Table Of Content

January 5, 2012 On Polynomial Remainder Codes Jiun-Hung Yu and Hans-Andrea Loeliger Dept. of Information Technology and Electrical Engineering ETH Zurich, Switzerland Email: {yu, loeliger}@isi.ee.ethz.ch Abstract 2 1 0 Polynomial remainder codes are a large class of codes derived from the Chinese re- 2 mainder theorem that includes Reed-Solomon codes as a special case. In this paper, we n a revisit these codes and study them more carefully than in previous work. We explicitly J allow the code symbols to be polynomials of different degrees, which leads to two different 9 notions of weight and distance. ] Algebraic decoding is studied in detail. If the moduli are not irreducible, the notion T of an error locator polynomial is replaced by an error factor polynomial. We then obtain I s. a collection of gcd-based decoding algorithms, some of which are not quite standard even c when specialized to Reed-Solomon codes. [ 1 Index Terms—Chinese remainder theorem, redundant residue codes, polynomial re- v 2 mainder codes, Reed-Solomon codes, polynomial interpolation. 1 8 1 1 Introduction . 1 0 2 Polynomial remainder codes are a large class of codes derived from the Chinese remainder 1 theorem. Such codes were proposed by Stone [2], who also pointed out that these codes : v include Reed-Solomon codes [3] as a special case. Variations of Stone’s codes were studied i X in [4–6]. In [2] and [4], the focus is on codes with a fixed symbol size, i.e., the moduli r are relatively prime polynomials of the same degree. A generalization of such codes was a proposed by Mandelbaum [5], who also pointed out that using moduli of different degrees can be advantageous for burst error correction [6]. Althoughthecodesin[2,4–6]can,inprinciple,correctmanyrandomerrors,noefficient decoding algorithm for random errors was proposed in these papers. In 1988, Shiozaki [7] proposedanefficientdecodingalgorithmforStone’scodes[2]usingEuclid’salgorithm,and he also adapted this algorithm to decode Reed-Solomon codes. However, the algorithm of [7] is restricted to codes with a fixed symbol size, i.e., fixed-degree moduli. Moreover, A preliminary version of this work was presented in part in [1]. 1 the argument given in [7] seems to assume that all the moduli are irreducible although this assumption is not stated explicitly. In [8], Mandelbaum made the interesting observation that polynomial remainder codes (generalized as in [5]) contain Goppa codes [9] as a special case. By means of this observa- tion, generalized versions of Goppa codes such as in [10] may also be viewed as polynomial remainder codes. In subsequent work [11,12], Mandelbaum actually used the term “gen- eralized Goppa codes” for (generalized) polynomial remainder codes. He also proposed a decoding algorithm for such codes using a continued-fractions approach [11,12]. However, this connection between (generalized) polynomial remainder codes and Goppa codes will not be further pursued in this paper. There is also a body of work on Chinese remainder codes over integers, cf. [13,14]. However, the results of the present paper are not directly related to that work. In this paper, we revisit polynomial remainder codes as in [2]. We explicitly allow moduli of different degrees (i.e., variable symbol sizes) within a codeword. In this way, we can, e.g., lengthen a Reed-Solomon code by adding some higher-degree symbols without increasing the size of the underlying field. In consequence, we obtain two different notions of distance—Hamming distance and degree-weighted distance—and the corresponding minimum-distance decoding rules. Algebraic decoding as in [7] is studied in detail. If the moduli are not irreducible, the notion of an error locator polynomial is replaced by an error factor polynomial. We then obtain a collection of gcd-based decoding algorithms, some of which are not quite standard even when specialized to Reed-Solomon codes. This paper is organized as follows. In Section 2, we recall the Chinese remainder theorem and the definition of Chinese remainder codes over integers and polynomials. We also discuss erasures-only decoding, i.e., the recovery of a codeword from a subset of its symbols, for which we propose a method that appears to be new. In Section 3, we focus on polynomial remainder codes and their minimum-distance decoding, both for Hamming distance and degree-weighted distance. In Section 4, we introduce error locator polynomials and error factor polynomials and a key equation for the latter. In Section 5, we derive gcd-based decoding algorithms. A synopsis of these algorithms is given in Section 5.4, and their relation to prior work is discussed in Section 5.5. Section 6 concludes the paper. The cardinality of a set S will be denoted by |S| and the absolute value of an integer n will be denoted by |n|. In Section 2.2, this same symbol will also be used for the degree of a polynomial, i.e., |a(x)| =(cid:52) dega(x). 