Gr obner-Gradient Decoding of Linear Codes · Gr obner-Gradient Decoding of Linear Codes Edgar Mart nez Moro Applied Maths. Dept., Universidad de Valladolid [email protected] (Join

Linear codes Minimal subsets in codes The Grobner test set-(trial set) Worked example Computing the Groebner basis

Grobner-Gradient Decoding of Linear Codes

Edgar Martınez MoroApplied Maths. Dept., Universidad de Valladolid

[email protected]

(Join work with M. Borges-Quintana, M.Borges-Trenard & P.Fitzpatrick)

Applicable Algebra and Computer Science:A Meeting in Honor of Jacques Calmet

Universidad de la Rioja, February 28, 2008


Abstract

In this talk we will show a set of minimal codewords of binary linear code.

This set can be computed by means of linear algebra from a Groebner basis

of a binomial asociated to the code(see [1] and the references therein). This

set allows us to formulate a gradient-like complete decoding algorithm.

Main references:

[1] Borges, Borges, Fitzpatrick and Martınez. Groebner bases andcombinatorics for binary codes. Submitted to Appl. Algebra Engrg.Comm. Comput., 2006.

[2] Borges, Borges, Martınez. On a Grobner bases structure associ-ated to linear codes. J. Discrete Math. Sci. Cryptogr. 10 (2007),no. 2, 151–191.


Contents

Linear codes

Minimal subsets in codes

The Grobner test set-(trial set)The Grobner decoding algorithm

Worked example

Computing the Groebner basis


Linear codes

Let Fq be a finite field with q elements and Enq be the Fq-vector

space of dimension n. We will call the vectors in Enq words.

A linear code C of dimension k and length n is the image of a linearmapping L : Ek

q → Enq, where k ≤ n, i.e. C = L(Ek

q). The elementsin C are called codewords. There exists an n × (n − k) matrix H,called a parity check matrix, such that c ·H = 0 if and only if c ∈ C.On the other hand, there exists a k × n generator matrix G suchthat G · H = 0.


The Hamming weight of a word y is the number of non-zero entriesand we will denote it by weight(y). The Hamming distance betweentwo words c1, c2 is d(c1, c2) = weight(c1 − c2) and the minimumdistance d of a code is the minimum weight among all the non-zerocodewords. The error correcting capability of a code is t =

[d−1

2

],

where [·] is the greatest integer function. Let B(C, t) = {y ∈ Fn2 |

∃c ∈ C s.t. d(c, y) ≤ t}, it is well-known that the equation

e · H = y · H

has a unique solution e with weight(e) ≤ t for y ∈ B(C, t). Thevector c = y − e is the codeword corresponding to y (the nearestcodeword) and the vector e is called the error vector.



Let C ⊆ Enq a linear code. We define the support of a codeword

c = (c1, . . . , cn) ∈ C as

supp(c) = {i ∈ {1, . . . , n} | ci 6= 0} . (1)

If supp(c′) ⊂ supp(c) (respectively ⊆) we will write c′ ≺ c (respec-tively �).

DefinitionA nonzero vector c ∈ C ⊆ En

q is said to be minimal if 0 6= c′ � cand c′ ∈ C then it implies that there exist a nonzero constant α ∈ Fq

such that c′ = αc.



Let C ⊆ Enq a linear code. We define the support of a codeword

c = (c1, . . . , cn) ∈ C as

supp(c) = {i ∈ {1, . . . , n} | ci 6= 0} . (1)

If supp(c′) ⊂ supp(c) (respectively ⊆) we will write c′ ≺ c (respec-tively �).

DefinitionA nonzero vector c ∈ C ⊆ En

q is said to be minimal if 0 6= c′ � cand c′ ∈ C then it implies that there exist a nonzero constant α ∈ Fq

such that c′ = αc.


From now on we are in the binary case (q = 2)

,i.e.

c ∈ C is minimal if and only if there is no c′ ∈ C \{c} suchthat 0 6= c′ � c.


From now on we are in the binary case (q = 2),i.e.

c ∈ C is minimal if and only if there is no c′ ∈ C \{c} suchthat 0 6= c′ � c.


