- Boxes
- definitions
- Ellipses
- theorems and lemmas
- Blue border
- the statement of this result is ready to be formalized; all prerequisites are done
- Orange border
- the statement of this result is not ready to be formalized; the blueprint needs more work
- Blue background
- the proof of this result is ready to be formalized; all prerequisites are done
- Green border
- the statement of this result is formalized
- Green background
- the proof of this result is formalized
- Dark green background
- the proof of this result and all its ancestors are formalized
- Dark green border
- this is in Mathlib
Every code of distance \(d\) over an alphabet of size \(q\) has rate \(R\) at most
where \(e = \lfloor (d-1)/2 \rfloor \).
The Hamming code \([2^r-1,2^r-r-1,3]_2\) is a perfect code: it meets the Hamming bound for \(d=3\) codes with equality.
Let \(q \ge 3\) be an integer and \(0 \le \rho \le 1 - 1/q\). Then for any integer \(m \ge 2\),
Let \(\mathscr {C}\) be an infinite family of \(q\)-ary codes with relative distance \(0 \le \delta \le 1 - \frac{1}{q}\) and rate \(R\). Then
The field \(\mathbb {F}_{p^s}\) is \(\mathbb {F}_p[X]/E(X)\), where \(E(X)\) is an irreducible polynomial of degree \(s\).
There is a Las Vegas algorithm (Algorithm 126) to generate an irreducible polynomial of degree \(s\) over any \(\mathbb {F}_q\) in expected time \(\mathrm{poly}(s, \log q)\).
This is immediate from the analysis in the proof of Algorithm 126: each iteration takes time \(\mathrm{poly}(s, \log q)\) and the expected number of iterations is \(O(s)\), giving a total expected running time of \(\mathrm{poly}(s, \log q)\).
For \(0\le p{\lt}\tfrac 12\), the capacity of \(\mathrm{BSC}_p\) is \(1-H(p)\).
Suppose \(\beta _1,\dots ,\beta _n \ge 0\) are such that the polynomial \(\beta (X)\) of Definition 174 satisfies \(\beta (i) \le 0\) for all \(i = d,d+1,\dots ,n\). Then every binary code of minimum distance at least \(d\) has size at most \(\beta (0)\).
The hypothesis \(\beta (i) \le 0\) for \(i \ge d\) says exactly \(-\sum _{\ell =1}^n \beta _\ell K_\ell (i) \ge \beta _0 = 1\) for \(i = d,\dots ,n\), which is the hypothesis of Lemma 173. Its conclusion is \(|C| \le 1 + \sum _{\ell =1}^n \beta _\ell K_\ell (0) = \beta _0 + \sum _{\ell =1}^n \beta _\ell K_\ell (0) = \beta (0)\).
The concatenated code \(C^*\) of Definition 210 is an asymptotically good code and is strongly explicit.
Asymptotically good. For any fixed \(0{\lt}R{\lt}1\), \(C^*\) has rate \(R/2 {\gt} 0\), a constant independent of the block length. Fixing \(\varepsilon {\lt} \frac12(1-R)\), Proposition 211 shows the relative distance of \(C^*\) is bounded below by the positive constant \((1-R-\varepsilon )H_q^{-1}(\frac12-\varepsilon ) {\gt} 0\), independent of the block length. Hence both the rate and relative distance of the family \(\{ C^*\} \) (as \(k\), and hence the block length \(2kN=2k(q^k-1)\), grows) are bounded away from \(0\), so \(C^*\) is asymptotically good.
Strongly explicit. By Lemma 208, each code \(C_{in}^\alpha \) in the Wozencraft ensemble is strongly explicit, i.e. every entry of its (size \(k\times 2k\)) generator matrix can be computed in time polynomial in \(\log (2k)\). The Reed–Solomon outer code \(C_{out}\) has the explicit Vandermonde generator matrix of Construction 132, whose \((i,j)\)-th entry \(\alpha _j^{\, i}\) is likewise computable in time polynomial in \(\log N\) given standard succinct representations of \(\mathbb {F}_{q^k}\)-arithmetic. Composing these two strongly explicit descriptions as in the generator matrix construction of Lemma 204, each entry of a generator matrix of \(C^* = C_{out}\circ (C_{in}^1,\ldots , C_{in}^N)\) can be computed in time polynomial in \(\log (2kN)\), i.e. polynomial in the logarithm of the block length of \(C^*\). Hence \(C^*\) is strongly explicit.
There are explicit codes of relative distance \((1-\varepsilon )\) and rate \(\Omega (\varepsilon )\), over an alphabet of size \(2^{O(1/\varepsilon )}\).
Suppose there exist \(c \in \mathbb {Z}_+\), \(\alpha {\gt} c/2\) and \(\gamma ,\rho {\gt} 0\) such that \(\{ G_i\} _{i\in \mathbb {Z}_+}\) is a \((c,\gamma ,\alpha )\)-bipartite expander with \(G_i\) having \(n_i\) left vertices, \(m_i\) right vertices with \(m_i/n_i {\lt} 1-\rho \) for every \(i \in \mathbb {Z}_+\). Then the family of codes \(\{ C(G_i)\} _{i\in \mathbb {Z}_+}\) is asymptotically good.
For every \(\delta \in [0,1]\) and \(\varepsilon {\gt} 0\) there exists an explicit family of binary linear (Tanner) codes of rate at least \(1-2h(\sqrt\delta )\) and relative distance at least \(\delta - \varepsilon \). Consequently, for every \(\tau {\gt} 0\) there exists an explicitly constructible family of asymptotically good Tanner codes of rate \(R \ge 1-\tau \) and distance \(\delta = \Omega (\tau ^2/\log ^2(1/\tau ))\).
There are explicit binary linear codes that lie within \(\varepsilon \) of the Zyablov bound and can be constructed in time polynomial in the block length and exponential in \(\mathrm{poly}(1/\varepsilon )\).
Under the hypotheses of Lemma 327, there exists a value \(\)θ^* [0,1]\( such that Algorithm \ref{alg:c14-gmd-v2} run with \)θ\( fixed to \)θ^*\( in Step 1 produces \)y”\( with \)2e’ + s’ < D\( (and hence, by Theorem \ref{thm:c14-rs-errors-erasures} as instantiated for \)D_C_out\(, correctly outputs \)m\(). \begin{proof} \uses{lem:c14-gmd-v2-expectation} By Lemma \ref{lem:c14-gmd-v2-expectation}, \end{proof}\)E_θ[2e’+s’] < D\( where the expectation is over \)θ\( chosen uniformly in \)[0,1]\(. If every \)θ[0,1]\( produced \)2e’(θ) + s’(θ) ≥D\(, then the expectation would be at least \)D\(, a contradiction. Hence there exists \)θ^* [0,1]\( with \)2e’(θ^*) + s’(θ^*) < D\(. \)
The set of solutions to
is contained in an affine subspace
For \(\)0 ≤p ≤1\(, let \)D_p\( denote the distribution on \){0,1}^n\( where each bit is picked independently with probability \)p\( of being \)1\(. The average-case Gap Hamming problem asks: given an \)x {0,1}^n\( sampled from either \)D_1/3\( or \)D_2/3\(, determine which distribution \)x\( was sampled from. \)
A decision problem \(\)L\( is in \)NP\( (a promise problem \)(Y,N)\( is in \)promise-NP\(, respectively) if there is a polynomial time verification algorithm \)R\( such that: \begin{itemize} \item if \end{itemize}\)x L\( (resp. \)x Y\(), there exists a string \)y\(, of size polynomial in \)|x|\(, such that \)R(x,y)\( returns \textsc{Yes}; \item if \)x L\( (resp. \)x N\(), then for every string \)y\( of size polynomial in \)|x|\(, \)R(x,y)\( returns \textsc{No}. \)
A decision problem \(\)L\( is in the complexity class \)P\( if there is an algorithm solving \)L\( whose worst-case run time on inputs of size \)N\( is \)O(N^c)\( for some fixed constant \)c ≥0\( (a polynomial time algorithm). Likewise, a promise problem \)(Y,N)\( is in \)promise-P\( if there is a polynomial time algorithm solving \)(Y,N)\(. \)
Without loss of generality, the input to a decision problem is
Given \(\)n\( linear equations over \)k\( variables, all over \)F_2\( (i.e. all variables lie in \){0,1}\( and all arithmetic is over the binary field \)F_2\(: addition is XOR and multiplication is AND), and an integer \)0 ≤s ≤n\(, find a solution to the system that satisfies at least \)s\( of the \)n\( equations. We denote this problem \)MaxLinearEq(k,n,s)\(, dropping the arguments to refer to the problem in general. \)
Given a graph \(\)G = (V,E)\( with \)|V| = k\( and \)|E| = n\(, and an integer \)0 ≤s ≤n\(, does there exist a cut of size at least \)s\(, i.e. a subset \)S ⊂V\( such that the number of edges with one endpoint in \)S\( and the other in \)V ∖S\( is at least \)s\(? We call this problem \)MaxCut(k,n,s)\(. \)
A promise problem is defined by a pair of disjoint non-empty subsets
A randomized algorithm is an algorithm (in the RAM model, modified so that a register can be loaded with independent uniform random bits in one step) whose behavior may depend on internal random bits even for a fixed input. Its run time
The input to the root-finding problem is a polynomial
The conditional mutual information between
A binary code \(C \subseteq \{ 0,1\} ^n\) of dimension \(k\) is called a binary linear code if there is a \(k\times n\) matrix \(G\) over \(\{ 0,1\} \) (addition being XOR, multiplication being AND) such that \(C = \{ \mathbf x \cdot G \mid \mathbf x \in \{ 0,1\} ^k\} \), and, writing \(C(\mathbf x) \overset {\mathrm{def}}{=} \mathbf x \cdot G\) (viewing \(\mathbf x\) as a row vector), the map \(\mathbf x \mapsto C(\mathbf x)\) is a bijection from \(\{ 0,1\} ^k\) onto \(C\). The matrix \(G\) is called a generator matrix for \(C\).