2 Chinese Remainder Codes 2.1 Chinese Remainder Theorem and Codes Let R = Z or R = F[x] for some field F. (Later on, we will focus on R = F[x].) For R = Z, for any positive m ∈ Z, let R denote the ring {0,1,2,...,m−1} with addition m and multiplication modulo m; for R = F[x], for any monic polynomial m(x) ∈ F[x], let 2 R denote the ring of polynomials over F of degree less than degm(x) with addition and m multiplication modulo m(x). For R = Z, gcd(a,b) denotes the greatest common divisor of a,b ∈ Z, not both zero; for R = F[x], gcd(a,b) denotes the monic polynomial of largest degree that divides both a,b ∈ F[x], not both zero. We will need the Chinese remainder theorem [2] in the following form. Theorem 1 (Chinese Remainder Theorem). For some integer n > 1, let m ,m ,...,m ∈ R be relatively prime (i.e., gcd(m ,m ) = 1 for i (cid:54)= j) and let 0 1 n−1 i j M =(cid:52) (cid:81)n−1m . Then the mapping n i=0 i ψ : R → R ×...×R : a (cid:55)→ ψ(a) =(cid:52) (cid:0)ψ (a),...,ψ (a)(cid:1) (1) Mn m0 mn−1 0 n−1 with ψ (a) =(cid:52) a mod m is a ring isomorphism. i i The inverse of the mapping (1) is n−1 (cid:88) ψ−1 : R ×...×R → R : (c ,...,c ) (cid:55)→ c β mod M (2) m0 mn−1 Mn 0 n−1 i i n i=0 with coefficients M (cid:18)M (cid:19)−1 n n β = · (3) i m m i i modmi where (b)−1 denotes the inverse of b in R . (cid:50) modmi mi Definition 1. A Chinese remainder code (CRT Code) over R is a set of the form C =(cid:52) {(c ,...,c ) : c = a mod m for some a ∈ R } (4) 0 n−1 i i M k where n and k are integers satisfying 1 ≤ k ≤ n, where m ,m ,...,m ∈ R are 0 1 n−1 relatively prime, and where M =(cid:52) (cid:81)k−1m . (cid:50) k i=0 i In other words, a CRT code consists of the images ψ(a), with ψ as in (1), of all a ∈ R . M k For R = F[x], CRT codes are linear (i.e., vector spaces) over F; for R = Z, however, CRT codes are not linear since the pre-image of the sum of two codewords may exceed the range of M . k Thecomponentsc = ψ (a)in(1)and(4)willbecalledsymbols. Notethateachsymbol i i is from a different ring R ; these rings need not have the same number of elements. We mi will often (but not always) assume that the moduli m in Definition 1 satisfy the condition i |R | ≤ |R | ≤ ... ≤ |R |. (5) m0 m1 mn−1 We will refer to (5) as the Ordered-Symbol-Size Condition. 3 2.2 Interpolation Consider the problem of reconstructing a codeword c = (c ,...,c ) from a subset of 0 n−1 its symbols. Specifically, let C be a CRT code as in Definition 1 and let S be a subset of {0,1,2,...,n−1} with cardinality |S| > 0. Let c = (c ,...,c ) = ψ(a) ∈ C be the 0 n−1 codeword corresponding to some a ∈ R by (4). Suppose we are given c˜= (c˜ ,...c˜ ) M 0 n−1 k with c˜ = c for i ∈ S (6) i i (and with arbitrary c˜ ∈ R for i (cid:54)∈ S) and we wish to reconstruct a = ψ−1(c) from c˜. i mi This problem arises, for example, when the channel erases some symbols (and lets the receiver know the erased positions) but delivers the other symbols unchanged. However, this problem also arises as the last step in the decoding procedures that will be discussed later in the paper. This interpolation problem can certainly be solved if S is sufficiently large. A first so- lution follows immediately from the CRT (Theorem 1). Specifically, with M =(cid:52) (cid:81) m , S i∈S i Theorem 1 can be applied as follows: if |M | ≥ |M | (7) S k then n−1 (cid:88) ˜ a = c˜β mod M (8) i i S i=0 with (cid:40) (cid:16) (cid:17)−1 β˜i =(cid:52) MmSi · MmSi modmi, i ∈ S (9) 0, i (cid:54)∈ S. ˜ Obviously, the coefficients β in (9) depend on the support set S. Interestingly, there i is a second solution to the interpolation problem that avoids the computation of these coefficients: the following theorem shows how a = ψ−1(c) can be computed from ψ−1(c˜), which in turn may be computed using the fixed coefficients (3). Theorem 2 (Fixed-Transform Interpolation). If |M | ≥ |M | (10) S k then ψ−1(c) = Z/M (11) S where M =(cid:52) M /M and where S n S Z =(cid:52) (M ·ψ−1(c˜)) mod M (12) S n is a multiple of M . (cid:50) S 4 This theorem does not appear in standard expositions of the CRT; perhaps it is new. Its application to coding, even to Reed-Solomon codes (cf. Section 3.3), also appears to be new. Proof of Theorem 2: Let c¯ =(cid:52) c − c˜, let a¯ =(cid:52) ψ−1(c¯), and note that ψ−1(c˜) = (a−a¯) mod M . Note also that |M ·a| < |M | because of (10). Then n S n Z = (M ·(a−a¯)) mod M (13) S n = M ·a−(M ·a¯) mod M (14) S S n = M ·a (15) S where the last step follows from ψ(M ·a¯) = ψ(M )ψ(a¯) (16) S S = 0. (17) (cid:50) 2.3 Hamming Distance and Singleton Bound For any a ∈ R , the Hamming weight of ψ(a) (i.e., the number of nonzero symbols Mn ψ (a), 0 ≤ i ≤ n−1) will be denoted by w (ψ(a)). For any a,b ∈ R , the Hamming i H Mn distance between ψ(a) and ψ(b) will be denoted by d (ψ(a),ψ(b)) =(cid:52) w (ψ(a) − ψ(b)). H H The minimum Hamming distance of a CRT code C will be denoted by d (C). minH Theorem 3. Let C be a CRT code as in Definition 1 satisfying the Ordered-Symbol- Size Condition (5). Then the Hamming weight of any nonzero codeword ψ(a) (a ∈ R , M k a (cid:54)= 0) satisfies w (ψ(a)) ≥ n−k +1 (18) H and d (C) = n−k +1. (19) minH (cid:50) Proof: For any nonzero a ∈ R , assume that the image ψ(a) has Hamming weight Mn w (ψ(a)) ≤ n − k, i.e., the number of zero symbols of ψ(a) is at least k. For R = Z, H this implies a ≥ M ; for R = F[x], this implies dega ≥ degM . In both cases, a (cid:54)∈ R , k k M k which proves (18). As for (19), consider d (ψ(a),ψ(b)) for any a,b ∈ R , a (cid:54)= b. For R = F[x], H M k a−b ∈ R and thus M k d (ψ(a),ψ(b)) = w (ψ(a)−ψ(b)) (20) H H = w (ψ(a−b)) (21) H ≥ n−k +1 (22) by (18). For R = Z, either a−b ∈ R or b−a ∈ R and the same argument applies. It M M k k follows that d (C) ≥ n−k+1. Finally, the equality in (19) follows from the Singleton minH bound below. (cid:50) 5 In the following theorem, we will use the following notation. For any subset S ⊂ {0,1,...,n−1}, let S =(cid:52) {0,1,...,n−1}\S and let (cid:79) R =(cid:52) R , (23) S mi i∈S the direct product of all rings R with i ∈ S. mi Theorem 4 (Singleton Bound for Hamming Distance). Let C be a code in R (i.e., anonemptysubsetofR ×···×R )withminimumHammingdistance {0,...,n−1} m0 mn−1 d . Then minH |C| ≤ min {|R | : |S| > n−d }. (24) S minH S⊂{0,1,...,n−1} (cid:50) Note that this theorem does not require the Ordered-Symbol-Size Condition (5). Proof: Let S be a subset of {0,1,...,n−1} with |S| < d . For every word c ∈ C, minH erase its components in S. The resulting set of shortened words, which are elements of R , has still |C| elements. (cid:50) S For CRT codes satisfying the Ordered-Symbol-Size Condition (5), we have |C| = |R |; on the other hand, the right-hand side of (24) becomes M k |R | = |R | (25) {0,...,n−dminH} Mn−dminH+1 where M =(cid:52) (cid:81)n−dminHm . It then follows from (24) that |R | ≤ |R | n−dminH+1 i=0 i Mk Mn−dminH+1 and thus k ≤ n−d +1. (26) minH 3 Polynomial Remainder Codes From now on, we will focus on the case R = F[x] for some finite field F. 3.1 Definition and Some Examples Definition 2. A polynomial remainder code is a CRT code over R = F[x] with monic moduli m (x), i.e., a set of the form i C = {(c ,...,c ) : c = a(x) mod m (x) for some a(x) ∈ R }. (27) 0 n−1 i i M k A polynomial remainder code is irreducible if the polynomials m (x),...,m (x) are all 0 n−1 irreducible [1]. (cid:50) 6 For such codes, the Ordered-Symbol-Size Condition (5) may be written as degm (x) ≤ degm (x) ≤ ... ≤ degm (x), (28) 0 1 n−1 which we will call the Ordered-Degree Condition. Example 1 (Binary Irreducible Polynomial Remainder Codes). Let F = GF(2) be the finite field with two elements and let m (x),...,m (x) be different irreducible 0 n−1 binary polynomials. The number of irreducible binary polynomials of degree up to 16 is given in Ap- pendix A. For example, by using only irreducible moduli of degree 16, we can obtain a code with degM (x) = 4080; by using irreducible moduli of degree up to 16, we can n achieve degM (x) = 130’486. (cid:50) n Example 2 (Polynomial Evaluation Codes and Reed-Solomon Codes). Let β ,β ,...,β be distinctelementsofsome finitefieldF (whichimpliesn ≤ |F|). Apoly- 0 1 n−1 nomial evaluation code over F is a code of the form C =(cid:52) {(c ,...,c ) : c = a(β ) for some a(x) ∈ F[x] of dega(x) < k}. (29) 0 n−1 i i A Reed-Solomon code is a polynomial evaluation code with β = αi, where α is a primitive i n-th root of unity in F. With m (x) =(cid:52) x−β , (30) i i a polynomial evaluation code may be viewed as a polynomial remainder code since c = a(β ) = a(x) mod m (x). (31) i i i For Reed-Solomon codes (as defined above), we then have M (x) = xn −1. (32) n (cid:50) Example 3 (Polynomial Extensions of Reed-Solomon Codes). When Reed- Solomon codes are viewed as polynomial remainder codes as in Example 2, the code symbols are constants, i.e., polynomials of degree at most zero. Reed-Solomon codes can be extended with additional symbols in F[x] by adding some moduli m (x) of degree two i (or higher). (cid:50) 3.2 Degree-weighted Distance Let n−1 (cid:88) N =(cid:52) degM (x) = degm (x) (33) n i i=0 and k−1 (cid:88) K =(cid:52) degM (x) = degm (x). (34) k i i=0 Note that K is the dimension of the code as a subspace of FN. 7 Definition 3. The degree weight of a set S ⊂ {0,1,...,n−1} is (cid:88) w (S) =(cid:52) degm (x). (35) D i i∈S (cid:0) (cid:1) For any a(x) ∈ R , the degree weight of ψ(a) = ψ (a),...,ψ (a) is Mn 0 n−1 (cid:88) w (ψ(a)) =(cid:52) degm , (36) D i i:ψi(a)(cid:54)=0 and for any a(x),b(x) ∈ R , the degree-weighted distance between ψ(a) and ψ(b) is Mn d (ψ(a),ψ(b)) =(cid:52) w (ψ(a)−ψ(b)). (37) D D (cid:50) Note that the degree-weighted distance satisfies the triangle inequality: d (ψ(a),ψ(b)) ≤ d (ψ(a),ψ(c))+d (ψ(b),ψ(c)) (38) D D D for all a(x),b(x),c(x) ∈ R . Mn Let d (C) denote the minimum degree-weighted distance of a polynomial remainder minD code C, i.e., d (C) =(cid:52) min d (c,c(cid:48)), (39) minD D c,c(cid:48)∈C:c(cid:54)=c(cid:48) and let w (C) =(cid:52) min w (c) (40) minD D c∈C:c(cid:54)=0 be the minimum degree weight of any nonzero codeword. We then have the following analog of Theorem 3: Theorem 5 (Minimum Degree-Weighted Distance). Let C be a code as in Defi- nition 2. Then d (C) = w (C) (41) minD minD (cid:8) (cid:9) = min w (S) : w (S) > N −K (42) D D S⊂{0,...,n−1} > N −K. (43) (cid:50) If all moduli m (x) have degree one, then the right-hand side of (42) equals N −K +1. i Note also that unlike Theorem 3, Theorem 5 does not require the Ordered-Degree Con- dition (28). 