Part III

Cyclic codes
CHAPTER 3: CYCLIC CODES, CHANNEL CODING, LIST
DECODING

Cyclic codes are very special linear codes. They are of large interest and importance for
several reasons:

They posses a rich algebraic structure that can be utilized in a variety of ways.
They have extremely concise specifications.
Their encodings can be efficiently implemented using simple machinery - shift
registers.
Many of the practically very important codes are cyclic.

Channel codes are used to encode streams of data (bits). Some of them, as
Concatenated codes and Turbo codes, reach theoretical Shannon bound concerning
efficiency, and are currently used very often in practice.

List decoding is a new decoding mode capable to deal, in an approximate way, with cases
of many errors, and in such a case to perform better than classical unique decoding.

Locally decodable codes can be seen as theoretical extreme of coding theeory with deep
theoretical implications.
prof. Jozef Gruska IV054 3. Cyclic codes 2/82
IMPORTANT NOTE

In order to specify a non-linear binary code with 2k codewords of length n one may need
to write down
2k
codewords of length n.

In order to specify a linear binary code of the dimension k with 2k codewords of length n
it is sufficient to write down
k
codewords of length n.

In order to specify a binary cyclic code with 2k codewords of length n it is sufficient to

write down
1
codeword of length n.

prof. Jozef Gruska IV054 3. Cyclic codes 3/82

BASIC DEFINITION AND EXAMPLES
Definition A code C is cyclic if
(i) C is a linear code;
(ii) any cyclic shift of a codeword is also a codeword, i.e. whenever
a0 , . . . an−1 ∈ C , then also an−1 a0 . . . an–2 ∈ C and a1 a2 . . . an−1 a0 ∈ C .
Example
(i) Code C = {000, 101, 011, 110} is cyclic.
(ii) Hamming code Ham(3, 2): with the generator matrix
2 3
1 0 0 0 0 1 1
60 1 0 0 1 0 17
G =6 40 0 1 0 1 1 05
7

0 0 0 1 1 1 1
is equivalent to a cyclic code.
(iii) The binary linear code {0000, 1001, 0110, 1111} is not cyclic, but it is equivalent to
a cyclic code.
(iv) Is Hamming code Ham(2, 3) with the generator matrix
» –
1 0 1 1
0 1 1 2
(a) cyclic?
(b) or at least equivalent to a cyclic code?
prof. Jozef Gruska IV054 3. Cyclic codes 4/82
FREQUENCY of CYCLIC CODES

Comparing with linear codes, cyclic codes are quite scarce. For example, there are 11 811
linear [7,3] binary codes, but only two of them are cyclic.

Trivial cyclic codes. For any field F and any integer n ≥ 3 there are always the following
cyclic codes of length n over F :
No-information code - code consisting of just one all-zero codeword.
Repetition code - code consisting of all codewords (a, a, . . . ,a) for a ∈ F .
Single-parity-check code - code consisting of all codewords with parity 0.
No-parity code - code consisting of all codewords of length n

For some cases, for example for n = 19 and F = GF (2), the above four trivial cyclic
codes are the only cyclic codes.

prof. Jozef Gruska IV054 3. Cyclic codes 5/82

AN EXAMPLE of a CYCLIC CODE

Is the code with the following generator matrix cyclic?

2 3
1 0 1 1 1 0 0
G = 40 1 0 1 1 1 05
0 0 1 0 1 1 1

It is. It has, in addition to the codeword 0000000, the following codewords

c2 = 0101110
c1 = 1011100 c3 = 0010111
c1 + c3 = 1001011
c1 + c2 = 1110010 c2 + c3 = 0111001
c1 + c2 + c3 = 1100101

and it is cyclic because the right shifts have the following impacts

c2 → c3 ,
c1 → c2 , c3 → c1 + c3
c1 + c3 → c1 + c2 + c3 ,
c1 + c2 → c2 + c3 , c2 + c3 → c1
c1 + c2 + c3 → c1 + c2

prof. Jozef Gruska IV054 3. Cyclic codes 6/82

POLYNOMIALS over GF(q)
A codeword of a cyclic code is usually denoted by
a0 a1 . . . an−1
and to each such a codeword the polynomial
a0 + a1 x + a2 x 2 + . . . + an−1 x n−1
is usually associated – an ingenious idea!!.
NOTATION: Fq [x] will denote the set of all polynomials f (x) over GF (q).
deg (f (x)) = the largest m such that x m has a non-zero coefficient in f (x).
Multiplication of polynomials If f (x), g (x) ∈ FQ[x], then
deg (f (x)g (x)) = deg (f (x)) + deg (g (x)).
Division of polynomials For every pair of polynomials a(x), b(x) 6= 0 in Fq [x] there exists
a unique pair of polynomials q(x), r (x) in Fq [x] such that
a(x) = q(x)b(x) + r (x), deg (r (x)) < deg (b(x)).
Example Divide x 3 + x + 1 by x 2 + x + 1 in F2 [x].
Definition Let f (x) be a fixed polynomial in Fq [x]. Two polynomials g (x), h(x) are said
to be congruent modulo f (x), notation
g (x) ≡ h(x) (mod f (x)),
if g (x) − h(x) is divisible by f (x).
prof. Jozef Gruska IV054 3. Cyclic codes 7/82
EXAMPLE

If x 3 + x + 1 is divided by x 2 + x = 1, then
x 3 + x + 1 = (x 2 + x + 1)(x − 1) + x

and therefore the result of the division is x − 1 and the

remainder is x.

prof. Jozef Gruska IV054 3. Cyclic codes 8/82

NOTICE

A code C of the words of length n

is a set of codewords of length n
a0 a1 a2 . . . an−1

or C can be seen as
a set of polynomials of the degree (at most) n − 1
a0 + a1 x + a2 x 2 + . . . + an−1 x n−1

prof. Jozef Gruska IV054 3. Cyclic codes 9/82

RINGS of POLYNOMIALS

For any polynomial f (x), the set of all polynomials in Fq [x] of degree less than deg (f (x)),
with addition and multiplication modulo f (x), forms a ring denoted Fq [x]/f (x).
Example Calculate (x + 1)2 in F2 [x]/(x 2 + x + 1). It holds
(x + 1)2 = x 2 + 2x + 1 ≡ x 2 + 1 ≡ x (mod x 2 + x + 1).
How many elements has Fq [x]/f (x)?
Result |Fq [x]/f (x)| = q deg (f (x)) .
Example Addition and multiplication tables for F2 [x]/(x 2 + x + 1)
+ 0 1 x 1+x • 0 1 x 1+x
0 0 1 x 1+x 0 0 0 0 0
1 1 0 1+x x 1 0 1 x 1+x
x x 1+x 0 1 x 0 x 1+x 1
1+x 1+x x 1 0 1+x 0 1+x 1 x

Definition A polynomial f (x) in Fq [x] is said to be reducible if f (x) = a(x)b(x), where

a(x), b(x) ∈ Fq [x] and

deg (a(x)) < deg (f (x)), deg (b(x)) < deg (f (x)).
If f (x) is not reducible, then it is said to be irreducible in Fq [x].
Theorem The ring Fq [x]/f (x) is a field if f (x) is irreducible in Fq [x].
prof. Jozef Gruska IV054 3. Cyclic codes 10/82
RING (Factor ring) Rn = Fq [x]/(x n − 1)

Computation modulo x n − 1 in the ring Rn = Fq [x]/(x n − 1)

