WCSIT GrobenerCoding
advertisement
World of Computer Science and Information Technology Journal (WCSIT)
ISSN: 2221-0741
Vol. 5, No. XXX, XXX-XXX, 2015
Decoding Error Correcting Codes
Using Groebner Bases
Thomas Risse
Institute of Informatics and Automation
Hochschule Bremen, University of Applied Sciences, Bremen, Germany
Abstract——In the past Groebner bases have been proved to be a very potent tool to solve a variety of problems first of all in
mathematics but also in science and engineering. Hence, it is near at hand to study application of Groebner bases in coding, i.e. the
encoding and especially the decoding of linear error correcting codes. This paper attempts an overview focusing on Reed-Solomon
codes and Goppa codes together with their coding and decoding algorithms.
Keywords- Groebner bases, error correcting codes, decoding, Reed-Solomon codes, Goppa codes
I.
{𝑔1 , … , 𝑔𝑡 } is a Groebner basis if and only if 𝐿𝑇(𝑓) is divisible
by one of the 𝐿𝑇(𝑔𝑖 ) for any 𝑓 in 𝐼. By the way, 𝐺 then has the
minimality properties of a proper ideal basis. Furthermore, 𝐺 is
unique, and any 𝑓 in 𝑅 can be written as 𝑓 = 𝑔 + 𝑟 for unique
polynomials 𝑔 and 𝑟 with 𝑔 in 𝐼 and no term of 𝑟 is divisible
by any element of 𝐿𝑇(𝑔𝑖 ).
INTRODUCTION (HEADING 1)
A Groebner basis (according to Bruno Buchberger, 1965)
or a standard basis (according to Heisuke Hironaka, 1964) is a
finite generating set of an ideal 𝐼 in the polynomial ring 𝑅 =
𝐾[𝑥1 , … , 𝑥𝑛 ] over a field K. For any such ideal the (reduced)
Groebner basis is unique and can be determined
algorithmically. This basis allows solving some prominent
mathematical problems, e.g. to decide whether some
polynomial belongs to 𝐼 or not, whether two ideals are
identical, whether two varieties are identical or not etc. In his
seminal thesis [5] Buchberger developed the theory and
presented the necessary algorithms. He also investigated
applications [7] of Groebner bases like solving systems of
multivariate polynomial equations.
B. B. Algorithms [11]
Buchberger’s algorithm computes a (not reduced) Groebner
basis for an ideal 𝐼 = ⟨𝑓1 , … 𝑓𝑠 ⟩.using sysygy- or S-polynomials
𝐿𝐶𝑀(𝐿𝑀(𝑓),𝐿𝑀(𝑔))
In the eighties the rapid development of computers spurred
further investigation of Groebner bases which resulted in
improvements of the algorithms and even more applications
[7]. Especially Computer Algebra Systems benefitted [9] from
Groebner bases. But Groebner bases also brought forth
progress in coding and cryptography.
II.
𝐿𝐶𝑀(𝐿𝑀(𝑓),𝐿𝑀(𝑔))
𝑆(𝑓, 𝑔) =
𝑓−
𝑔 for any two
𝐿𝑇(𝑓)
𝐿𝑇(𝑔)
polynomials 𝑓 and 𝑔 in 𝑅 together with a generalization of the
polynomial division algorithm for polynomials in one variable
to the case of multivariate polynomials 𝑓, 𝑓1 , … , 𝑓𝑠 , 𝑟 in 𝑅 such
that 𝑓 = 𝑎1 𝑓1 + ⋯ + 𝑎𝑠 𝑓𝑠 + 𝑟 where the remainder 𝑟 =
𝑓 ̅ {𝑓1 ,…,𝑓𝑠} is zero or a 𝐾-linear combination of monomials none
of which is divisible by any 𝐿𝑇(𝑓1 ), … , 𝐿𝑇(𝑓𝑠 ) – all in the usual
notation of [11][21] et al. With these definitions Buchberger’s
algorithm can now be specified.