8 Proof: Equation (41) is obvious from the linearity of the code over F, and (43) is obvious as well. It remains to prove (42). Let d be the right-hand side of (42). For any nonzero a(x) ∈ R , assume that the M k image ψ(a) has degree weight w (ψ(a)) ≤ N−K, i.e., the sum of degm (x) over the zero D i symbols of ψ(a) is at least K. Then dega(x) ≥ K = degM (x), which is impossible since k a(x) ∈ R . We thus have w (ψ(a)) > N − K. It then follows from Definition 3 that M D k w (ψ(a)) ≥ d and thus w (C) ≥ d. D minD Conversely, let S be a subset of {0,1,...,n − 1} such that w (S) = d. Then there D exists some nonzero a(x) ∈ R such that ψ (a) (cid:54)= 0 for each i ∈ S but ψ (a) = 0 for each M i j k j ∈ {0,1,...,n−1}\S. Thus w (ψ(a)) = w (S) = d, which implies w (C) ≤ d. (cid:50) D D minD Theorem6(SingletonBoundforDegree-weightedDistance). LetC beanonempty subset of R ×···×R with minimum degree-weighted distance d and with N m0 mn−1 minD as in (33). Then log |C| ≤ min {w (S) : w (S) > N −d }. (44) F D D minD S⊂{0,...,n−1} (cid:50) Proof: Recall the notation S and R as in (23). Let S be a subset of {0,1,...,n−1} S with w (S) < d . For every word c ∈ C, erase its components in S. The resulting set D minD of shortened words, which are elements of R , has still |C| elements. Thus |C| ≤ |R | = S S |F|wD(S), and (44) follows. (cid:50) For polynomial remainder codes, we have log |C| = K and (44) holds with equality. F To see this, we first write (44) as K ≤ min {w (S) : w (S) > N −d }. (45) D D minD S⊂{0,...,n−1} On the other hand, for S = {0,...,k−1}, we have w (S) = K, and using (43), we obtain D min {w (S) : w (S) > N −d } ≤ K. (46) D D minD S⊂{0,...,n−1} We thus have equality in (45) and (46), and therefore also in (44). In the special case where all the moduli m (x),...,m (x) have the same degree, the 0 n−1 two Singleton bounds (44) and (24) are equivalent. 3.3 Interpolation and Erasures Decoding We now return to the subject of Section 2.2 and specialize it to polynomial remainder codes. Let C be a code as in Definition 2. Let c = (c ,...,c ) = ψ(a(x)) ∈ C be the 0 n−1 codeword corresponding to some polynomial a(x) ∈ R . Let S be a set of positions M k i ∈ {0,...,n−1} where c is known. Let c˜= (c˜ ,...,c˜ ) satisfy c˜ = c for i ∈ S with i 0 n−1 i i arbitrary c˜ ∈ R for i (cid:54)∈ S. Suppose we wish to reconstruct a(x) from c˜and S. i mi Let S =(cid:52) {0,...,n − 1} \ S be the indices of the unknown components of c and let (cid:81) M (x) = m (x) as in Section 2.2. Recall that w (S) denotes the degree weight of S i∈S i D the unknown (erased) components of c. Then Theorem 2 can be restated as follows: 9 Theorem 7 (Fixed-Transform Interpolation for Polynomial Remainder Codes). If w (S) ≤ N −K, (47) D then a(x) = Z(x)/M (x) (48) S with Z(x) =(cid:52) M (x)ψ−1(c˜) mod M (x). (49) S n (cid:50) The equivalence of (47) and (10) follows from noting that the left-hand side of (10) is |M | = N −w (S) and the right-hand side of (10) is |M | = K. S D k Since S contains the support set of c˜− c, the polynomial M (x) is a multiple of an S error locator polynomial (as will be defined in Section 4). In contrast to most other statements in this paper, Theorem 7 appears to be new even when specialized to Reed-Solomon codes (as in Example 2), where M (x) = xn −1 and n the modulo operation in (49) is computationally trivial. 3.4 Minimum-Distance Decoding Let C be a code as in Definition 2. The receiver sees y = c + e, where c ∈ C is the transmitted codeword and e is an error pattern. A minimum Hamming distance decoder is a decoder that produces cˆ= argmind (c,y). (50) H c∈C A minimum degree-weighted distance decoder is a decoder that produces cˆ= argmind (c,y). (51) D c∈C In general, the decoding rules (50) and (51) produce different estimates cˆ as will be illustrated by the examples below. Theorem 8 (Basic Error Correction Bounds). If d (c,y) < d (C)/2, then the H minH rule (50) produces cˆ= c. If d (c,y) < d (C)/2, then the rule (51) produces cˆ= c. (cid:50) D minD Proof: The proof follows the standard pattern; we prove only the second part. Assume cˆ (cid:54)= c, which implies d (cˆ,y) ≤ d (c,y). Using the triangle inequality (38), we obtain D D d (C) ≤ d (cˆ,c) ≤ d (cˆ,y)+d (c,y) ≤ 2d (c,y). (cid:50) minD D D D D The second part of Theorem 8 can also be formulated as follows: if (cid:22) (cid:23) N −K w (e) ≤ t =(cid:52) , (52) D D 2 10

ebook img

On Polynomial Remainder Codes PDF

0.46 MB·English
by  Jiun-Hung Yu
#additional_collections #journals #arxiv
Save to my drive
Quick download
Download
Upgrade Premium
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview On Polynomial Remainder Codes