Since x n ≡ 1 (mod (x n − 1)) we can compute f (x) mod (x n − 1) by replacing, in f (x),
x n by 1, x n+1 by x, x n+2 by x 2 , x n+3 by x 3 , . . .
Replacement of a word
w = a0 a1 . . . an−1
by a polynomial
p(w ) = a0 + a1 x + . . . + an−1 x n−1
is of large importance because

multiplication of p(w ) by x in Rn corresponds to a single cyclic shift of w . Indeed,

x(a0 + a1 x + . . . an−1 x n−1 ) = an−1 + a0 x + a1 x 2 + . . . + an−2 x n−1

prof. Jozef Gruska IV054 3. Cyclic codes 11/82

An ALGEBRAIC CHARACTERIZATION of CYCLIC CODES

Theorem A binary code C of words of length n is cyclic if and only if it satisfies two
conditions
(i) a(x), b(x) ∈ C ⇒ a(x) + b(x) ∈ C
(ii) a(x) ∈ C , r (x) ∈ Rn ⇒ r (x)a(x) ∈ C

Proof
(1) Let C be a cyclic code. C is linear ⇒
(i) holds.
(ii)
If a(x) ∈ C , r (x) = r0 + r1 x + . . . + rn−1 x n−1 then
r (x)a(x) = r0 a(x) + r1 xa(x) + . . . + rn−1 x n−1 a(x)
is in C by (i) because summands are cyclic shifts of a(x).
(2) Let (i) and (ii) hold
Taking r (x) to be a scalar the conditions (i) and (ii) imply linearity of C .
Taking r (x) = x the conditions (i) and (ii) imply cyclicity of C .

prof. Jozef Gruska IV054 3. Cyclic codes 12/82

CONSTRUCTION of CYCLIC CODES

Notation For any f (x) ∈ Rn , we can define

hf (x)i = {r (x)f (x) | r (x) ∈ Rn }
(with multiplication modulo x n − 1) to be a set of polynomials - a code.
Theorem For any f (x) ∈ Rn , the set hf (x)i is a cyclic code (generated by f ).
Proof We check conditions (i) and (ii) of the previous theorem.
(i) If a(x)f (x) ∈ hf (x)i and also b(x)f (x) ∈ hf (x)i, then
a(x)f (x) + b(x)f (x) = (a(x) + b(x))f (x) ∈ hf (x)i
(ii) If a(x)f (x) ∈ hf (x)i, r (x) ∈ Rn , then
r (x)(a(x)f (x)) = (r (x)a(x))f (x) ∈ hf (x)i
Example let C = h1 + x 2 i, n = 3, q = 2.
In order to determine C we have to compute r (x)(1 + x 2 ) for all r (x) ∈ R3 .
R3 = {0, 1, x, 1 + x, x 2 , 1 + x 2 , x + x 2 , 1 + x + x 2 }.
Result
C = {0, 1 + x, 1 + x 2 , x + x 2 }
C = {000, 110, 101, 011}

prof. Jozef Gruska IV054 3. Cyclic codes 13/82

CHARACTERIZATION THEOREM for CYCLIC CODES
We show that all cyclic codes C have the form C = hf (x)i for some f (x) ∈ Rn .
Theorem Let C be a non-zero cyclic code in Rn . Then
there exists a unique monic polynomial g (x) of the smallest degree such that
C = hg (x)i
g (x) is a factor of x n − 1.
Proof
(i) Suppose g (x) and h(x) are two monic polynomials in C of the smallest degree, say
D.
Then the polynomial w (x) = g (x) − h(x) ∈ C and it has a smaller degree than D
and a multiplication by a scalar makes out of w (x) a monic polynomial. Therefore
the assumption that g (x) 6= h(x) leads to a contradiction.
(ii) If a(x) ∈ C , then for some q(x) and r (x)

a(x) = q(x)g (x) + r (x), (wheredeg r (x) < deg g (x)).

and therefore
r (x) = a(x) − q(x)g (x) ∈ C .
By minimality condition
r (x) = 0
oand therefore a(x) ∈ hg (x)i.
prof. Jozef Gruska IV054 3. Cyclic codes 14/82
CHARACTERIZATION THEOREM for CYCLIC CODES -
continuation

(iii) It has to hold, for some q(x) and r (x)

x n − 1 = q(x)g (x) + r (x) with deg r (x) < deg g (x)

and therefore
r (x) ≡ −q(x)g (x) (mod x n − 1) and
r (x) ∈ C ⇒ r (x) = 0 ⇒ g (x) is therefore a factor of x n − 1.

GENERATOR POLYNOMIALS - definition

Definition If
C = hg (x)i,
for a cyclic code C , then g is called the generator polynomial for the code C .

prof. Jozef Gruska IV054 3. Cyclic codes 15/82

HOW TO DESIGN CYCLIC CODES?

The last claim of the previous theorem gives a recipe to get all cyclic codes of the
given length n in GF(q)

Indeed, all we need to do is to find all factors (in GF(q)) of

x n − 1.
Problem: Find all binary cyclic codes of length 3.
Solution: Make decomposition
x3 − 1 = (x − 1)(x 2 + x + 1)
| {z }
both factors are irreducible in GF(2)

Therefore, we have the following generator polynomials and cyclic codes of length 3.

Generator polynomials Code in R3 Code in V (3, 2)

1 R3 V (3, 2)
x +1 {0, 1 + x, x + x 2 , 1 + x 2 } {000, 110, 011, 101}
x2 + x + 1 {0, 1 + x + x 2 } {000, 111}
3
x − 1 ( = 0) {0} {000}

prof. Jozef Gruska IV054 3. Cyclic codes 16/82

DESIGN of GENERATOR MATRICES for CYCLIC CODES
Theorem Suppose C is a cyclic code of codewords of length n with the generator
polynomial
g (x) = g0 + g1 x + . . . + gr x r .
Then dim (C ) = n − r and a generator matrix G1 for C is
g0 g1 g2 ... gr 0 0 0 ... 0
0 1
B 0 g0 g1 g2 ... gr 0 0 ... 0 C
G1 = B 0 0 g0 g1 g2 ... gr 0 ... 0 C
B C
@. . . ... . . .A
0 0 ... 0 0 ... 0 g0 ... gr
Proof
(i) All rows of G1 are linearly independent.
(ii) The n − r rows of G represent codewords
g (x), xg (x), x 2 g (x), . . . , x n−r −1 g (x) (*)
(iii) It remains to show that every codeword in C can be expressed as a linear
combination of vectors from (*).
Indeed, if a(x) ∈ C , then
a(x) = q(x)g (x).
Since deg a(x) < n we have deg q(x) < n − r .
Hence
n−r −1
q(x)g (x) = (q0 + q1 x + . . . + qn−r −1 x )g (x)
n−r −1
= q0 g (x) + q1 xg (x) + . . . + qn−r −1 x g (x).

prof. Jozef Gruska IV054 3. Cyclic codes 17/82

EXAMPLE
The task is to determine all ternary codes of length 4 and generators for them.
Factorization of x 4 − 1 over GF (3) has the form
x 4 − 1 = (x − 1)(x 3 + x 2 + x + 1) = (x − 1)(x + 1)(x 2 + 1)
Therefore, there are 23 = 8 divisors of x 4 − 1 and each generates a cyclic code.
Generator polynomial Generator matrix
1 2 I4 3
−1 1 0 0
x −1 40 −1 1 05
0 0 −1 1
2 3
1 1 0 0
x +1 40 1 1 05
0 0 1 1
» –
2 1 0 1 0
x +1
0 1 0 1
» –
−1 0 1 0
(x − 1)(x + 1) = x 2 − 1
0 −1 0 1
(x − 1)(x 2 + 1) = x 3 − x 2 + x − 1
ˆ ˜
−1 1 −1 1
(x + 1)(x 2 + 1)
ˆ ˜
1 1 1 1
4
ˆ ˜
x −1=0 0 0 0 0
prof. Jozef Gruska IV054 3. Cyclic codes 18/82
COMMENTS

The last matrix is not, however, formally a generator

matrix - the corresponding code is empty.