The Grobner test set-(trial set)

1. Complete decoding for a linear block code has proved to be aNP-hard computational problem.

2. Several atempts have been made to improve the syndromedecoding idea for a general linear code. They look for asmaller structure than the syndrome table to perform thedecoding, they look for each coset the smaller weight of thewords in that coset instead of storing the candidate errorvector

• Step-by-Step algorithm• Test set decoding (zero-neighbors and zero-guards).

We will call these procedures gradient-like decodingalgorithms.

3. In the same fashion we use the reduction given by a reducedGrobner basis to give a procedure to decode any arbitrarybinary linear code.
















The Grobner basis

Consider the polynomial ring K [X ], where K is an arbitrary fieldand [X ] the set of terms in the variables x1, x2, · · · , xn. If a =(a1, . . . , an) ∈ Nn we will denote by xa the term

∏ni=1 xai

i .

Let < be a fixed total degree compatible term order on [X ] with

x1 < x2 < · · · < xn.

T (f ) will denote the maximal term of a polynomial f with respect tothe order < and Td (f ) the total degree of the maximal term T (f )of f . If I ⊆ K [X ] is an ideal we denote by T (I ) the semigroup idealin [X ] generated by {T (f )|f ∈ I}. Finally, if F ⊆ K [X ] then 〈F 〉denotes the polynomial ideal generated by F .


The Grobner basis

Consider the polynomial ring K [X ], where K is an arbitrary fieldand [X ] the set of terms in the variables x1, x2, · · · , xn. If a =(a1, . . . , an) ∈ Nn we will denote by xa the term

∏ni=1 xai

i .

Let < be a fixed total degree compatible term order on [X ] with

x1 < x2 < · · · < xn.

T (f ) will denote the maximal term of a polynomial f with respect tothe order < and Td (f ) the total degree of the maximal term T (f )of f . If I ⊆ K [X ] is an ideal we denote by T (I ) the semigroup idealin [X ] generated by {T (f )|f ∈ I}. Finally, if F ⊆ K [X ] then 〈F 〉denotes the polynomial ideal generated by F .


Consider the morphism from [X ] onto En2

ψ(

xβ)

= ψ

(n∏

i=1

xβii

)= (β1 mod 2, . . . , βn mod 2) , (2)

β = (β1, . . . , βn) ∈ Nn. We will use xi to refer the indeterminate inthe monoid or the associated vector ei in En

2.

Consider the equivalence relation (x, y) ∈ RC ⇔ x− y ∈ C.

DefinitionThe binomial ideal I (C) associated with the code C is

I (C) = 〈{xw − xv | (ψ(xw), ψ(xu)) ∈ RC}〉 ⊆ K [X ]. (3)


Consider the morphism from [X ] onto En2

ψ(

xβ)

= ψ

(n∏

i=1

xβii

)= (β1 mod 2, . . . , βn mod 2) , (2)

β = (β1, . . . , βn) ∈ Nn. We will use xi to refer the indeterminate inthe monoid or the associated vector ei in En

2.Consider the equivalence relation (x, y) ∈ RC ⇔ x− y ∈ C.

DefinitionThe binomial ideal I (C) associated with the code C is

I (C) = 〈{xw − xv | (ψ(xw), ψ(xu)) ∈ RC}〉 ⊆ K [X ]. (3)


Let be {w1, . . . ,wk} be the row vectors of any matrix whose rowsspan the code C and

I =⟨{xw1 − 1, . . . , xwk − 1} ∪ {x2

i − 1 | i = 1, . . . , n}⟩

(4)

Since the set of vectors {w1, . . . ,wk} generates C as a F2-vectorspace we have

I = I (C).

Let G be the reduced Grobner basis of the ideal I (C) with respectto the term ordering < and let g ∈ K [X ], we denote by Can(g ,G )the canonical form of g with respect to the Grobner basis G .



I =⟨{xw1 − 1, . . . , xwk − 1} ∪ {x2

i − 1 | i = 1, . . . , n}⟩

(4)


I = I (C).




I =⟨{xw1 − 1, . . . , xwk − 1} ∪ {x2

i − 1 | i = 1, . . . , n}⟩

(4)


I = I (C).