January 5, 2012 On Polynomial Remainder Codes Jiun-Hung Yu and Hans-Andrea Loeliger Dept. of Information Technology and Electrical Engineering ETH Zurich, Switzerland Email: {yu, loeliger}@isi.ee.ethz.ch Abstract 2 1 0 Polynomial remainder codes are a large class of codes derived from the Chinese re- 2 mainder theorem that includes Reed-Solomon codes as a special case. In this paper, we n a revisit these codes and study them more carefully than in previous work. We explicitly J allow the code symbols to be polynomials of different degrees, which leads to two different 9 notions of weight and distance. ] Algebraic decoding is studied in detail. If the moduli are not irreducible, the notion T of an error locator polynomial is replaced by an error factor polynomial. We then obtain I s. a collection of gcd-based decoding algorithms, some of which are not quite standard even c when specialized to Reed-Solomon codes. [ 1 Index Terms—Chinese remainder theorem, redundant residue codes, polynomial re- v 2 mainder codes, Reed-Solomon codes, polynomial interpolation. 1 8 1 1 Introduction . 1 0 2 Polynomial remainder codes are a large class of codes derived from the Chinese remainder 1 theorem. Such codes were proposed by Stone [2], who also pointed out that these codes : v include Reed-Solomon codes [3] as a special case. Variations of Stone’s codes were studied i X in [4–6]. In [2] and [4], the focus is on codes with a fixed symbol size, i.e., the moduli r are relatively prime polynomials of the same degree. A generalization of such codes was a proposed by Mandelbaum [5], who also pointed out that using moduli of different degrees can be advantageous for burst error correction [6]. Althoughthecodesin[2,4–6]can,inprinciple,correctmanyrandomerrors,noefficient decoding algorithm for random errors was proposed in these papers. In 1988, Shiozaki [7] proposedanefficientdecodingalgorithmforStone’scodes[2]usingEuclid’salgorithm,and he also adapted this algorithm to decode Reed-Solomon codes. However, the algorithm of [7] is restricted to codes with a fixed symbol size, i.e., fixed-degree moduli. Moreover, A preliminary version of this work was presented in part in [1]. 1 the argument given in [7] seems to assume that all the moduli are irreducible although this assumption is not stated explicitly. In [8], Mandelbaum made the interesting observation that polynomial remainder codes (generalized as in [5]) contain Goppa codes [9] as a special case. By means of this observa- tion, generalized versions of Goppa codes such as in [10] may also be viewed as polynomial remainder codes. In subsequent work [11,12], Mandelbaum actually used the term “gen- eralized Goppa codes” for (generalized) polynomial remainder codes. He also proposed a decoding algorithm for such codes using a continued-fractions approach [11,12]. However, this connection between (generalized) polynomial remainder codes and Goppa codes will not be further pursued in this paper. There is also a body of work on Chinese remainder codes over integers, cf. [13,14]. However, the results of the present paper are not directly related to that work. In this paper, we revisit polynomial remainder codes as in [2]. We explicitly allow moduli of different degrees (i.e., variable symbol sizes) within a codeword. In this way, we can, e.g., lengthen a Reed-Solomon code by adding some higher-degree symbols without increasing the size of the underlying field. In consequence, we obtain two different notions of distance—Hamming distance and degree-weighted distance—and the corresponding minimum-distance decoding rules. Algebraic decoding as in [7] is studied in detail. If the moduli are not irreducible, the notion of an error locator polynomial is replaced by an error factor polynomial. We then obtain a collection of gcd-based decoding algorithms, some of which are not quite standard even when specialized to Reed-Solomon codes. This paper is organized as follows. In Section 2, we recall the Chinese remainder theorem and the definition of Chinese remainder codes over integers and polynomials. We also discuss erasures-only decoding, i.e., the recovery of a codeword from a subset of its symbols, for which we propose a method that appears to be new. In Section 3, we focus on polynomial remainder codes and their minimum-distance decoding, both for Hamming distance and degree-weighted distance. In Section 4, we introduce error locator polynomials and error factor polynomials and a key equation for the latter. In Section 5, we derive gcd-based decoding algorithms. A synopsis of these algorithms is given in Section 5.4, and their relation to prior work is discussed in Section 5.5. Section 6 concludes the paper. The cardinality of a set S will be denoted by |S| and the absolute value of an integer n will be denoted by |n|. In Section 2.2, this same symbol will also be used for the degree of a polynomial, i.e., |a(x)| =(cid:52) dega(x). 