input: 𝐹 = (𝑓1 , … , 𝑓𝑠 ) ⊂ 𝐾[𝑥1 , … , 𝑥𝑛 ]
output: 𝐺 = (𝑔1 , … , 𝑔𝑡 ) with ⟨𝐹⟩ = ⟨𝐺⟩
repeat
𝐺′ ≔ 𝐺
for each {𝑝, 𝑞} ⊂ 𝐺 ′ , 𝑝 ≠ 𝑞 do
𝑆 ∶= ̅̅̅̅̅̅̅̅̅
𝑆(𝑝, 𝑞)𝐺
if 𝑆 ≠ 0 then 𝐺 ∶= 𝐺 ∪ {𝑆}
until 𝐺 = 𝐺 ′
GROEBNER BASES
A. Definitions [11]
Let 𝐼 be some ideal in 𝑅 = 𝐾[𝑥1 , … , 𝑥𝑛 ]. Then by Hilberts
basis theorem, 𝐼 is finitely generated, i.e. 𝐼 = ⟨𝑓1 , … 𝑓𝑠 ⟩. Now
fix some monomial order on the monomials in 𝑅 to be able to
specify leading monomials 𝐿𝑀(𝑓), leading terms 𝐿𝑇(𝑓) and
leading coefficients 𝐿𝐶(𝑓) for any 𝑓 in 𝑅 . Then a Groebner
basis 𝐺 for 𝐼 is a set 𝐺 = {𝑔1 , … , 𝑔𝑡 } with 𝐼 = ⟨𝐺⟩ so that the
ideal generated by the leading terms of the elements in 𝐼 is
generated by the leading terms 𝐿𝑇(𝑔) for 𝑔 in 𝐺 ,
i.e. ⟨𝐿𝑇(𝑔1 ), … , 𝐿𝑇(𝑔𝑡 )⟩ = ⟨𝐿𝑇(𝐼)⟩ . Equivalently, 𝐺 =
Code snippet 1.
1
Computation of 𝐺 with ⟨𝐺⟩ = ⟨𝐹⟩
WCSIT 5 (X), XX -XX, 2015
Obviously, this very simple version of Buchberger’s
algorithm extends the given set 𝐹 to 𝐺 . A reduction step
removes superfluous elements from 𝐺 resulting in the unique
reduced Groebner basis of 𝐼 . There are improved versions
Error! Reference source not found. to compute the unique,
reduced Groebner basis of 𝐼 efficiently.
original 𝑐 (and then to the original information word 𝑢 ) is
difficult. In fact, it is NP-complete Error! Reference source
not found.. However, for many specific (linear) codes there
exist efficient decoding algorithms.
A. (Generalized) Reed-Solomon Codes
(Generalized) Reed-Solomon codes, RS and gRS, are an
important class of codes comprising many other important
codes. Such code 𝒞𝑔𝑅𝑆 is specified by its 𝑛 distinct non-zero
code locators 𝛼1 , … , 𝛼𝑛 ∈ 𝔽 and 𝑛 column multipliers
𝑣1 , … , 𝑣𝑛 ∈ 𝔽. Then the parity matrix 𝐻𝑔𝑅𝑆 of 𝒞𝑔𝑅𝑆 is defined
by
C. Applications [11]
First, one should note that the concept of Groebner bases
generalizes both Euclid’s algorithm to compute the greatest
common divisor, gcd, of two polynomials as well as Gauß’s
algorithm to solve a system of linear equations.
Euclids algorithm
𝐻𝑔𝑅𝑆
in: 𝑓, 𝑔 ∈ 𝐾[𝑥]; out: ℎ = 𝑔𝑐𝑑(𝑓, 𝑔)
ℎ ∶= 𝑓; 𝑠 ∶= 𝑔;
while 𝑠 ≠ 0
𝑟 = 𝑟𝑒𝑚𝑎𝑖𝑛𝑑𝑒𝑟(ℎ, 𝑠);
ℎ ∶ = 𝑠; 𝑠 ∶= 𝑟;
Code snippet 2.
𝛼2𝑜
𝛼21
⋮
𝛼2𝑛−𝑘−1
⋯
𝛼𝑛𝑜
𝑣1
⋯
𝛼𝑛1
)(
⋱
⋮
𝑛−𝑘−1
0
⋯ 𝛼𝑛
0
𝑣2
).
