1 Pseudo-Wigner Matrices from Dual BCH Codes Ilya Soloveychik, Yu Xiang and Vahid Tarokh, John A. Paulson School of Engineering and Applied Sciences, Harvard University Abstract—We consider the problem of generating and reflect the upper triangular part into the lower. pseudo-random matrices based on the similarity of their Unfortunately, for large N such approach would 7 spectra to Wigner’s semicircular law. We introduce r- require a powerful source of randomness due to 1 independentpseudo-Wignerensemblesandprovecloseness the independence condition [3]. In addition, when 0 of their spectra to the semicircular density in Kolmogorov the data is generated by a truly random source, 2 distance. We give an explicit construction of a family of b N ×N pseudo-Wigner ensembles using dual BCH codes atypical non-random looking outcomes have non- e and show that the Kolmogorov complexity of the obtained zero probability of showing up. Yet another issue F matrices is of the order of log(N) for a fixed Kolmogorov is that any experiment involving tossing a coin 2 distance precision. We compare our construction to the would be impossible to reproduce. All these reasons quasi-random graphs introduced by Chung, Graham and motivated researchers and engineers to seek for ] Wilson and demonstrate that the pseudo-Wigner matri- T different approaches of generating random-looking ces pass stronger randomness tests than the adjacency I . matrices of these graphs (lifted by the mapping 0 → 1 data, especially for applications in cryptography, s c and 1→−1) do. Finally, we provide numerical simulations digitalsignalprocessing,navigationsystems,scram- [ verifying our theoretical results. bling, coding theory, etc. [4]. This has motivated 3 the study of pseudo-random sources of binary digits Index Terms—Pseudo-Random matrices, semicircular v law, Wigner ensemble, BCH code. [4, 5]. 4 4 The word pseudo-random is used to emphasize 5 that the binary data at hand is indeed generated by 5 I. INTRODUCTION an entirely deterministic causal process with low 0 Random matrices have been a very active area . algorithmic complexity, but its statistical properties 1 of research for the last few decades and have found 0 resemble some of the properties of data generated 7 enormous amount of applications in various areas of by tossing a fair coin. Most efforts were focused 1 modern mathematics, physics, engineering, biologi- on one dimensional pseudo-randomness [4, 5] due : v cal modeling, and other fields [1]. In this article, we to their natural applications and to the relative Xi focus on square symmetric matrices with ±1 entries, simplicity of their analytical treatment. One of the r referred to as square symmetric sign matrices. For most popular methods of generating pseudo-random a such matrices, Wigner [2] demonstrated that if the sequences is due to Golomb [5] and is based on elements of the upper triangle of an N ×N square linear feedback shift registers capable of generating symmetric matrix are independent Rademacher (±1 pseudo-random sequences of very low algorithmic with equal probabilities) random variables, then complexity. The study of pseudo-random arrays and as N grows, a properly scaled empirical spectral matrices was launched around the same time [6–9]. distribution converges to the semi-circle law in Among the known two dimensional pseudo-random distribution. constructions the most popular are the so-called In many engineering applications, one needs to perfectmaps[6,10,11], andtwodimensionalcyclic simulating random matrices. The most natural way codes [8, 9]. However, none of these works con- to generate an instance of a random N × N sign sidered spectral properties as the defining statistical matrix is to toss a fair coin N(N+1) times, fill the 2 features for their constructions. upper triangular part of a matrix with the outcomes There exist various approaches to quantify the algorithmic power needed to generate an individual This work was supported by the Fulbright Foundation and Army Research Office grant No. W911NF-15-1-0479. piece of binary data, also known as