A code of block length \(n\) over an alphabet \(\Sigma \) is a subset \(C \subseteq \Sigma ^n\). We use \(q\) to denote the alphabet size \(|\Sigma |\) (which need not be a constant and may depend on \(n\)).
Equivalently, writing \(|C| = M\), we may view \(C\) as a mapping
where \([M] \overset {\mathrm{def}}{=} \{ 1,2,\dots ,M\} \); this is the convention we use whenever we speak of “the codeword corresponding to message \(\mathbf m\),” written \(C(\mathbf m)\).
Let \(\{ n_i\} _{i\ge 1}\) be an increasing sequence of block lengths and suppose there exist sequences \(\{ k_i\} _{i\ge 1}\), \(\{ d_i\} _{i \ge 1}\) and \(\{ q_i\} _{i\ge 1}\) such that for all \(i \ge 1\) there exists an \((n_i,k_i,d_i)_{q_i}\) code \(C_i\). Then the sequence \(\mathscr C = \{ C_i\} _{i\ge 1}\) is a family of codes. The rate of \(\mathscr C\) is
when the limit exists. The relative distance of \(\mathscr C\) is
when the limit exists. If \(q_i = q\) for all \(i \ge 1\), then \(\mathscr C\) is referred to as a family of \(q\)-ary codes.
Let \(C \subseteq \Sigma ^n\) be a code. A mapping \(D : \Sigma ^n \to [|C|]\) is called a decoding function for \(C\).
Given a code \(C \subseteq \Sigma ^n\) with \(|\Sigma |=q\), its dimension is
An algorithm related to a code of block length \(n\) is called efficient if it runs in time polynomial in \(n\). (Throughout the book, unless mentioned otherwise, a “code” implicitly refers to a family of codes, so that asymptotic run time as \(n \to \infty \) is meaningful.)
Let \(C \subseteq \Sigma ^n\). An encoding function for \(C\) is an injective map \(E : [|C|] \to \Sigma ^n\) whose image is \(C\).
Let \(C \subseteq \Sigma ^n\) be a code and let \(t \ge 1\) be an integer. \(C\) is said to be a \(t\)-erasure-correcting code if there exists a decoding function \(D\) such that for every message \(\mathbf m \in [|C|]\) and every \(t\)-erasure channel \(\mathrm{Ch}\) we have \(D(\mathrm{Ch}(C(\mathbf m))) = \mathbf m\).
Let \(C \subseteq \Sigma ^n\) be a code and let \(t \ge 1\) be an integer. \(C\) is said to be a \(t\)-error-correcting code if there exists a decoding function \(D\) such that for every message \(\mathbf m \in [|C|]\) and every \(t\)-error channel \(\mathrm{Ch}\) we have \(D(\mathrm{Ch}(C(\mathbf m))) = \mathbf m\).
Let \(C \subseteq \Sigma ^n\) be a code and let \(t \ge 1\) be an integer. \(C\) is said to be a \(t\)-error-detecting code if there exists a detecting procedure \(D\) such that for every message \(\mathbf m\) and every received vector \(\mathbf v \in \Sigma ^n\) satisfying \(\Delta (C(\mathbf m),\mathbf v) \le t\), it holds that \(D\) outputs \(1\) if \(\mathbf v = C(\mathbf m)\) and \(0\) otherwise; i.e.
For any vector \(\mathbf x \in [q]^n\) and integer \(e \ge 0\), the Hamming ball of radius \(e\) centered at \(\mathbf x\) is
The Hamming code \(C_H\) is the binary code of block length \(7\) with message length \(4\) defined, for \((x_1,x_2,x_3,x_4) \in \{ 0,1\} ^4\), by
It has parameters \(q=2\), \(k=4\), \(n=7\), \(R=4/7\).
Given two vectors \(\mathbf u, \mathbf v \in \Sigma ^n\), the Hamming distance between \(\mathbf u\) and \(\mathbf v\), denoted \(\Delta (\mathbf u,\mathbf v)\), is the number of positions in which \(\mathbf u\) and \(\mathbf v\) differ. The relative Hamming distance is
Let \(q \ge 2\). Given a vector \(\mathbf v \in \{ 0,1,\dots ,q-1\} ^n\), its Hamming weight, denoted \(\mathrm{wt}(\mathbf v)\), is the number of non-zero symbols in \(\mathbf v\).
Let \(C \subseteq \Sigma ^n\). The minimum distance (or just distance) of \(C\), denoted \(\Delta (C)\), is
The relative minimum distance of \(C\) is
Given a code \(C \subseteq \Sigma ^n\), the maximum likelihood decoding (MLD) function \(D_{MLD} : \Sigma ^n \to C\) outputs, for every received word \(\mathbf y \in \Sigma ^n\), a codeword closest to \(\mathbf y\) in Hamming distance (with ties broken arbitrarily):
A code \(C \subseteq \Sigma ^n\) with dimension \(k\) and distance \(d\) is called an \((n,k,d)_\Sigma \) code, also written an \((n,k,d)_{|\Sigma |}\) code.
A code that meets the Hamming bound of Theorem 32 with equality is called a perfect code: i.e. an \((n,k,d)_q\) code \(C\) is perfect if
Equivalently, the Hamming balls of radius \(e\) centered at the codewords of \(C\) partition the entire ambient space \([q]^n\). The \((7,4,3)_2\) Hamming code \(C_H\) (Definition 22) is an example of a perfect code, since \(2^4 = 2^7/(7+1)\).
The rate of a code with dimension \(k\) and block length \(n\) is
Since \(k \le n\) (and we always assume \(k{\gt}0\), \(n{\lt}\infty \)), we have \(0 {\lt} R \le 1\).
An \(n\)-symbol \(t\)-Erasure Channel over the alphabet \(\Sigma \) is a function \(\mathrm{Ch} : \Sigma ^n \to (\Sigma \cup \{ ?\} )^n\) that satisfies \(\Delta (\mathbf v,\mathrm{Ch}(\mathbf v)) \le t\) for every \(\mathbf v \in \Sigma ^n\) (viewing both arguments of \(\Delta (\cdot ,\cdot )\) as elements of \((\Sigma \cup \{ ?\} )^n\)), and such that for every \(i\in [n]\) with \(\mathbf v_i \neq \mathrm{Ch}(\mathbf v)_i\) we have \(\mathrm{Ch}(\mathbf v)_i = {?}\). A coordinate \(i\) with \(\mathrm{Ch}(\mathbf v)_i = {?}\) is called an erasure.
An \(n\)-symbol \(t\)-Error Channel over the alphabet \(\Sigma \) is a function \(\mathrm{Ch} : \Sigma ^n \to \Sigma ^n\) that satisfies \(\Delta (\mathbf v, \mathrm{Ch}(\mathbf v)) \le t\) for every \(\mathbf v \in \Sigma ^n\).
Let \(H\) be a parity check matrix of a code \(C\). The code generated by \(H\) is called the dual of \(C\), and is denoted \(C^\perp \). If \(C\) is an \([n,k]_q\) code, then \(C^\perp \) is an \([n,n-k]_q\) code, directly from the definition.
A field \(\mathbb {F}\) is given by a triple \((S,+,\cdot )\), where \(S\) is the set of elements and \(+,\cdot \) are functions \(S\times S \to S\) such that:
\((S,+)\) forms a commutative group with identity element \(0\in S\).
\((S\setminus \{ 0\} ,\cdot )\) forms a commutative group with identity element \(1\in S\setminus \{ 0\} \).
\(\cdot \) distributes over \(+\): for every \(a,b,c\in S\), \(a\cdot (b+c) = a\cdot b + a\cdot c\).
A finite field is a field \(\mathbb {F} = (S,+,\cdot )\) whose set of elements \(S\) is finite. We write \(|\mathbb {F}| = |S|\) for its size, and denote a finite field of size \(q\) by \(\mathbb {F}_q\).
If \(C\) is an \([n,k]_q\) linear code then there exists a matrix \(G\in \mathbb {F}_q^{k\times n}\) of rank \(k\) satisfying
\(G\) is referred to as a generator matrix of \(C\): the code \(C\) is the set of all possible linear combinations of the rows of \(G\). Neither the generator matrix nor the parity check matrix of a code is unique; however, all generator matrices of \(C\) have the same \(k\times n\) dimensions. (We also allow matrices \(M\in \mathbb {F}_q^{m\times n}\) that are not of full row rank to generate a code \(C=\{ \mathbf{x}\cdot M \mid \mathbf{x}\in \mathbb {F}_q^m\} \), though we reserve the phrase “generator matrix” for full rank matrices.)
A group \(\mathbb {G}\) is given by a pair \((S,\circ )\), where \(S\) is the set of elements and \(\circ \) is a function \(S\times S \to S\) satisfying:
Closure: for every \(a,b\in S\), \(a\circ b \in S\).
Associativity: for every \(a,b,c\in S\), \(a\circ (b\circ c) = (a\circ b)\circ c\).
Identity: there exists a special element \(e\in S\) such that for every \(a \in S\), \(a\circ e = e \circ a = a\).
