Binary Goppa code: Difference between revisions
First edit, I will add references as soon as possible. |
No edit summary |
||
Line 1: | Line 1: | ||
In [[mathematics]] and [[computer science]], Binary Goppa code is an [[error-correcting code]] that belongs to the class of general [[Goppa code|Goppa codes]] originally described by [[Valerii Denisovich Goppa]], but the binary nature gives them a better fit to common usage in computers and |
In [[mathematics]] and [[computer science]], Binary Goppa code is an [[error-correcting code]] that belongs to the class of general [[Goppa code|Goppa codes]] originally described by [[Valerii Denisovich Goppa]], but the binary nature gives them a better fit to common usage in computers and telecommunication. Binary Goppa codes have interesting properties that fit many usages, especially in [[cryptography]] in [[McEliece cryptosystem|McEliece-like cryptosystems]] and similar setups. |
||
==Construction and properties== |
==Construction and properties== |
||
Line 26: | Line 26: | ||
</math> |
</math> |
||
Note that this form of the parity-check matrix, being composed of a [[Vandermonde matrix]] <math>V</math> and [[diagonal matrix]] <math>D</math> shares the form with check matrices of [[Generalized Reed-Solomon code|Generalized Reed-Solomon codes]], thus GRS (and also BCH) decoders can be used on this form, but this |
Note that this form of the parity-check matrix, being composed of a [[Vandermonde matrix]] <math>V</math> and [[diagonal matrix]] <math>D</math> shares the form with check matrices of [[Generalized Reed-Solomon code|Generalized Reed-Solomon codes]], thus GRS (and also BCH) decoders can be used on this form, but this give only limited error-correcting capability (in most cases <math>t/2</math>). |
||
For practical purposes, parity-check matrix of a binary Goppa code is usually converted to a more computer-friendly form by a trace construction, that converts the <math>t</math>-by-<math>n</math> matrix over <math>GF(2^m)</math> to a <math>mt</math>-by-<math>n</math> binary matrix by writing polynomial cofficients of <math>GF(2^m)</math> elements on <math>m</math> successive rows. |
For practical purposes, parity-check matrix of a binary Goppa code is usually converted to a more computer-friendly binary form by a trace construction, that converts the <math>t</math>-by-<math>n</math> matrix over <math>GF(2^m)</math> to a <math>mt</math>-by-<math>n</math> binary matrix by writing polynomial cofficients of <math>GF(2^m)</math> elements on <math>m</math> successive rows. |
||
==Decoding== |
==Decoding== |
Revision as of 22:49, 4 December 2012
In mathematics and computer science, Binary Goppa code is an error-correcting code that belongs to the class of general Goppa codes originally described by Valerii Denisovich Goppa, but the binary nature gives them a better fit to common usage in computers and telecommunication. Binary Goppa codes have interesting properties that fit many usages, especially in cryptography in McEliece-like cryptosystems and similar setups.
Construction and properties
Binary Goppa code is defined by a polynomial of degree over a finite field without multiple roots, and a sequence of distinct elements from that aren't roots of the polynomial:
Code defined by a tuple has minimum distance , thus it can correct errors in a word of size using codewords of size . It possesses a parity-check matrix in form
Note that this form of the parity-check matrix, being composed of a Vandermonde matrix and diagonal matrix shares the form with check matrices of Generalized Reed-Solomon codes, thus GRS (and also BCH) decoders can be used on this form, but this give only limited error-correcting capability (in most cases ).
For practical purposes, parity-check matrix of a binary Goppa code is usually converted to a more computer-friendly binary form by a trace construction, that converts the -by- matrix over to a -by- binary matrix by writing polynomial cofficients of elements on successive rows.
Decoding
Decoding of binary Goppa codes is traditionaly done by Patterson algorithm, which gives good error-correcting capability (it corrects all design errors), and is also fairly simple to implement.
Patterson algorithm converts a syndrome to a vector of errors. The syndrome of a word is expected to take a form of
Alternative form of a parity-check matrix based on formula for can be used to produce such syndrome with a simple matrix multiplication.
The algorithm then computes . That fails when , but that is the case when the input word is a codeword, so no error correction is necessary.
is reduced to polynomials and using the extended euclidean algorithm, so that , while and .
Finally, error correction polynomial is computed as .
If the original codeword was decodable and the was the error vector, then
Factoring or evaluating all roots of therefore gives enough information to recover the error vector and fix the errors.
Properties and usage
Binary Goppa codes viewed as a special case of Goppa codes have the interesting property that they correct full errors, while only errors in ternary and all other cases. Asymptotically, this error correcting capability meets the famous Gilbert-Varshamov bound.
Because of the high error correction capacity compared to code rate and form of parity-check matrix (which is usually hardly distinguishable from a random binary matrix of full rank), the binary Goppa codes are used in several post-quantum cryptosystems, notably McEliece cryptosystem and Niederreiter cryptosystem.