CURVES AND CODES by John R. Kerl A Thesis Presented in Partial - PowerPoint PPT Presentation

CURVES AND CODES by John R. Kerl A Thesis Presented in Partial Fulfillment of the Requirements for the Degree Master of Arts ARIZONA STATE UNIVERSITY April 2005 1

Overview • Coding Theory • Algebraic Geometry (key: Riemann-Roch) • Construction and Encoding (Goppa) • Decoding (Skorobogatov-Vlˇ adut ¸) • Further Directions • References 2

Coding Theory Originates in the engineering problem of digital com- munication over noisy channels. Work over F q : low-degree extensions of F 2 , say, q ≤ 256. Definition. A block code is a subset of F n q . A linear block code is a subspace of F n q . Encode k -tuples (blocks) by embedding F k q into a k - dimensional subspace C of F n q . 3

Encoding, Transmission, Decoding • Message word m ∈ F k q . • Code word u ∈ F n q : u = m G (encoding). • Error word e ∈ F n q (transmission). • Received word v ∈ F n q : v = u + e . • Estimated error word ˆ e (decoding). • Estimated received word ˆ u = v − ˆ e . • Estimated message word m : ˆ solve linear system m G = ˆ ˆ u . 4

The matrix G is called a generator matrix . There is a corresponding parity-check matrix H such that the following sequence is exact: · G H · F k F n F n − k 0 → → → → 0 q q q Thus, C = im( G ) = ker( H ). Compute rows of H from a kernel basis for G . Perpendicular space: C ⊥ = { v ∈ F n q : v · u = 0 for all u ∈ C } . Dot product is not positive definite. Example: (1 , 0 , 1) is self-perpendicular in F 3 2 . The G , H for C are the same as the H , G for C ⊥ . 5

Hamming weight: wt : F n q → Z by wt( u ) = # { u i : u i � = 0 } . This is a vector-space norm. Hamming distance: dist : F n q × F n q → Z by dist( u , v ) = wt( u − v ) . Minimum distance: d ( C ) = min { dist( u , v ) : u , v ∈ C ; u � = v } For a linear code, all differences are in the subspace, so d ( C ) = min { wt( u ) : u ∈ C ; u � = 0 } 6

Code parameters: length n , dimension k , minimum dis- tance d , alphabet size q . A linear block code is described as an [ n, k, d ] q code. Example: [7 , 3 , 4] 2 . One may think of k of the n symbols in each block as payload, and the remaining n − k symbols as redundancy. Data rate: R = k/n . The basic engineering problem: correct many errors at low transmission redudancy. Maximum correctable errors per block: ⌊ d − 1 2 ⌋ . Mathematical problem statement for linear block codes: construct subspaces maximizing d , maximizing k , and/or minimizing n . 7

Subspace packings: F 2 inside F 3 F 2 inside F 3 F 2 inside F 3 F 2 2 2 2 d = 1 d = 2 d = 3 011 111 011 111 011 111 ✈ ✈ � � � � � � 010 110 010 110 010 110 1 � � � � � � ✈ ✈ 001 101 001 101 001 101 � � � � � � 000 100 000 100 000 100 0 � � � � � � ✈ ✈ ✈ ✈ F 2 F 2 2 inside F 3 F 2 2 inside F 3 2 2 2 d = 1 d = 2 011 111 011 111 ✈ ✈ ✈ � � � � 01 11 010 110 010 110 � � � � ✈ ✈ ✈ 001 101 001 101 ✈ � � � � 00 10 000 100 000 100 � � � � ✈ ✈ ✈ ✈ ✈ 8

Algebraic Geometry points of P 2 ( F q ) Consider projective plane curves V : which are zeroes of a single homogeneous equation φ ( X, Y, Z ) ∈ K [ X, Y, Z ]. Restrict attention to smooth curves , i.e. φ and its par- tials simultaneously vanish nowhere. Result: V smooth implies φ is absolutely irreducible. Pl¨ ucker formula for genus g : for smooth plane curves, with d = deg( φ ), g = ( d − 1)( d − 2) . 2 9