Inverse: for every \(a \in S\) there exists a unique \(a^{-1}\in S\) such that \(a\circ a^{-1} = a^{-1}\circ a = e\).
If \(\mathbb {G}=(S,\circ )\) satisfies all properties except the existence of inverses then \(\mathbb {G}\) is called a monoid. \(\mathbb {G}\) is commutative if for every \(a,b\in S\), \(a\circ b = b \circ a\).
For a positive integer \(r\), the Hadamard Code \(C_{Had,r}\) is the code generated by the \(r\times 2^r\) matrix \(\overline{\mathbf{H}}_r\) obtained by adding an all-zero column to (say, in front of the columns of) \(\mathbf{H}_r\).
For any positive integer \(r\), define the matrix \(\mathbf{H}_r \in \mathbb {F}_2^{r\times (2^r-1)}\) to be the \(r\times (2^r-1)\) matrix whose \(i\)th column \(\mathbf{H}_r^i\) is the binary representation of \(i\), for \(1\le i \le 2^r-1\) (a vector in \(\{ 0,1\} ^r\)).
The \([2^r-1, 2^r-r-1]_2\) Hamming code, denoted \(C_{H,r}\), is the code with parity check matrix \(\mathbf{H}_r\). In other words,
Let \(q\) be a prime power (i.e. \(q=p^s\) for some prime \(p\) and integer \(s\ge 1\)). \(C\subseteq \mathbb {F}_q^n\) is a linear code if it is a linear subspace of \(\mathbb {F}_q^n\). If \(C\) has dimension \(k\) and distance \(d\) then it is referred to as an \([n,k,d]_q\), or just an \([n,k]_q\), code.
Vectors \(\mathbf{v}_1,\dots ,\mathbf{v}_k \in \mathbb {F}_q^n\) are linearly independent if for every \(1\le i \le k\) and every \((k-1)\)-tuple \((a_1,\dots ,a_{i-1},a_{i+1},\dots ,a_k)\in \mathbb {F}_q^{k-1}\),
In other words, \(\mathbf{v}_i\) is not in the span of \(\{ \mathbf{v}_1,\dots ,\mathbf{v}_{i-1},\mathbf{v}_{i+1},\dots ,\mathbf{v}_k\} \) for every \(1\le i \le k\). The vectors are linearly dependent if they are not linearly independent.
A non-empty subset \(S \subseteq \mathbb {F}_q^n\) is a linear subspace if the following hold:
For every \(\mathbf{x},\mathbf{y}\in S\), \(\mathbf{x}+\mathbf{y}\in S\) (vector addition over \(\mathbb {F}_q\), done componentwise).
For every \(a\in \mathbb {F}_q\) and \(\mathbf{x}\in S\), \(a\cdot \mathbf{x}\in S\) (componentwise scalar multiplication over \(\mathbb {F}_q\)).
The rank of a matrix in \(\mathbb {F}_q^{k\times n}\) is the maximum number of linearly independent rows (equivalently, the maximum number of linearly independent columns). A matrix in \(\mathbb {F}_q^{k\times n}\) with rank \(\min (k,n)\) is said to have full rank.
If \(C\) is an \([n,k]_q\) linear code then there exists a matrix \(H\in \mathbb {F}_q^{(n-k)\times n}\) of rank \(n-k\) satisfying
\(H\) is referred to as a parity check matrix of \(C\). All parity check matrices of \(C\) have the same \((n-k)\times n\) dimensions.
For a positive integer \(r\), the Simplex Code \(C_{Sim,r}\) is the code generated by \(\mathbf{H}_r\). Equivalently, \(C_{Sim,r} = C_{H,r}^\perp \).
Given a set \(B = \{ \mathbf{v}_1,\dots ,\mathbf{v}_\ell \} \subseteq \mathbb {F}_q^n\), the span of \(B\) is the set of vectors
A vector space \(V\) over a field \(\mathbb {F}\) is given by a triple \((T,+,\cdot )\) such that \((T,+)\) forms a commutative group and \(\cdot \), referred to as the scalar product, is a function \(\mathbb {F}\times T \to T\) such that for every \(a,b\in \mathbb {F}\) and \(\mathbf{u},\mathbf{v}\in T\): \((a+b)\cdot \mathbf{u} = a\cdot \mathbf{u} + b\cdot \mathbf{u}\) and \(a\cdot (\mathbf{u}+\mathbf{v}) = a\cdot \mathbf{u} + a\cdot \mathbf{v}\).
Given two events \(A\) and \(B\) defined over the same domain and probability distribution, the probability of \(A\) conditioned on \(B\) is
Let \(q \ge 2\) and \(n \ge r \ge 1\) be integers. The volume of a Hamming ball of radius \(r\) is given by
(The choice of \(\mathbf{0}\) as center is immaterial: the volume of a Hamming ball is independent of its center, as the sum on the right makes clear, so any point may serve as center.)
Two random variables \(A\) and \(B\) are called independent if for every \(a, b\) in the ranges of \(A\) and \(B\) respectively,
Since \(H_q(\cdot )\) restricted to the domain \([0, 1-1/q]\) is a bijective map onto \([0,1]\), we define \(H_q^{-1}(y) = x\) for the unique \(x \in [0, 1-1/q]\) such that \(H_q(x) = y\).
Given a finite domain \(\mathbb {D}\), a probability distribution is a function
An event \(\mathbb {E}\) is a predicate on \(\mathbb {D}\), equivalently a subset of \(\mathbb {D}\).
Given probability distributions \(p_1\) and \(p_2\) over domains \(\mathbb {D}_1\) and \(\mathbb {D}_2\) respectively, the product distribution \(p_1 \times p_2\) over \(\mathbb {D}_1 \times \mathbb {D}_2\) is the distribution under which every element \((x,y) \in \mathbb {D}_1 \times \mathbb {D}_2\) is picked by choosing \(x\) from \(\mathbb {D}_1\) according to \(p_1\) and \(y\) is picked independently from \(\mathbb {D}_2\) according to \(p_2\).
Let \(q\) be an integer with \(q \ge 2\) and let \(x\) be a real number with \(0 \le x \le 1\). The \(q\)-ary entropy function is defined by
For the special case \(q = 2\) we drop the subscript and write \(H(x) = H_2(x) = -x \log x - (1-x)\log (1-x)\), where \(\log \) denotes \(\log _2\) (the convention used throughout the book). The maximum value of \(H_q\) is \(1\), achieved at \(x = 1 - 1/q\).
Let \(\mathbb {D}\) be a finite domain, \(I \subset \mathbb {R}\) a finite subset, and \(p\) a probability distribution over \(\mathbb {D}\). A random variable is a function \(V : \mathbb {D} \to I\). Its expectation is defined as
For an event \(E\) over \(\mathbb {D}\), its indicator variable \(\mathbb {1}_E : \mathbb {D} \to \{ 0,1\} \) is defined by \(\mathbb {1}_E(x) = 1\) if \(x \in E\) and \(0\) otherwise.
An infinite family \(\mathscr {C}\) of \(q\)-ary codes (for \(q\) either a fixed constant or allowed to grow with the block length) is called asymptotically good if both its rate \(R = R(\mathscr {C})\) and its relative distance \(\delta = \delta (\mathscr {C})\) are bounded away from \(0\), i.e., \(R(\mathscr {C}) {\gt} 0\) and \(\delta (\mathscr {C}) {\gt} 0\). The results of this chapter (in particular the Gilbert–Varshamov bound, Theorem 105, and the Plotkin bound, Theorem 111) determine for which pairs \((R,\delta )\) such families can and cannot exist.
For every subset of indices \(S \subseteq [n]\) of size exactly \(k\) and a code \(C \subseteq \Sigma ^n\), \(C_S\) is the set of all codewords in \(C\) projected onto the indices in \(S\).
An \((n,k,d)_q\) code is called Maximum Distance Separable (MDS) if \(d = n-k+1\).
A polynomial over a variable \(X\) and a finite field \(\mathbb {F}_q\) is given by a finite sequence \((f_0, f_1, \ldots , f_d)\) with \(f_i \in \mathbb {F}_q\), denoted \(F(X) = \sum _{i=0}^{d} f_i X^i\). The degree of \(F(X)\), denoted \(\deg (F)\), is the largest index \(i\) such that \(f_i \neq 0\). The set \(\mathbb {F}_q[X]\) of all such polynomials, with the usual coefficientwise addition and convolution multiplication, forms a commutative ring.
Given a polynomial \(F(X) \in \mathbb {F}_q[X]\) and \(\alpha \in \mathbb {F}_q\), the evaluation of \(F(X)\) at \(\alpha \), denoted \(F(\alpha )\), is \(\sum _{i=0}^{\deg F} f_i \alpha ^i \in \mathbb {F}_q\). (More generally, if \(\alpha \) lies in an extension field \(\mathbb {F}_Q \supseteq \mathbb {F}_q\), the evaluation \(F(\alpha ) \in \mathbb {F}_Q\) is defined the same way.)