If g = xw − xv ∈ I (C) denote by cg the codeword associated to thebinomial g , that is,

cg = ψ(xw) + ψ(xv)

DefinitionLet G be the reduced Grobner basis with respect to the term ordering< of the binomial ideal I (C). The Grobner codewords set is

CG = {cg | g ∈ G} \ {0}.


If g = xw − xv ∈ I (C) denote by cg the codeword associated to thebinomial g , that is,

cg = ψ(xw) + ψ(xv)

DefinitionLet G be the reduced Grobner basis with respect to the term ordering< of the binomial ideal I (C). The Grobner codewords set is

CG = {cg | g ∈ G} \ {0}.


TheoremThe elements of the set CG of Grobner codewords are minimal code-words of the code C.

Proof.Let g = xw − xv ∈ G such that xw = T(g) and xv = Can(g ,G ),and xw is an irredundant generator of the semigroup ideal T(I (C)).Suppose cg ∈ CG is not minimal, then there exists c ∈ C such thatsupp(c) ⊂ supp(cg ). Let c1 ∈ En

2 such that supp(c1) ⊆ supp(c)and supp(c1) ⊂ supp(ψ(xw)), thus c2 = c− c1 fullfils supp(c2) ⊂supp(ψ(xv)).Let xu be the maximum between xc1 and xc2 , thus xu ∈ T (I (C)),supp(ψ(xu)) ⊂ supp(c), and xu divides xw or xv which is a contra-diction.


TheoremThe elements of the set CG of Grobner codewords are minimal code-words of the code C.Proof.Let g = xw − xv ∈ G such that xw = T(g) and xv = Can(g ,G ),and xw is an irredundant generator of the semigroup ideal T(I (C)).

Suppose cg ∈ CG is not minimal, then there exists c ∈ C such thatsupp(c) ⊂ supp(cg ). Let c1 ∈ En



TheoremThe elements of the set CG of Grobner codewords are minimal code-words of the code C.Proof.Let g = xw − xv ∈ G such that xw = T(g) and xv = Can(g ,G ),and xw is an irredundant generator of the semigroup ideal T(I (C)).Suppose cg ∈ CG is not minimal, then there exists c ∈ C such thatsupp(c) ⊂ supp(cg ).

Let c1 ∈ En2 such that supp(c1) ⊆ supp(c)

and supp(c1) ⊂ supp(ψ(xw)), thus c2 = c− c1 fullfils supp(c2) ⊂supp(ψ(xv)).Let xu be the maximum between xc1 and xc2 , thus xu ∈ T (I (C)),supp(ψ(xu)) ⊂ supp(c), and xu divides xw or xv which is a contra-diction.


TheoremThe elements of the set CG of Grobner codewords are minimal code-words of the code C.Proof.Let g = xw − xv ∈ G such that xw = T(g) and xv = Can(g ,G ),and xw is an irredundant generator of the semigroup ideal T(I (C)).Suppose cg ∈ CG is not minimal, then there exists c ∈ C such thatsupp(c) ⊂ supp(cg ). Let c1 ∈ En

2 such that supp(c1) ⊆ supp(c)and supp(c1) ⊂ supp(ψ(xw)), thus c2 = c− c1 fullfils supp(c2) ⊂supp(ψ(xv)).

Let xu be the maximum between xc1 and xc2 , thus xu ∈ T (I (C)),supp(ψ(xu)) ⊂ supp(c), and xu divides xw or xv which is a contra-diction.


TheoremThe elements of the set CG of Grobner codewords are minimal code-words of the code C.Proof.Let g = xw − xv ∈ G such that xw = T(g) and xv = Can(g ,G ),and xw is an irredundant generator of the semigroup ideal T(I (C)).Suppose cg ∈ CG is not minimal, then there exists c ∈ C such thatsupp(c) ⊂ supp(cg ). Let c1 ∈ En



The Grobner decoding algorithm

The theorem allow us to perform a gradient-like decoding algorithmbut according to < instead of the weight of the vectors. Thus wesay that the set of Grobner codewords is a “test set”.

Input: CG and y a received vector.Output: One of the closest codewords to y.

1. i := 0; vi = y; ci = 0.