⋱
𝑣𝑛
Then, 𝒞𝑔𝑅𝑆 is a (linear) [𝑛, 𝑘, 𝑑] code with 𝑑 = 𝑛 − 𝑘 + 1.
(Such codes attain the Singleton bound 𝑑 ≤ 𝑛 − 𝑘 + 1 and are
called maximum distance separable, MDS codes.) For gRS
codes there are efficient decoding algorithms: e.g. solving
linear equations Error! Reference source not found., using
Euclid’s algorithm Error! Reference source not found. or
linear recurrences in case of the famous Berlekamp-Massey
algorithm Error! Reference source not found.Error!
Reference source not found.Error! Reference source not
found.. List decoding of e.g. (generalized) Reed-Solomon
codes relaxes the assumption on the number of allowed errors
and returns a list of possible code words.
ℎ = 𝑔𝑐𝑑(𝑓, 𝑔) for any 𝑓, 𝑔 ∈ 𝐾[𝑥]
Regard each equation of a system of linear equations in the
unknowns 𝑥1 , … , 𝑥𝑛 as a linear polynomial 𝑓𝑖 in 𝐾[𝑥1 , … , 𝑥𝑛 ].
Then, the reduced Groebner basis 𝐺 = {𝑔1 , … , 𝑔𝑡 } of 𝐼 =
⟨𝑓1 , … , 𝑓𝑛 ⟩ consists of linear, non-zero polynomials whose
coefficients correspond to the non-zero rows in the reduced
echelon form of the coefficient matrix of the system of linear
equations. In this sense, computation of the reduced Groebner
basis is equivalent to Gauß’s algorithm.
B. Goppa-Codes
Goppa-codes, alternant gRS codes, play an important role
e.g. in the McEliece Public Key Crypto System, PKCS Error!
Reference source not found.Error! Reference source not
found.. Let 𝐹 = 𝔾𝔽𝑞 , K = 𝔾𝔽(𝑞 𝑚 ) and 𝐿 = {𝛼1 , … , 𝛼𝑛 } ⊂ K
be a set of pair wise different code locators and let 𝑔(𝑥) ∈
K[𝑥] with 0 ∉ 𝑔(𝐿) be a Goppa-polynomial of degree 𝑡. Then
As one of the very many applications of Groebner bases
consider the problem to solve a system of multivariate
polynomial equations 𝑓1 = 𝑓2 = ⋯ = 𝑓𝑠 = 0 for 𝑓𝑖 in 𝑅. Here
we use 𝐼 = ⟨𝑓1 , … 𝑓𝑠 ⟩ = ⟨𝐺⟩ for the reduced Groebner basis
𝐺 = {𝑔1 , … , 𝑔𝑡 } of 𝐼 . It turns out that the set of equations
𝑔1 = 𝑔2 = ⋯ = 𝑔𝑡 = 0 is easier to solve because using the
lexicographic order (lex), variables are eliminated in that order
in the Groebner basis so that a process like back substitution
generates the variety 𝑉(𝐼) = 𝑉(⟨𝐺⟩) = 𝑉(𝑔1 , … , 𝑔𝑡 ).
Elimination theory Error! Reference source not found.
provides the proofs and Error! Reference source not found.
more examples.
III.
𝛼1𝑜
𝛼11
=(
⋮
𝛼1𝑛−𝑘−1
𝐶𝐺𝑜𝑝𝑝𝑎 = {(𝑐1 , … , 𝑐𝑛 ) ∈ 𝐹 𝑛 : ∑𝑛𝑖=1
𝑐𝑖
𝑥−𝛼𝑖
= 0 𝑚𝑜𝑑 𝑔(𝑥)}
is a linear [𝑛, 𝑘, 𝑑] code over 𝐹 . The code 𝐶𝐺𝑜𝑝𝑝𝑎 is called
irreducible iff the Goppa polynomial 𝑔 is irreducible. Let
𝑔(𝑥) = ∑𝑡𝑖=𝑜 𝑔𝑖 𝑥 𝑖 be the Goppa polynomial. Then we have
𝑔(𝑥)−𝑔(𝛼)
(best shown by induction in 𝑡, the degree of 𝑔) 𝑥−𝛼 =
ERROR CORRECTING CODES
𝑡−2 𝑖 𝑡−2−𝑖
𝑖 𝑡−1−𝑖 + 𝑔
𝑔𝑡 ∑𝑡−1
+ ⋯ + 𝑔2 (𝑥 + 𝛼) + 𝑔1 .