Let \(\mathbb {F}_q\) be a finite field, and choose \(n\) and \(k\) satisfying \(k \leq n \leq q\). Fix a sequence \(\alpha = (\alpha _1, \alpha _2, \ldots , \alpha _n)\) of \(n\) distinct elements (evaluation points) from \(\mathbb {F}_q\). The encoding function of the Reed-Solomon code \(\mathrm{RS}_q[\alpha , k] : \mathbb {F}_q^k \to \mathbb {F}_q^n\) maps a message \(m = (m_0, m_1, \ldots , m_{k-1})\) with \(m_i \in \mathbb {F}_q\) to the degree-\((k-1)\) polynomial
and then outputs
We write simply \(\mathrm{RS}\) when \(q\), \(\alpha \), \(k\) are clear from context, and call the image \(\{ \mathrm{RS}[m] \mid m \in \mathbb {F}_q^k\} \) the Reed-Solomon code, or RS code. A common special case is \(n = q - 1\) with evaluation points \(\mathbb {F}_q^* = \mathbb {F}_q \setminus \{ 0\} \).
Let \(0\le \alpha \le 1\). The Binary Erasure Channel with erasure probability \(\alpha \), denoted \(\mathrm{BEC}_\alpha \), is the stochastic channel with \(\mathcal{X}=\{ 0,1\} \), \(\mathcal{Y}=\{ 0,1,{?}\} \) (where \({?}\) denotes an erasure), and transition matrix given by
and \(\mathbf{M}(x,y)=0\) for every other pair \((x,y)\). That is, every transmitted bit is erased with probability \(\alpha \) and left unchanged with probability \(1-\alpha \).
Let \(\sigma \ge 0\). The Binary Input Additive Gaussian White Noise Channel with standard deviation \(\sigma \), denoted \(\mathrm{BIAGWN}_\sigma \), is the (continuous) channel with input alphabet \(\mathcal{X}=\{ -1,1\} \) and output alphabet \(\mathcal{Y}=\mathbb {R}\), in which for \((x,y)\in \{ -1,1\} \times \mathbb {R}\) the noise \(y-x\) is distributed according to the Gaussian distribution with mean \(0\) and standard deviation \(\sigma \), i.e.
Let \(0\le p\le 1\). The Binary Symmetric Channel with crossover probability \(p\), denoted \(\mathrm{BSC}_p\), is the stochastic channel with \(\mathcal{X}=\mathcal{Y}=\{ 0,1\} \) and transition matrix
That is, every transmitted bit is flipped independently with probability \(p\). (One may restrict attention to \(0\le p\le \tfrac 12\), since reliable communication over \(\mathrm{BSC}_p\) for \(p\le \tfrac 12\) implies reliable communication over \(\mathrm{BSC}_{p'}\) for \(p'{\gt}\tfrac 12\).) For the rest of the chapter, \(\mathbf{e}\sim \mathrm{BSC}_p\) denotes an error pattern \(\mathbf{e}\in \{ 0,1\} ^n\) drawn according to the error distribution induced by \(\mathrm{BSC}_p\).
Given a stochastic channel, its capacity is a real number \(C\ge 0\) such that reliable communication is possible over the channel if and only if the rate is less than \(C\). That is: for every rate \(R{\lt}C\), there is a family of codes (with associated encoding and decoding functions) of rate \(R\) whose decoding error probability is negligible (indeed \(2^{-\Omega (n)}\)); and for every rate \(R{\gt}C\), for every choice of encoding and decoding functions of rate \(R\), there is some message for which the decoding error probability is bounded below by a constant.
Fix a stochastic channel and a pair of encoding and decoding functions \((E,D)\) for a code of block length \(n\). The decoding error probability of \((E,D)\) is a function \(f(n)\) such that for every message \(\mathbf{m}\), the decoding algorithm recovers \(\mathbf{m}\) with probability at least \(1-f(n)\) (the probability taken over the randomness of the channel noise), where \(\lim _{n\to \infty }f(n)=0\), i.e. \(f(n)=o(1)\). Ideally one would like \(f(n)=2^{-\Omega (n)}\).
A code \(C\) of block length \(n\) is called explicit if there exists a \(\mathrm{poly}(n)\)-time algorithm that computes a succinct description of \(C\) given \(n\). For linear codes, such a succinct description could be a generator matrix or a parity check matrix.
Let \(q\ge 2\) and \(0\le p\le 1-\tfrac 1q\). The \(q\)-ary Symmetric Channel with crossover probability \(p\), denoted \(q\mathrm{SC}_p\), is the stochastic channel with \(\mathcal{X}=\mathcal{Y}=[q]\) and transition matrix
That is, every symbol is retained with probability \(1-p\) and distorted to each of the \(q-1\) other symbols with equal probability \(\tfrac {p}{q-1}\).
A (memoryless) stochastic channel consists of a finite input alphabet \(\mathcal{X}\), a finite output alphabet \(\mathcal{Y}\), and a transition matrix \(\mathbf{M}\) indexed by \(\mathcal{X}\times \mathcal{Y}\), where for every \((x,y)\in \mathcal{X}\times \mathcal{Y}\), \(\mathbf{M}(x,y)=\Pr (y\mid x)\) denotes the probability that \(y\) is output by the channel when \(x\) is input to the channel; in particular \(\sum _{y\in \mathcal{Y}}\mathbf{M}(x,y)=1\) for every \(x\in \mathcal{X}\). The channel is memoryless in the sense that the noise acts independently on each symbol of a transmitted string.
A linear \([n,k]\) code \(C\) is called strongly explicit if, given any index pair \((i,j)\in [k]\times [n]\), there is a \(\mathrm{poly}(\log n)\)-time algorithm that outputs \(G_{i,j}\), where \(G\) is a generator matrix of \(C\).
Given a code \(C\), a fixed codeword \(\mathbf{c} \in C\), and an error pattern \(\mathbf{e}\) such that some codeword of \(C\) lies within Hamming distance \(\rho n\) of \(\mathbf{c} + \mathbf{e}\), the error pattern \(\mathbf{e}\) is associated with a codeword \(c(\mathbf{e})\), namely the closest codeword of \(C\) that lies within Hamming distance \(\rho n\) from \(\mathbf{c} + \mathbf{e}\).
The list-decoding capacity (of the \(q\)-ary worst-case error channel), as a function of the fraction of errors \(\rho \), is \(1 - H_q(\rho )\).
Given \(0 \leq \rho \leq 1\) and \(L \geq 1\), a code \(C \subseteq \Sigma ^n\) is \((\rho , L)\)-list decodable if for every received word \(\mathbf{y} \in \Sigma ^n\),
A list-decoding algorithm for \(C\), given an error parameter \(\rho \), a received word \(\mathbf{y}\), is required to output all codewords of \(C\) within relative Hamming distance \(\rho \) of \(\mathbf{y}\); in particular, if the fraction of errors that occurred is at most \(\rho \), the transmitted codeword is guaranteed to appear in the output list. If \(C\) is \((\rho , L)\)-list decodable then any such algorithm outputs at most \(L\) codewords. The list-decodability of an infinite family of codes \(\mathscr {C}\) (with polynomial-sized lists) is the limit of \(\rho \) over all polynomials \(L\) such that all sufficiently long codes \(C \in \mathscr {C}\) are \((\rho , L)\)-list decodable.
By Corollary 175, the tightest upper bound on \(A(n,d)\) (the largest size of a binary code of length \(n\) and distance \(d\)) obtainable by this method is the optimum value of the following optimization problem, which is the dual of the linear program of Definition 170:
Fix a block length \(n\). For \(\ell = 0,1,\dots ,n\), the Krawtchouk polynomial \(K_\ell (X)\) is the real polynomial
where \(\binom {X}{j}\) denotes the polynomial \(X(X-1)\cdots (X-j+1)/j!\) (so that plugging in \(X = m\) for an integer \(m\) recovers the usual binomial coefficient \(\binom {m}{j}\)), and similarly for \(\binom {n-X}{\ell -j}\). The Krawtchouk function \(K_\ell (i)\), for \(i = 0,1,\dots ,n\), is the evaluation of \(K_\ell (X)\) at \(X = i\).
Fix a block length \(n\) and a target distance \(d\). Consider the linear program in real variables \(A_0,\dots ,A_n\):
We write \(\mathrm{LP}(n,d)\) for the optimum value of this program. (For a linear code \(C\) of distance \(d\), the intended meaning of \(A_i\) is the number of weight-\(i\) codewords of \(C\); the first three families of constraints are then immediate, while the last family follows from the MacWilliams identities relating the weight distribution of \(C\) to that of its dual code. )
For a (not necessarily linear) binary code \(C\) and \(i = 0,1,\dots ,n\), define
the normalized distance distribution function of \(C\).
It is convenient to switch back and forth between multivariate functions and multivariate polynomials. For \(f : \mathbb {F}_q^m \to \mathbb {F}_q\), let \(\deg (f)\) be the minimal total degree of a polynomial \(P \in \mathbb {F}_q[X_1,\ldots ,X_m]\) (where \(\mathbb {F}_q[X_1,\ldots ,X_m]\) denotes the set of all \(m\)-variate polynomials with coefficients from \(\mathbb {F}_q\)) such that \(f(\alpha ) = P(\alpha )\) for every \(\alpha \in \mathbb {F}_q^m\). Since \(a^q - a = 0\) for every \(a \in \mathbb {F}_q\) (Lemma 180), it follows that a minimal-degree polynomial representing \(f\) does not contain, in any single variable, a monomial of degree more than \(q-1\). Similarly \(\deg _{X_i}(f)\) denotes the degree of (the minimal polynomial corresponding to) \(f\) in variable \(X_i\). In this notation, for every \(f : \mathbb {F}_q^m \to \mathbb {F}_q\) we have \(\deg _{X_i}(f) \leq q-1\) for every \(i \in [m]\).