On the previous slide ”generator polynomials” x − 1,

x 2 − 1 and x 3 − x 2 + x + 1 are formally not in Rn because
only allowable coefficients are 0, 1, 2.
A good practice is, however, to use also coefficients −2,
and −1 as ones that are equal, modulo 3, to 1 and 2 and
they can be replace in such a way also in matrices to be
formally fully correct.

prof. Jozef Gruska IV054 3. Cyclic codes 19/82

EXAMPLE - II

In order to determine all binary cyclic codes of length 7, consider decomposition

x 7 − 1 = (x − 1)(x 3 + x + 1)(x 3 + x 2 + 1)
Since we want to determine binary codes, all computations should be modulo 2 and
therefor all minus signs can be replaced by plus signs. Therefore

x 7 + 1 = (x + 1)(x 3 + x + 1)(x 3 + x 2 + 1)

Therefore generators for 23 binary cyclic codes of length 7 are

1, a(x) = x + 1, b(x) = x 3 + x + 1, c(x) = x 3 + x 2 + 1

a(x)b(x), a(x)c(x), b(x)c(x), a(x)b(x)c(x) = x 7 + 1

prof. Jozef Gruska IV054 3. Cyclic codes 20/82

CHECK POLYNOMIALS and PARITY CHECK MATRICES for
CYCLIC CODES
Let C be a cyclic [n, k]-code with the generator polynomial g (x) (of degree n − k). By
the last theorem g (x) is a factor of x n − 1. Hence
x n − 1 = g (x)h(x)
for some h(x) of degree k. (h(x) is called the check polynomial of C .)
Theorem Let C be a cyclic code in Rn with a generator polynomial g (x) and a check
polynomial h(x). Then an c(x) ∈ Rn is a codeword of C if and only if c(x)h(x) ≡ 0
–(this and next congruences are all modulo x n − 1).
Proof Note, that g (x)h(x) = x n − 1 ≡ 0
(i) c(x) ∈ C ⇒ c(x) = a(x)g (x) for some a(x) ∈ Rn
⇒ c(x)h(x) = a(x) g (x)h(x) ≡ 0.
| {z }
≡0
(ii) c(x)h(x) ≡ 0
c(x) = q(x)g (x) + r (x), deg r (x) < n − k = deg g (x)
c(x)h(x) ≡ 0 ⇒ r (x)h(x) ≡ 0 (mod x n − 1)
Since deg (r (x)h(x)) < n − k + k = n, we have r (x)h(x) = 0 in F [x] and therefore
r (x) = 0 ⇒ c(x) = q(x)g (x) ∈ C .
prof. Jozef Gruska IV054 3. Cyclic codes 21/82
POLYNOMIAL REPRESENTATION of DUAL CODES

Continuation: Since dim (hh(x)i) = n − k = dim(C ⊥ ) we might easily be fooled to

think that the check polynomial h(x) of the code C generates the dual code C ⊥ .
Reality is “slightly different”:
Theorem Suppose C is a cyclic [n, k]-code with the check polynomial
h(x) = h0 + h1 x + . . . + hk x k ,
then
(i) a parity-check matrix for C is
0 1
hk hk−1 ... h0 0 ... 0
B0 hk ... h1 h0 ... 0C
H=B @. . .
C
... A
0 0 ... 0 hk ... h0
⊥
(ii) C is the cyclic code generated by the polynomial

h(x) = hk + hk−1 x + . . . + h0 x k

i.e. by the reciprocal polynomial of h(x).

prof. Jozef Gruska IV054 3. Cyclic codes 22/82

POLYNOMIAL REPRESENTATION of DUAL CODES
Proof A polynomial c(x) = c0 + c1 x + . . . + cn−1 x n−1 represents a code from C if
c(x)h(x) = 0. For c(x)h(x) to be 0 the coefficients at x k , . . . , x n−1 must be zero, i.e.
c0 hk + c1 hk−1 + . . . + ck h0 = 0
c1 hk + c2 hk−1 + . . . + ck+1 h0 = 0
...
cn−k−1 hk + cn−k hk−1 + . . . + cn−1 h0 = 0
Therefore, any codeword c0 c1 . . . cn−1 ∈ C is orthogonal to the word hk hk−1 . . . h0 00 . . . 0
and to its cyclic shifts.
Rows of the matrix H are therefore in C ⊥ . Moreover, since hk = 1, these row vectors are
linearly independent. Their number is n − k = dim (C ⊥ ). Hence H is a generator matrix
for C ⊥ , i.e. a parity-check matrix for C .
In order to show that C ⊥ is a cyclic code generated by the polynomial
h(x) = hk + hk−1 x + . . . + h0 x k
it is sufficient to show that h(x) is a factor of x n − 1.
Observe that h(x) = x k h(x −1 )and since h(x −1 )g (x −1 ) = (x −1 )n − 1
we have that x k h(x −1 )x n−k g (x −1 ) = x n (x −n − 1) = 1 − x n
and therefore h(x) is indeed a factor of x n − 1.
prof. Jozef Gruska IV054 3. Cyclic codes 23/82
ENCODING with CYCLIC CODES I
Encoding using a cyclic code can be done by a multiplication of two polynomials - a
message (codeword) polynomial and the generating polynomial for the code.
Let C be a cyclic [n, k]-code over a Galois field with the generator polynomial
g (x) = g0 + g1 x + . . . + gr −1 x r −1 of degree r − 1 = n − k − 1.
If a message vector m is represented by a polynomial m(x) of the degree k and m is
encoded, using the generator matrix G induced by g (x), then
m ⇒ c = mG ,
Therefore, the following relation between m(x) and c(x) holds
c(x) = m(x)g (x).
Such an encoding can be realized by the shift register shown in Figure below, where
input is the k-bit to-be-encoded message, followed by n − k 0’s, and the output will be
the encoded message.
output

input

L codes. Small circles represent multiplication by

Shift-register encodings of cyclic
the corresponding constant, nodes represent modular additions, squares are shift
cells
prof. Jozef Gruska IV054 3. Cyclic codes 24/82
EXAMPLE

output

input

Shift-register encodings of cyclic codes. Small

circles represent
L multiplication by the corresponding
constant, nodes represent modular addition,
squares are delay elements
The input (message) is given by a polynomial
mk−1 x k−1 + . . . m2 x 2 + m1 x + m0
and therefore the input to the shift register is the word

mk−1 mk−2 . . . m2 m1 m0 →→→

prof. Jozef Gruska IV054 3. Cyclic codes 25/82
MULTIPLICATION of POLYNOMIALS by SHIFT-REGISTERS
Let us compute
(m0 + m1x + . . . mk−1 x k−1 ) × (g0 + g1 x + g2 x 2 . . . gr −1 x r −1 )
=

m 0 g0

(m0 g1 + m1 g0 )x

+
(m0 g2 + m1 g1 + m2 g0 )x 2

+
(m0 g3 + m1 g2 + m2 g1 + m3 g0 )x 3

+
..
.
prof. Jozef Gruska IV054 3. Cyclic codes 26/82
HAMMING CODES as CYCLIC CODES I

Definition (Again!) Let r be a positive integer and let H be an r × (2r − 1) matrix

whose columns are all distinct non-zero vectors of GF (r ). Then the code having H as its
parity-check matrix is called binary Hamming code denoted by Ham (r , 2).
It can be shown:

Theorem The binary Hamming code Ham (r , 2) is equivalent to a cyclic code.

