\documentclass[10pt]{article}
\usepackage{amsfonts,amsthm,amsmath,amssymb}
\usepackage{array}
\usepackage{epsfig}
\usepackage{fullpage}
\usepackage{amssymb}
\usepackage[colorlinks = false]{hyperref}
\newcommand{\1}{\mathbbm{1}}
\DeclareMathOperator*{\argmin}{argmin}
\DeclareMathOperator*{\argmax}{argmax}
\newcommand{\x}{\times}
\newcommand{\Z}{\mathbb{Z}}
\newcommand{\Q}{\mathbb{Q}}
\newcommand{\R}{\mathbb{R}}
\newcommand{\N}{\mathbb{N}}
\newcommand{\F}{\mathbb{F}}
\newcommand{\E}{\mathop{\mathbb{E}}}
\renewcommand{\bar}{\overline}
\renewcommand{\epsilon}{\varepsilon}
\newcommand{\eps}{\varepsilon}
\newcommand{\DTIME}{\textbf{DTIME}}
\renewcommand{\P}{\textbf{P}}
\newcommand{\SPACE}{\textbf{SPACE}}
\newcommand{\BF}{\mathbb{F}}
\newcommand{\BZ}{\mathbb{Z}}
\begin{document}
\input{preamble.tex}
\newtheorem{example}[theorem]{Example}
\theoremstyle{definition}
\newtheorem{defn}[theorem]{Definition}
\handout{CS 229r Essential Coding Theory}{Feb 26, 2020}{Instructor:
Madhu Sudan}{Scribe: Abishrant Panday}{Lecture 9}
\section{Non Algebraic Geometry Codes}
Most of the error correcting codes we've considered so far have very large alphabet size, with none getting down to constant sized alphabets. We want to utilize the algebraic approach (evaluating functions on points), but with this approach, a long code requires lots of points, which requires us to have a growing number of variables over a constant-sized field.
\subsection{Multivariate Polynomials}
As an aside, before getting into this we note that repetition codes are bad because we have to look at two locations but only get out one symbol's worth of information. \\ \\
Consider multivariate polynomials with $r < q$ and $m$ large. To this end, take an $m-$dimensional box with $q-$points along each axis. Here, our encoding of a message consists of taking some polynomial and evaluating on the entire space. However, this contains quite a few redundancies. For example, consider lines $$l = \{\alpha + t\beta | t \in \BF_q, \alpha,\beta \in \BF_q^m\}$$
\begin{figure}[h]
\centering
\includegraphics[width=.4\textwidth]{BLOOP1.png}
\label{fig:my_label}
\end{figure} \\
Look at some polynomial $P \in \BF_q[x_1, \dots, x_m]$ with $\deg(p) \leq r$ and consider what happens when we restrict to our line $l$. We get $P|_l = f(t)$ where $f$ is a polynomial of degree $\leq r$, since we're simply doing a linear substitution of each variable by a linear function of $t$. Then, if we know the value of $f$ at $r+1$ locations on the line, $P$ is determined and all other points are redundant. Similarly, if we had $r = \frac{q}{2}$, then our redundancy would be half of the line $l$, since it wouldn't give any extra information. We thus want a way to avoid these local redundancies brought about by multivariate polynomials. \\ \\
The goal with algebraic geometry codes is thus to find some dense-enough curve in this space that doesn't intersect any one line, circle, etc. often, which will reduce the amount of local redundancy.
\section{The Algebraic Geometry Approach}
We want to find a nice subset $S \subseteq \BF_q^n$ such that low degree polynomials or some other class of functions
\begin{enumerate}
\item maintain "global" distance
\item eliminate "local" redundancies
\end{enumerate}
\subsection{Goppa's Idea}
Let $S$ be zeroes of multivariate polynomials $$P_1(x_1, \dots, x_m), \dots, P_{m-1}(x_1, \dots, x_m)$$ Which forms an $m-1$ dimensional manifold. Then, we have that $$S = \{\alpha | P_1(\alpha) = \dots = P_{m-1}(\alpha) = 0\}$$ Ideally, we want $|S|$ to be large (to grow with $m$ and ideally with $\exp(m)$) and for there to be a nice set of functions on $S$ that form a linear space and have few zeroes on $S$.