𝑡−1 ∑𝑖=𝑜 𝛼 𝑥
𝑖=𝑜 𝛼 𝑥
Here we consider linear block codes Error! Reference
source not found. only. An alphabet is some finite field 𝔽 =
𝔾𝔽(𝑝𝑚 ) for prime 𝑝 and 𝑚 ∈ ℕ and information words 𝑢 of
length 𝑘 are in 𝔽𝑘 . Code words over 𝔽 are of the form 𝑢𝐺 for a
𝑛 × 𝑘 generator matrix 𝐺. Hence the code 𝒞 = {𝑢𝐺: 𝑢 ∈ 𝔽𝑘 } is
a linear subspace of 𝔽𝑛 . 𝒞 can also be characterized as the
kernel space 𝒞 = {𝑐 ∈ 𝔽𝑛 : 𝐻𝑐 ⊤ = 0} of the parity matrix 𝐻 ,
i.e. 𝐻𝐺 ⊤ = 0. If any two code words have a Hamming distance
of at least 𝑑 then at most (𝑑 − 1)/2 errors in a transmitted
code word can be corrected. Such a code is called a (linear)
[𝑛, 𝑘, 𝑑] code.
𝐻=
𝑔𝑡
𝑔𝑡
𝑔(𝛼1 )
𝑔𝑡−1 +𝛼1 𝑔𝑡
𝑔(𝛼2 )
𝑔𝑡−1 +𝛼2 𝑔
𝑔(𝛼1 )
𝑔(𝛼2 )
⋮
⋮
𝑔1 +𝛼1 𝑔 +⋯+𝛼𝑡−1
1
2
(
𝑔(𝛼1 )
𝐶𝑋𝑌 where
Encoding an information word 𝑢 to 𝑐 = 𝑢𝐺 ∈ 𝒞 is easy
whereas decoding a corrupted word 𝑦 = 𝑐 + 𝑒 with an error
𝑑−1
vector 𝑒 ∈ 𝔽𝑛 with no more than
non-zero elements to the
2
2
⋯
𝑡
𝑔
𝑡
𝑔1 +𝛼2 𝑔 +⋯+𝛼𝑡−1
2
2
𝑔(𝛼2 )
⋯
⋱
𝑔
𝑡
⋯
𝑔𝑡
𝑔(𝛼𝑛 )
𝑔𝑡−1 +𝛼𝑛 𝑔
𝑡
𝑔(𝛼𝑛 )
=
⋮
𝑔1 +𝛼𝑛 𝑔 +⋯+𝛼𝑡−1
𝑛
2
𝑔(𝛼𝑛 )
𝑔
𝑡
)
WCSIT 5 (X), XX -XX, 2015
𝑔𝑡
0
𝑔𝑡−1 𝑔𝑡
𝐶=(
⋮
⋮
𝑔1 𝑔2
1
𝛼1𝑜
𝛼11
⋯ 0
⋯ 0
), 𝑋 = (
⋱ ⋮
⋮
⋯ 𝑔𝑡
𝛼1𝑡−1
𝑔(𝛼1 )
(
⋮
𝛼2𝑡−1
𝛼𝑛𝑜
𝛼𝑛1
),
⋮
𝛼𝑛𝑡−1
less equations of lower multidegree so that the Groebner basis
is faster to compute.
A. RS and gRS codes
Decoding RS and gRS codes means to solve the key
equations. Hence in general a formulation of the decoding
problem using Groebner bases is near at hand. But exploiting
the fact that Groebner bases help to determine the
corresponding variety 𝑉(𝐼) of some ideal 𝐼 = ⟨𝐺⟩ for the
reduced Groebner basis 𝐺 of 𝐼 explains why Groebner bases
support list decoding naturally. Error! Reference source not
found. gives an overview over existing methods.
.
