic code. (iv) Is Hamming code Ham(2, 3) with the generator matrix (a) cyclic? (b) equivalent to a cyclic code?

Cyclic codes - how frequent are they? Comparing with linear codes, the cyclic codes are quite scarce. For, example there are linear (7,3) linear binary codes, but only two of them are cyclic. Trivial cyclic codes. For any field F and any integer n >= 3 there are always the following cyclic codes of length n over F: No-information code - code consisting of just one all-zero codeword. Repetition code - code consisting of codewords (a, a, …,a) for a  F. Single-parity-check code - code consisting of all codewords with parity 0. No-parity code - code consisting of all codewords of length n For some cases, for example for n = 19 and F = GF(2), the above four trivial cyclic codes are the only cyclic codes.

Cyclic codes and generator polynomials

We show that all cyclic codes C have the form C =  f(x)  for some f(x)  R n. Theorem Let C be a non-zero cyclic code in R n. Then there exists unique monic polynomial g(x) of the smallest degree such that C =  g(x)  g(x) is a factor of x n -1. Proof (i) Suppose g(x) and h(x) are two monic polynomials in C of the smallest degree. Then the polynomial g(x) - h(x)  C and it has a smaller degree and a multiplication by a scalar makes out of it a monic polynomial. If g(x)  h(x) we get a contradiction. (ii) Suppose a(x)  C. Then a(x) = q(x)g(x) + r(x)(deg r(x) < deg g(x)) and r(x) = a(x) - q(x)g(x)  C. By minimality r(x) = 0 and therefore a(x)  g(x) .

Cyclic codes and generator polynomials [Adapted from B.Cherowitzo] Thus there is 1-to-1 correspondence between cyclic codes and all distinct polynomials that divide x n  1.

Cyclic codes and generator polynomials We show that all cyclic codes C have the form C =  f(x)  for some f(x)  R n. Theorem Let C be a non-zero cyclic code in R n. Then there exists unique monic polynomial g(x) of the smallest degree such that C =  g(x)  g(x) is a factor of x n -1. Proof (iii) Clearly, x n –1 = q(x)g(x) + r(x) with deg r(x) < deg g(x) and thereforer(x)  -q(x)g(x) (mod x n -1) and r(x)  C  r(x) = 0  g(x)is a factor of x n -1.

How to find cyclic codes? Theorem 2 gives a recipe to get all cyclic codes of given length n. Indeed, all we need to do is to find all factors of x n -1. Problem: Find all binary cyclic codes of length 3. Solution: Since x 3 – 1 = (x + 1)(x 2 + x + 1) both factors are irreducible in GF(2) we have the following generator polynomials and codes. Generator polynomialsCode in R 3 Code in V(3,2) 1R 3 V(3,2) x + 1{0, 1 + x, x + x 2, 1 + x 2 }{000, 110, 011, 101} x 2 + x + 1{0, 1 + x + x 2 }{000, 111} x 3 – 1 ( = 0){0}{000}

Example - binary cyclic codes in R 7 [Adapted from B.Cherowitzo]

Example - ternary codes of length 3 The task is to determine all ternary codes of length 4 and generators for them. Factorization of x over GF(3) has the form x = (x - 1)(x 3 + x 2 + x + 1) = (x - 1)(x + 1)(x 2 + 1) Therefore there are 2 3 = 8 divisors of x and each generates a cyclic code. Generator polynomialGenerator matrix 1I 4 x x + 1 x (x - 1)(x + 1) = x (x - 1)(x 2 + 1) = x 3 - x 2 + x - 1[ ] (x + 1)(x 2 + 1)[ ] x = 0[ ]

Some factors of x n -1 All we need to do is factor x n  1. This, however, isn’t necessarily obvious how to do :)

Generator polynomials and matrices The fact that multiplying some vector with G we obtain a codeword from C is a bit obvious. In addition, we need: - to show that all rows of G are linearly independent - to show all codewords from C can be obtained

Generator polynomials and matrices [Adapted from B.Cherowitzo]