Definition If p(x) is an irreducible polynomial of degree r such that x is a primitive

element of the field F [x]/p(x), then p(x) is called a primitive polynomial.

Theorem If p(x) is a primitive polynomial over GF (2) of degree r , then the cyclic code
hp(x)i is the code Ham (r , 2).

prof. Jozef Gruska IV054 3. Cyclic codes 27/82

HAMMING CODES as CYCLIC CODES II

Hamming ham (3, 2) code has generator polynomial x 3 + x = 1.

Example Polynomial x 3 + x + 1 is irreducible over GF (2) and x is primitive element of

the field F2 [x]/(x 3 + x + 1).Therefore,
F2 [x]/(x 3 + x + 1) =

{0, 1, x, x 2 , x 3 = x + 1, x 4 = x 2 + x, x 5 = x 2 + x + 1, x 6 = x 2 + 1}
The parity-check matrix for a cyclic version of Ham (3, 2)
0 1
1 0 0 1 0 1 1
H = @0 1 0 1 1 1 0A
0 0 1 0 1 1 1

prof. Jozef Gruska IV054 3. Cyclic codes 28/82

PROOF of THEOREM
The binary Hamming code Ham (r , 2) is equivalent to a cyclic code.
It is known from algebra that if p(x) is an irreducible polynomial of degree r , then the ring
F2 [x]/p(x) is a field of order 2r .
In addition, every finite field has a primitive element. Therefore, there exists an element α of
F2 [x]/p(x) such that
F2 [x]/p(x) = {0, 1, α, α2 , . . . , α2r −2 }.
Let us identify an element a0 + a1 + . . . ar −1 x r −1 of F2 [x]/p(x) with the column vector

(a0 , a1 , . . . , ar −1 )>
and consider the binary r × (2r − 1) matrix
r
H = [1 α α2 . . . α2 −2 ].

Let now C be the binary linear code having H as a parity check matrix.
Since the columns of H are all distinct non-zero vectors of V (r , 2), C = Ham (r , 2).
Putting n = 2r − 1 we get
C = {f0 f1 . . . fn−1 ∈ V (n, 2)|f0 + f1 α + . . . + fn−1 αn−1 = 0} (1)
= {f (x) ∈ Rn |f (α) = 0 in F2 [x]/p(x)} (2)
If f (x) ∈ C and r (x) ∈ Rn , then r (x)f (x) ∈ C because
r (α)f (α) = r (α) • 0 = 0

and therefore, by one of the previous theorems, this version of Ham (r , 2) is cyclic.
prof. Jozef Gruska IV054 3. Cyclic codes 29/82
EXAMPLES of CYCLIC CODES

EXAMPLES of CYCLIC CODES

prof. Jozef Gruska IV054 3. Cyclic codes 30/82

GOLAY CODES - DESCRIPTION

Golay codes G24 and G23 were used by spacecraft Voyager I and Voyager II to transmit
color pictures of Jupiter and Saturn. Generator matrix for G24 has the form
01 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 1 1 1 0 0 0 1 01
B0 1 0 0 0 0 0 0 0 0 0 0 1 0 1 1 0 1 1 1 0 0 0 1C
B0 0 1 0 0 0 0 0 0 0 0 0 1 1 0 1 1 0 1 1 1 0 0 0C
B C
B0 0 0 1 0 0 0 0 0 0 0 0 1 0 1 0 1 1 0 1 1 1 0 0C
B C
B0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 1 0 1 1 0 1 1 1 0C
B C
B0
G =B 0 0 0 0 1 0 0 0 0 0 0 1 0 0 0 1 0 1 1 0 1 1 1CC
B0 0 0 0 0 0 1 0 0 0 0 0 1 1 0 0 0 1 0 1 1 0 1 1C
B C
B0 0 0 0 0 0 0 0 1 0 0 0 1 1 1 1 0 0 0 1 0 1 1 0C
B C
B0 0 0 0 0 0 0 0 0 1 0 0 1 0 1 1 1 0 0 0 1 0 1 1C
@ A
0 0 0 0 0 0 0 0 0 0 1 0 1 1 0 1 1 1 0 0 0 1 0 1
0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 0 1 1 1 0 0 0 1 0

G24 is (24, 12, 8)-code and the weights of all codewords are multiples of 4. G23 is
obtained from G24 by deleting last symbols of each codeword of G24 . G23 is
(23, 12, 7)-code. It is a perfect code.

prof. Jozef Gruska IV054 3. Cyclic codes 31/82

GOLAY CODE II

Golay code G23 is a (23, 12, 7)-code and can be defined also as the cyclic code generated
by the codeword
11000111010100000000000
This code can be constructed via factorization of x 23 − 1.
In his search for perfect codes Golay observed that
3
!
X 23
= 223−12 = 211
j=0
j

Observe that an (n, M, 2t + 1)-code is perfect if

t
!
X n
M (q − 1)i = q n .
i=0
i

Golay code G24 was used in NASA Deep Space Missions - in spacecraft Voyager 1 and
Voyager 2. It was also used in the US-government standards for automatic link
establishment in High Frequency radio systems.

Golay codes are named to honour Marcel J. E. Golay - from 1949.

prof. Jozef Gruska IV054 3. Cyclic codes 32/82
GOLAY CODES - III

Golay [24, 12, 8] code is called also extended binary

Golay code.

Golay [23, 12, 7] code is called also perfect binary Golay

code.

It is the linear code generated by the polynomial

x 11 + x 10 + x 6 + x 5 + x 4 + x 2 + 1/(x 23 − 1)

prof. Jozef Gruska IV054 3. Cyclic codes 33/82

POLYNOMIAL CODES

A Polynomial code, with codewords of length n, generated by a (generator) polynomial

g (x) of degree m < n over a GF(q) is the code whose codewords are represented exactly
by those polynomials of degree less than n that are divisible by g (x).

Example For the binary polynomial code with n = 5 and m = 2 generated by the
polynomial g (x) = x 2 + x + 1 all codewords are of the form:

a(x)g (x)
where
a(x) ∈ {0, 1, x, x + 1, x 2 , x 2 + 1, x 2 + x, x 2 + x + 1}

what results in the code with codewords

00000, 00111, 01110, 01001,

11100, 11011, 10010, 10101.

prof. Jozef Gruska IV054 3. Cyclic codes 34/82

BCH CODES and REED-SOLOMON CODES

BCH codes and Reed-Solomon codes belong to the most important codes for
applications.
Definition A polynomial p is said to be minimal for a complex number x in GF (q) if
p(x) = 0 and p is irreducible over GF (q).
Definition A cyclic code of codewords of length n over GF (q), where q is a power of a
prime p, is called BCH code1 of the distance d if its generator g (x) is the least common
multiple of the minimal polynomials for
ω l , ω l+1 , . . . , ω l+d−2
for some l, where
ω is the primitive n-th root of unity.
m
If n = q − 1 for some m, then the BCH code is called primitive.
Applications of BCH codes: satelite communications, compact disc players,disk drives,
two-dimensional bar codes,...
Comments: For BCH codes there exist effcient variations of syndrome decoding. A
Reed-Solomon code is a special primitive BCH code.

