Cyclic Codes I

I. Introduction

One of the most important classes of linear codes is the class of cyclic codes. In general these codes are much easier to implement and hence have great practical importance. They are also of considerable interest from an algebraic point of view.

Definition: A linear code C is a cyclic code if whenever ( cn) is in C then (cn is in C.

In other words, C is a subspace and any cyclic shift of any vector in C is also in C.


There are several questions which we would like to answer.
  1. How can cyclic codes be constructed?
  2. For a given value of k, does a k-dimensional cyclic code in V(n,F) exist?
  3. How many cyclic codes does V(n,F) contain?
  4. Which vectors in a cyclic code have the property that the vector and its cyclic shifts will generate the entire code?
With respect to this last question, consider the 4-dimensional subspace C of V(6,2) generated by the vectors (111000), (011100), (001110) and (000111) (i.e. a vector and all of its cyclic shifts). The vector (101010) is also a codeword of C, but it and its cyclic shifts only generate a 2-dimensional subspace.

These questions and many more can easily be answered after we have introduced some more algebraic notions.

II. Rings and Ideals

Definition: A commutative ring with unity (R,+,*) is an algebraic structure consisting of a set of elements R together with two binary operations denoted + and * which satisfy the following properties for all a,b,c in R. Since we will only be interested in this type of ring, for our purposes we will refer to commutative rings with unity simply as rings.


From example (3) we may construct a ring with a finite number of elements as follows. Given any non-zero polynomial f(x) in F[x], define two polynomials h(x), g(x) in F[x] to be congruent modulo f(x) if and only if f(x) divides h(x)-g(x), i.e., h(x) and g(x) leave the same remainder when divided by f(x). This is easily seen to be an equivalence relation and so it divides F[x] up into equivalence classes, with the equivalence class containing g(x) denoted [g(x)] and defined as:

[g(x)] = {h(x) | h(x) = g(x) (mod f(x)) }.

Let R = F[x]/(f(x)) be the set of equivalence classes, i.e.

F[x]/(f(x)) = { [g(x)] | g(x) in F[x] }.

Define addition and multiplication of equivalence classes in the natural way, by the rules

[g(x)] + [h(x)] = [g(x) + h(x)]
[g(x)]*[h(x)] = [g(x)*h(x)].

Then (R,+,*) is a ring called the ring of polynomials over F modulo f(x). Any polynomial in the class [g(x)] can be used to represent the class, and we usually take the polynomial of least degree as the representative. The the equivalence classes are represented by all polynomials in F[x] of degree less than the degree of f(x), corresponding to all possible remainders after dividing by f(x). When the context is clear, we omit the square brackets for the class and write only the representative g(x).


As a particular example of this ring, let us consider Z2[x]/(f(x)) where f(x) = x3 + 1.

Z2[x]/(x3+1) = {[0], [1], [x], [1+x], [x2], [1+x2], [x+x2], [1+x+x2]}.

As an example of addition,
[x] + [1+x+x2] = [x + 1+x+x2] = [1+x2].

As an example of multiplication in this ring,
[1+x2]*[1+x+x2] = [1+x+x3 +x4] = [0]
since x4+x3+x+1 = 0 (mod f(x)). We observe that x3+1 = 0 (mod f(x)) implies x3 = 1 (mod f(x)), and hence wherever we see x3 in an expression we can replace it by 1.

We now define an important substructure of a ring.

Definition: Let (R,+,*) be a ring. A non-empty subset I of R is called an ideal of the ring if

As we shall see, ideals will play a fundamental role in our study of cyclic codes.

One simple way to construct an ideal is as follows. Take any non-zero g in R and form the set

I = {g*r | r in R }.

It is easy to verify that I is an ideal. It is called the ideal generated by g. It is not always possible to construct all ideals of a ring in this fashion. When the ring R has the property that for any ideal I of R there exists an element g in I such that I = {g*r | r in R}, then R is called a principal ideal ring. We now prove that F[x] and F[x]/(f(x)) are such rings.

Theorem 1: F[x] is a principal ideal ring.

Proof: Let I be an ideal of F[x]. If I = {0} then I is the ideal generated by 0. Otherwise, let g(x) be a monic (leading coefficient = 1) polynomial of least degree in I. We prove that g(x) generates I. Consider any h(x) in I. By the division algorithm for polynomials,

h(x) = q(x)g(x) + r(x)

where r(x) = 0 or deg r(x) < deg g(x). Since g(x) in I, it follows from property (ii) that q(x)g(x) in I, and by (i), h(x) - q(x)g(x) in I, so r(x) in I. Since g(x) is the polynomial of least degree in I, we must have r(x) = 0 and thus g(x) divides h(x). This establishes that g(x) generates I and F[x] is a principal ideal ring.

Theorem 2: F[x]/(f(x)) is a principal ideal ring.

Proof: Let I be an ideal of R = F[x]/(f(x)). If I = {[0]} then I is generated by 0. Otherwise, let g(x) be a monic polynomial of least degree which represents some class in I. Then [g(x)] in I. Let [h(x)] in I. By the division algorithm for polynomials,

h(x) = q(x)g(x) + r(x)

where r(x) = 0 or deg r(x) < deg g(x). Therefore

[h(x)] = [q(x)g(x) + r(x)] = [q(x)g(x)] + [r(x)].