algorithmic 2 complexity [12–14]. It can be intuitively thought of Wigner matrices with incidence matrices of the as a measure of amount of randomness stored in quasi-random graphs suggested by Chung, Graham that piece of data. Below we stick to the concept of and Wilson [19] (lifted by the mapping 0 → 1, and Kolmogorov complexity [15, 16]. Let D be a string 1→−1)andshowthatourconstructionpasseswider of binary data of length n, then its Kolmogorov tests for randomness. complexity is the length of the shortest binary Tur- The outline of this paper is given next. In Section ing machine code that can produce D and halt. If D II, we start with setting the notations and dis- has no computable regularity it cannot be encoded cussing a number of auxiliary results. We define r- by a program shorter than its original length n (here independent pseudo-Wigner ensembles, and analyze and below the Kolmogorov complexity is given up their spectral properties in Section III. In Section toanadditiveconstant),meaningthatitsconsecutive IV we provide an explicit construction of such bits are unpredictable given the preceding ones and matrices. We analyze the Kolmogorov complexity it may be considered as truly random [13, 17]. A of semicircular law in Section V. The relation of the string with a regular pattern, on the other hand, pseudo-Wigner matrices to the quasi-random graphs can be computed by a program much shorter than isexploredinSectionVI.Wesupportourtheoretical the string itself, thus having a much smaller Kol- investigation by numerical experiments in Section mogorov complexity. By convention, a comparison VII and provide our conclusions and final remarks of Kolmogorov complexities of various strings of in Section VIII. the same length is usually done by conditioning on the length and, thus, assuming the length to be II. NOTATIONS already known to the machine without specifying For a vector x ∈ RN, let ∥x∥ denote it Euclidean it as an input [18]. For example, the conditional norm (length), and for a real symmetric matrix M∈ Kolmogorov complexity of a Golomb sequence of RN×N, we denote its spectral norm by length n is 2log n, which is relatively small, since 2 using a simple combinatorial argument one can ∥M∥= max xTMx. (1) x∈RN,∥x∥=1 show that at most n fraction of the strings of 2n length n have conditional Kolmogorov complexity For a real x, ⌊x⌋ stands for the largest integer not less than log n. exceeding x, and ⌈x⌉ stands for the smallest integer 2 Specific pseudo-random sequence and array con- not less than x. structions usually start with a set of properties Random variables. For a real random variable mimicking truly random data, and attempt to come X, we denote by FX(x) its cumulative distribu- up with deterministic ways of reproducing these tion function (c.d.f.) and by fX(x) the correspond- properties. Following this approach, given a preci- ing probability density function (p.d.f.), The p-th sion parameter ε ⩾ 1 , we propose an explicit central moment of X is denoted by Mp(X) = construction of scaledlogN2N×N symmetric sign matri- E[(X −EX)p] when it exists. The second moment ces with high probability possessing spectra within will also be denoted by var[X] = M2(X). If a ε-vicinity (in Kolmogorov distance) of the semi- sequence of random variables XN convergences in D circular law and having conditional Kolmogorov distribution to a law F, we write X —→F. N complexity proportional to 1log N. We denote by S the set of all symmetric N×N ε 2 N The main contributions of this paper are as fol- matrices with entries ± √1 . The Wigner ensemble 2 N lows. First, we introduce a concept of r-independent W is defined as the set S endowed with the N N pseudo-Wigner matrices and prove closeness of uniform probability measure. their spectra to the semicircular law. Second, we Binary linear codes. Let C be an [n,k,d] binary give an explicit deterministic construction of such linear code of length n, dimension k and minimum matrices which may replace random matrices gen- Hamming distance d over the field GF(2).We say erators in engineering applications. Third, using that