2 Chinese Remainder Codes 2.1 Chinese Remainder Theorem and Codes Let R = Z or R = F[x] for some field F. (Later on, we will focus on R = F[x].) For R = Z, for any positive m ∈ Z, let R denote the ring {0,1,2,...,m−1} with addition m and multiplication modulo m; for R = F[x], for any monic polynomial m(x) ∈ F[x], let 2 R denote the ring of polynomials over F of degree less than degm(x) with addition and m multiplication modulo m(x). For R = Z, gcd(a,b) denotes the greatest common divisor of a,b ∈ Z, not both zero; for R = F[x], gcd(a,b) denotes the monic polynomial of largest degree that divides both a,b ∈ F[x], not both zero. We will need the Chinese remainder theorem [2] in the following form. Theorem 1 (Chinese Remainder Theorem). For some integer n > 1, let m ,m ,...,m ∈ R be relatively prime (i.e., gcd(m ,m ) = 1 for i (cid:54)= j) and let 0 1 n−1 i j M =(cid:52) (cid:81)n−1m . Then the mapping n i=0 i ψ : R → R ×...×R : a (cid:55)→ ψ(a) =(cid:52) (cid:0)ψ (a),...,ψ (a)(cid:1) (1) Mn m0 mn−1 0 n−1 with ψ (a) =(cid:52) a mod m is a ring isomorphism. i i The inverse of the mapping (1) is n−1 (cid:88) ψ−1 : R ×...×R → R : (c ,...,c ) (cid:55)→ c β mod M (2) m0 mn−1 Mn 0 n−1 i i n i=0 with coefficients M (cid:18)M (cid:19)−1 n n β = · (3) i m m i i modmi where (b)−1 denotes the inverse of b in R . (cid:50) modmi mi Definition 1. A Chinese remainder code (CRT Code) over R is a set of the form C =(cid:52) {(c ,...,c ) : c = a mod m for some a ∈ R } (4) 0 n−1 i i M k where n and k are integers satisfying 1 ≤ k ≤ n, where m ,m ,...,m ∈ R are 0 1 n−1 relatively prime, and where M =(cid:52) (cid:81)k−1m . (cid:50) k i=0 i In other words, a CRT code consists of the images ψ(a), with ψ as in (1), of all a ∈ R . M k For R = F[x], CRT codes are linear (i.e., vector spaces) over F; for R = Z, however, CRT codes are not linear since the pre-image of the sum of two codewords may exceed the range of M . k Thecomponentsc = ψ (a)in(1)and(4)willbecalledsymbols. Notethateachsymbol i i is from a different ring R ; these rings need not have the same number of elements. We mi will often (but not always) assume that the moduli m in Definition 1 satisfy the condition i |R | ≤ |R | ≤ ... ≤ |R |. (5) m0 m1 mn−1 We will refer to (5) as the Ordered-Symbol-Size Condition. 3 2.2 Interpolation Consider the problem of reconstructing a codeword c = (c ,...,c ) from a subset of 0 n−1 its symbols. Specifically, let C be a CRT code as in Definition 1 and let S be a subset of {0,1,2,...,n−1} with cardinality |S| > 0. Let c = (c ,...,c ) = ψ(a) ∈ C be the 0 n−1 codeword corresponding to some a ∈ R by (4). Suppose we are given c˜= (c˜ ,...c˜ ) M 0 n−1 k with c˜ = c for i ∈ S (6) i i (and with arbitrary c˜ ∈ R for i (cid:54)∈ S) and we wish to reconstruct a = ψ−1(c) from c˜. i mi This problem arises, for example, when the channel erases some symbols (and lets the receiver know the erased positions) but delivers the other symbols unchanged. However, this problem also arises as the last step in the decoding procedures that will be discussed later in the paper. This interpolation problem can certainly be solved if S is sufficiently large. A first so- lution follows immediately from the CRT (Theorem 1). Specifically, with M =(cid:52) (cid:81) m , S i∈S i Theorem 1 can be applied as follows: if |M | ≥ |M | (7) S k then n−1 (cid:88) ˜ a = c˜β mod M (8) i i S i=0 with (cid:40) (cid:16) (cid:17)−1 β˜i =(cid:52) MmSi · MmSi modmi, i ∈ S (9) 0, i (cid:54)∈ S. ˜ Obviously, the coefficients β in (9) depend on the support set S. Interestingly, there i is a second solution to the interpolation problem that avoids the computation of these coefficients: the following theorem shows how a = ψ−1(c) can be computed from ψ−1(c˜), which in turn may be computed using the fixed coefficients (3). Theorem 2 (Fixed-Transform Interpolation). If |M | ≥ |M | (10) S k then ψ−1(c) = Z/M (11) S where M =(cid:52) M /M and where S n S Z =(cid:52) (M ·ψ−1(c˜)) mod M (12) S n is a multiple of M . (cid:50) S 4 This theorem does not appear in standard expositions of the CRT; perhaps it is new. Its application to coding, even to Reed-Solomon codes (cf. Section 3.3), also appears to be new. Proof of Theorem 2: Let c¯ =(cid:52) c − c˜, let a¯ =(cid:52) ψ−1(c¯), and note that ψ−1(c˜) = (a−a¯) mod M . Note also that |M ·a| < |M | because of (10). Then n S n Z = (M ·(a−a¯)) mod M (13) S n = M ·a−(M ·a¯) mod M (14) S S n = M ·a (15) S where the last step follows from ψ(M ·a¯) = ψ(M )ψ(a¯) (16) S S = 0. (17) (cid:50) 2.3 Hamming Distance and Singleton Bound For any a ∈ R , the Hamming weight of ψ(a) (i.e., the number of nonzero symbols Mn ψ (a), 0 ≤ i ≤ n−1) will be denoted by w (ψ(a)). For any a,b ∈ R , the Hamming i H Mn distance between ψ(a) and ψ(b) will be denoted by d (ψ(a),ψ(b)) =(cid:52) w (ψ(a) − ψ(b)). H H The minimum Hamming distance of a CRT code C will be denoted by d (C). minH Theorem 3. Let C be a CRT code as in Definition 1 satisfying the Ordered-Symbol- Size Condition (5). Then the Hamming weight of any nonzero codeword ψ(a) (a ∈ R , M k a (cid:54)= 0) satisfies w (ψ(a)) ≥ n−k +1 (18) H and d (C) = n−k +1. (19) minH (cid:50) Proof: For any nonzero a ∈ R , assume that the image ψ(a) has