2. Repeat3. Find w ∈ CG such that xvi > xvi+1 and vi+1 = vi + w.4. ci+1 = ci + w; i = i + 1

5. Until such a w does not exist.6. Return[ci ].


The Grobner decoding algorithm

The theorem allow us to perform a gradient-like decoding algorithmbut according to < instead of the weight of the vectors. Thus wesay that the set of Grobner codewords is a “test set”.

Input: CG and y a received vector.Output: One of the closest codewords to y.

1. i := 0; vi = y; ci = 0.

2. Repeat3. Find w ∈ CG such that xvi > xvi+1 and vi+1 = vi + w.4. ci+1 = ci + w; i = i + 1

5. Until such a w does not exist.6. Return[ci ].


Complexity

Preprocesing Computing the reduced Grobner basis or the borderbasis performed O(n22n−k) operations.

Decoding The decoding complexity depends on the size of CG(or CB) and the number of reductions. The numberof reductions for CB is less than n.

Computing t The error correction capability of an arbitrary linearcode (not neccesary binary) can be computed in atmost m · n · S(t + 1) itererations of the Algorithmshowed in B.,B. & M. where

S(l) =l∑

i=0

(ni

)(q − 1)i .


Complexity




S(l) =l∑

i=0

(ni

)(q − 1)i .


Complexity




S(l) =l∑

i=0

(ni

)(q − 1)i .


Worked example

Consider the code C in E62 with generator matrix:

G =

1 0 0 1 1 10 1 0 1 0 10 0 1 0 1 1

.

The set of codewords is

C = {(0, 0, 0, 0, 0, 0), (1, 0, 1, 1, 0, 0),

(1, 1, 0, 0, 1, 0), (0, 1, 0, 1, 0, 1),

(0, 0, 1, 0, 1, 1), (1, 1, 1, 0, 0, 1),

(0, 1, 1, 1, 1, 0), (1, 0, 0, 1, 1, 1)}


Worked example

Consider the code C in E62 with generator matrix:

G =

1 0 0 1 1 10 1 0 1 0 10 0 1 0 1 1

.

The set of codewords is

C = {(0, 0, 0, 0, 0, 0), (1, 0, 1, 1, 0, 0),

(1, 1, 0, 0, 1, 0), (0, 1, 0, 1, 0, 1),

(0, 0, 1, 0, 1, 1), (1, 1, 1, 0, 0, 1),

(0, 1, 1, 1, 1, 0), (1, 0, 0, 1, 1, 1)}


The reduced Grobner basis of I (C) with respect to the degreereverse Lexicographical ordering < is

G = {x21 − 1, x2

2 − 1, x23 − 1, x2

4 − 1, x25 − 1, x2

6 − 1,x1x2 − x5, x1x3 − x4, x1x4 − x3, x1x5 − x2,x2x3 − x1x6, x2x4 − x6, x2x5 − x1, x2x6 − x4,x3x4 − x1, x3x5 − x6, x3x6 − x5,x4x5 − x1x6, x4x6 − x2, x5x6 − x3}.

Therefore the code is 1-correcting (i.e. t = 1) and the set ofGrobner codewords is

CG =

{(1, 1, 0, 0, 1, 0), (1, 0, 1, 1, 0, 0), (0, 1, 0, 1, 0, 1),(1, 1, 1, 0, 0, 1), (1, 0, 0, 1, 1, 1)

}



G = {x21 − 1, x2

2 − 1, x23 − 1, x2

4 − 1, x25 − 1, x2



CG =

{(1, 1, 0, 0, 1, 0), (1, 0, 1, 1, 0, 0), (0, 1, 0, 1, 0, 1),(1, 1, 1, 0, 0, 1), (1, 0, 0, 1, 1, 1)

}



G = {x21 − 1, x2

2 − 1, x23 − 1, x2

4 − 1, x25 − 1, x2


Therefore the code is 1-correcting (i.e. t = 1)

and the set ofGrobner codewords is

CG =

{(1, 1, 0, 0, 1, 0), (1, 0, 1, 1, 0, 0), (0, 1, 0, 1, 0, 1),(1, 1, 1, 0, 0, 1), (1, 0, 0, 1, 1, 1)

}



G = {x21 − 1, x2

2 − 1, x23 − 1, x2

4 − 1, x25 − 1, x2



CG =

{(1, 1, 0, 0, 1, 0), (1, 0, 1, 1, 0, 0), (0, 1, 0, 1, 0, 1),(1, 1, 1, 0, 0, 1), (1, 0, 0, 1, 1, 1)

}


1. If we recive y = (1, 1, 0, 1, 1, 0); then

c1 := (1, 1, 0, 0, 1, 0) and y1 = y + c1 = (0, 0, 0, 1, 0, 0).