two words u = {u }, v = {v } ∈ GF(2) are i i this construction we upper bound the amount of orthogonal if ∑ v u = 0 in GF(2). The dual code i i i randomness needed to obtain Wigner’s semicircu- C⊥ of C is a linear code of length n and dimension lar property, and show that it is surprisingly low. k⊥ = n−k, whose codewords are orthogonal to all We also compare the proposed concept of pseudo- the codewords of C. 3 Let also B. Pseudo-Wigner Ensemble ζ ∶ GF(2)N → {−1,1}N, Let us now introduce an ensemble of matrices (2) (u1,...,uN) ↦ ((−1)u1,...,(−1)uN). matching the behavior of Wigner matrices up to a certain moment. Later we will show that if the III. PSEUDO-WIGNER ENSEMBLES numberofmatchingmomentsgrowslogarithmically For any symmetric matrix A ∈ S , denote by with the matrix size N, the empirical spectrum con- N N F the c.d.f. associated with its spectrum {λ }N , verges to the semicircular law with high probability. AN i i=1 1 n Definition 1 (r-independence of a sequence). Let F (x)= ∑θ(x−λ ), (3) AN N i x = {X }N be a sequence of binary random vari- i=1 i i=1 ables. We say that x is r-independent if any r of its where θ(x) is the unit step function at zero. The elements X ,...,X are statistically independent, l-th moment of AN is given by i1 ir r βl(AN)=∫ xldFAN = N1 Tr(AlN). (4) P[Xi1 =b1,...,Xir =br]=∏l=1P[Xil =bl], (11) Let Fsc be the c.d.f. of the standard semicircular for any i1 ≠ ⋅⋅⋅ ≠ ir in the range [1,N] and bi ∈ law {0,1}. √ 1 1 1 F (x)= + x 1−x2+ arcsin(x), −1⩽x⩽1, Definition 2 (r-independent Pseudo-Wigner Ensem- sc 2 π π (5) ble of order N). Let a subset Ar ⊂S be endowed N N with the corresponding p.d.f. with the uniform measure. We say that it is an r- √ independent pseudo-Wigner Ensemble of order N 2 f (x)= 1−x2, −1⩽x⩽1. (6) if the elements of the upper triangular (including sc π the main diagonal) parts of its matrices form an The moments of this distribution read as r-independent sequence w.r.t. (with respect to) the ⎧ ∞ ⎪⎪ 0, l odd, measure induced on them by Ar . βl =∫−∞ xldFsc =⎨⎪⎪⎩21l(l)!(l!l+1)!, l even. (7) Below,whenever aprobabilityNoverAr isconsid- 2 2 N ered, it is always implied to be w.r.t. to the uniform A. The Semicircular Law and the Wigner Ensemble measureasinDefinition2.Whentheorderr isclear Recall that the Wigner ensemble WN was defined from the context, we suppress it and write AN. Also to be the set S endowed with the uniform proba- denote by N bility measure. βl,N =E[βl(AN)] (12) Lemma 1 (Main Theorem from [20]). Let W ∈ the expected moments over an ensemble A . The N N W , then as N tends to infinity, next result justifies the title “pseudo-Wigner” in the N above definition. 0, l odd, E[βl(WN)]={ (8) Lemma 2. Let γ ∈N and A be chosen uniformly β +o(1), l even, N l from A2γr with r ⩾l, then for the expected moments N and the random variable N(βl(WN) − we have E[β (W )]) converges in distribution to the l N 0, l odd, normal law β ={ (13) l,N β +o(1), l even, N(β (W )−E[β (W )])—D→N (0, 1), (9) l l N l N π as N → ∞. In addition, the first p = 1,...,2γ in particular, moments of the random variable N(β (A )−β ) l N l,N converge to the moments of the normal law, 0, p odd, M (Nβ (W ))={ (10) p l N (p−1)!! +o(1), p even. 0, p odd, πp/2 Mp(Nβl(AN))={(p−1)!! +o(1), p even. (14) This result in particular implies almost sure weak πp/2 convergence of the empirical spectra of matrices Proof. The proof follows that of the Main Theo- from the Wigner ensemble to the semicircular law. rem (Lemma 1 above) from [20] and is based on 4 counting paths of lengths up to 2γl. An essential Proof. The proof is based on the application of ingredient of the proof consists in showing that the Chebyshev’s inequality and can be found in Ap- principal contribution to the even moments is made pendix A. by simple even paths (paths in which every edge The same technique as in the proof of Theorem is passed exactly twice), therefore, the resulting 1 applied to higher moments yields moments only depend on the variances of the matrix entries and not on their higher moments (universal- Theorem 2. Let γ ∈ N and q < e, then for ity). Due to the 