\subsection{A Simple Example}
Consider an alphabet $\BF_{q^2}$ where $q$ is prime. Let $S \subseteq \BF_{q^2} \times \BF_{q^2}$. We want some polynomial equation with lots of zeroes but not too high of a degree. Define $$S = \{(\alpha, \beta)| \alpha,\beta \in \BF_{q^2}, Tr(\alpha) = N(\beta)\}$$ Here, we have that the trace is the sum of Galois conjugates of $z$: $Tr(z) = z + z^q$ and the norm is the product of Galois conjugates of $z$: $N(z) = z^{q+1}$, both of which we can view as functions on $\BF_{q^2}$: $$Tr, N: \BF_{q^2} \to \BF_{q^2}$$
\begin{exercise}
Show that $\forall \alpha \in \BF_{q^2}$, $Tr(\alpha)^q = Tr(\alpha)$ and $N(\alpha)^q = N(\alpha)$. In addition, show that $Tr(\alpha)^q = Tr(\alpha) \mod x^q - x$ and $N(\alpha)^q = N(\alpha) \mod x^q - x$.
\end{exercise}
From this, we see that both the trace and norm are maps to $\BF_q$: $$Tr, N: \BF_{q^2} \to \BF_q$$
\begin{exercise}
Show that $Tr(x+y) = Tr(x) + Tr(y)$ and $N(xy) = N(x)N(y)$.
\end{exercise}
\noindent Putting all of this together, we get that the trace and the norm satisfy: $$Tr: q \to 1 \text{ map}$$ $$N: q+1 \to 1 \text{ map on nonzero elements}$$
Based on this, we see that the size of $S$ must satisfy $|S| = q^3$. To see this, note that if we fix a $\beta$, we get some value of $N(\beta)$, which is mapped to by $q$ $\alpha$ and vice versa.
\subsection{General Family of Functions}
Fix $r$ and consider all polynomials of degree $r \leq q$. Suppose $\deg(P) \leq r$. How large is the set $$\{(\alpha, \beta) | \alpha,\beta \in S P(\alpha, \beta) = 0\}$$
First, we note that $\dim($polynomials of degree $\leq r) = \binom{r+1}{2}$. Define $Q(x,y) \triangleq Tr(x) - N(y)$. Thus, we can rewrite our set as $$|\{(\alpha, \beta) | \alpha,\beta \in S P(\alpha, \beta) = 0\}| = |\{(\alpha, \beta) \in \BF_{q^2}^2 | P(\alpha, \beta) = Q(\alpha,\beta) = 0\}|$$
This is a pretty common problem in algebra/geometry asking how many common zeros a set of polynomials can have.
\begin{theorem}[Bezout's Theorem (in plane)]
For two plane algebraic curves $P,Q$ with $\deg(P) \leq D_1$ and $\deg(Q) \leq D_2$ and $P,Q \in \BF[x,y]$ then either $P,Q$ have a common factor or the number of common zeroes $\leq D_1\cdot D_2$.
\end{theorem}
\noindent To see why we have a common factor issue with Bezout's Theorem, consider $P(x,y) = A(x,y)\cdot (x+y)$ and $Q(x,y) = B(x,y)\cdot (x+y)$. If we have $P,Q$ as shown below, then we would have an infinite number of common zeroes.
\begin{figure}[h]
\centering
\includegraphics[width=.4\textwidth]{BLOOP2.png}
\label{fig:my_label}
\end{figure}
\begin{exercise}
Show that in our case $P,Q$ have no common factors.
\end{exercise}
\noindent If there are no common factors, then the number of common zeroes is at most $r(q+1)$, giving us the bound $$|\{(\alpha, \beta) \in \BF_{q^2}^2 | P(\alpha, \beta) = Q(\alpha,\beta) = 0\}| \leq r(q+1)$$
In order to compare different codes along the same 'axis,' we can concatenate with the best binary code and consider that error correcting code. In our case, as seen in [Ben-Aroya and Ta-Shma], concatenating with the appropriate binary codes gives a code of distance $(\frac{1}{2} - \epsilon)n$ and dimension $k$ with $$n = O\left(\frac{k^{5/4}}{\epsilon^{5/2}}\right)$$ In contrast, doing Reed-Solonom + binary code would give us $n = \frac{k}{\epsilon^2}$. The best code that exists is, of course, $\frac{k}{\epsilon^2}$.
\subsection{Tsfasman-Vladut-Zink's Construction}
Their construction came up with polynomials $P_1, \dots, P_{m-1}$ and a basis of functions $f$ that gave a resulting code of $$\left[n,k,(n-k) - \frac{n}{q-1}\right]_{q^2}$$ The best we could get is $[n,k,n-k]$ over any alphabet. In the original construction of Tsfasman, Vladut, and Zink it wasn't clear that you could encode, decode from these codes efficiently.
\subsubsection{Comparison With Random Codes}
If we took codes over some $q-$ary alphabet randomly or greedily, etc. we would get a code with distance $[n,k,(n-k) - \frac{n}{\log(q)}]_{q^2}$. When $q$ gets large enough, we thus have that our code is better than random codes. In literature, we have the magic number $q \geq 49$, where this beats the GV bound.