1
BHC stands for Bose and Ray-Chaudhuri and Hocquenghem who discovered these codes in 1959.
prof. Jozef Gruska IV054 3. Cyclic codes 35/82
REED-SOLOMON CODES - basic idea behind - I

A message of k symbols can be encoded by viewing these symbols as coefficients of a

polynomial of degree k − 1 over a finite field of order N, evaluating this polynomial at
more than k distinct points and sending the outcomes to the receiver.

Having more than k points of the polynomial allows to determine exactly, through the
Lagrangian interpolation, the original polynomial (message).

Variations of Reed-Solomon codes are obtained by specifying ways distinct points are
generated and error-correction is performed.

Reed-Solomon codes found many important applications from deep-space travel to

consumer electronics.

They are very useful especially in those applications where one can expect that errors
occur in bursts - such as ones caused by solar energy.

prof. Jozef Gruska IV054 3. Cyclic codes 36/82

SOLOMON CODES - BASIC IDEAS II.

Reed-Solomon (RS) codes were discovered in 1960 and since that time they have been
applied in CD-ROOMs, wireless communications, space communications, DVD, digital
TV.

RS encoding is relatively straightforward, effcient decodings are recent developments.

There several mathematical nontrivial descriptions of RS codes. However the basic idea
behind is quite simple.

RS-codes work with groups of bits called symbols.

If a k-symbol message is to be sent, then n = k + 2s symbols are transmitted in order to

guarantee a proper decoding of not more than s symbols corruptions.

Example: If k = 223, s = 16, n = 235, then up to 16 corrupted symbols can be

corrected.

Number of bits in symbols and parameters k and s depend on applications.

A CD-ROOM can correct a burst of up to 4000 consecutive bit-errors.

prof. Jozef Gruska IV054 3. Cyclic codes 37/82
BASICS of ENCODING and DECODING

If symbols have j bits they are considered as elemnets of GF(2j )

To a k symbols message M = (m0 , m1 , . . . , mk−1 ) we associate a k − 1 degree

(message) polynomial

PM = m0 + m1 x + m2 x 2 + . . . + mk−1 x k−1

PM is uniquely detrmined given any k of its points.

Encoding To encode the message M so that s corruptions of symbols can be corrected

we compute and send n = k + 2s values of pM at poits x1 , . . . , xn , properly chosen in
advance.
Decoding Let y1 , y2 , . . . , yn be evaluations received (with at most s corruptions of
symbols. Try to find a subset of at least k + s points from ((x1 , y1 ), . . . , (xn , yn such that
a degree k − 1 polynomial passes through these points. Such a subset has to exist since
we start with k + 2s points and at most s are corrupted. Once we have such a subset we
know that it matches the evaluation of pM (x) in at least k distinct x-values.

Since k points uniquely determines a degree k − 1 polynomial we can construct the

polynomial pM (x) and to get the correct decoding.

prof. Jozef Gruska IV054 3. Cyclic codes 38/82

REED-SOLOMON CODES - TECHNICALITIES

Reed-Solomon codes RSC(k, q), for k ≤ q. are codes generator matrix of which has rows
labeled by polynomials X i , 0 ≤ i ≤ k − 1, columns are labelled by elements
0, 1, . . . , q − 1 and the element in a row labeled by a polynomial p and in a column
labeled by an element u is p(u).

Each RSC(k, q) code is [q, k, q − k + 1] code

Example Generator matrix for RSC(3, 5) code is

0 1
1 1 1 1 1
@ 0 1 2 3 4 A
0 1 4 4 1

An interesting property of Reed-Solomon codes:

RSC(k, q)⊥ = RSC(q − k, q).

Reed-Solomon codes were used in digital television, satellite communication, wireless

communication, bar-codes, compact discs, DVD,...

prof. Jozef Gruska IV054 3. Cyclic codes 39/82

REED-SOLOMON CODES - HISTORY and APPLICATIONS

Reed-Solomon (RS) codes are non-binary cyclic codes.

They were invented by Irving S. Reed and Gustave Solomon in 1960.
Efficient decoding algorithm for them was invented by Elwyn Berlekamp and James
Massey in 1969.
Using Reed-Solomon codes one can show that it is sufficient to inject 2e additional
symbols into a message in order to be able to correct e errors.
Reed-Solomon codes can be decoded efficiently using so-called list decoding method
(described next).
In 1977 RS codes have been implemented in Voyager space program
The first commercial application of RS codes in mass-consumer products was in
1982.

prof. Jozef Gruska IV054 3. Cyclic codes 40/82

CHANNEL (STREAMs) CODING

Channel coding is concerned with an efficient encoding of the streams of data and
sending them, at the highest possible rate, over a given communication channel
and then obtaining the original data reliably, at the receiver side, by decoding the
received data efficiently.

Shannon’s channel coding theorem says that over many common channels there exist
data coding schemes that are able to transmit data reliably at all rates smaller than a
certain threshold, called nowadays the Shannon channel capacity of a given channel.

Moreover, the probability of a decoding error can be made to decrease exponentially as

the block length N of the coding scheme goes to infinity.

However, the complexity of a ”naive” optimum decoding scheme increases exponentially

with N - therefore such an optimum decoder rapidly becomes infeasible.

As already mentioned, a breakthrough came when D. Forney, in his PhD thesis in 1972,
showed that concatenated codes could be used to achieve exponentially decreasing error
probabilities at all data rates less than the Shannon channel capacity, with decoding
complexity increasing only polynomially with the code block length.

prof. Jozef Gruska IV054 3. Cyclic codes 41/82

CHANNEL CAPACITY

Channel capacity is the tightest upper bound on the rate

of information that can be reliably transmitted over a
communication channel.
By the noisy-channel Shannon coding theorem, the
channel capacity of a given channel is the limiting
information rate (in units of information per unit time)
that can be achieved with arbitrary small error probability.

prof. Jozef Gruska IV054 3. Cyclic codes 42/82

CHANNEL CAPAVITY - FORMAL DEFINITION

Let X and Y be raandom variables representing the input and output of the channel.

Let PY |X (y |x) be the conditional distribution function of Y given X , which is an inherent

fixed probability of the communication channel.

The joint distribution PX ,Y (x, y ) is then defined by

PX ,Y (x, y ) = PY |X (y |x)PX (x),

where PX (x) is the marginal distribution.

The channel capacity is then defined by

C = sup I (X , Y )
PX (x)

where „ «
XX PX ,Y (x, y )
I (X , Y ) = PX ,Y (x, y ) log
PX (x)PY (y )
y ∈Y x∈X

is the mutual distribution - a measure of variables mutual distribution.

prof. Jozef Gruska IV054 3. Cyclic codes 43/82

CHANNEL (STREAMS) CODING I.

The task of channel coding is to encode streams of data in such a way that if they
are sent over a noisy channel errors can be detected and/or corrected by the receiver.

In case no receiver-to-sender communication is allowed, we speak about forward error

correction.

An important parameter of a channel code is code rate

k
r=
n
in case k bits are encoded by n bits.

The code rate express the amount of redundancy in the code - the lower is the
rate, the more redundant is the code.

prof. Jozef Gruska IV054 3. Cyclic codes 44/82

CHANNEL (STREAM) CODING II
Design of a channel code is always a tradeoff between energy efficiency and bandwidth
efficiency.

Codes with lower code rate can usually correct more errors. Consequently, the
communication system can operate
with a lower transmit power;
transmit over longer distances;
tolerate more interference from the environment;
use smaller antennas;
transmit at a higher data rate.
These properties make codes with lower code rate energy efficient.

On the other hand such codes require larger bandwidth and decoding is usually of higher
complexity.

The selection of the code rate involves a tradeoff between energy efficiency and
bandwidth efficiency.