Hamming weight Mn w (ψ(a)) ≤ n − k, i.e., the number of zero symbols of ψ(a) is at least k. For R = Z, H this implies a ≥ M ; for R = F[x], this implies dega ≥ degM . In both cases, a (cid:54)∈ R , k k M k which proves (18). As for (19), consider d (ψ(a),ψ(b)) for any a,b ∈ R , a (cid:54)= b. For R = F[x], H M k a−b ∈ R and thus M k d (ψ(a),ψ(b)) = w (ψ(a)−ψ(b)) (20) H H = w (ψ(a−b)) (21) H ≥ n−k +1 (22) by (18). For R = Z, either a−b ∈ R or b−a ∈ R and the same argument applies. It M M k k follows that d (C) ≥ n−k+1. Finally, the equality in (19) follows from the Singleton minH bound below. (cid:50) 5 In the following theorem, we will use the following notation. For any subset S ⊂ {0,1,...,n−1}, let S =(cid:52) {0,1,...,n−1}\S and let (cid:79) R =(cid:52) R , (23) S mi i∈S the direct product of all rings R with i ∈ S. mi Theorem 4 (Singleton Bound for Hamming Distance). Let C be a code in R (i.e., anonemptysubsetofR ×···×R )withminimumHammingdistance {0,...,n−1} m0 mn−1 d . Then minH |C| ≤ min {|R | : |S| > n−d }. (24) S minH S⊂{0,1,...,n−1} (cid:50) Note that this theorem does not require the Ordered-Symbol-Size Condition (5). Proof: Let S be a subset of {0,1,...,n−1} with |S| < d . For every word c ∈ C, minH erase its components in S. The resulting set of shortened words, which are elements of R , has still |C| elements. (cid:50) S For CRT codes satisfying the Ordered-Symbol-Size Condition (5), we have |C| = |R |; on the other hand, the right-hand side of (24) becomes M k |R | = |R | (25) {0,...,n−dminH} Mn−dminH+1 where M =(cid:52) (cid:81)n−dminHm . It then follows from (24) that |R | ≤ |R | n−dminH+1 i=0 i Mk Mn−dminH+1 and thus k ≤ n−d +1. (26) minH 3 Polynomial Remainder Codes From now on, we will focus on the case R = F[x] for some finite field F. 3.1 Definition and Some Examples Definition 2. A polynomial remainder code is a CRT code over R = F[x] with monic moduli m (x), i.e., a set of the form i C = {(c ,...,c ) : c = a(x) mod m (x) for some a(x) ∈ R }. (27) 0 n−1 i i M k A polynomial remainder code is irreducible if the polynomials m (x),...,m (x) are all 0 n−1 irreducible [1]. (cid:50) 6 For such codes, the Ordered-Symbol-Size Condition (5) may be written as degm (x) ≤ degm (x) ≤ ... ≤ degm (x), (28) 0 1 n−1 which we will call the Ordered-Degree Condition. Example 1 (Binary Irreducible Polynomial Remainder Codes). Let F = GF(2) be the finite field with two elements and let m (x),...,m (x) be different irreducible 0 n−1 binary polynomials. The number of irreducible binary polynomials of degree up to 16 is given in Ap- pendix A. For example, by using only irreducible moduli of degree 16, we can obtain a code with degM (x) = 4080; by using irreducible moduli of degree up to 16, we can n achieve degM (x) = 130’486. (cid:50) n Example 2 (Polynomial Evaluation Codes and Reed-Solomon Codes). Let β ,β ,...,β be distinctelementsofsome finitefieldF (whichimpliesn ≤ |F|). Apoly- 0 1 n−1 nomial evaluation code over F is a code of the form C =(cid:52) {(c ,...,c ) : c = a(β ) for some a(x) ∈ F[x] of dega(x) < k}. (29) 0 n−1 i i A Reed-Solomon code is a polynomial evaluation code with β = αi, where α is a primitive i n-th root of unity in F. With m (x) =(cid:52) x−β , (30) i i a polynomial evaluation code may be viewed as a polynomial remainder code since c = a(β ) = a(x) mod m (x). (31) i i i For Reed-Solomon codes (as defined above), we then have M (x) = xn −1. (32) n (cid:50) Example 3 (Polynomial Extensions of Reed-Solomon Codes). When Reed- Solomon codes are viewed as polynomial remainder codes as in Example 2, the code symbols are constants, i.e., polynomials of degree at most zero. Reed-Solomon codes can be extended with additional symbols in F[x] by adding some moduli m (x) of degree two i (or higher). (cid:50) 3.2 Degree-weighted Distance Let n−1 (cid:88) N =(cid:52) degM (x) = degm (x) (33) n i i=0 and k−1 (cid:88) K =(cid:52) degM (x) = degm (x). (34) k i i=0 Note that K is the dimension of the code as a subspace of FN. 7 Definition 3. The degree weight of a set S ⊂ {0,1,...,n−1} is (cid:88) w (S) =(cid:52) degm (x). (35) D i i∈S (cid:0) (cid:1) For any a(x) ∈ R , the degree weight of ψ(a) = ψ (a),...,ψ (a) is Mn 0 n−1 (cid:88) w (ψ(a)) =(cid:52) degm , (36) D i i:ψi(a)(cid:54)=0 and for any a(x),b(x) ∈ R , the degree-weighted distance between ψ(a) and ψ(b) is Mn d (ψ(a),ψ(b)) =(cid:52) w (ψ(a)−ψ(b)). (37) D D (cid:50) Note that the degree-weighted distance satisfies the triangle inequality: d (ψ(a),ψ(b)) ≤ d (ψ(a),ψ(c))+d (ψ(b),ψ(c)) (38) D D D for all a(x),b(x),c(x) ∈ R . Mn Let d (C) denote the minimum degree-weighted distance of a polynomial remainder minD code C, i.e., d (C) =(cid:52) min d (c,c(cid:48)), (39) minD D c,c(cid:48)∈C:c(cid:54)=c(cid:48) and let w (C) =(cid:52) min w (c) (40) minD D c∈C:c(cid:54)=0 be the minimum degree weight of any nonzero codeword. We then have the following analog of Theorem 3: Theorem 5 (Minimum Degree-Weighted Distance). Let C be a code as in Defi- nition 2. Then d (C) = w (C) (41) minD minD (cid:8) (cid:9) = min w (S) : w (S) > N −K (42) D D S⊂{0,...,n−1} > N −K. (43) (cid:50) If all moduli m (x) have degree one, then the right-hand side of (42) equals N −K +1. i Note also that unlike Theorem 3, Theorem 5 does not require the Ordered-Degree Con- dition (28). 