Let I ( V/K ) = � φ � ∈ K [ X, Y, Z ]. Coordinate ring: K [ V ] = K [ X, Y, Z ] I ( V/K ) . Function field K ( V ): quotient field of K [ V ]. Divisor group: free abelian group on points of V , e.g. D = � P ∈ V n P P . Support of D : P such that n P � = 0. A divisor D is effective , written D � 0, if n P ≥ 0 for all P ∈ V . Intersection divisor of F : � � div( F ) = n P P − n Q Q where P ’s are zeroes of F , Q ’s are poles of F , n P ’s are zero multiplicities, n Q ’s are pole orders. 10

Vector space associated to a divisor: L ( D ) = { F ∈ K ( V ) : div( F ) + D � 0 } ∪ { 0 } . Dimension over K : ℓ ( D ). Key property of L ( D ): for all F ∈ L ( D ), poles are con- fined to the point(s) of D . Theorem (Riemann-Roch). If deg( D ) > 2 g − 2 , then ℓ ( D ) = deg( D ) − g + 1 . Always: ℓ ( D ) ≥ deg( D ) − g + 1 . 11

Definition. If ℓ ( rP ) = ℓ (( r − 1) P ), r is a Weierstrass gap of P . Results: A non-negative integer r is a non-gap of P iff there is an F ∈ K ( V ) with a pole of order r in P , and poles at no other point of V . The number of gaps is g . By Riemann-Roch, gaps are at or below 2 g − 2. Proposition. Let ( γ i : i ∈ Z + ) be an enumeration of the non-gaps of P , with 0 = γ 1 < γ 2 < . . . . Let F i ∈ L ( γ i P ) be such that ν P ( F ) = − γ i . Then { F 1 . . . , F r } is a basis for L ( γ r P ) . Find non-gaps by finding g − 1 functions with distinct pole orders at rP , 0 ≤ r ≤ 2 g − 2. 12

Klein quartic example: X 3 Y + Y 3 Z + Z 3 X = 0. Label some points P 1 = [1 , 0 , 0], P 2 = [0 , 1 , 0], P 3 = [0 , 0 , 1]. Intersection divisors: div( X ) = 3 P 3 + P 2 div( Y ) = 3 P 1 + P 3 div( Z ) = 3 P 2 + P 1 X i Y j � � div = ( − i + 2 j ) P 1 + ( − 2 i − 3 j ) P 2 + (3 i + j ) P 3 . Z i + j Let D = rP 2 . With − i + 2 j ≥ 0, poles are confined to P 2 , and X i Y j /Z i + j span L ( D ). 13

The Klein quartic has degree 4, hence genus 3. There are 3 gaps, between 0 and 2 g − 2 = 4. r i j i + j F − i + 2 j − 2 i − 3 j 3 i + j 0,1,2 0 0 0 1 0 0 0 3,4 0 1 1 Y/Z 2 − 3 1 XY/Z 2 5 1 1 2 1 − 5 4 Y 2 /Z 2 6 0 2 2 4 − 6 2 X 2 Y/Z 3 7 2 1 3 0 − 7 7 XY 2 /Z 3 8 1 2 3 3 − 8 5 Y 3 /Z 3 9 0 3 3 6 − 9 3 . . . . . . . . . . . . . . . . . . . . . . . . Since g − 1 = 2 functions have been found with pole order between 0 and 4, namely, 0 and 3, gaps for the Klein quartic are at 1, 2, and 4. 14

