Cyclic code

In coding theory, a cyclic code is a block code, where the circular shifts of each codeword gives another word that belongs to the code. They are error-correcting codes that have algebraic properties that are convenient for efficient error detection and correction.

Definition

Let $\mathcal$ be a linear code over a finite field (also called '' Galois field'') $GF(q)$ of block length $n$. $\mathcal$ is called a cyclic code if, for every codeword $c=(c_1,\ldots,c_n)$ from $\mathcal$, the word $(c_n,c_1,\ldots,c_)$ in $GF(q)^n$ obtained by a cyclic right shift of components is again a codeword. Because one cyclic right shift is equal to $n-1$ cyclic left shifts, a cyclic code may also be defined via cyclic left shifts. Therefore, the linear code $\mathcal$ is cyclic precisely when it is invariant under all cyclic shifts.

Cyclic codes have some additional structural constraint on the codes. They are based on Galois fields and because of their structural properties they are very useful for error controls. Their structure is strongly related to Galois fields because of which the encoding and decoding algorithms for cyclic codes are computationally efficient.

Algebraic structure

Cyclic codes can be linked to ideals in certain rings. Let R = A / (x^n-1) be a quotient of a polynomial ring over the finite field $A = GF(q)$. Identify the elements of the cyclic code $\mathcal$ with polynomials in $R$ such that
$( c_0, \ldots, c_ )$ maps to the polynomial
$c_0 + c_1x +\cdots+c_ x^$: thus multiplication by $x$ corresponds to a cyclic shift. Then $\mathcal$ is an ideal in $R$, and hence principal, since $R$ is a principal ideal ring. The ideal is generated by the unique monic element in $\mathcal$ of minimum degree, the ''generator polynomial'' $g$.
This must be a divisor of $x^n-1$. It follows that every cyclic code is a polynomial code.
If the generator polynomial $g$ has degree $d$ then the rank of the code $\mathcal$ is $n-d$.

If $\mathcal$ is a cyclic code, the dual code $\mathcal^\perp$ is also a cyclic code. The generator polynomial $h(x)$ for $\mathcal^\perp$ is also called the parity-check polynomial or simply check polynomial for $\mathcal$. It can also be shown that $g(x)h^*(x) = x^n - 1$, where $h^*(x)$ denotes the reciprocal polynomial of $h(x)$.

The idempotent of $\mathcal$ is a codeword $e$ such that $e^2 = e$ (that is, $e$ is an idempotent element of $\mathcal$) and $e$ is an identity for the code, that is $e \cdot c = c$ for every codeword $c$. If $n$ and $q$ are coprime such a word always exists and is unique; it is a generator of the code.

An irreducible code is a cyclic code in which the code, as an ideal is irreducible, i.e. is minimal in $R$, so that its check polynomial is an irreducible polynomial.

Examples

For example, if $A=\mathbb_2$ and $n=3$, the set of codewords contained in the cyclic code generated by $(1,1,0)$ is precisely

$\.$

This code corresponds to the ideal in \mathbb_2 (x^3-1) generated by $(1+x)$.

The polynomial $(1+x)$ is irreducible in the polynomial ring, and hence the code is an irreducible code.

The idempotent of this code is the polynomial $x + x^2$, corresponding to the codeword $(0,1,1)$.

Trivial examples

Trivial examples of cyclic codes are $A^n$ itself and the code containing only the zero codeword. These correspond to generators $1$ and $x^n-1$ respectively: these two polynomials must always be factors of $x^n-1$.

Over $GF(2)$ the parity bit code, consisting of all words of even weight, corresponds to generator $x+1$. Again over $GF(2)$ this must always be a factor of $x^n-1$.

Other examples

Many types of commonly used error-correcting codes can be represented as cyclic codes, including BCH codes, Reed-Solomon codes, and some classes of low-density parity-check codes defined from finite geometries.