𝑔(𝛼2 )
𝟎
⋯
⋯
⋱
⋯
𝟎
1
and Y=
𝛼2𝑜
𝛼11
⋱
1
𝑔(𝛼𝑛 ))
𝑡
Such codes correct up to errors, even up to 𝑡 errors in the
2
binary case, i.e. if 𝐶𝐺𝑜𝑝𝑝𝑎 is a code over 𝔽 = 𝔾𝔽(2).
errors Error!
B. Goppa codes
Error! Reference source not found. is most promising to
decode Goppa codes. However, Error! Reference source not
found. shows ‘that one can, at least in theory, decode these
codes up to half the true minimum distance by using the theory
of Groebner bases’. Therefore, what is lacking is the transfer of
the solution of Error! Reference source not found. into
praxis.
C. Cyclic Codes
Cyclic codes Error! Reference source not found. are
linear codes 𝐶 when in addition with any code word
(𝑐𝑜 , … , 𝑐𝑛−1 ) ∈ 𝐶 also (𝑐𝑛−1 , 𝑐𝑜 , … , 𝑐𝑛−2 ) ∈ 𝐶, i.e. the shifted
word is again a code word. Conventional Reed-Solomon codes
(code locators 𝛼𝑗 = 𝛼 𝑗−1 are powers of an element 𝛼 ∈ 𝔽 of
multiplicative order 𝑛) as well as BCH codes (alternant codes
of conventional Reed-Solomon codes) are prominent examples
of cyclic codes. Cyclic codes feature efficient encoding
(multiplication by the generator polynomial 𝑔 of the code),
syndrome computation (remainder of division by 𝑔 ) and
decoding (e.g. sequentially by Meggitt decoder) via rather
simple hardware.
C. Cyclic codes
Error! Reference source not found. gives an algorithm to
decode cyclic codes using Groebner bases. The decoding
problem is represented as a system of 𝑛 − 𝑘 linear equations
together with 𝑛 quadratic equations in at most 𝑛 + 𝑑
unknowns, i.e. error locations and error values. Because the
number of errors is not known beforehand, the algorithm then
starts with assumed 𝑡 = 0 errors and increases 𝑡 as long as the
variety 𝑉(𝐼) = ∅ where 𝐼 is the ideal generated by equations
specified above. Once 𝑉(𝐼) ≠ ∅ it contains the unique solution.
However, the viability of the algorithm is limited because on
one hand there are aforesaid efficient decoding methods and on
the other hand the cost to compute a Groebner basis might be
prohibitive.
Early methods used Euclid’s algorithm for decoding or list
decoding Error! Reference source not found.. Later
Patterson’s algorithm Error! Reference source not found.
provided an efficient method to decode received words when
using a Goppa encoding Error! Reference source not found..
On top one can correct approximately up to
Reference source not found..
IV.
𝑡2
𝑛
Here, we illustrate how cyclic codes can be decoded using
Groebner bases by a very simple example. We use the
computer algebra system SAGE to describe the procedure.
APPLYING GROEBNER ALGORITHMS TO CODING
There are several ways Error! Reference source not
found. to transform the decoding problem into a problem of
solving a system of multivariate polynomial equations. A
straightforward way is to consider the (unknown) entries 𝑒𝑖 of
the error vector 𝑒 as variables 𝐸𝑖 . If 𝐻 consists of rows
ℎ1 , … , ℎ𝑟 with redundancy 𝑟 = 𝑛 − 𝑘 then the vector equation
𝑠 = 𝐻𝑒 ⊤ is equivalent to the 𝑟 linear equations
Define a linear binary cyclic [𝑛, 𝑘, 𝑑] code 𝐶 with 𝑛 = 7,
𝑘 = 𝑛 − 3 and, 𝑑 = 3 by choosing from 𝑥 8 − 1 = (𝑥 +
1)(𝑥 3 + 𝑥 + 1)(𝑥 3 + 𝑥 2 + 1) the generator polynomial
𝑔(𝑥) = 𝑥 3 + 𝑥 + 1; let ⟨𝛼⟩ = 𝐹2∗3 and 𝐽 = {1} be the defining
set, i.e. 𝐶 = {𝑐(𝑋) ∈ 𝐹2 [𝑋]/(𝑋 7 − 1): 𝑐(𝛼) = 0} . Then the
complete defining set is 𝐽(𝐶) = {1,2,4}. Then, the parity matrix
𝑯 is 𝑯 = ((𝛼 𝑗 )𝑗𝑖 )𝑗𝑖∈𝐽(𝐶) , 𝑗 = 0,1, . . . , (𝑛 − 1). Also the code 𝐶
can be represented using exclusively polynomials:
𝑛
∑(ℎ𝑖 )𝑗 𝐸𝑗 − 𝑠𝑖 = 0 for 𝑖 = 1, … , 𝑟
(1)
𝑗=1
𝐶 = {𝑢(𝑋) ∗ 𝑔(𝑋)𝑚𝑜𝑑(𝑋 7 − 1): 𝑢(𝑋) ∈ (𝐹2 )4 [𝑋]}.