2γr-independence with r ⩾ l, the r ⩽ qlog N and any α ∈ (q,1) there exists N 2 e 0 calculation of the expected values of products of such that for any N ⩾ N , with probability at least 0 matrix variables on such paths (see formula (4.3) 1− √3r(2γ−1)!! , a matrix A chosen uniformly from ( πN1−α)2γ N from [20]) will give exactly the same results. This A2γr satisfies completes the proof. N 1 Our next goal is to control the deviations of the ∣F (x)−F (x)∣⩽ , ∀x∈R. (21) AN sc r spectra of matrices A ∈A from the semicircular N N law. For this purpose we use smoothing techniques Proof. The proof is based on the high-moments based on finite polynomial expansions of the char- version of Chebyshev’s inequality and can be found acteristic functions of the distributions at hand. in Appendix A. Lemma 3 (Lemma 7.4.2 from [21]). Suppose F is a c.d.f. and G∶R→R has bounded variation IV. AN EXPLICIT CONSTRUCTION OF PSEUDO-WIGNER MATRICES FROM BCH CODES +∞ ∫ ∣G′(x)∣dx<+∞, (15) We start from defining BCH codes and discussing −∞ thepropertiesoftheirdualcodes.Laterweusethese bounded derivative properties to explicitly construct an example of a pseudo-Wigner ensemble. M =sup∣G′(x)∣<+∞, (16) x and satisfies A. The BCH Code and its Dual Code lim G(x)=0, lim G(x)=1. (17) We focus specifically on BCH codes for the x→−∞ x→+∞ following reasons: Assume also that ● the construction of BCH codes allows to con- ∞ trol their minimum distances in an easy man- ∫ ∣F(x)−G(x)∣dx<∞, (18) ner, and −∞ ● for relatively small designed minimum dis- and denote by φ(t) and γ(t) the Fourier transforms tances, the dimension of the obtained BCH of F(x) and G(x) correspondingly. then for any codes are close to being maximal possible T >0, (consult section 1.10 from [22] for details). 2 T ∣φ(t)−γ(t)∣ 24M For m∈N, a primitive narrow-sense binary BCH ∣F(x)−G(x)∣⩽ ∫ dt+ , (19) π 0 t πT code Cδ of length n=2m−1 and designed minimum m uniformly over x∈R. distance δ ⩾ 3 is a cyclic linear code generated by the lowest degree binary polynomial having roots Theorem1. Letq <e,thenfor1 r ⩽qlog2N andany α,α2,...,αδ−2, where α is a primitive element of α∈(q,1) there exists N such that for any N ⩾N , e 0 0 GF(2m). with probability at least 1− r , a matrix A N2(1−α) N chosen uniformly from A2r satisfies Theorem 3 (Theorems 9.1.1, 9.9.18 and Corollary N 9.3.8 from [22]). A binary BCH code Cδ of length m 1 ∣F (x)−F (x)∣⩽ , ∀x∈R. (20) n = 2m −1 and designed distance δ = 2t+1 with AN sc r 2t−1<2[m/2]+1 1Hereweimplythatwemayconsiderasequenceofpseudo-Wigner ● has minimum distance d at least δ, ensembles. ● has dimension 2m−1−mt. 5 Note that the dimension 2m −1−mt is exactly program creating that data on a universal Turing characterized when the designed distance is small. machine. The length of the obtained binary code Under the same assumptions as in Theorem 3, the is called the Kolmogorov complexity of the object dual BCH code has minimum distance at least d⊥ ⩾ and we denote it by KC(D). A comparison of d, dimension k⊥ =mt [22], and is also a cyclic code. Kolmogorov complexities of various objects of the same size is usually done by conditioning on that Lemma 4 (Lemma 3.2 from [23]). If a code C has size KC(D∣size), or in other words by assuming that minimum distance d, then its dual code C⊥ is (d−1)- it is already known to the machine [18]. independent w.r.t. to the uniform measure over its The notion of Kolmogorov complexity is natu- codewords. rally defined for specific instances of data. Our goal For N ∈N, let m∈N be such that is to generalize and extend this concept to classes of objects sharing a specific property or, in other N(N +1) 2m−1−1< ⩽2m−1. (22) words, to sets of objects. As an example, let us 2 consider the following property Fix δ small enough (Theorem 3) and construct a BCH code Cδ , whose parameters would be [2m − P(N,ε)={A ∈S ∣sup∣F (x)−F (x)∣⩽ε}, 1, 2m −1− (mδ−1)m, d] with d ⩾ δ. For every word N N x AN sc in the dual cod2e c={ci}2i=m1−1 ∈(Cmδ )⊥, let b=ζ(c). which is the set of symmetric √1 -scaled s(2ig4n) Construct a N ×N matrix B by filling its upper 2 N N matrices of order N having spectra at