For a polynomial \(p \in \mathbb {F}_q[X_1,\ldots ,X_m]\) and \(i \in [m]\), \(\deg _{X_i}(p)\) denotes the degree of \(p\) in the variable \(X_i\), i.e. the maximum \(d_i\) appearing in a monomial of \(p\) with nonzero coefficient.
Reed-Muller codes are given by three parameters: a prime power \(q\) and positive integers \(m\) and \(r\) and consist of the evaluations of \(m\)-variate polynomials of degree at most \(r\) over all of the domain \(\mathbb {F}_q^m\). The Reed-Muller code with parameters \(q,m,r\), denoted \(\mathrm{RM}(q,m,r)\), is the set of evaluations of all \(m\)-variate polynomials in \(\mathbb {F}_q[X_1,\ldots ,X_m]\) of total degree at most \(r\) and individual degree at most \(q-1\) over all points in \(\mathbb {F}_q^m\). Formally
The Reed-Muller code with parameters \((q,m,r)\) clearly has alphabet \(\mathbb {F}_q\) and block length \(n = q^m\). It can be verified that \(\mathrm{RM}(q,m,r)\) is a linear code (Exercise 9.1).
For integers \(q,m,r\) let
and let \(K_{q,m,r} = |S_{q,m,r}|\).
For a monomial \(\mathbf{X}^{\mathbf{d}} = X_1^{d_1} \cdot X_2^{d_2} \cdots X_m^{d_m}\) its total degree is \(d_1 + d_2 + \cdots + d_m\). The total degree of a polynomial \(P(\mathbf{X}) = \sum _{\mathbf{d}} c_{\mathbf{d}} \mathbf{X}^{\mathbf{d}}\) over \(\mathbb {F}_q\) (i.e. every \(c_{\mathbf{d}} \in \mathbb {F}_q\)) is the maximum, over \(\mathbf{d}\) such that \(c_{\mathbf{d}} \neq 0\), of the total degree of \(\mathbf{X}^{\mathbf{d}}\). We denote the total degree of \(P\) by \(\deg (P)\).
Fix \(q \ge 2\), \(k \ge 1\) and \(Q = q^k\). Consider two codes, called the outer code and inner code:
Since the alphabet size of \(C_{out}\) equals \(Q = q^k\), the number of possible messages of \(C_{in}\), we may fix a bijection between \([Q]\) and \([q]^k\) and thereby use \(C_{in}\) to encode any single symbol of a codeword of \(C_{out}\). The concatenated code \(C_{out}\circ C_{in} : [q]^{kK} \to [q]^{nN}\) is then defined, for \(\mathbf{m} = (m_1,\ldots ,m_K) \in [Q]^K\), by
where \(C_{out}(\mathbf{m}) = (C_{out}(\mathbf{m})_1,\ldots , C_{out}(\mathbf{m})_N)\). (Unlike string concatenation, this is a recursive construction: the outer code is used to reduce the block length we need from the inner code.)
Fix a prime power \(q\), a positive integer \(k\), and \(0{\lt}R{\lt}1\). Let \(C_{out}\) be the \([N,K]_{q^k}\) Reed–Solomon code (Definition 128) of rate \(R\), evaluated over \(\mathbb {F}_{q^k}^*\), where \(N = q^k-1\); it has relative distance \(\delta _{out} = 1-R\). Let \(\{ C_{in}^\alpha \} _{\alpha \in \mathbb {F}_{q^k}^*}\) be the Wozencraft ensemble of Definition 207, and write \(C_{in}^1,\ldots , C_{in}^N\) for its \(N\) codes in some fixed order matching the \(N\) coordinates of \(C_{out}\). The Justesen code is the concatenated code
defined, for a message \(\mathbf{m}\in (\mathbb {F}_{q^k})^K\) with \((c_1,\ldots ,c_N)=C_{out}(\mathbf{m})\), by \(C^*(\mathbf{m}) = \big(C_{in}^1(c_1),\ldots ,C_{in}^N(c_N)\big)\). Since each \(C_{in}^i\) has rate \(\tfrac 12\), \(C^*\) has rate \(\tfrac {R}{2}\).
Fix a prime power \(q\) and a positive integer \(k\), and let \(N = q^k - 1\). For \(\alpha \in \mathbb {F}_{q^k}^*\), define the inner code \(C_{in}^\alpha : \mathbb {F}_q^k \to \mathbb {F}_q^{2k}\) by
where \(x\) and \(\alpha x\) are elements of \(\mathbb {F}_{q^k}\), viewed as vectors in \(\mathbb {F}_q^k\) via the standard identification. The Wozencraft ensemble is the collection of codes \(\{ C_{in}^\alpha \} _{ \alpha \in \mathbb {F}_{q^k}^*}\), indexed by the \(N\) elements of \(\mathbb {F}_{q^k}^*\).
Given a bipartite graph \(G = (L,R,E)\), its adjacency matrix, denoted \(A_G\), is an \(|R| \times |L|\) binary matrix, where we index each row by an element of \(R\) and every column by an element of \(L\) such that for every \((r,\ell ) \in R \times L\), the \((r,\ell )\)’th entry of \(A_G\) is \(1\) if \((\ell ,r) \in E\) and \(0\) otherwise. Conversely, every matrix \(A \in \{ 0,1\} ^{n \times m}\) corresponds to a bipartite graph \(G_H = (L,R,E)\) with \(|L| = m\) and \(|R| = n\) with \((i,j) \in E\) if and only if \(A_{ij} = 1\).
A bipartite graph is a triple \(G = (L,R,E)\), where \(L\) is the set of ‘left’ vertices, \(R\) is the set of ‘right’ vertices, and \(E \subseteq L \times R\) is the set of edges. (A bipartite graph \((L,R,E)\) is a special case of a graph \((V = L \cup R, E)\).)
For integers \(k,n,b\) and \(B\), codes \(C_{\text{out}} : \mathbb {F}_q^k \to (\mathbb {F}_q^b)^n\) and \(C_{\text{in}} : \mathbb {F}_q^b \to \mathbb {F}_q^B\), and a \(B\)-regular ordered bipartite graph \(G = (L,R,E)\) with \(|L|=|R|=n\), the \(C_{\text{in}}\)-coded-\(G\)-amplification of \(C_{\text{out}}\) is the code \(\mathscr {CA}(C_{\text{out}},C_{\text{in}},G) : \mathbb {F}_q^k \to (\mathbb {F}_q^B)^n\) given by \(\mathscr {CA}(C_{\text{out}},C_{\text{in}},G)(\mathbf{u}) = G_{\mathrm{mix}}\big((C_{\text{out}}\circ C_{\text{in}})(\mathbf{u})\big)\), where \(C_{\text{out}}\circ C_{\text{in}} : \mathbb {F}_q^k \to (\mathbb {F}_q^B)^n\) denotes the encoding of the concatenation of the codes \(C_{\text{out}}\) and \(C_{\text{in}}\). Specifically, for \(\mathbf{u} \in \mathbb {F}_q^k\) we have \((C_{\text{out}}\circ C_{\text{in}})(\mathbf{u}) = (w_1,\ldots ,w_n)\) where \(w_i = C_{\text{in}}(v_i)\) and \((v_1,\ldots ,v_n) = C_{\text{out}}(\mathbf{u})\).
A bipartite graph \(G = (L,R,E)\) is said to be a \((\gamma ,\varepsilon )\)-disperser if for all subsets \(S \subseteq L\) with \(|S| \ge \gamma n\), we have \(|N(S)| \ge (1-\varepsilon )m\).
Let \(G = (L,R,E)\) be a \(c\)-left-regular and \(d\)-right-regular ordered bipartite graph with \(L=[n]\), \(R=[m]\), and let \((N_1(j),\ldots ,N_d(j)) \in [n]^d\) denote the ordered neighborhood of \(j \in [m]\). Let \(\Sigma = \{ 0,1\} ^d\). For \(\mathbf{w} \in \{ 0,1\} ^n\), define \(G(\mathbf{w}) \in \Sigma ^m\) by
Let \(C\) be a binary linear code of block length \(n = |L|\). Now define the code \(G(C)\) as
We refer to \(G(C)\) as the \(G\)-amplification of \(C\).
The Double Cover of a graph \(X = (V_X,E_X)\) is defined as the bipartite graph \(G' = (L_{G'},R_{G'},E_{G'})\) with vertices \(L_{G'} = \{ u' \mid u \in V_X\} \) and \(R_{G'} = \{ u'' \mid u \in V_X\} \), and edges \(E_{G'} = \{ (u',v''),(v',u'') \mid (u,v) \in E_X\} \).
Given an undirected graph \(X = (V,E)\) and sets \(A,B \subseteq V\), we define \(E(A,B)\) to be the set of pairs \((a,b)\) with \(a \in A\) and \(b \in B\) such that \((a,b) \in E\). I.e., \(E(A,B) = \{ (a,b) \in A \times B \mid (a,b) \in E\} \). (Note that if \(a,b \in A \cap B\) then both \((a,b)\) and \((b,a)\) belong to \(E(A,B)\).)
The Edge Vertex Incidence Graph of a graph \(G' = (V,E)\) is defined as the bipartite graph \(G = (L,R,E')\) where \(L = E\), \(R = V\) and \(E' = \{ (e,v) \mid v \in e \in E\} \).
Let \(\mathbf{M} \in \mathbb {R}^{n \times n}\) be a matrix over the reals. Then \(\lambda _i\) is an eigenvalue of \(\mathbf{M}\) if there exists a vector \(\mathbf{v}_i \in \mathbb {R}^n\), \(\mathbf{v}_i \ne 0\), such that \(\mathbf{M}\cdot \mathbf{v}_i = \lambda _i \cdot \mathbf{v}_i\).