For correcting errors

Cyclic codes can be used to correct errors, like Hamming codes as cyclic codes can be used for correcting single error. Likewise, they are also used to correct double errors and burst errors. All types of error corrections are covered briefly in the further subsections.

The (7,4) Hamming code has a generator polynomial $g(x) = x^3 + x +1$. This polynomial has a zero in Galois extension field $GF(8)$ at the primitive element $\alpha$, and all codewords satisfy $\mathcal(\alpha)=0$. Cyclic codes can also be used to correct double errors over the field $GF(2)$. Blocklength will be $n$ equal to $2^m -1$ and primitive elements $\alpha$ and $\alpha^3$ as zeros in the $GF(2^m)$ because we are considering the case of two errors here, so each will represent one error.

The received word is a polynomial of degree $n - 1$ given as
$v(x) = a(x)g(x) + e(x)$

where $e(x)$ can have at most two nonzero coefficients corresponding to 2 errors.

We define the syndrome polynomial, $S(x)$ as the remainder of polynomial $v(x)$ when divided by the generator polynomial $g(x)$ i.e.

$S(x) \equiv v(x) \equiv (a(x)g(x) + e(x)) \equiv e(x) \mod g(x)$ as $(a(x)g(x))\equiv 0\mod g(x)$.

For correcting two errors

Let the field elements $X_1$ and $X_2$ be the two error location numbers. If only one error occurs then $X_2$ is equal to zero and if none occurs both are zero.

Let $S_1 = (\alpha)$ and $S_3 = (\alpha^3)$.

These field elements are called "syndromes". Now because $g(x)$ is zero at primitive elements $\alpha$ and $\alpha^3$, so we can write $S_1 = e(\alpha)$ and $S_3 = e(\alpha^3)$. If say two errors occur, then

$S_1 = \alpha^ + \alpha^$ and
$S_3 = \alpha^ + \alpha^$.

And these two can be considered as two pair of equations in $GF(2^m)$ with two unknowns and hence we can write

$S_1 = X_1 + X_2$ and
$S_3 = (X_1)^3 + (X_2)^3$.

Hence if the two pair of nonlinear equations can be solved cyclic codes can used to correct two errors.

Hamming code

The Hamming(7,4) code may be written as a cyclic code over GF(2) with generator $1+x+x^3$. In fact, any binary Hamming code of the form Ham(r, 2) is equivalent to a cyclic code, and any Hamming code of the form Ham(r,q) with r and q-1 relatively prime is also equivalent to a cyclic code. Given a Hamming code of the form Ham(r,2) with $r \ge 3$, the set of even codewords forms a cyclic ^-1,2^-r-2,4/math>-code.

Hamming code for correcting single errors

A code whose minimum distance is at least 3, have a check matrix all of whose columns are distinct and non zero. If a check matrix for a binary code has $m$ rows, then each column is an $m$-bit binary number. There are $2^m-1$ possible columns. Therefore, if a check matrix of a binary code with $d_$ at least 3 has $m$ rows, then it can only have $2^m-1$ columns, not more than that. This defines a $(2^m-1, 2^m-1-m)$ code, called Hamming code.

It is easy to define Hamming codes for large alphabets of size $q$. We need to define one $H$ matrix with linearly independent columns. For any word of size $q$ there will be columns who are multiples of each other. So, to get linear independence all non zero $m$-tuples with one as a top most non zero element will be chosen as columns. Then two columns will never be linearly dependent because three columns could be linearly dependent with the minimum distance of the code as 3.

So, there are $(q^m-1)/(q-1)$ nonzero columns with one as top most non zero element. Therefore, a Hamming code is a q^m-1)/(q-1), (q^m-1)/(q-1)-m/math> code.

Now, for cyclic codes, Let $\alpha$ be primitive element in $GF(q^m)$, and let $\beta = \alpha^$. Then $\beta^ = 1$ and thus $\beta$ is a zero of the polynomial $x^ - 1$ and is a generator polynomial for the cyclic code of block length $n = (q^m-1)/(q-1)$.