most ε far triangular part (including the main diagonal) with from the semicircular law in Kolmogorov metric. the first N(N+1) elements of the obtained sequence A naturally arising question can be formulated as: 2 b in any specific order (e.g. fill the upper triangular What is the smallest Kolmogorov complexity of part row by row) and then reflect it w.r.t. to the main a matrix from this set? This is the length of the diagonal. Normalize the matrix B = √1 B . The N N shortest binary program needed to construct an 2 N dimension of the dual code is dim(Cδ )⊥ = (δ−1)m. object of a specific size possessing the necessary m 2 By Lemma 4, this construction gives us a set Bd−1 property. We suggest to take this quantity as the N of matrices B , which endowed with the uniform measure of randomness, or complexity, of the prop- N probability measure becomes a d − 1-independent erty. Motivated by this intuition, we suggest the pseudo-Wigner ensemble of order N with d−1 ⩾ following formal definition δ − 1. Since Bd−1 is also a Bδ−1 ensemble and d N N Definition 3. The Kolmogorov complexity of a finite may not be known, below we denote it by Bδ−1 to N set (property) P is defined as simplify notations. For example, for δ = 2m + 1 we obtain the KC(P)=minKC(D). (25) D∈P following The conditional Kolmogorov complexity is de- Theorem 4. There exists N such that for any 0 fined analogously. N ⩾ N , if a matrix B is chosen uniformly from B⌈2log2N0⌉, then with proNbability at least 1− 2log2N, Next we investigate the Kolmogorov complexity N N6/5 of the semicircular property. Given a binary poly- 1 nomial f(x) of degree m, we write ∣F (x)−F (x)∣⩽ , ∀x∈R. (23) BN sc log N 2 f˜(x)=xmf(x−1) (26) Proof. Follows directly from Theorem 1 by setting q =1 and α= 2. for its reciprocal. 5 Proposition 1. For ε ⩾ 1 , the conditional V. THE KOLMOGOROV COMPLEXITY OF THE Kolmogorov complexity of thloeg2pNroperty P(N,ε) is SEMICIRCULAR LAW bounded by The standard computer scientific approach to 2 quantify the amount of randomness contained in a KC(P(N,ε)∣N)⩽ log N +c, (27) ε 2 piece of data D, or its algorithmic compressibility, is based on calculating the length of a minimal where c does not depend on N or ε. 6 ⌈2⌉ A matrix sampled uniformly from B ε provides Algorithm 1: Pseudo-Wigner Matrix N an explicit construction with probability at least 1− (δ−1)m Input: f ∈GF(2)m,v ∈GF(2) 1 . 2 εN6/5 Output: B , s.t. ∣F (x)−F (x)∣⩽ 2 . N BN sc δ−1 Proof. Theorem 1 guarantees that if the parameters Initialization : read f, v and δ into memory; of a pseudo-Wigner ensemble are chosen appropri- 1: construct f(x)=∑jfjxj, v(x)=∑jvjxj, ately as functions of ε, at least one of the matrices 2: build a splitting field F of x2m−1−1, which is from that ensemble must lie in the set P(N,ε). We also a splitting field for f(x); will use this observation to obtain the desired bound 3: let α∈F be any roof of f(x), f(α)=0; on the Kolmogorov complexity of the property 4: for j =2∶δ−2 do P(N,ε). 5: find the min. polynomial fj(x) of αj ∈F; Our goal is, thus, to build a dual BCH code with 6: if fj(x)∤f(x) then the minimum designed distance of the original code 7: f(x)←f(x)fj(x); δ = δ(ε), construct a pseudo-Wigner ensemble of 8: end if N×N matrices based on it, and specify one matrix 9: end for x2m−1−1 from there. Table Algorithm 1 contains pseudo-code 10: h(x)← ; implementing the described algorithm. Note that the f˜(x) constructed matrix belongs to a δ −1 independent 11: take the codeword c, whose polynomial representation is v(x)h(x) and build B as pseudo-Wigner ensemble and Theorem 1, therefore, N described in Section IV-A; bounds the discrepancy of the c.d.f.