A code \(C \subseteq \mathbb {F}_2^n\) is called an expander code if there is a bipartite expander graph \(G\) such that \(C = C(G)\). If \(G\) is \(d\)-right bounded then \(C(G)\) is said to be a \(d\)-LDPC (for Low Density Parity Check) Code.
An \((n,m,c,\gamma ,\alpha )\) bipartite expander is a \(c\)-left regular bipartite graph \(G = (L,R,E)\) where \(|L| = n\) and \(|R| = m\) such that for every \(S \subseteq L\) with \(|S| \le \gamma n\), we have
An infinite family of bipartite graphs \(\{ G_i\} _{i \in \mathbb {Z}_+}\) is termed a \((c,\gamma ,\alpha )\)-bipartite expander family if for every \(i \in \mathbb {Z}_+\), \(G_i\) is an \((n_i,m_i,c,\gamma ,\alpha )\) expander for some \(n_i,m_i \in \mathbb {Z}_+\). We say \(\{ G_i\} _{i \in \mathbb {Z}_+}\) is a bipartite expander family if there exist \(c \in \mathbb {Z}_+\) and \(\alpha ,\gamma {\gt} 0\) such that \(\{ G_i\} _{i \in \mathbb {Z}_+}\) is a \((c,\gamma ,\alpha )\)-bipartite expander family.
Given any \([n,k]_2\) code \(C\) with parity check matrix \(H\), we will call the bipartite graph \(G_H\) with \(A_{G_H} = H\) a factor graph of \(C\). Further, given a bipartite graph \(G = (L,R,E)\) with \(|L| \ge |R|\), we will denote the corresponding code with parity check matrix \(A_G\) to be \(C(G)\).
Given an ordered \(c\)-left regular \(d\)-right regular graph \(G=(L,R,E)\) with \(L=[n]\) and \(R=[m]\), the \(G\)-mixing operator is a function \(G_{\mathrm{mix}} : \Gamma ^n \to \Sigma ^m\) where \(\Gamma = \mathbb {F}_q^c\) and \(\Sigma = \mathbb {F}_q^d\) given as follows: for \(\mathbf{u} = (u_1,\ldots ,u_n) \in \Gamma ^n\) with \(u_i = (u_i(1),\ldots ,u_i(c))\), we have \(G_{\mathrm{mix}}(\mathbf{u}) = \mathbf{v} = (v_1,\ldots ,v_m) \in \Sigma ^m\) where \(v_j = (v_j(1),\ldots ,v_j(d))\) is given by \(v_j(b) = u_i(a)\) if \((i,j) \in E\) and \(j\) is the \(a\)th neighbor of \(i\) and \(i\) is the \(b\)th neighbor of \(j\). That is, the \(a\)th symbol of \(u_i\) is ‘sent’ to the \(b\)th symbol of \(v_j\) via the edge \((i,j)\).
For a left vertex set \(S \subseteq L\), a vertex \(u \in R\) is called a neighbor of \(S\) if it is adjacent to some vertex in \(S\). We denote by \(N(S)\) the set of neighbors of \(S\). We analogously define \(N(T)\) for any \(T \subseteq R\).
A graph \(G = (V,E)\) is said to be \(c\)-bounded if every vertex has degree at most \(c\). It is said to be \(c\)-regular if every vertex has degree exactly \(c\). Similarly, a bipartite graph \(G = (L,R,E)\) is said to be \(c\)-left regular (bounded) if every vertex in \(L\) has degree exactly (resp., at most) \(c\). It is said to be \(d\)-right regular (bounded) if every vertex in \(R\) has degree exactly (resp., at most) \(d\).
A graph \(X = (V,E)\) is said to be an \((n,d,\lambda )\)-spectral expander if \(X\) is a \(d\)-regular (not necessarily bipartite) graph on \(n\) vertices and \(\lambda \ge \max \{ |\lambda _2|,|\lambda _n|\} \), where \(\lambda _1 \ge \lambda _2 \ge \cdots \ge \lambda _n\) are the eigenvalues of the adjacency matrix of \(X\).
For a positive integer \(d\) and \(0 \le \lambda {\lt} d\), we say that an infinite family of graphs \(\{ X_n\} _{n\in \mathbb {Z}_+}\) with \(X_n\) having \(n\) vertices and being \(d\)-regular, is a \((d,\lambda )\)-spectral expander family if \(\lambda (X_n) \le \lambda \) for every \(n\). We refer to a family as a spectral expander family if there exists \(\lambda {\lt} d\) such that the family is a \((d,\lambda )\)-spectral expander family.
Given a \(d\)-right regular bipartite graph \(G=(L,R,E)\) with \(L=[n]\) and \(|R|=m\) and a binary linear code \(C_0 \subseteq \mathbb {F}_2^d\), the Tanner code \(X(G,C_0)\) is defined as the set
Given a bipartite graph \(G = (L,R,E)\) and a left vertex set \(S \subseteq L\), a vertex \(u \in R\) is called a unique neighbor of \(S\) if it is adjacent to exactly one vertex in \(S\). We let \(U(S)\) denote the set of unique neighbors of \(S\).
For a bivariate polynomial \(Q(X,Y) = \sum _{i,j} c_{ij} X^i Y^j\), \(\deg _X(Q)\) is the maximum degree of \(X\) appearing in any monomial of \(Q(X,Y)\) with nonzero coefficient, and similarly \(\deg _Y(Q)\) is the maximum degree of \(Y\). If \(\deg _X(Q) \le a\) and \(\deg _Y(Q) \le b\) then \(Q(X,Y) = \sum _{0 \le i \le a, 0 \le j \le b} c_{ij}X^iY^j\) has \((a+1)(b+1)\) coefficients.
Given a received word \(y=(y_1,\dots ,y_n)\) and a polynomial \(P(X)\), a non-zero polynomial \(E(X)\) is called an error-locator polynomial for \((P,y)\) if for all \(i \in [n]\),
In particular, the polynomial \(E(X) = \prod _{i : y_i \neq P(\alpha _i)} (X-\alpha _i)\) is an error-locator polynomial of degree exactly \(e := |\{ i \mid y_i \neq P(\alpha _i)\} |\), and for every \(1 \le i \le n\) it satisfies \(y_i E(\alpha _i) = P(\alpha _i)E(\alpha _i)\).
A bivariate polynomial \(\)Q(X,Y)\( has \)\(\)r\( roots at \)(0,0)\(\) if \(\)Q(X,Y)\( has no non-zero monomial of degree at most \)r-1\( (i.e.\ every monomial \)X^iY^j\( with \)c_i,j ≠0\( satisfies \)i+j ≥r\(). \)
\(\)Q(X,Y)\( has \)\(\)r\( roots at \)(α,β)\(\) if the shifted polynomial \(\)Q_α,β(X,Y) := Q(X+α,Y+β)\( has \)r\( roots at \)(0,0)\( (Definition~ \ref{def:c12-multiplicity-origin}). \)
Input: Code parameters \(\mathbb {F}_q\), \((\alpha _1,\dots ,\alpha _n) \in \mathbb {F}_q^n\), \(k\) and \(e\). Received word \(y=(y_1,\dots ,y_n) \in \mathbb {F}_q^n\).
Output: The set of all polynomials \(P(X) \in \mathbb {F}_q[X]\) of degree less than \(k\) such that \(t := |\{ i \in [n] \mid y_i = P(\alpha _i)\} | \ge n-e\).
Input: Code parameters \(\mathbb {F}_q\), \((\alpha _1,\dots ,\alpha _n) \in \mathbb {F}_q^n\) and \(k\). Received word \(y \in \mathbb {F}_q^n\).
Output: A polynomial \(P(X) \in \mathbb {F}_q[X]\) of degree less than \(k\) such that \(e := |\{ i \in [n] \mid y_i \neq P(\alpha _i)\} | {\lt} \frac{n-k+1}{2}\), if such a polynomial exists, and fail otherwise.
In the soft decoding problem, the decoder is given non-negative weights
The \((1,w)\)-weighted degree of the monomial \(X^iY^j\) is \(i+wj\). The \((1,w)\)-weighted degree of \(Q(X,Y)\) (or just its \((1,w)\)-degree) is the maximum \((1,w)\)-weighted degree over its monomials with non-zero coefficient. (The \((1,1)\)-degree is the usual total degree.) A bivariate polynomial of \((1,w)\)-degree at most \(D\) can be written \(Q(X,Y) = \sum _{i+wj \le D,\, i,j \ge 0} c_{i,j}X^iY^j\).