But for $q = 2$, $\alpha = \beta$. And the received word is a polynomial of degree $n - 1$ given as

$v(x) = a(x)g(x) + e(x)$

where, $e(x) = 0$ or $x^i$ where $i$ represents the error locations.

But we can also use $\alpha^i$ as an element of $GF(2^m)$ to index error location. Because $g(\alpha) = 0$, we have $v(\alpha) = \alpha^i$ and all powers of $\alpha$ from $0$ to $2^m-2$ are distinct. Therefore, we can easily determine error location $i$ from $\alpha^i$ unless $v(\alpha) = 0$ which represents no error. So, a Hamming code is a single error correcting code over $GF(2)$ with $n = 2^m-1$ and $k = n - m$.

For correcting burst errors

From Hamming distance concept, a code with minimum distance $2t + 1$ can correct any $t$ errors. But in many channels error pattern is not very arbitrary, it occurs within very short segment of the message. Such kind of errors are called burst errors. So, for correcting such errors we will get a more efficient code of higher rate because of the less constraints. Cyclic codes are used for correcting burst error. In fact, cyclic codes can also correct cyclic burst errors along with burst errors. Cyclic burst errors are defined as

A cyclic burst of length $t$ is a vector whose nonzero components are among $t$ (cyclically) consecutive components, the first and the last of which are nonzero.

In polynomial form cyclic burst of length $t$ can be described as $e(x)=x^ib(x)\mod (x^n -1)$ with $b(x)$ as a polynomial of degree $t - 1$ with nonzero coefficient $b_0$. Here $b(x)$ defines the pattern and $x^i$ defines the starting point of error. Length of the pattern is given by deg$b(x) + 1$. The syndrome polynomial is unique for each pattern and is given by

$s(x) = e(x)\mod g(x)$

A linear block code that corrects all burst errors of length $t$ or less must have at least $2t$ check symbols. Proof: Because any linear code that can correct burst pattern of length $t$ or less cannot have a burst of length $2t$ or less as a codeword because if it did then a burst of length $t$ could change the codeword to burst pattern of length $t$, which also could be obtained by making a burst error of length $t$ in all zero codeword. Now, any two vectors that are non zero in the first $2t$ components must be from different co-sets of an array to avoid their difference being a codeword of bursts of length $2t$. Therefore, number of such co-sets are equal to number of such vectors which are $q^$. Hence at least $q^$ co-sets and hence at least $2t$ check symbol.

This property is also known as Rieger bound and it is similar to the Singleton bound for random error correcting.

Fire codes as cyclic bounds

In 1959, Philip Fire presented a construction of cyclic codes generated by a product of a binomial and a primitive polynomial. The binomial has the form $x^c+1$ for some positive odd integer $c$. ''Fire code'' is a cyclic burst error correcting code over $GF(q)$ with the generator polynomial

$g(x)=(x^-1)p(x)$

where $p(x)$ is a prime polynomial with degree $m$ not smaller than $t$ and $p(x)$ does not divide $x^-1$. Block length of the fire code is the smallest integer $n$ such that $g(x)$ divides
$x^n-1$.

A fire code can correct all burst errors of length t or less if no two bursts $b(x)$ and $x^jb'(x)$ appear in the same co-set. This can be proved by contradiction. Suppose there are two distinct nonzero bursts $b(x)$ and $x^jb'(x)$ of length $t$ or less and are in the same co-set of the code. So, their difference is a codeword. As the difference is a multiple of $g(x)$ it is also a multiple of $x^-1$. Therefore,

$b(x) = x^jb'(x) \mod (x^-1)$.

This shows that $j$ is a multiple of $2t - 1$, So

$b(x) = x^b'(x)$

for some $l$. Now, as $l(2t-1)$ is less than $t$ and $l$ is less than $q^m - 1$ so $(x^ - 1)b(x)$ is a codeword. Therefore,

$(x^ - 1)b(x) = a(x)(x^- 1)p(x)$.