-s. The upper bound on the Kolmogorov complexity is obtained by bounding the length of the algo- rithm’s description. Note that the description of the VI. QUASI-RANDOM GRAPHS Initialization step in Algorithm 1 requires at most In this section we compare the proposed pseudo- Wigner matrices with the adjacency matrices of (δ−1)m log 2m+log 2(δ−1)m +c =m+ +c (28) quasi-random Graphs from [19]. Given a symmetric 2 2 2 1 2 1 binaryadjacencyT ={t }matrixofanundirected N ij graph on N vertices, we apply to it ζ transformation bits to define polynomials f(x) and v(x) (repre- from (2) to get a sign matrix Q = {q } (in (2) ζ sented by binary coefficient vectors f and v) [18]. N ij was defined on sequences, however, a generalization Atthisstagethealgorithmcopiesthevaluesoff and tomatricesisstraightforward).Therelationbetween v into the memory and the remaining code accesses T and Q can be written as thembytheiraddresses,therefore,thedescriptionof N N steps 1−11 have constant complexity not depending 1 T = (1⋅1T +Q ), (30) on m or δ. Overall, we get the following upper N 2 N bound on the Kolmogorov complexity where 1 = [1,...,1]T is a column vector of height N. As shown in [19], if a graph2 satisfies condition (δ+1)m L⩽ +c, (29) P given on page 347, it is a quasi-random graph. 3 2 This condition can be formulated in terms of the where c does not depend on m or δ. Theorem 1 adjacency matrix T as following. Let N → +∞, N implies that the relation between the precision and then if the designed minimum distance is δ ∼ 2, which 1) the number of non-zero elements in T is ε N together with (22) yields (27). ∑ t = N2 + o(N2) (we have 2 in the de- ij ij 2 Nowsetr =⌈1⌉andinvokeTheorem1withα= 2 nominator instead of 4 because we count all ε 5 to construct the necessary pseudo-Wigner ensemble the edges twice due to the symmetry of the and obtain the desired statement. adjacency matrix), Proposition 1 demonstrates that the Kolmogorov 2To be precise, we should talk about sequences of graphs and complexity of property P(N,ε) for moderate values their corresponding adjacency matrices. However, following [19] to of ε is proportional to 1log N and is relatively simplifythenotationsofthissectionandtobetterconveytheintuition ε 2 behind the calculations we prefer to talk about single instances of small. graphs and matrices. 7 2) λ (T )= N +o(N), Thissimpleexampleshedsmorelightonthehier- 1 N 2 3) λ (T )=o(N), archy of properties of random graphs/matrices. We 2 N then the underlaying graph is quasi-random. can conclude that if we have a sequence of pseudo- To demonstrate that our pseudo-Random matrices Wigner matrices of growing dimensions with fixed may serve as a source of quasi-random graphs with independence order d(N) = d, then we are more high probability, let us show the following or less in the case of quasi-random graphs. Quasi- random graphs can be hardly considered random, as Lemma 5. For a matrix A ∈ Ad and any vector N N Paley graphs example demonstrates [19]. A higher x∈RN, ∥x∥=1, level of complexity is the semicircular law, where 1 we require d(N) to grow with the size of the P[xTA x⩾1]⩽ . (31) N N matrices. It can be in fact easily shown that the rate of growth of d(N) only affects the speed of Proof. The proof can be found in Appendix B. convergence, but not the limiting spectral law. Recall that the spectral norm of a symmetric real matrix is defined as VII. NUMERICAL SIMULATIONS ∥Q ∥= max xTQ x, (32) N N x,∥x∥=1 Empirical densities 0.03 and note that we need to multiply matrix A by √ √ N 2 N to get a sign matrix Q =2 NA . Now as 0.025 N N a corollary of Lemma 5, we get 0.02 √ 1 P[∥Q ∥⩾2 N]⩽ , (33) N N 0.015 and, therefore, with high probability ∥Q ∥=o(N). N 0.01 Average empirical density Lemma 6 (Weyl’s Theorem, [24]). Let the eigenval- Semicircular law 0.005 ues of real symmetric N×N matrices L and L+N be λ1 ⩾ ⋅⋅⋅ ⩾ λN and ν1 ⩾ ⋅⋅⋅ ⩾ νN correspondingly, −06 0 −40 −20 0 20 40 60 then max∥λ −ν ∥⩽∥N∥. (34) i i Fig. 1: Empirical spectral densities of 25 pseudo- i Wigner matrices, N =700, m=18. Note that relation (30) may be viewed as a perturbation of matrix 11 ⋅ 1T, whose eigenvalues 2 To demonstrate the power of the above construc- are λ = N and λ =⋅⋅⋅=λ =0. Weyl’s theorem 1 2 2 N−1 tion, we chose m = 18, N = 700 and constructed together with (33) immediately implies that with an ensemble B2 . In this case d = 3 and the code high probability, N C may be built by choosing a primitive polynomial N of order m and using it as a linear feedback shift λ (T )= +o(N), λ (T )=o(N). (35) 1 N 2 N 2 register to generate a Golomb sequences [5], which In addition, set x= √1 1 to get is then cyclically shifted to get the entire code. N In our simulation we picked f(x) = x18 + x7 + 1. 