Check polynomials

Theorem Let C be a cyclic code in R n with a generator polynomial g(x) and a check polynomial h(x). Then an c(x)  R n is a codeword of C if c(x)h(x)  0 - this and next congruences are modulo x n - 1. Proof Note, that g(x)h(x) = x n - 1  0 (i) c(x)  C  c(x) = a(x)g(x) for some a(x)  R n  c(x)h(x) = a(x) g(x)h(x)  0.  0 (ii) c(x)h(x)  0 c(x) = q(x)g(x) + r(x), deg r(x) < n – k = deg g(x) c(x)h(x)  0  r(x)h(x)  0 (mod x n - 1) Since deg (r(x)h(x)) < n – k + k = n, we have r(x)h(x) = 0 in F[x] and therefore r(x) = 0  c(x) = q(x)g(x)  C.

Check polynomials and dual codes [Adapted from B.Cherowitzo]

Check polynomials and dual codes Since dim (  h(x)  ) = n - k = dim (C  ) we might easily be fooled to think that the check polynomial h(x) of the code C generates the dual code C . Reality is “slightly different'': Theorem Suppose C is a cyclic [n,k]-code with the check polynomial h(x) = h 0 + h 1 x + … + h k x k, then (i) a parity-check matrix for C is (ii) C  is the cyclic code generated by the polynomial i.e. the reciprocal polynomial of h(x).

Check polynomials and dual codes Proof A polynomial c(x) = c 0 + c 1 x + … + c n -1 x n –1 represents a code from C if c(x)h(x) = 0. For c(x)h(x) to be 0 the coefficients at x k,…, x n -1 must be zero, i.e. Therefore, any codeword c 0 c 1 … c n -1  C is orthogonal to the word h k h k -1 …h 0 00…0 and to its cyclic shifts. Rows of the matrix H are therefore in C . Moreover, since h k = 1, these row-vectors are linearly independent. Their number is n - k = dim (C  ). Hence H is a generator matrix for C , i.e. a parity-check matrix for C. In order to show that C  is a cyclic code generated by the polynomial it is sufficient to show that is a factor of x n -1. Observe that and sinceh(x -1 )g(x -1 ) = (x -1 ) n -1 we have thatx k h(x -1 )x n -k g(x -1 ) = x n (x –n -1) = 1 – x n and therefore is indeed a factor of x n -1.

Syndromes and generator matrix [Adapted from B.Cherowitzo]

Syndromes and generator matrix - example [Adapted from B.Cherowitzo]

Syndromes and generator matrix [Adapted from B.Cherowitzo]

Syndromes and generator matrix [Adapted from B.Cherowitzo]

Idempotent polynomials

Idempotent generators [Adapted from B.Cherowitzo]

Idempotent generators - example [Adapted from B.Cherowitzo]

Idempotent generators - existence [Adapted from B.Cherowitzo] (a,b) denotes just gcd(a,b). If  is a root then x n  1=(x   )(x n  1 +  x n   n  1 ) If there is another root equal to , then n  n  1 =  n  1 = 0, and  = 0...

Idempotent generators – Generator matrix [Adapted from B.Cherowitzo]

Idempotent generators – Generator matrix [Adapted from V.Pless]

Idempotent generators - how to find? This turns out to be quite easy, at least in GF(2) assuming that n is odd. S - set of powers of x that occur with non-zero coefficients in e(x). Notice that e 2 (x) = e(x) if and only if i  S  2i  S. Thus S is a union of cyclotomic cosets and we can just look at cyclotomic cosets and write down the coefficients of e(x).

Idempotent generators - how to find? n=7, C 0 ={0}, C 1 ={1,2,4},C 3 ={3,6,5}.

Idempotents - summary So, where are we now? Cyclic codes can be characterized by their idenpotents as well as by their generator polynomials. Idempotents are easier to find. In particular, for GF(2 m ) cyclotomic cosets allow to write down idempotents immediately. Then it is already not that hard to find generator polynomials - g(x)=gcd(x n –1,e(x)). By knowing generator polynomials, we actually are already quite close to solution to factoring problem. Actually, a similar approach is used in Berlekamp's factoring algorithm.

Berlekamp's factoring algorithm [Adapted from FYI We actually have developed a factoring algorithm for x n –1 in GF(2). There is a general algorithm for factoring p(x) in GF(q).