Since $b(x)$ degree is less than degree of $p(x)$,$p(x)$ cannot divide $b(x)$. If $l$ is not zero, then $p(x)$ also cannot divide $x^ - 1$ as $l$ is less than $q^m-1$ and by definition of $m$, $p(x)$ divides $x^ - 1$ for no $l$ smaller than $q^m-1$. Therefore $l$ and $j$ equals to zero. That means both that both the bursts are same, contrary to assumption.

Fire codes are the best single burst correcting codes with high rate and they are constructed analytically. They are of very high rate and when $m$ and $t$ are equal, redundancy is least and is equal to $3t - 1$. By using multiple fire codes longer burst errors can also be corrected.

For error detection cyclic codes are widely used and are called $t - 1$ cyclic redundancy codes.

On Fourier transform

Applications of Fourier transform are widespread in signal processing. But their applications are not limited to the complex fields only; Fourier transforms also exist in the Galois field $GF(q)$. Cyclic codes using Fourier transform can be described in a setting closer to the signal processing.

Fourier transform over finite fields

Fourier transform over finite fields

The discrete Fourier transform of vector $v = v_0, v_1, ...., v_$ is given by a vector $V = V_0, V_1,....., V_$ where,

$V_k$ = $\Sigma_^ e^v_i$ where,

$k = 0,....., n-1$

where exp($-j2\pi /n$) is an $n$th root of unity. Similarly in the finite field $n$th root of unity is element $\omega$ of order $n$. Therefore

''If $v = (v_0, v_1, ...., v_)$ is a vector over $GF(q)$, and $\omega$ be an element of $GF(q)$ of order $n$, then Fourier transform of the vector $v$ is the vector $V = (V_0, V_1,....., V_)$ and components are given by''

$V_j$ = $\Sigma_^\omega^ v_i$ where,

$k = 0,....., n-1$

Here $i$ is ''time'' index, $j$ is ''frequency'' and $V$ is the ''spectrum''. One important difference between Fourier transform in complex field and Galois field is that complex field $\omega$ exists for every value of $n$ while in Galois field $\omega$ exists only if $n$ divides $q - 1$. In case of extension fields, there will be a Fourier transform in the extension field $GF(q^m)$ if $n$ divides $q^m - 1$ for some $m$.
In Galois field time domain vector $v$ is over the field $GF(q)$ but the spectrum $V$ may be over the extension field $GF(q^m)$.

Spectral description

Any codeword of cyclic code of blocklength $n$ can be represented by a polynomial $c(x)$ of degree at most $n - 1$. Its encoder can be written as $c(x) = a(x)g(x)$. Therefore, in frequency domain encoder can be written as $C_j = A_jG_j$. Here ''codeword spectrum'' $C_j$ has a value in $GF(q^m)$ but all the components in the time domain are from $GF(q)$. As the data spectrum $A_j$ is arbitrary, the role of $G_j$ is to specify those $j$ where $C_j$ will be zero.

Thus, cyclic codes can also be defined as

''Given a set of spectral indices,'' $A = (j_1,...., j_)$, '' whose elements are called check frequencies, the cyclic code'' $C$ ''is the set of words over'' $GF(q)$ ''whose spectrum is zero in the components indexed by'' $j_1,..., j_$. ''Any such spectrum'' $C$ ''will have components of the form'' $A_jG_j$.

So, cyclic codes are vectors in the field $GF(q)$ and the spectrum given by its inverse fourier transform is over the field $GF(q^m)$ and are constrained to be zero at certain components. But every spectrum in the field $GF(q^m)$ and zero at certain components may not have inverse transforms with components in the field $GF(q)$. Such spectrum can not be used as cyclic codes.

Following are the few bounds on the spectrum of cyclic codes.

BCH bound

If $n$ be a factor of $(q^m - 1)$ for some $m$. The only vector in $GF(q)^n$ of weight $d - 1$ or less that has $d - 1$ consecutive components of its spectrum equal to zero is all-zero vector.