Since [q(x)g(x)] in I, it follows that [h(x)] - [q(x)g(x)] in I and hence [r(x)] in I. This implies r(x) = 0, by the choice of g(x). Hence g(x) divides h(x), and g(x) generates I.

Example: Consider R = Z2[x]/(f(x)) where f(x) = x6 + 1, and the set

I = {0, 1+x2+x4, x+x3+x5, 1+x+x2+x3+x4+x5}.

I is an ideal in R. It is easy to verify that (I,+) is a group (property (i)), and somewhat more time-consuming, but no harder, to verify property (ii). I is in fact the ideal generated by g(x) = 1 + x2 + x4.

III. Ideals and Cyclic Codes

We know that V(n,q) is an abelian group under vector addition, but it has no natural multiplicative structure. A useful way of introducing a multiplication is to identify (define what is clearly a bijection) the vectors (a0, a1, ... , an-1) in V(n,q) with the polynomials

a0 + a1x + a2x2 + ... + an-1 xn-1 in F[x]/(xn - 1),

where F = GF(q), and then use the multiplication in this ring as the multiplication of the corresponding vectors. Doing this clearly transforms V(n,q) into a ring isomorphic to the polynomial ring modulo (xn - 1). Since it is so easy to go back and forth between these two representations (i.e., vectors and polynomials) we will often blur the distinction between the two and just deal with the polynomials. Notice that the choice of xn -1 as f(x) means that multiplying by x corresponds to a cyclic shift of a vector.

Theorem 3 : C is a cyclic code if and only if C is an ideal.

Proof: Assume that C is a cyclic code. Since it is a subspace (i.e., a linear code) it is an abelian group under addition so we need only show that property (ii) for ideals is satisfied. Now, since C is a cyclic code, if c(x) in C then xc(x) in C and in general xi c(x) in C for all 0 <= i <= n - 1 since these are the cyclic shifts of c(x). Now let a(x) in V(n,q) then

[a(x) = sum from {i=0} to {n-1} alpha_i x^i]
[a(x) c(x)= sum from {i=0} to {n-1} alpha_i (x^i c(x))]

but then a(x)c(x) in C since C is closed under scalar multiplication and addition. Thus C is an ideal.

Now assume that C is an ideal. Since it is an abelian subgroup, it is a subspace. If c(x) in C then xi c(x) in C for 0 <= i <= n-1 since C is an ideal, but this says that all the cyclic shifts of c(x) are in C, so C is a cyclic code.

Theorem 4 : If C is a cyclic code and g(x) is a monic polynomial of smallest degree in C, then g(x) is unique and every codeword is a multiple of g(x).

Proof: Let a(x) be in C, then a(x) = b(x)g(x) + r(x) with degree r(x) < degree g(x) by the division algorithm. But r(x) = a(x) - b(x)g(x) in C since C is an ideal. Thus r(x) = 0 and we have that a(x) = b(x)g(x) for every a(x) in C.

Suppose that g(x) and h(x) are monic polynomials of the same degree. Then g(x) - h(x) is in C and has a smaller degree than g(x). Thus we have g(x) - h(x) = 0, i.e., g(x) = h(x).

Definition: The g(x) of the above theorem is called the generator polynomial of C.

Theorem 5 : The generator polynomial of a cyclic code divides xn - 1 and any divisor of xn - 1 is a generator polynomial of some cyclic code.

Proof: Let g(x) be a generator polynomial of a cyclic code C. Then in F[x] we have that xn - 1 = a(x)g(x) + r(x) where deg r(x) < deg g(x). Now, r(x) = -a(x)g(x) mod (xn -1), thus r(x) in C which is impossible unless r(x) = 0. Therefore, g(x) | xn -1.

Suppose now that g(x) divides xn-1. Consider the ideal generated by g(x) (i.e., all multiples of g(x) reduced modulo (xn - 1)). Suppose that there is a polynomial b(x) in this ideal which has smaller degree than g(x). Then (in F[x]) we have that

b(x) = a(x)g(x) + (xn-1)d(x),

for some polynomials a(x) and d(x). Since g(x) divides xn-1 we have that g(x) | b(x) which is impossible since b(x) has a smaller degree. Thus, no such b(x) exists and g(x) is the smallest degree polynomial in its ideal, i.e., it is the generator.

Example: Consider V(7,2) and f(x) = x7 -1. A complete factorization of f(x) over GF(2) is

x7 - 1 = (x + 1)(x3 + x2 + 1)(x3 + x + 1).

The monic divisors of f(x) are

g1(x) generates the full space V(7,2) while g8(x) generates the trivial cyclic subspace {(0000000)}.

g6(x) generates the cyclic code {(0000000), (1011100), (0101110), (0010111), (1001011), (1100101), (1110010), (0111001)}.

g7(x) generates the cyclic code { (0000000), (1111111) }.

V(7,2) contains precisely 8 cyclic codes.

Return to M4410<a href="m4410.html"> Homepage</a> (non-frame version). <hr>