Central problem of channel encoding: encoding is usually easy, but decoding is usually
hard.
prof. Jozef Gruska IV054 3. Cyclic codes 45/82
CONVOLUTION CODES

Our first example of channel codes are convolution codes.

Convolution codes have simple encoding and decoding, are quite a simple generalization
of linear codes and have encodings as cyclic codes.
An (n, k) convolution code (CC) is defined by an k × n generator matrix, entries of
which are polynomials over F2 .
For example,
G1 = [x 2 + 1, x 2 + x + 1]
is the generator matrix for a (2, 1) convolution code, denoted CC1 , and
„ «
1+x 0 x +1
G2 =
0 1 x
is the generator matrix for a (3, 2) convolution code denoted CC2

prof. Jozef Gruska IV054 3. Cyclic codes 46/82

ENCODING of FINITE POLYNOMIALS

An (n,k) convolution code with a k x n generator matrix G can be used to encode a

k-tuple of plain-polynomials (polynomial input information)
I = (I0 (x), I1 (x), . . . , Ik−1 (x))

to get an n-tuple of crypto-polynomials

C = (C0 (x), C1 (x), . . . , Cn−1 (x))

as follows

C =I ·G

prof. Jozef Gruska IV054 3. Cyclic codes 47/82

EXAMPLES

EXAMPLE 1

(x 3 + x + 1) · G1 = (x 3 + x + 1) · (x 2 + 1, x 2 + x + 1)
= (x 5 + x 2 + x + 1, x 5 + x 4 + 1)

EXAMPLE 2
„ «
1+x 0 x +1
(x 2 + x, x 3 + 1) · G2 = (x 2 + x, x 3 + 1) ·
0 1 x

prof. Jozef Gruska IV054 3. Cyclic codes 48/82

ENCODING of INFINITE INPUT STREAMS

The way infinite streams are encoded using convolution codes will be Illustrated on the
code CC1 .

An input stream I = (I0 , I1 , I2 , . . .) is mapped into the output stream

C = (C00 , C10 , C01 , C11 . . .) defined by

C0 (x) = C00 + C01 x + . . . = (x 2 + 1)I (x)

and
C1 (x) = C10 + C11 x + . . . = (x 2 + x + 1)I (x).
The first multiplication can be done by the first shift register from the next figure; second
multiplication can be performed by the second shift register on the next slide and it holds
C0i = Ii + Ii+2 , C1i = Ii + Ii−1 + Ii−2 .
That is the output streams C0 and C1 are obtained by convolving the input stream with
polynomials of G1 .

prof. Jozef Gruska IV054 3. Cyclic codes 49/82

ENCODING

The first shift register

output

input

will multiply the input stream by x 2 + 1 and the second shift register
output

input

will multiply the input stream by x 2 + x + 1.

prof. Jozef Gruska IV054 3. Cyclic codes 50/82

ENCODING and DECODING

The following shift-register will therefore be an encoder for the code CC1

input
output streams

For decoding of convolution codes so called

Viterbi algorithm
Is used.

prof. Jozef Gruska IV054 3. Cyclic codes 51/82

BIAGWN CHANNELS
Binary Input Additive Gaussian White Noise (BIAGWN) channel, is a continuous channel.

BIAGWN channel with a standard deviation σ ≥ 0 can be

seen as a mapping
X = {−1, 1} → R,
where R is the set of reals.
The noise of BIAGWN is modeled by continuous Gaussian
probability distribution function:
Given (x, y ) ∈ {−1, 1} × R, the noise y − x is distributed
according to the Gaussian distribution of zero mean and
standard derivation σ
1 (y −x)2
Pr(y |x) = √ e − 2σ2
σ 2π
prof. Jozef Gruska IV054 3. Cyclic codes 52/82
SHANNON CHANNEL CAPACITY
For every combination of bandwidth (W ), channel type , signal power (S) and received
noise power (N), there is a theoretical upper bound, called channel capacity or Shannon
capacity, on the data transmission rate R for which error-free data transmission is
possible.

For BIAGWN channels, that well capture deep space channels, this limit is (by so-called
Shannon-Hartley theorem):
„ «
S
R < W log 1 + {bits per second}
N

Shannon capacity sets a limit to the energy efficiency of the code.

Till 1993 channel code designers were unable to develop codes with performance
close to Shannon capacity limit, that is so called Shannon capacity approaching
codes, and practical codes required about twice as much energy as theoretical
minimum predicted.

Therefore, there was a big need for better codes with performance (arbitrarily)
close to Shannon capacity limits.

Concatenated codes and Turbo codes have such a Shannon capacity approaching
property.
prof. Jozef Gruska IV054 3. Cyclic codes 53/82
CONCATENATED CODES - I

The basic idea of concatenated codes is extremely simple. Input is first encoded by one
code C1 and C1 -output is then encoded by second code C2 . To decode, at first C2
decoding and then C1 decoding are used.

In 1972 Forney showed that concatenated codes could be used to achieve exponentially
decreasing error probabilities at all data rates less than channel capacity in such a way
that decoding complexity increases only polynomially with the code block length.

In 1965 concatenated codes were considered as infeasible. However, already in 1970s

technology has advanced sufficiently and they became standardize by NASA for space
applications.

prof. Jozef Gruska IV054 3. Cyclic codes 54/82

CONCATENATED CODES - II
Let Cin : Ak → An be an [n, k, d] code over alphabet A.

Let Cout : B K → B N be an [N, K , D] code over alphabet B with |B| = |A|k symbols.

Concatenation of Cout (as outer code) with Cin (as inner code), denoted Cout ◦ Cin is the
[nN, kK , dD] code
Cout ◦ Cin : AkK → AnN
that maps an input message m = (m1 , m2 , . . . , mK ) to a codeword
0 0 0
(Cin (m1 ), Cin (m2 ), . . . , Cin (mN )), where
0 0 0
(m1 , m2 , . . . , mN ) = Cout (m1 , m2 , . . . , mK )

super encoder super decoder

outer inner noisy inner outer

encoder encoder channel decoder decoder

super
channel

prof. Jozef Gruska IV054 3. Cyclic codes 55/82

CONCATENATED CODES - III

super encoder super decoder

outer inner noisy inner outer

encoder encoder channel decoder decoder

super
channel

Of the key importance is the fact that if Cin is decoded using the maximum-likelihood
principle (thus showing an exponentially decreasing error probability with increasing
length) and Cout is a code with length N = 2n r that can be decoded in polynomial time
in N, then the concatenated code can be decoded in polynomial time with respect to
n2nr and has exponentially decreasing error probability even if Cin has exponential
decoding complexity.

prof. Jozef Gruska IV054 3. Cyclic codes 56/82

ANOTHER VIEW of CONCATENATED CODES

super encoder super decoder

outer inner noisy inner outer

encoder encoder channel decoder decoder

super
channel

Outer code: - (n2 , k2 ) code over GF(2k1 );

Inner code: - (n1 , k1 ) binary code
Inner decoder - (n1 , k1 ) code
Outer decoder - (n2 , k2 ) code

length of such a concatenated code is n1 n2

dimension of such a concatenated code is k1 k2
if minimal distances of both codes are d1 and d2 , then resulting concatenated code
has minimal distance ≥ d1 d2 .

prof. Jozef Gruska IV054 3. Cyclic codes 57/82

APPLICATIONS

Concatenated codes started to be used for deep space

communication starting with Voyager program in 1977
and stayed so until the invention of Turbo codes and
LDPC codes.
Concatenated codes are used also on Compact Disc.
The best concatenated codes for many applications
were based on outer Reed-Solomon codes and inner
Viterbi-decoded short constant length convolution
codes.

prof. Jozef Gruska IV054 3. Cyclic codes 58/82

EXAMPLE

When the primary antenna failed to deploy on the Galileo mission to Jupiter in 1977,
heroic engineering effort was undertaken to design the most powerful concatenated code
conceived up to that time, and to program it into the spacecraft computer.