Hartmann-Tzeng bound

If $n$ be a factor of $(q^m - 1)$ for some $m$, and $b$ an integer that is coprime with $n$. The only vector $v$ in $GF(q)^n$ of weight $d - 1$ or less whose spectral
components $V_j$ equal zero for $j = \ell_1 + \ell_2b (\mod n)$, where $\ell_1 = 0,...., d - s - 1$ and $\ell_2 = 0,...., s - 1$, is the all zero vector.

Roos bound

If $n$ be a factor of $q^m - 1$ for some $m$ and $GCD(n,b) = 1$. The only vector in
$GF(q)^n$ of weight $d - 1$ or less whose spectral components $V_j$ equal to zero for $j = l_1 + l_2b (\mod n)$, where $l_1 = 0,..., d - s - 2$ and $l_2$ takes at least $s + 1$ values in the range $0,...., d - 2$, is the all-zero vector.

Quadratic residue codes

When the prime $l$ is a quadratic residue modulo the prime $p$ there is a quadratic residue code which is a cyclic code of length $p$, dimension $(p+1)/2$ and minimum weight at least $\sqrt$ over $GF(l)$.

Generalizations

Constacyclic codes

A constacyclic code is a linear code with the property that for some constant $\lambda$ if $(c_1, c_2, \dots, c_n)$ is a codeword, then so is $(\lambda c_n, c_1, \dots, c_)$. A negacyclic code is a constacyclic code with $\lambda = -1$.

Quasi-cyclic code

A quasi-cyclic code (QC code) has the property that for some $s$ dividing $n$, any cyclic shift of a codeword by $s$ places is again a codeword. That is, for some constant $s$, if $(c_0, c_1, \dots, c_)$ is a codeword, then so is $(c_, c_, \dots, c_)$, where all subscripts are reduced mod $n$. Such a code is known as an $s$-QC code. A double circulant code is a quasi-cyclic code of even length with $s = 2$.

Shortened cyclic codes

An $(n,k)$ linear code is called a ''shortened cyclic code'' if it can be obtained by deleting $b$ positions from an $(n+b, k+b)$ cyclic code. Code of this form are not generally cyclic.

In shortened codes, information symbols are deleted to obtain a desired block length smaller than the original block length. While deleting the first $b$ symbols is a common approach, in principle any set of information symbols can be deleted. Any cyclic code can be converted to a quasi-cyclic code by dropping every $b$-th symbol, where $b$ is a factor of $n$. If the dropped symbols are not check symbols, this cyclic code is also a shortened cyclic code.

Other generalizations

Quasi-twisted codes (QT codes) combine the properties of constacyclic and quasi-cyclic codes, with the shift occurring by $s$ places and with a multiplier of $\lambda$. That is, for some constants $\lambda$ and $s$, if $(c_0, c_1, \dots, c_)$ is a codeword, then so is $(\lambda c_, c_, \dots, c_)$, where all subscripts are reduced mod $n$. Multi-twisted codes are further generalizations of QT codes, which join multiple QT codes end to end.

See also

* BCH code
* Binary Golay code
* Cyclic redundancy check
* Eugene Prange
* Reed–Muller code
* Ternary Golay code

Notes

References

*
*
*
*
*

Further reading

* Ranjan Bose'', Information theory, coding and cryptography'',
* Irving S. Reed and Xuemin Chen, ''Error-Control Coding for Data Networks'', Boston: Kluwer Academic Publishers, 1999, .
* Scott A. Vanstone, Paul C. Van Oorschot, ''An introduction to error correcting codes with applications'',

External links

* John Gill's (Stanford) class notes &ndash
Notes #3, October 8, Handout #9
, EE 387.
* Jonathan Hall's (MSU) class notes &ndash
Chapter 8. Cyclic codes
- pp. 100 - 123
*

{{PlanetMath attribution, id=6978, title=cyclic code

Coding theory
Finite fields