𝑑−1
We can formulate the condition that 𝑒 has at most 𝑡 = ⌊ ⌋
2
𝑛
non-zero entries by the (𝑡+1
) equations of multidegree 𝑡 + 1
𝐸𝑗1 ∙ 𝐸𝑗2 ∙ … ∙ 𝐸𝑗𝑡+1 = 0 for 1 ≤ 𝑗1 < 𝑗2 < ⋯ < 𝑗𝑡+1 ≤ 𝑛
In SAGE this would be something like (in Python, a sharp
starts a comment, indentation specifies a block):
(2)
Let the two sets of equations together generate the ideal 𝐼.
Then the Groebner basis of 𝐼 allows to read off the solution 𝐸,
𝐸 = (𝐸1 , … , 𝐸𝑛 ) i.e. the only one element in the variety 𝑉(𝐼).
In addition, Error! Reference source not found.Error!
Reference source not found. present alternatives to (2) with
3
WCSIT 5 (X), XX -XX, 2015
𝑗
have 𝑠𝑗 = 𝑒𝑖1 (𝛼 𝑖1 )𝑗 for 𝑗 ∈ 𝐽 , i.e. 𝑠𝑖 = 𝑌1 𝑋1 𝑖 for 𝑗𝑖 ∈ 𝐽 =
{1,2,4} . These are four polynomial equations in the two
variables 𝑋1 and 𝑌1 . We will solve these equations by
computing the Groebner basis of the ideal generated by the four
polynomials.
F = GF(2); n = 7; # base field
Fext = GF(2^3,'xi'); # field extension
alpha = Fext.multiplicative_generator();
# print 'Fext is',Fext,'with generator',alpha,'of Fextstar';
R.<X> = PolynomialRing(F);
g = X^3+X+1; # a generator polynom g
S = R.quotient_ring(R.ideal(X^n-1));
J = [1,2,4]; print 'complete defining set J(C) =',J
H = matrix(Fext,3,n,[[alpha^(j*i) for i in range(n)] for j in J]);
# pretty_print('H=',H)
s = y*transpose(H); print 's =',s;
I = R.ideal(Y1*X1-s[0], Y1*X1^2-s[1], Y1*X1^4-s[2],
Y1^2-Y1, X1^7-1); print 'I is',I;
print 'I.groebner_basis() is',I.groebner_basis(),'with
dimension',I.dimension()
if I.dimension()==0:
V = I.variety();
print 'I.dimension()==0, hence I.variety() =',V;
loc = V[0]; loc = loc[X1];
print 'locator =',loc,', error location =',loc.log(alpha)
We generate each code words of 𝐶 (and check that 𝒄𝑯𝑇 =
𝟎 for all 𝒄 ∈ 𝐶) by a function which converts an integer 𝑖 to the
𝑖-th code word out of 16 in our case.
def int2codeword(i):
vec = Integer(i).digits(2,padto=4);
u = vec[0]+vec[1]*X+vec[2]*X^2+vec[3]*X^3
vec = (u*g).list(); # with generator polynomial g
for i in range(n-len(vec)):
vec.append(0);
# print 'H*transpose(u*g) =',vector(vec)*transpose(H)
return vector(vec)
which generates in our case generated at random
s = (xi, xi^2, xi^2 + xi)
I is Ideal(X1*Y1+(xi), X1^2*Y1+(xi^2), X1^4*Y1
+(xi^2+xi), Y1^2+Y1, X1^7+1) of Multivariate
Polynomial Ring in X1, Y1 over Finite Field in
xi of size 2^3
I.groebner_basis() is [X1+(xi), Y1+1] with
dimension 0
I.dimension()==0, hence I.variety() = [{Y1:1,
X1:xi}]
locator = xi , error location = 1
We now generate some code word 𝒄 ∈ 𝐶 y int2codeword,
add some error vector with Hamming weight 1 giving the
received word 𝒚.