Since d(y1, 0) = 1, i.e. codeword corresponding to y is c1.

2. Let y = (1, 1, 0, 1, 0, 0); then

c1 := (0, 1, 0, 1, 0, 1) and y1 = y + c1 = (1, 0, 0, 0, 0, 1).

y1 can not be reduced following the algorithm; thus,d(y1, 0) > 1; and in this case y contains more errors than theerror-correcting capability of the code. However, note that c1

is the closest codeword to y.


1. If we recive y = (1, 1, 0, 1, 1, 0); then

c1 := (1, 1, 0, 0, 1, 0) and y1 = y + c1 = (0, 0, 0, 1, 0, 0).

Since d(y1, 0) = 1, i.e. codeword corresponding to y is c1.

2. Let y = (1, 1, 0, 1, 0, 0); then

c1 := (0, 1, 0, 1, 0, 1) and y1 = y + c1 = (1, 0, 0, 0, 0, 1).

y1 can not be reduced following the algorithm; thus,d(y1, 0) > 1; and in this case y contains more errors than theerror-correcting capability of the code. However, note that c1

is the closest codeword to y.


The syzygy module and FGLM

Given a set F = {f1, f2, . . . , fr} of polynomials in K [X ] =K [x1, . . . , xn] generating an ideal I let us compute a basis forthe syzygy module M in K [X ]r+1 of the generator set F ′ ={−1, f1, f2, . . . , fr}. Each of the syzygies corresponds to a solution

f =r∑

i=1

bi fi bi ∈ K [X ], i = 1, . . . , r

and thus points to an element f in the ideal I generated by F .


The main idea is that the set

f1 = (f1, 1, 0, 0, . . . , 0)f2 = (f2, 0, 1, 0, . . . , 0)

...fr = (fr , 0, 0, 0, . . . , 1)

(5)

is a basis of the syzygy module M and moreover it is a Grobnerbasis with respect to a position over term (POT) ordering <w in-duced from an ordering < in K [X ] and the weight vector w =(1,T<(f1), . . . ,T<(fr )).


Now we use the FGLM idea and run through the terms of K [X ]r+1

in the order determined by < and u(i) < u(j) if i < j , using a termover position (TOP) ordering. At each step the canonical form ofthe term with respect to the original basis is 0 apart from the firstcomponent so the determination of the linear relations takes placein that component. This provides a convenient representation forthe canonical form with respect to the initial Grobner basis as a K -vector space, and any linear relation obtained as a consequence ofreduction of the first component in K [X ] will give a correspondingrelation for the elements of the module.

RemarkNote that the idea of computing a Grobner basis via the syzygymodule can be attributed to Caboara and Traverso


Now we use the FGLM idea and run through the terms of K [X ]r+1

in the order determined by < and u(i) < u(j) if i < j , using a termover position (TOP) ordering. At each step the canonical form ofthe term with respect to the original basis is 0 apart from the firstcomponent so the determination of the linear relations takes placein that component. This provides a convenient representation forthe canonical form with respect to the initial Grobner basis as a K -vector space, and any linear relation obtained as a consequence ofreduction of the first component in K [X ] will give a correspondingrelation for the elements of the module.

RemarkNote that the idea of computing a Grobner basis via the syzygymodule can be attributed to Caboara and Traverso


Toy Example

Consider the binary code C with generator matrix

G =

(1 0 10 1 1

).

We find that

I (C) =〈f1 = x1x3 − 1, f2 = x2x3 − 1,

f3 = x21 − 1, f4 = x2

2 − 1, f5 = x23 − 1〉.

In the associated syzygy computation the rows corresponding to thebinomials x2

i −1 are considered as implicit in the computations: see,for example, in the Table below when the syzygy corresponding tox3 − x1 is obtained.