Code Construction Let V be a smooth projective plane curve defined over F q . Let P = ( P 1 , . . . , P n ) be a vector of distinct F q - rational points of V . Let D be a divisor on V , with 0 < deg( D ) < n , with support disjoint from P . Thus all F in L ( D ) are pole-free on P . Here, D is always a one-point divisor; P is most or all of the other points. Definition. The Goppa primary code for V, P , D is C p ( V, P , D ) = { v ∈ F n q : F ( P ) · v = 0 for all F ∈ L ( D ) } . Definition. The Goppa dual code for V, P , D is C d ( V, P , D ) = { F ( P ) : F ∈ L ( D ) } = ε ( L ( D )) where ε is the evaluation map ε : F �→ F ( P ). Thus, C p = { v ∈ F n q : u · v = 0 for all u ∈ C d } = C ⊥ d . 15

Lemma. If deg( D ) < 0 , then L ( D ) = { 0 } . Proof. Let F be non-zero in K ( V ). From the zeroes- and-poles proposition, deg div( F ) = 0. Thus deg div( F ) + deg( D ) = deg(div( F ) + D ) < 0 = div( F ) + D � � 0 ⇒ = ⇒ F �∈ L ( D ) . 16

Theorem. If deg( D ) > 2 g − 2 , the dimension of C p is n − deg( D ) + g − 1 . Proof. Let k = dim( C p ). Then dim( C ⊥ p ) = dim( C d ) = n − k . Prove that the latter is deg( D ) − g + 1. By Riemann-Roch, ℓ ( D ) = deg D − g + 1. Show ε is 1-1 since C d = ε ( L ( D )). Let ε ( F ) = 0 for some F ∈ L ( D ). Then all F ( P j ) = 0, so all n P j > 0 in div( F ). Since all P j �∈ supp( D ), div( F ) + D − P 1 − . . . − P n � 0. Since deg( D ) < n , deg( D − P 1 − . . . − P n ) < 0. By the lemma, L ( D − P 1 − . . . − P n ) = { 0 } . 17

Theorem. If deg( D ) > 2 g − 2 , then d ( C p ) ≥ deg( D ) − 2 g + 2 . Proof. Show minimum weight since C p is linear. Let u be of minimum weight w > 0. WLOG renumber P j ’s and u j ’s such that the first w of the u j ’s are non-zero. Seeking a contradiction, suppose w < deg( D ) − 2 g + 2. Let D w = D − P 1 − . . . − P w and D w − 1 = D − P 1 − . . . − P w − 1 . Since w < deg( D ) − 2 g + 2, deg( D ) − w = deg( D w ) > 2 g − 2 and thus deg( D w − 1 ) > 2 g − 2 as well. By Riemann-Roch, ℓ ( D w ) = deg( D ) − w − g + 1 and ℓ ( D w − 1 ) = deg( D ) − w − g + 2. Thus ∃ F ∈ L ( D w − 1 ), F �∈ L ( D w ). This implies F ( P j ) = 0 for 1 ≤ j < w , and F ( P w ) � = 0. Since D w − 1 � D , F ∈ L ( D ) and F ( P ) · u = F ( P w ) u w � = 0, contradicting u ∈ C p . 18

Encoding Let k = n − ℓ ( D ). Let { F 1 , . . . , F n − k } be a basis for L ( D ). A G for C d , hence an H for C p , is F i ( P j ). Compute a kernel basis to get a G for C p . Encode m G = u . 19

Decoding Received word is v = u + e . Error location : P j such that e j � = 0. Error locator : λ ∈ K ( V ) such that λ ( P j ) = 0 for all error locations of e , and pole-free on P . Minimum correctable error weight : t . Proposition. Let A be a divisor on V with support dis- joint from P such that ℓ ( A ) > t . Then an error locator exists in L ( A ) . (Here, A � D , i.e. one-point divisor on the same point.) Proposition. Let R be a divisor on V with support dis- joint from P such that deg( R ) > t + 2 g − 1 . Then λ ∈ K ( V ) , pole-free on P , locates e iff ( ρλ )( P ) · e = 0 for all ρ ∈ L ( R ) . 20