\subsection{A New Family of Curves}
The family of curves suggested by [Garcia, Stichtenoth] constructs $P_1, \dots, P_{m-1}$ over $\BF_{q^2}$ where $$P_i(x_i,x_{i+1}) = N(x_i) - Tr(x_i)Tr(x_{i+1})$$
\begin{exercise}
Prove that the number of zeroes is $q^{m+1} + o(q^{m+1})$.
\end{exercise}
\noindent We can extract a sequence of functions $f_1, \dots, f_i, \dots$ not necessarily linearly independent that map from the zeroes of the set of polynomials $P_i$ with the following properties:
\begin{enumerate}
\item $\dim(span(f_1, \dots, f_i)) \leq i - g$ where $g = \frac{n}{q-1}$ ($g$ refers to the genus of the curve).
\item The number of zeroes of $f \in span(f_1, \dots f_n)$ is at most $i$.
\item $f_i \cdot f_j \in span(f_1, \dots, f_{i+j})$.
\end{enumerate}
Based on the first two properties, we can construct a $[n,k,(n-k) - \frac{n}{q-1}]_q$ code.
\section{Reed-Solomon Decoding}
Fix some $\BF_q, n \leq q, k \leq n$ and a sequence of $n$ distinct points $(\alpha_1, \dots, \alpha_n) \in \BF_q$ that we evaluate the message polynomial on. Define the message polynomial $M(x) \triangleq \sum_{i < k} c_ix^i$. If we send the sequence $(M(\alpha_1), \dots, M(\alpha_n))$ over a noisy channel, we receive $(\beta_1, \dots, \beta_n)$. We're promised that the number of errors is small: $$\{i: \beta_i \neq M(\alpha_i)\} \leq e$$
More formally, we're given $$q,n,k,e, \{\alpha_1, \beta_i\}_{i = 1,\dots, n}$$ And we want to find $M$ (if one exists) such that $\deg(M) < k$ and $\{i: \beta_i \neq M(\alpha_i)\} \leq e$. In particular, consider a bunch of points in $2-d$ space. We want to find a high-degree polynomial $p$ that passes through a good number of these points. The points it doesn't pass through are errors. We care about scenarios where $\deg(p)$ is linear in $n$ and the fraction of errors is also linear in $n$. Thus, you can't enumerate all possible polynomials, errors without an exponential search. Algorithms for this decoding include ones by Peterson ’60, Berlekamp-Massey '70s, and Berlekamp-Welch ’86.
\subsection{Peterson's Algorithm}
We define an \textit{Error-Locator Polynomial} in $x$ which is zero whenever there is an error: $$E(x) = \Pi (x - \alpha_i), i \in S \triangleq \{i: \beta_i \neq M(\alpha_i)\}$$
We can visualize the problem with the following diagram:
\begin{figure}[h]
\centering
\includegraphics[width=.5\textwidth]{BLOOP3.png}
\label{fig:my_label}
\end{figure}
\\
We note that $E$ satisfies $E(\alpha_i)M(\alpha_i) = E(\alpha_i)\beta_i$ To see this, note that in general $M(\alpha_i) = \beta_i$ and when $M(\alpha_i) \neq \beta_i$ then $E(\alpha_i) = 0$. \\ \\
Define $N(x) = E(x)M(x)$. Thus, we have that $$N(\alpha_i) = E(\alpha_i)M(\alpha_i) = E(\alpha_i)\beta_i $$ $$\deg(E) \leq e, \deg(N) \leq k + e$$ This is now a linear system on coefficients of $N,E$.
\begin{claim}
A solution exists.
\end{claim}
\noindent This is true by construction.
\begin{claim}
If we find a solution $(N',E')$, then $\frac{N'}{E'} = \frac{N}{E} = M$.
\end{claim}
\begin{proof}
The statement is equivalent to saying $N'(x)E(x) = N(x)E'(x)$. To see this, note that we have $$E(\alpha_i)\beta_i = N(\alpha_i), E'(\alpha_i)\beta_i = N'(\alpha_i) \Longrightarrow N'E\beta_i = NE'\beta_i$$ We can divide through for $\beta_i \neq 0$ and if it equals zero then $N(\alpha_i) = 0$ by definition. \\ \\ We now consider the number if $i$ such that $N'(\alpha_i)E(\alpha_i) = N(\alpha_i)E'(\alpha_i):$ $$|\{i | N'(\alpha_i)E(\alpha_i) = N(\alpha_i)E'(\alpha_i)\}|$$ This set has size $\geq k + 2e$. Moreover, the degree of $N'E$ and $NE'$ are polynomials of degree $\leq k + 2e$. Thus, as long as $n = k + 2e$, we have enough points to make the two sides agree. This is true by our assumption above on $k,e$.
\end{proof}
\end{document}