We do not need to compute the error value 𝑌1 which
necessarily is 1 ∈ 𝔽2 . So according to expectation, we were
able to correct up to one error.
cw = int2codeword(ZZ.random_element(0,16));
print 'some code word of C is',cw;
e = vector(GF(2),7);
e[ZZ.random_element(0,7)]=1;
print ' some error vector is',e
y = cw+e; print ' received vector y is',y
s = y*transpose(H); print '
its syndrome is',s;
CONCLUSION
This article is meant to set the stage for Groebner bases in
coding. In the light of the very many application of Groebner
bases in science and engineering Error! Reference source not
found. it is to be expected that further research will reveal even
better algorithms for the decoding of linear (and non-linear)
error-correcting codes. (Also, Groebner bases have spurred the
specification and investigation of new linear codes Error!
Reference source not found.Error! Reference source not
found..) The exact average complexity of determining the
reduced Groebner basis of an ideal is not known right now.
Once it has been determined Error! Reference source not
found. one will be able to set objectives and to identify limits
of the approach to apply Groebner bases for coding.
A result generated at random might look like (note that the
syndrome is an element of (𝐹23 )3 )
some code word of C
some error vector
received vector y
its syndrome
is
is
is
is
(1, 1, 1, 1, 1,
(0, 1, 0, 0, 0,
(1, 0, 1, 1, 1,
(xi, xi^2, xi^2
1, 1)
0, 0)
1, 1)
+ xi)
The next computation is done in
R.<X1,Y1> = PolynomialRing(Fext)
REFERENCES
where here 𝑋1 is the one error locator with its error value
𝑌1 . Because of 𝑋1 ∈ 𝐹2∗3 we have 𝑋17 = 1. Because 𝑌1 ∈ 𝔽2 we
have 𝑌12 = 𝑌1 . And because 𝒔 = 𝒚𝑯𝑇 = (𝒄 + 𝒆)𝑯𝑇 = 𝒆𝑯𝑇 we
[1]
4
E.R. Berlekamp, Goppa Codes, IEEE Transactions Information Theory,
Vol 19, No 5, September 1973, 590–592
http://infosec.seu.edu.cn/space/kangwei/senior_thesis/Goppa.pdf
WCSIT 5 (X), XX -XX, 2015
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
[14]
E.R. Berlekamp, R.J. McEliece, H.C.A. van Tilborg, On the inherent
intractability of certain coding problems, IEEE Trans. Inform. Theory,
24 (1978) 384–386
E.R. Berlekamp, Algebraic Coding Theory, Aegean Park Press 1984
D.J. Bernstein, List decoding for binary Goppa codes, 2008
http://cr.yp.to/ntheory/goppalist-20080706.pdf
B. Buchberger, Ein Algorithmus zum Auffinden der Basiselemente des
Restklassenringes nach einem nulldimensionalen Polynomideal,
Universität Innsbruck, Dissertation, 1965
http://www.ricam.oeaw.ac.at/Groebner-BasesBibliography/gbbib_files/publication_706.pdf
B. Buchberger, An Algorithmic Criterion for the Solvability of a System
of Algebraic Equations, Aequationes Mathematicae 4 (1970), 374–383
http://www.ricam.oeaw.ac.at/Groebner-BasesBibliography/gbbib_files/publication_699.pdf
B. Buchberger, Groebner Bases – A Short Introduction for System
Theorists, Proceedings of Computer Aided Systems Theory,
EURO¬CAST, 1–19, 2001
http://people.reed.edu/~davidp/pcmi/buchberger.pdf
B. Buchberger, H. Engl, Workshop D1: Groebner Bases in Cryptography, Coding Theory, and Algebraic Combinatorics, May 1st – May
6th, 2006 with papers on coding, cryptography, algebraic combinatorics,
etc. http://www.ricam.oeaw.ac.at/specsem/srs/groeb/schedule_D1.html
B. Buchberger, A. Maletzky (organizers), session ‘Software for
Groebner Bases’, 4th Int. Congress on Mathematical Software, ICMS,
Seoul, August 5th – 9th, 2014
http://www.risc.jku.at/people/amaletzk/ICMS2014-GB.html
S. Bulygin, R. Pelikaan, Bounded distance decoding of linear errorcorrecting codes with Groebner bases, J. Symbolic Computation 44
(2009) 1626–1643
http://www.sciencedirect.com/science/article/pii/S0747717108001776
D. Cox, J. Little, D. O'Shea, Ideals, Varieties, and Algorithms, Springer
2007
http://www.math.ku.dk/~holm/download/ideals-varieties-andalgorithms.pdf
M. de Boer, R. Pellikaan, Gröbner bases for error-correcting codes and
their decoding.