−1 x1 x2 x3 x1x2 x1x3 x2x3 x1x2x3 multiples of x2i

(1, 0, 0, 0, 0, 0) 1(1, 1, 0, 0, 0, 0) 1(1, 0, 1, 0, 0, 0) 1

introduce x1(x1, 0, 0, 0, 0, 0) 1

(x1, x1, 0, 0, 0, 0) x21 x3

(x1, 0, x1, 0, 0, 0) 1introduce x2(x2, 0, 0, 0, 0) 1(x2, x2, 0, 0, 0, 0) 1

(x2, 0, x2, 0, 0, 0) x22 x3

reduction(x2, 0, 0, 0, 0, 0) 1(x2 − x1, x2, x1, 0, 0, 0)

(x2, 0, x2, 0, 0, 0) x22 x3

Thus x2 − x1 = x1f2 − x2f1, x2 − x1 belongs to the Grobner basisand we can now omit all the multiples of x2(1, 1, 0, 0, 0, 0, 0) fromour computation.



(1, 0, 0, 0, 0, 0) 1(1, 1, 0, 0, 0, 0) 1(1, 0, 1, 0, 0, 0) 1introduce x1(x1, 0, 0, 0, 0, 0) 1

(x1, x1, 0, 0, 0, 0) x21 x3

(x1, 0, x1, 0, 0, 0) 1

introduce x2(x2, 0, 0, 0, 0) 1(x2, x2, 0, 0, 0, 0) 1

(x2, 0, x2, 0, 0, 0) x22 x3

reduction(x2, 0, 0, 0, 0, 0) 1(x2 − x1, x2, x1, 0, 0, 0)

(x2, 0, x2, 0, 0, 0) x22 x3




(1, 0, 0, 0, 0, 0) 1(1, 1, 0, 0, 0, 0) 1(1, 0, 1, 0, 0, 0) 1introduce x1(x1, 0, 0, 0, 0, 0) 1

(x1, x1, 0, 0, 0, 0) x21 x3


(x2, 0, x2, 0, 0, 0) x22 x3

reduction(x2, 0, 0, 0, 0, 0) 1(x2 − x1, x2, x1, 0, 0, 0)

(x2, 0, x2, 0, 0, 0) x22 x3




(1, 0, 0, 0, 0, 0) 1(1, 1, 0, 0, 0, 0) 1(1, 0, 1, 0, 0, 0) 1introduce x1(x1, 0, 0, 0, 0, 0) 1

(x1, x1, 0, 0, 0, 0) x21 x3


(x2, 0, x2, 0, 0, 0) x22 x3

reduction(x2, 0, 0, 0, 0, 0) 1(x2 − x1, x2, x1, 0, 0, 0)

(x2, 0, x2, 0, 0, 0) x22 x3




(1, 0, 0, 0, 0, 0) 1(1, 1, 0, 0, 0, 0) 1(1, 0, 1, 0, 0, 0) 1introduce x1(x1, 0, 0, 0, 0, 0) 1

(x1, x1, 0, 0, 0, 0) x21 x3


(x2, 0, x2, 0, 0, 0) x22 x3

reduction(x2, 0, 0, 0, 0, 0) 1(x2 − x1, x2, x1, 0, 0, 0)

(x2, 0, x2, 0, 0, 0) x22 x3



Continuing we find

1 x1 x2 x3 x1x2 x1x3 x2x3 x1x2x3 multiples of x2i

introduce x3(x3, 0, 0, 0, 0, 0) 1

(x3, x3, 0, 0, 0, 0) x1x23

(x3, 0, x3, 0, 0, 0) x2x23

reduction(x3, 0, 0, 0, 0, 0) 1(x3 − x1, x3, 0, 0, 0, x1)(x3 − x2, 0, x3, 0, 0, x2)

We have the syzygy x3 − x1 = x1f5 − x3f1 and x3 − x1 belongsto the Grobner basis (note that we can make reductions of termsT · x2

i , T a term, as soon as we have introduced T since x2i − 1

is a generator). The result of the computation is the Grobner basis{x2 − x1, x3 − x1, x

21 − 1}


Thanks for your attention!!

Documents

Gr obner-Gradient Decoding of Linear Codes · Gr obner-Gradient Decoding of Linear Codes Edgar Mart nez Moro Applied Maths. Dept., Universidad de Valladolid [email protected] (Join