1 Figure 1 shows the empirical spectra of 25 matrices P[∑q ⩾2N3/2]⩽ , (36) ij B ∈B2 , their average spectrum and compare them ij N N N to the semicircular law. which implies that ∑ q =o(N2), or ij ij VIII. CONCLUSIONS N2 ∑tij = +o(N2), (37) In this article we consider the problem of defin- 2 ij ing and generating ensembles of pseudo-random as required. Therefore, we see that matrices from a matrices based on the similarity of their spec- pseudo-Wigner ensemble A2 with high probability tra to the semicircular density. We introduce r- N exhibit properties of quasi-random graphs. independent pseudo-Wigner ensembles and prove 8 their closeness to the semicircular law. We give Use (42) and (43) to obtain the following bound on an explicit construction of such ensembles using the integral summand of the right-hand side of (40), the dual BCH codes and compare them to the T φ (t)−φ (t) quasi-random graphs proposed by Chung, Graham ∫ ∣ AN sc ∣dt t and Wilson. We demonstrate that the Kolmogorov 0 complexity of the proposed construction is propor- T 1 ρ−1 (it)l ρ−1 (it)l tional to 1log N, where ε is a precision parameter, ⩽∫ t ∣∑βl(AN) l! −∑βl l! ∣dt ε 2 0 l=1 l=1 which is comparatively small. Finally, we justify the T tρ−1 proposed construction numerically. +∫ [βρ(AN)+βρ] dt ρ! 0 T 1 ρ−1 (it)l APPENDIX A ⩽∫ ∣∑[βl(AN)−βl] ∣dt t l! 0 l=1 Proof of Theorem 1. The probability measures de- Tρ fined by the c.d.f.-s F (x) and F (x) are com- +[β (A )+β ] =S +S . (45) sc AN ρ N ρ ρ⋅ρ! 1 2 pact, therefore, Bound S as ∞ 1 ∫−∞ ∣FAN(x)−Fsc(x)∣dx<∞. (38) T 1 ρ−1 (it)l S1 =∫ ∣∑[βl(AN)−βl] ∣dt The derivative of F is the semicircular p.d.f. f t l! sc sc 0 l=1 given in (6), and is bounded by ρ−1 T ρ−1tl−1 M =sup∣f (x)∣=f (0)= 2. (39) ⩽ml=a1x∣βl(AN)−βl∣∫0 ∑l=1 l! dt. (46) sc sc π x From the triangle inequality, Recall also that the total variation of a differentiable ∣β (A )−β ∣⩽∣β −β ∣+∣β (A )−β ∣. (47) c.d.f. is always one and apply Lemma 3 to F (x) l N l l,N l l N l,N AN (in place of F) and Fsc(x) (in place of G) to obtain For the first summand we have 2ρ ∣F (x)−F (x)∣ ∣β −β ∣⩽ , (48) AN sc l,N l N 2 T ∣φ (t)−φ (t)∣ 24M ⩽ ∫ AN sc dt+ . (40) which follows directly from the path counting, see π t πT 0 [26] for details. The ρ−1-th order Mclaurin polynomial expansion By Lemma 2, the variance of the second sum- of the exponential function with a remainder gives mand of (47) satisfies the bound (see Section XV.4, pages 512-514 from 1 1 [25]) var[β (A )−β ]= +o( ), N →+∞. l N l,N πN2 N2 ρ−1(it)l tρ (49) ∣eixt−1−∑ xl∣⩽ ∣x∣ρ, x,t∈R, t⩾0. Therefore, there exists N ∈N such that l! ρ! 0 l=1 (41) 2 var[β (A )−β ]⩽ , ∀N ⩾N . (50) l N l,N 0 For even ρ, after taking expectations for fixed t we πN2 get Now the Chebyshev bound gives starting from N , 0 ρ−1 (it)l tρ ∣φ (t)−1−∑β ∣⩽β . (42) 2 sc l=1 l l! ρρ! P[∣βl(AN)−βl,N∣⩾δ]⩽ πN2δ2. (51) Similarly, Apply the union bound to the maximum in (46) to get ρ−1 (it)l tρ ∣φ (t)−1−∑β (A ) ∣⩽β (A ) . (43) AN l=1 l N l! l N ρ! P[mρ−a1x∣β (A )−β ∣⩾δ]⩽ρ∑−1P[∣β (A )−β ∣⩾δ] l N l l N l Set l=1 l=1 r, r even, 2(ρ−1) ρ={ (44) ⩽ . (52) 2⌊r−1⌋, r odd. πN2δ2 2 9 Note that for any a,b∈N, Now use (57) to obtain b tl +∞tl 1 Tρ 1 ∑ ⩽ ∑ =et. (53) ρ5/2 ⋅ρ! ⩽ ρ2, (65) l⋅l! l! l=a l=0 and, thus, We conclude that 1 2ρ3 P[S ⩾ ]⩽ . (66) T ρ−1tl−1 ρ−1 Tl 2 ρ2 πN2 ∫ ∑ dt⩽ ∑ ⩽eT. (54) l! l⋅l! 0 l=1 l=1 Finally, using the inequality (58) again, we get from (60) and (66) that for N ⩾N large enough, Overall, for S we have 0 1 2ρ 2(ρ−1) 2 2ρ3 2ρ P[S ⩾(δ+ )eT]⩽ . (55) P[S +S ⩾ ]⩽ + 1 N πN2δ2 1 2 ρ2 πN2 πN2(1−α) 3ρ ρ Choose ⩽ ⩽ , (67) 1 πN2(1−α) N2(1−α) δ = , (56) Nα where we have used the union bound and noted that and let in order for the sum S +S to be greater than 2 , 1 2 ρ2 ρ1+1/ρ at least one of the summands must necessarily be T = . (57) e greater than 1 . Altogether, with probability at least ρ2 1− ρ , Recall the assumptions: α<1 and N2(1−α) ρ⩽qlog N, (58) T 1 ρ−1 (it)l 2 2 ∫ ∣∑[βl(AN)−βl] ∣dt⩽ . (68) t l! ρ2 to get for N ⩾N