http://www.risc.jku.at/GroebnerBases-Bibliography/gbbib_files/publication_590.pdf
C. Di, Z. Liu, Construction of a Class of Algebraic-Geometric Codes via
Groebner Bases, MM Research Preprints, 42–48 No. 16, April 1998.
Beijing
http://www.mmrc.iss.ac.cn/pub/mm16.pdf/cdi.pdf
J. Fitzgerald , R.F. Lax Decoding affine variety codes using Groebner
bases, Designs, Codes and Cryptography, 13, 147–158 (1998)
[15]
[16]
[17]
[18]
[19]
[20]
[21]
[22]
[23]
[24]
https://www.math.lsu.edu/~lax/designscodescrypt.pdf or
http://www.ricam.oeaw.ac.at/Groebner-BasesBibliography/gbbib_files/publication_277.pdf
H. O’Keeffe, P. Fitzpatrick, A Groebner basis approach to list decoding
of Reed-Solomon and Algebraic Geometry Codes, see [8]
https://www.ricam.oeaw.ac.at/specsem/srs/groeb/download/OKeeffe.pdf
N. J. Patterson: The Algebraic Decoding of Goppa Codes; IEEE Trans.
on Information Theory, Vol IT-21, No 2, March 1975, 203–20
R.M. Roth, Introduction to Coding Theory, Cambridge 2006
Th. Risse, How SAGE helps to implement Goppa Codes and McEliece
PKCSs, Int. Conf. on Information Technologies 2011, ICIT'11, May
11th – 13th, 2011, Amman
http://www.weblearn.hs-bremen.de/risse/papers/ICIT11/
Th. Risse, Generating Goppa Codes, Int. Conf. on Information
Technologies 2013, ICIT'13, May 8th – 10th, 2013, Amman
http://sce.zuj.edu.jo/icit13/index.php/accepted-papers/2uncategorised/41-applied-mathematics
Th. Risse, Groebner-Basen, 12. Workshop Mathematik für Ingenieure,
Hafen City Universität, Hamburg 12. – 13.2.2015,
http://www.weblearn.hs-bremen.de/risse/papers/MathEng12/
M. Sala, T. Mora, L. Perret, S. Sakata, C. Traverso (Editors), Groebner
Bases, Coding, and Cryptography, Springer 2009
http://xa.yimg.com/kq/groups/24626876/489439549/name/ggp496.pdf
P. Shankar, Decoding Reed–Solomon Codes Using Euclid’s Algorithm,
Resonance April 2007, 37–51
http://www.ias.ac.in/resonance/Volumes/12/04/0037-0051.pdf
Y. Sugiyama, M. Kasahara, S. Hirasawa, T. Namekawa, A Method for
Solving Key Equation for Decoding Goppa Codes, Information and
Control 27 (1975) 87–99
http://www.sciencedirect.com/science/article/pii/S001999587590090X
W. Stein, D. Joyner: SAGE ̶ System for Algebra and Geometry
Experimentation; ACM SIGSAM Bulletin, vol 39, no 2, 61‒64, 2005
AUTHORS PROFILE
Prof Dr Thomas Risse, Institute for Informatics and Automation, Hochschule
Bremen, University of Applied Sciences, Flughafenallee 10, D-28199
Bremen, Germany, risse@hs-bremen.de
5