A one-dimensional \(\)s\(-variate affine form\) \(\)a F_q[Z_1,…,Z_s]\( is a polynomial of the form \)a(Z_1,…,Z_s) = ∑_i=1^s α_i Z_i + α_0\(, i.e.\ a polynomial of degree at most \)1\(. An \)\(\)m\(-dimensional \)s\(-variate affine form\) \(\)A = a_1,…,a_m\( is simply an \)m\(-tuple of one-dimensional affine forms. \)
A function \(\)Φ: F_q^m F_q^m\( is said to be an \)\(\)F_q\(-linear bijection\) if
\(\)Φ\( is a bijection, i.e.\ \)Φ(u)=Φ(v) ⇒u=v\( for every \)u,vF_q^m\(; and \item \)Φ\( is \)F_q\(-linear, i.e.\ for every \)α,βF_q\( and \)u,vF_q^m\(, \)Φ(αu+βv) = αΦ(u)+βΦ(v)\(. \)
For an integer \(\)d\(, let \)d_0,d_1,d_2,…\( denote its expansion in base \)q\(, i.e.\ \)d = ∑_i=0^∞d_iq^i\( with \)0≤d_i<q\( for every \)i\(. For a monomial \)Z^d\(, define its \)\(\)q\(-degree\), denoted \(\)_q(Z^d)\(, to be \)∑_i=0^∞d_i\(. For a polynomial \)p(Z) = ∑_d c_dZ^d\(, define its \)q\(-degree, \)_q(p)\(, to be \)_d∣c_d≠0{_q(Z^d)}\(. \)
A pair \(\)(i,i’)\( are \)\(\)j\(th-level siblings\) if they are in the same block at the \(\)j\(th level and \)i’=i+2^t-j\(. For \)i[n=2^t]\( and \)0≤j≤t\(, let \[ S_{i,j} \stackrel{\text{def}}{=} \{ k\in [n]\mid i\equiv k\! \! \pmod{2^{t-j}}\} . \] \)
\(\)P_n(Z) = (Z_1^(t),…,Z_n^(t))\(. \)
By induction on
\(\)t\( (i.e., on \)n=2^t\(). For \)t=0\( (\)n=1\(), \)P_1(Z)=Z=(Z_1^(0))\( trivially. For \)t≥1\(, write \)Z=(U,V)\( with \)U=(Z_1,…,Z_n/2)\(, \)V=(Z_n/2+1,…,Z_n)\(; by Definition~ \ref{def:c16-basic-polarizing-matrix}, \)P_n(Z)=(P_n/2(U+V),P_n/2(V))\(. By definition, for \)i≤n/2\(, \)Z_i^(1)=Z_i+Z_i+n/2=U_i+V_i\(, i.e., the first block at level \)1\( consists of \)U+V\(; for \)i>n/2\(, \)Z_i^(1)=V_i-n/2\( carries \)V\( unchanged. Applying the inductive hypothesis (for \)t-1\() to \)U+V\( gives \)P_n/2(U+V)=((U+V)_1^(t-1),…,(U+V)_n/2^(t-1))\(, and since level-\)j\( variables (\)j≥1\() for indices \)≤n/2\( are computed entirely from \)Z^(1)|_{1,…,n/2}=U+V\( by the same recursive rule shifted by one level, \)(U+V)_i^(t-1)=Z_i^(t)\( for \)i≤n/2\(. Symmetrically, \)P_n/2(V)_i=Z_n/2+i^(t)\( for \)i≤n/2\(. Combining, \)P_n(Z)=(Z_1^(t),…,Z_n^(t))\(. \)
A sequence of random variables
\(\)X_0,…,X_j,…\( with \)X_j[0,1]\( is \emph{locally polarizing} if: \begin{enumerate} \item \textbf{(Unbiased)} For every \end{enumerate}\)j\( and \)a[0,1]\(: \)E[X_j+1∣X_j=a]=a\(. \item \textbf{(Variance in the middle)} For every \)τ>0\( there exists \)θ=θ(τ)>0\( such that for all \)j\(: if \)X_j(τ,1-τ)\( then \)|X_j+1-X_j|≥θ\(. \item \textbf{(Suction at the ends)} For every \)c<∞\( there exists \)τ=τ(c)>0\( such that (i) if \)X_j≤τ\( then \)[X_j+1≤X_j/c]≥1/2\(; and (ii) if \)1-X_j≤τ\( then \)[1-X_j+1≤(1-X_j)/c]≥1/2\(. \)
The sequence is simple if for every sequence \(\)a_0,…,a_j\(, conditioned on \)X_0=a_0,…,X_j=a_j\(, there are two values \)a^+,a^ℓ\( such that \)X_j+1\( equals \)a^+\( with probability \)1/2\( and \)a^ℓ\( with probability \)1/2\(. \)
For \(\)n≥m\(, a pair \)(H,D)\( with \)HF_2^n×m\( and \)D:F_2^mF_2^n\( forms a \)\(\)τ\(-error linear compression scheme\) for \(\)Bern(p)^n\( if \)H\( has rank \)m\( and \[ \Pr _{\mathbf{Z}\sim \mathrm{Bern}(p)^n}[D(\mathbf{Z}\cdot \mathbf{H})\ne \mathbf{Z}]\le \tau . \] The ratio \)m/n\( is called the \emph{(compression) rate} of the scheme. \)
For \(\)k=2^t\( we define codes \)C_k : F_2^k F_2^3k\( inductively, with \)|C_k(x)| = 4k\( (i.e. rate \)1/4\(). \emph{Base case.} There is a constant \)k_0\( such that for all \)k ≤k_0\(, \)C_k\( is chosen to be the check bits of an arbitrary systematic code of rate \)1/4\( (of the fixed constant length \)4k\(). \emph{Inductive step.} Assume \)C_k/2\( has been defined. For \)x F_2^k\(, define \[ C_k(\mathbf{x}) = (\mathbf{y}_1,\mathbf{y}_2,\mathbf{y}_3), \qquad \mathbf{y}_1 = R_k(\mathbf{x}), \quad \mathbf{y}_2 = C_{k/2}(\mathbf{y}_1), \quad \mathbf{y}_3 = R_{2k}(\mathbf{y}_1,\mathbf{y}_2). \] (Here \)y_1 F_2^k/2\(, \)y_2 F_2^3k/2\(, so \)(y_1,y_2) F_2^2k\( is a valid input to \)R_2k\(, and \)y_3 F_2^k\(; thus \)|C_k(x)| = k/2+3k/2+k = 3k\(.) The final systematic code is \)C_k(x) = (x, C_k(x))\(. \)
Given the graph \(\)B_k = ([k],[k/2],E)\( of Construction~ \ref{constr:c18-Bk}, define the \emph{error-reduction code} \)R_k : F_2^k F_2^k/2\( by \[ R_k(\mathbf{x}) = \mathbf{y}, \qquad y_j = \bigoplus _{i \in N(j)} x_i \quad \text{for } j \in [k/2], \] where \)N(j)\( denotes the neighborhood of right vertex \)j\( in \)B_k\(. The associated systematic encoding is \)R_k(x) = (x, R_k(x))\(. This is a code of rate \)2/3\(, mapping \)k\( message bits to \)3k/2\( codeword bits, of which the first \)k\( are the message bits and the remaining \)k/2\( are check bits. \)
A fingerprint (image / sensor reading) is stored as a collection of triples, called minutiae. Each minutia is located where a ridge of the fingerprint splits into two, or where a ridge ends. The
A data stream algorithm is an algorithm satisfying the following four requirements.
The algorithm makes one sequential pass over the input.
The algorithm uses poly-log space (in particular, it cannot store the entire input).
The algorithm has poly-log update time, i.e. whenever a new item appears, the algorithm updates its internal state in poly-log time.
The algorithm has poly-log reporting time, i.e. at any point of time the algorithm can return the required answers in poly-log time.
A \(\)t ×N\( matrix \)M\( is \)\(\)d\(-disjunct\) if and only if for every \(\)S ⊂[N]\( with \)|S| ≤d\( and for every \)j S\(, there exists \)i [t]\( such that \)M_ij = 1\( but \)M_ik = 0\( for all \)k S\(. Or, equivalently, \[ M^j \not\subseteq \bigcup _{k \in S} M^k. \] \)
A \(\)t ×N\( matrix \)M\( is \)\(\)d\(-separable\) if and only if for every \(\)S_1 ≠S_2 ⊆[N]\( such that \)|S_1|,|S_2| ≤d\(, we have \[ \bigcup _{j \in S_1} M^j \ne \bigcup _{i \in S_2} M^i. \] \)
Given a subset of \(\)N\( items with \)d\( defects represented as \)x {0,1}^N\( with \)wt(x) ≤d\(, the minimum number of \emph{non-adaptive} tests that one would have to make (over all valid non-adaptive schemes that correctly determine \)x\() is defined as \)t(d,N)\(. \)
Given a set of \(\)N\( items with \)d\( defects, \)t^a(d,N)\( is defined as the minimum number of \emph{adaptive} tests that one would have to make to detect all the defective items. \)
A group testing scheme is adaptive if each test may be chosen based on the outcomes of all previously performed tests. A group testing scheme is non-adaptive if the entire collection of tests is fixed in advance, before any test outcome is observed.
The Maximum Cut Problem is the following decision problem.
Input: a graph
The Nearest Codeword Problem is the following decision problem.