The inner code was a 214 convolution code, decoded by the Viterbi algorithm.

The outer code consisted of multiple Reed-Solomon codes of varying length.

The system achieved a coding gain of more than 10dB at decoding error probabilities of
the order 10−7 . Original antenna was supposed to send 100,000 bits per second. With a
small antenna only 10 b/s could be sent. After all reparations and new codings it was
possible to send up to 1000 b/s.

Nowadays when so called iterative decoding is used concatenation of even very simple
codes can yield superb performance.

prof. Jozef Gruska IV054 3. Cyclic codes 59/82

TURBO CODES

Channel coding was revolutionized by invention of Turbo codes. Turbo codes were
introduced by Berrou, Glavieux and Thitimajshima in 1993. Turbo codes are specified by
special encodings.
A Turbo code can be seen as formed from the parallel composition of two (convolution)
codes separated by an interleaver (that permutes blocks of data in a fixed
(pseudo)-random way).
A Turbo encoder is formed from the parallel composition of two (convolution)
encoders separated by an interleaver.
input x i

convolution parity bit b1

encoder

interleaver

convolution
encoder parity bit b2

prof. Jozef Gruska IV054 3. Cyclic codes 60/82

EXAMPLES of TURBO and CONVOLUTION ENCODERS
A Turbo encoder
input x i

convolution parity bit b1

encoder

interleaver

convolution
encoder parity bit b2

and a convolution encoder

prof. Jozef Gruska IV054 3. Cyclic codes 61/82

ADVANTAGES of INTERLEAVING
In case when a word
cenaje200kc
is transmitted and symbols 7-10 are lost:
cenaje....c
then very important information is definitely lost.

However, if the input word is permuted according to permutation

3, 8, 7, 9, 10, 1, 2, 6, 4, 11, 5
then the input will be actually

n020kceeacj

and if the same four positions are damaged the output will be
n020kc....j
However, after the inverse permutation the output actually is
c.n.j.200k.
which is easy to decode correctly!!!!
prof. Jozef Gruska IV054 3. Cyclic codes 62/82
DECODING and PERFORMANCE of TURBO CODES

A soft-in-soft-out decoding is used - the decoder gets from the analog/digital

demodulator a soft value of each bit - probability that it is 1 and produces only a
soft-value for each bit.
The overall decoder uses decoders for outputs of two encoders that also provide only
soft values for bits and by exchanging information produced by two decoders and
from the original input bit, the main decoder tries to increase, by an iterative
process, likelihood for values of decoded bits and to produce finally hard outcome - a
bit 1 or 0.
Turbo codes performance can be very close to theoretical Shannon limit.
This was, for example the case for UMTS (the third Generation Universal Mobile
Telecommunication System) Turbo code having a less than 1.2-fold overhead. in
this case the interleaver worked with block of 40 bits.
Turbo codes were incorporated into standards used by NASA for deep space
communications, digital video broadcasting and both third generation cellular
standards.
Literature: M.C. Valenti and J.Sun: Turbo codes - tutorial, Handbook of RF and
Wireless Technologies, 2004 - reachable by Google.

prof. Jozef Gruska IV054 3. Cyclic codes 63/82

REACHING SHANNON LIMIT

Though Shannon developed his capacity bound already in 1940, till recently code
designers were unable to come with codes with performance close to theoretical limit.
In 1990 the gap between theoretical bound and practical implementations was still
at best about 3dB

A decibel is a relative measure. If E is the actual energy and Eref is the theoretical
lower bound, then the relative energy increase in decibels is
E
10 log10
Eref
Since log10 2 = 0.3 a two-fold relative energy increase equals 3dB.
For code rate 12 the relative increase in energy consumption is about 4.8 dB for
convolution codes and 0.98 for Turbo codes.

prof. Jozef Gruska IV054 3. Cyclic codes 64/82

TURBO CODES - SUMMARY

Turbo codes encoding devices are usually built from two (usually identical) recursive
systematic convolution encoders , linked together by nonuniform interleaver
(permutation) devices.
Soft decoding is an iterative process in which each component decoder takes
advantage of the work of other at the previous step, with the aid of the original
concept of intrinsic information.
For sufficiently large size of interleavers , the correcting performance of turbo codes,
as shown by simulations, appears to be close to the theoretical shannon limit.
Permutations performed by interleaver can often by specified by simple polynomials
that make one-to-one mapping of some sets {0, 1, . . . , q − 1}.

prof. Jozef Gruska IV054 3. Cyclic codes 65/82

WHY ARE TURBO CODES SO GOOD?

Turbo codes are linear codes.

A ”good” linear code is one that has mostly high-weight codewords.
High-weight codewords are desirable because they are more distinct and the decoder
can more easily distinguish among them.
A big advantage of Turbo encoders is that they reduce the number of low-weight
codewords because their output is the sum of the weights of the input and two
parity output bits.
A turbo code can be seen as a refinement of concatenated codes plus an iterative
algorithm for decoding.

prof. Jozef Gruska IV054 3. Cyclic codes 66/82

UNIQUE versus LIST DECODING

In the unique decoding model of error-correction, considered so far, the task is to find,
for a received (corrupted) message wc , the closest codeword w (in the code used) to wc .

This error-correction task/model is not sufficiently good in case when the number of
errors can be large.

In the list decoding model the task is for a received (corrupted) message wc and a given
 to output (list of) all codewords with the distance at most ε from wc .

List decoding is considered to be successful in case the outputted list contains the
codeword that was sent.

It has turned out that for a variety of important codes, including the Reed-Solomon
codes, there are efficient algorithms for list decoding that allow to correct a large variety
of errors.

List decoding seems to be a stronger error-correcting mode than unique decoding.

prof. Jozef Gruska IV054 3. Cyclic codes 67/82

LIST DECODING - INTUITIONS BEHIND

For a polynomial-time list decoding algorithm to exist we need that any Hamming ball of
a radius pn around a received word (where p is the fraction of errors in terms of the block
length n) has a small number of codewords.

This is because the list size itself is a lower bound for the running time of the algorithm.
Hence it is required that the list size has to be polynomial in the block length of the
code.

A combinatorial consequence of the above requirement is that it implies an upper bound

on the rate of the code. List decoding promises to meet this bound.

prof. Jozef Gruska IV054 3. Cyclic codes 68/82

EFFICIENCY of LIST DECODING - SUMMARY

With list decoding the error-correction performance can

double.

It has been shown, non-constructively, for any rate R, that

such codes of the rate R exist that can be list decoded up
to a fraction of errors approaching 1 − R.

The quantity 1 − R is referred to as the list decoding

capacity.
For Reed-Solomon
√ codes there is a list decoding up to
1 − 2R errors.

prof. Jozef Gruska IV054 3. Cyclic codes 69/82

LIST DECODING - MATHEMATICAL FORMULATION

Let C be a q-nary linear [n, k, d] error correcting code.

For a given q-nary input word w of length n and a given error bound ε the task is to
output a list of codewords of C whose Hamming distance from w is at most ε

We are, naturally, interested only in polynomial, in n, algorithms able to do that.

(p, L)-list decodability: Let C be a q-nary code of codewords of length n; 0 ≤ p ≤ 1 and

L > 1 an integer.