8 Proof: Equation (41) is obvious from the linearity of the code over F, and (43) is obvious as well. It remains to prove (42). Let d be the right-hand side of (42). For any nonzero a(x) ∈ R , assume that the M k image ψ(a) has degree weight w (ψ(a)) ≤ N−K, i.e., the sum of degm (x) over the zero D i symbols of ψ(a) is at least K. Then dega(x) ≥ K = degM (x), which is impossible since k a(x) ∈ R . We thus have w (ψ(a)) > N − K. It then follows from Definition 3 that M D k w (ψ(a)) ≥ d and thus w (C) ≥ d. D minD Conversely, let S be a subset of {0,1,...,n − 1} such that w (S) = d. Then there D exists some nonzero a(x) ∈ R such that ψ (a) (cid:54)= 0 for each i ∈ S but ψ (a) = 0 for each M i j k j ∈ {0,1,...,n−1}\S. Thus w (ψ(a)) = w (S) = d, which implies w (C) ≤ d. (cid:50) D D minD Theorem6(SingletonBoundforDegree-weightedDistance). LetC beanonempty subset of R ×···×R with minimum degree-weighted distance d and with N m0 mn−1 minD as in (33). Then log |C| ≤ min {w (S) : w (S) > N −d }. (44) F D D minD S⊂{0,...,n−1} (cid:50) Proof: Recall the notation S and R as in (23). Let S be a subset of {0,1,...,n−1} S with w (S) < d . For every word c ∈ C, erase its components in S. The resulting set D minD of shortened words, which are elements of R , has still |C| elements. Thus |C| ≤ |R | = S S |F|wD(S), and (44) follows. (cid:50) For polynomial remainder codes, we have log |C| = K and (44) holds with equality. F To see this, we first write (44) as K ≤ min {w (S) : w (S) > N −d }. (45) D D minD S⊂{0,...,n−1} On the other hand, for S = {0,...,k−1}, we have w (S) = K, and using (43), we obtain D min {w (S) : w (S) > N −d } ≤ K. (46) D D minD S⊂{0,...,n−1} We thus have equality in (45) and (46), and therefore also in (44). In the special case where all the moduli m (x),...,m (x) have the same degree, the 0 n−1 two Singleton bounds (44) and (24) are equivalent. 3.3 Interpolation and Erasures Decoding We now return to the subject of Section 2.2 and specialize it to polynomial remainder codes. Let C be a code as in Definition 2. Let c = (c ,...,c ) = ψ(a(x)) ∈ C be the 0 n−1 codeword corresponding to some polynomial a(x) ∈ R . Let S be a set of positions M k i ∈ {0,...,n−1} where c is known. Let c˜= (c˜ ,...,c˜ ) satisfy c˜ = c for i ∈ S with i 0 n−1 i i arbitrary c˜ ∈ R for i (cid:54)∈ S. Suppose we wish to reconstruct a(x) from c˜and S. i mi Let S =(cid:52) {0,...,n − 1} \ S be the indices of the unknown components of c and let (cid:81) M (x) = m (x) as in Section 2.2. Recall that w (S) denotes the degree weight of S i∈S i D the unknown (erased) components of c. Then Theorem 2 can be restated as follows: 9 Theorem 7 (Fixed-Transform Interpolation for Polynomial Remainder Codes). If w (S) ≤ N −K, (47) D then a(x) = Z(x)/M (x) (48) S with Z(x) =(cid:52) M (x)ψ−1(c˜) mod M (x). (49) S n (cid:50) The equivalence of (47) and (10) follows from noting that the left-hand side of (10) is |M | = N −w (S) and the right-hand side of (10) is |M | = K. S D k Since S contains the support set of c˜− c, the polynomial M (x) is a multiple of an S error locator polynomial (as will be defined in Section 4). In contrast to most other statements in this paper, Theorem 7 appears to be new even when specialized to Reed-Solomon codes (as in Example 2), where M (x) = xn −1 and n the modulo operation in (49) is computationally trivial. 3.4 Minimum-Distance Decoding Let C be a code as in Definition 2. The receiver sees y = c + e, where c ∈ C is the transmitted codeword and e is an error pattern. A minimum Hamming distance decoder is a decoder that produces cˆ= argmind (c,y). (50) H c∈C A minimum degree-weighted distance decoder is a decoder that produces cˆ= argmind (c,y). (51) D c∈C In general, the decoding rules (50) and (51) produce different estimates cˆ as will be illustrated by the examples below. Theorem 8 (Basic Error Correction Bounds). If d (c,y) < d (C)/2, then the H minH rule (50) produces cˆ= c. If d (c,y) < d (C)/2, then the rule (51) produces cˆ= c. (cid:50) D minD Proof: The proof follows the standard pattern; we prove only the second part. Assume cˆ (cid:54)= c, which implies d (cˆ,y) ≤ d (c,y). Using the triangle inequality (38), we obtain D D d (C) ≤ d (cˆ,c) ≤ d (cˆ,y)+d (c,y) ≤ 2d (c,y). (cid:50) minD D D D D The second part of Theorem 8 can also be formulated as follows: if (cid:22) (cid:23) N −K w (e) ≤ t =(cid:52) , (52) D D 2 10

See more

The list of books you might like

Upgrade Premium
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.
DMCA & Copyright: Dear all, most of the website is community built, users are uploading hundred of books everyday, which makes really hard for us to identify copyrighted material, please contact us if you want any material removed.
Copyright @ PDFdrive.to, 2022 | We love our users