large enough, 0 l=1 0 Plug this bound and (57) into (40) to conclude that (δ+ 2ρ)eT ⩽( 1 + 2qlog2N)eρ/ee√ρρ with probability at least 1− ρ , N2(1−α) N Nα N 1 √ 2 24eM ⩽ NαNqeeρρ, (59) ∣FAN(x)−Fsc(x)∣⩽ ρ2 + ρ1+1/ρ. (69) and, therefore, From (6) we have √ eρρ 2(ρ−1) 2 P[S ⩾ ]⩽ . (60) M = , (70) 1 Nα−q πN2(1−α) π e therefore, for N ⩾N large enough, Using the same Chebyshev bound (51) and the 0 triangle inequality, for the second summand on the 1 ∣F (x)−F (x)∣⩽ . (71) right-hand side of (45) we obtain AN sc ρ 2ρ Tr 2 Recall (44) to conclude the proof. P[S ⩾(2β +η+ ) ]⩽ . (61) 2 ρ N πρ⋅ρ! πN2η2 Remark 1. Note that unlike [23], we cannot apply Use Stirling’s approximation Lemma XVI.3.2 from [25] to prove Theorem 1, √ since in our case the empirical spectral measures 2πρρ+12e−ρ ⩽ρ!⩽eρρ+12e−ρ, (62) F (x) are in general not centered. Due to this AN distinction, we use another smoothing inequality to get from (7) the following bound given by Lemma 3. 1 ρ! 2 β = ⩽ . (63) Proof of Theorem 2. The proof goes along the lines ρ 2ρ(ρ)!(ρ +1)! ρ3/2 2 2 of the proof of Theorem 1 up to equation (51), where we use a stronger version of Chebyshev Plug this result into (61), recall (58), and set η = 1 ρ3/2 inequality for higher moments, namely, to get 1 Tρ 2ρ3 M (X) P[S2 ⩾ ρ5/2 ⋅ρ!]⩽ πN2. (64) P[∣X −EX∣⩾δ]⩽ pδp , (72) 10 where X is a random variable with a finite p-th madebysummandswithi=k, j =l andi=l, j =k. absolute moment Recall also that E[a2 ]= 1 , to get ij 4N M (X)=E[∣X −EX∣p]. (73) p 2 var[ξ]=2E[∑x2x2a2 ]= ∑x2x2 Since according to Lemma 2 i j ij 4N i j ij ij 1 1 1 N(β (A )−β )→D N (0, ), (74) = (∑x2)(∑x2)= . (80) l N l,N π 2N i j 2N i j for l ⩽ ρ with ρ as in (44), the absolute moments Chebyshev’s bound now yields read as √ 1 ⎧ P[xTA x⩾δ]⩽ , (81) (p−1)!! ⎪⎪ 2, p even, N 2Nδ2 E[∣β (A )−β ∣p]= √ ⋅⎨ π l N l,N ( πN)p ⎪⎪ 1, p odd and by setting δ =1 we obtain the desired statement. ⎩ 1 +o( ), n→+∞. (75) Np Therefore, there exists N such that REFERENCES 0 [1] G. Akemann, J. Baik, and P. Di Francesco, 2(p−1)!! M (β (A ))⩽ √ , ∀N ⩾N . (76) “The Oxford handbook of random matrix the- p l N 0 ( πN)p ory,” Oxford University Press, 2011. Now Chebyshev bound (72) implies that starting [2] E. P. Wigner, “Characteristic vectors of bor- from N , dered matrices with infinite dimensions,” An- 0 nals of Mathematics, vol. 62, no. 3, pp. 548– 2(p−1)!! P[∣β (A )−β ∣⩾δ]⩽ √ . (77) 564, 1955. l N l ( πNδ)p [3] J. E. Gentle, “Random number generation and In our case we know that moments up to order 2γ Monte Carlo methods,” Springer Science & must coincide with those of the Wigner ensemble, Business Media, 2013. therefore, we get [4] H.-J. Zepernick and A. Finger, “Pseudo ran- dom signal processing: theory and applica- ρ−1 P[mρ−a1x∣β (A )−β ∣⩾δ]⩽ ∑P[∣β (A )−β ∣⩾δ] tion,” John Wiley & Sons, 2013. l N l l N l l=1 l=1 [5] S. W. Golomb et al., “Shift register se- 2(ρ−1)(2γ−1)!! quences,” Aegean Park Press, 1982. ⩽ √ . (78) [6] I. Reed and R. Stewart, “Note on the existence ( πNδ)2γ of perfect maps,” IRE Transactions on Infor- Following the proof of Theorem 1 and using the mation Theory, vol. 8, no. 1, pp. 10–12, 1962. bound in (77) instead of (51) we get the desired [7] F. J. MacWilliams and N. J. A. Sloane, result. “Pseudo-random sequences and arrays,” Pro- ceedings of the IEEE, vol. 64, no. 12, pp. APPENDIX B 1715–1729, 1976. [8] H. Imai, “A theory of two-dimensional cyclic Proof of Lemma 5. Introduce a random variable, codes,” Information and Control, vol. 34, ξ =xTA x, (79) no. 1, pp. 1–21, 1977. N [9] S. Sakata, “On determining the independent then E[ξ]=0 and its variance reads as point set for doubly periodic arrays and en- ⎡ ⎤ ⎢ ⎥ coding two-dimensional cyclic codes and their var[ξ]=E[(xTA x)2]=E⎢∑x x x x a a ⎥, N ⎢ i j k l ij kl⎥ duals,”IEEETransactionsonInformationThe- ⎣ijkl ⎦ ory, vol. 27, no. 5, pp. 556–565, 1981. where A = {a }N . Since the elements from [10] K. G. Paterson, “Perfect maps,” IEEE Trans- N ij i,j=1 the upper triangular part of A are pairwise inde- actions on Information Theory, vol. 40, no. 3, N pendent, the only contribution to this expectation is pp. 743–753, 1994.