If for every q-nary word w of length n the number of codewords of C withing Hamming
distance pn from w is at most L, then the code C is said to be (p, L)-list-decodable.

Theorem let q ≥ 2, 0 ≤ p ≤ 1 − 1/q and ε ≥ 0 then for large enough block length n if
the code rate R ≤ 1 − Hq (p) − ε, then there exists a (p, O(1/ε)))-list decodable code.
[Hq (p) = p logq (q − 1) − p logq p − (1 − p) logq (1 − p) is q-ary entropy function.]
Moreover, if R > 1 − Hq (p) + ε, then every (p, L)-list-decodable code has L = q Ω(n)

prof. Jozef Gruska IV054 3. Cyclic codes 70/82

LIST DECODING POTENTIAL

The concept of list decoding was proposed by Peter Elias in 1950s.

In 2006 Guruswami and Atri Rudra gave explicit codes that achieve list decoding
capacity.
Their codes are called folded Reed-Solomon codes and they are actually nothing but
plain Reed-Solomon codes but viewed as codes over a larger alphabet by careful
bundling of codeword symbols.
List decoding can be seen as formalizing the notion of error-correction when the
number of errors is potentially very large. In such a case the received word can
actually be closer to other codewords than the transmitted one.
Algorithms developed for list decoding of several code families found interesting
applications in computational complexity theory and in cryptography (for example in
construction of hard-core predicates, extractors and pseudo-random generators).

prof. Jozef Gruska IV054 3. Cyclic codes 71/82

APPLICATIONS in COMPLEXITY THEORY

Surprisingly, list-decoding found interesting applications in

computational complexity theory. For example, in
designing of hard core predicates from one-way
permutations;
predicting witnesses for NP-problems;
designing randomness extractors and pseudorandom
generators.

prof. Jozef Gruska IV054 3. Cyclic codes 72/82

APPENDIX

APPENDIX

prof. Jozef Gruska IV054 3. Cyclic codes 73/82

APPLICATIONS of REED-SOLOMON CODES

Reed-Solomon codes have been widely used in mass storage systems to correct the
burst errors caused by media defects.
Special types of Reed-Solomon codes have been used to overcome unreliable nature
of data transmission over erasure channels.
Several bar-code systems use Reed-Solomon codes to allow correct reading even if a
portion of a bar code is damaged.
Reed-Solomon codes were used to encode pictures sent by the Voyager spacecraft.
Modern versions of concatenated Reed-Solomon/Viterbi decoder convolution coding
were and are used on the Mars Pathfinder, Galileo, Mars exploration Rover and
Cassini missions, where they performed within about 1-1.5dB of the ultimate limit
imposed by the shannon capacity.

prof. Jozef Gruska IV054 3. Cyclic codes 74/82

FUTURE of CODING DEVELOPMENTS

The following reasons are behind increasing needs to

develop new and new codes, new and new encoding and
decoding methods:
Needs for miniaturization, higher quality and better
efficiency as well as energy savings of many important
information storing and processing devices.
New channels are used, new types of errors start to be
possible.
New computation tools are developed - for example
special types of paralelization,....

prof. Jozef Gruska IV054 3. Cyclic codes 75/82

APPENDIX

APPENDIX

prof. Jozef Gruska IV054 3. Cyclic codes 76/82

LOCALLY DECODABLE CODES -I

Classical error-correcting codes allow one to encode an

n-bit message w into an N-bit codeword C (w ), in such a
way that w can still be recovered even if C (w ) gets
corrupted in a number of bits.
The disadvantage of the classical error-correcting codes is
that one needs to consider all, or at least most of, the
(corrupted) codeword to recover anything about w .
On the other hand so-called locally decodable codes
allow reconstruction of any arbitrary bit wi , from looking
only at k randomly chosen bits of C (w ), where k is as
small as 3.
Locally decodable codes have a variety of applications in
prof. Jozef Gruska IV054 3. Cyclic codes 77/82
LOCALLY DECODABLE CODES -II

Locally decodable codes have another remarkable property:

A message can be encoded in such a way that should a

small enough fraction of its symbols die in the transit, we
could, with high probability, to recover the original bit
anywhere in the message we choose.
Moreover, this can be done by picking at random only
three bits of the received message and combining them in
a right way.

prof. Jozef Gruska IV054 3. Cyclic codes 78/82

GROUPS

A group G is a set of elements and an operation, call it *, with the following properties:
G is closed under *; that is if a, b ∈ G , so is a ∗ b.
The operation * is associative, hat is a ∗ (b ∗ c) = (a ∗ b) ∗ c, for any a, b, c ∈ G .
G has an identity e element such that e ∗ a = a ∗ e = a for any a ∈ G .
Every element a ∈ G has an inverse a−1 ∈ G , such that a ∗ a−1 = a−1 ∗ a = e.
A group G is called an Abelian group if the operation ∗ is commutative, that is
a ∗ b = b ∗ a for any a, b ∈ G .

Example Which of the following sets is an (Abelian) group:

The set of real numbers with operation ∗ being: (a) addition; (b) multiplication.
The set of matrices of degree n and operation: (a) addition; (b) multiplication.
What happens if we consider only matrices with determinants not equal zero?

prof. Jozef Gruska IV054 3. Cyclic codes 79/82

RINGS and FIELDS

A ring R is a set with two operations + (addition) and · (multiplication) , having the
following properties:
R is closed under + and ·.
R is an Abelian group under + (with a unity element for addition called zero).
The associative law for multiplication holds.
R has an identity element 1 for multiplication
The distributive law holds: a · (b + c) = a · b + a · c for all a, b, c ∈ R.
A ring is called a commutative ring if multiplication is commutative.

A field F is a set with two operations + (addition) and · (multiplication) , with the
following properties:
F is a commutative ring.
Non-zero elements of F form an Abelian group under multiplication.
A non-zero element g is a primitive element of a field F if all non-zero elements of F
are powers of g .

prof. Jozef Gruska IV054 3. Cyclic codes 80/82

FINITE FIELDS

Finite fields are very well understood.

Theorem If p is a prime, then the integers modp, GF (p), constitute a field. Every finite
field F contains a subfield that is GF (p), up to relabeling, for some prime p and p · α = 0
for every α ∈ F .

If a field F contains the prime field GF (p), then p is called the characteristic of F .

Theorem (1) Every finite field F has p m elements for some prime p and some m.
(2) For any prime p and any integer m there is a unique (up to isomorphism) field of p m
elements GF (p m ).
(3) If f (x) is an irreducible polynomial of degree m in Fp [x], then the set of polynomials
in Fp [x] with additions and multiplications modulo f (x) is a field with p m elements.

prof. Jozef Gruska IV054 3. Cyclic codes 81/82

FINITE FIELDS GF (p k ), k > 1
There are two important ways GF(4), the Galois field of four elements, is realized.
1. It is easy to verify that such a field is the set

GF(4) = {0, 1, ω, ω 2 }

with operations + and · satisfying laws

0 + x = x for all x;
x + x = 0 for all x;
1 · x = x for all x;
ω + 1 = ω2

2. Let Z2 [x] be the set of polynomials whose coefficients are integers mod 2. GF(4) is
also Z2 [x] (mod x 2 + x + 1) therefore the set of polynomials

0, 1, x, x + 1

where addition and multiplication are (mod x 2 + x + 1).

3. Let p be a prime and Zp [x] be the set of polynomials with coefficients mod p. If p(x)
is a irreducible polynomial modp of degree n, then Zp [x] (mod p(x)) is a GF(p n ) with
p n elements.
prof. Jozef Gruska IV054 3. Cyclic codes 82/82