Input:
Fix a family of codes \(\){C_n}_n\( given by generator matrices \){G_n}_n\(, with \)G_nF^k(n)×n\(. The problem \)NCPP{G_n}_n\( is the following decision problem. \begin{itemize} \item \textbf{Input}: \end{itemize}\)(v,t)\( where \)vF^n\( and \)tZ^≥0\(. \item \textbf{Output}: \textsc{Yes} if there exists \)xF^k(n)\( such that \)Δ(v,xG_n)≤t\(, and \textsc{No} otherwise. \)
A non-uniform algorithmic solution to \(\)NCPP{G_n}_n\( consists of an algorithm \)A(·,·;·)\( together with a sequence of advice strings \){B_n}_n\( such that \)A(v,t;B_n)\( correctly solves \)NCPP{G_n}_n\( for every \)(v,t)\( with \)vF^n\(, subject to: \begin{enumerate} \item \end{enumerate}\)A\( runs in time polynomial in \)n\( (in particular \)B_n\( has length polynomial in \)n\(); \item the time needed to \emph{compute} \)B_n\( from \)G_n\( may be unboundedly large. \)
For a positive integer \(\)t\( and real \)δ≥0\(, a generator \)G : F_2^s F_2^n\( is a \)\(\)δ\(-almost \)t\(-wise independent generator\) if for every subset \(\)T⊆[n]\( with \)|T|=t\(, \)G|_T(z)\( is \)δ\(-close (in total variation distance) to being uniformly distributed over \){0,1}^t\( when \)z\( is distributed uniformly over \){0,1}^s\(. \)
The communication complexity of a protocol
The communication complexity of a randomized protocol
We say that a linear code \(\)C ⊆F_2^N\( is \)\(\)ε\(-balanced\) if for every pair of distinct codewords \(\)x,yC\( we have \[ \left(\frac{1}{2}-\varepsilon \right)N \le \Delta (\mathbf{x},\mathbf{y}) \le \left(\frac{1}{2}+\varepsilon \right)N. \] \)
We say that a generator \(\)G : F_2^s F_2^n\( is \)\(\)ε\(-biased\) if for every non-zero linear function \(\)ℓ: F_2^n F_2\( we have \[ \Big|\Pr _{z\in \mathbb {F}_2^s}\big[\ell (G(z))=1\big] - \tfrac {1}{2}\Big| \le \varepsilon . \] \)
Given an algorithm \(\)A\(, input \)x\(, and parameter \)ε[0,1]\(, we say that a generator \)G : {0,1}^s {0,1}^m\( \)\(\)ε\(-fools the pair \)(A,x)\(\) if
where \(\)f\( is the function \)A\( is meant to compute. \)
For a positive integer \(\)t\(, a \)\(\)t\(-clause\) over Boolean variables \(\)x_1,…,x_n\( is a disjunction \)C = ℓ_1 ∨∨ℓ_t\( of \)t\( distinct literals (a literal being a variable or its negation), which is true under an assignment \)a{0,1}^n\( if and only if at least one of \)ℓ_1,…,ℓ_t\( evaluates to true under \)a\(. Given a collection \)Φ= (C_1,…,C_m)\( of \)m\( \)t\(-clauses over \)x_1,…,x_n\( and an assignment \)a{0,1}^n\(, let \)val(Φ,a)\( denote the fraction of clauses of \)Φ\( satisfied by \)a\(, and let \)opt(Φ) = _a{val(Φ,a)}\(. The \textsc{Max $t$-SAT} problem asks: given such a \)Φ\(, find an assignment \)a{0,1}^n\( with \)val(Φ,a) = opt(Φ)\(. \)
We say that a function \(\)F : {0,1}^k+ℓ {0,1}^k+ℓ\( is an \)\(\)ℓ\(-padding\) (or simply padding) of \(\)f : {0,1}^k {0,1}^k\( if for every \)x{0,1}^k\( and \)i{0,1}^ℓ\( we have \)F(x,i) = (f(x),i)\(. \)
Given a generator \(\)G : {0,1}^s {0,1}^n\( and \)T ⊆[n]\(, let \)G|_T(·)\( denote the projection of \)G(·)\( to the coordinates of \)T\(. We say \)G\( is a \)\(\)t\(-wise independent generator\) if for every subset \(\)T⊆[n]\( with \)|T|=t\(, \)G|_T(z)\( is uniformly distributed over \){0,1}^t\( when \)z\( is distributed uniformly over \){0,1}^s\(. \)
The variation distance between two distributions
For every real \(\)x > 0\(, \[ \left(1 + \frac{1}{x}\right)^x \leq e. \] \)
Construction 598, together with the map \(\)S = {i V : x_i = 1}\( from solutions of the produced \)MaxLinearEq\( instance to subsets of \)V\(, is a valid polynomial-time reduction from \)MaxCut(k,n,s)\( to \)MaxLinearEq(k,n,s)\(: it runs in polynomial time, and a solution \)(x_1,…,x_k)\( satisfies the equation \)x_i + x_j = 1\( (associated to edge \)(i,j)\() if and only if exactly one of \)i,j\( lies in \)S\(, i.e. if and only if \)(i,j)\( is a cut edge for \)S\(. Consequently \)(x_1,…,x_k)\( satisfies at least \)s\( equations if and only if \)S\( is a cut of size at least \)s\(. \)
If \(\)L_1 ≤_P L_2\( and \)L_2 P\(, then \)L_1 P\(. \)
For any \(\mathbf u,\mathbf v \in \{ 0,1\} ^n\), where \(\mathbf u + \mathbf v\) denotes coordinatewise XOR,
For any binary linear code \(C\) (not necessarily distinct) messages \(\mathbf x,\mathbf y\), \(C(\mathbf x) + C(\mathbf y) = C(\mathbf x + \mathbf y)\) (coordinatewise XOR throughout).
Given a matrix \(G\) of dimension \(k\times n\) that is a generator matrix of subspace \(S_1\), and a matrix \(H\) of dimension \((n-k)\times n\) that is a parity check matrix of subspace \(S_2\), such that \(G H^T = \mathbf{0}\), then \(S_1 = S_2\).
Let \(S \subseteq \mathbb {F}_q^n\) be a linear subspace of dimension \(k\). Then \(N = \{ \mathbf{y}\in \mathbb {F}_q^n \mid \langle \mathbf{x},\mathbf{y}\rangle = 0 \text{ for every } \mathbf{x}\in S\} \) is itself a linear subspace of \(\mathbb {F}_q^n\), of dimension \(n-k\).
The span of \(k\) linearly independent vectors over \(\mathbb {F}_q\) has size exactly \(q^k\).
Every linear subspace \(S \subseteq \mathbb {F}_q^n\) contains the zero vector \(\mathbf{0}\).
Let \(\mathbf{y} = \mathbf{c}+\mathbf{e}_i\) where \(\mathbf{c}\in C_{H,r}\) and \(\mathbf{e}_i\) is the unit vector with its sole non-zero entry at position \(i\) (with the convention \(\mathbf{e}_0=\mathbf{0}\), corresponding to no error). Then \(\mathbf{H}_r\cdot \mathbf{y}^T = \mathbf{H}_r^i\), the \(i\)th column of \(\mathbf{H}_r\) (with the convention that \(\mathbf{H}_r^0 = \mathbf{0}\)).
Let \(p\) be a prime. Then \(\mathbb {F}_p = (\{ 0,1,\dots ,p-1\} , +_p, \cdot _p)\), where \(+_p\) and \(\cdot _p\) are addition and multiplication modulo \(p\), is a field.
Let \(V\) be a random variable such that \(\mathrm{Var}[V] \ne 0\). Then for any \(t {\gt} 0\),
Let \(q \ge 2\) be an integer and let \(0 \le \rho \le 1 - 1/q\). Then for any real \(m \ge 1\) such that
we have \(H_q(\rho ) \ge H_{q^m}(\rho )\).
Since \(H_q(0) = H_{q^m}(0) = 0\), we may assume \(\rho \in (0, 1-1/q]\). As noted in the proof of Proposition 96, \(H_q(\rho ) = \rho \cdot \frac{\log (q-1)}{\log q} + H(\rho ) \cdot \frac{1}{\log q}\) (all logs base 2). Hence
Multiplying through by \(\frac{1}{\rho } m \log q {\gt} 0\),
where the inequality in the second line uses that \(H(\rho )/\rho \) is a decreasing function of \(\rho \) on \((0,1)\) together with \(\rho \le 1-1/q\) (indeed \(H(\rho )/\rho = \log (1/\rho ) - (1/\rho - 1)\log (1-\rho )\), and one checks both terms are decreasing in \(\rho \)), and the final inequality is exactly the hypothesis \(q^{m-1} \ge (1+1/(q-1))^{q-1}\), since \((q-1)\cdot q^{(m-1)/(q-1)} \ge q\) is equivalent to it after raising both sides to the power \(q-1\). This shows \(H_q(\rho ) - H_{q^m}(\rho ) \ge 0\), as desired.
Let \(E\) be any event. Then
For every \(0 {\lt} y \le 1 - 1/q\) and for every small enough \(\varepsilon {\gt} 0\),
where \(c'_q \ge 1\) is a constant that depends only on \(q\).
It is straightforward to check that \(H_q^{-1}(y)\) is a strictly increasing, convex function of \(y\) on \([0,1]\). In particular its derivative is increasing, so \((H_q^{-1})'(1) \ge (H_q^{-1})'(y)\) for every \(y \in [0,1]\), and hence for every \(0 \le y \le 1\) and small enough \(\delta {\gt} 0\),
By Proposition 99 (applied with \(\varepsilon = \sqrt{\delta /c_q}\), recalling \(H_q^{-1}(1) = 1-1/q\)), for small enough \(\delta \),
Combining the two displays, and setting \(c'_q = \max (1, 1/c_q)\) and \(\delta = \varepsilon ^2/c'_q\), we get
since \(c'_q c_q \ge 1\). Rearranging gives \(H_q^{-1}(y - \varepsilon ^2/c'_q) \ge H_q^{-1}(y) - \varepsilon \), as desired.
Let \(V\) be a non-negative random variable. Then for any \(t {\gt} 0\),
In particular, for any \(a \ge 1\), \(\Pr [V \ge a \cdot \mathbb {E}[V]] \le \frac{1}{a}\).
For any \(m \ge 1\), the distribution \(\mathscr {U}_{\mathbb {D}_1 \times \mathbb {D}_2 \times \cdots \times \mathbb {D}_m}\) is identical to the distribution \(\mathscr {U}_{\mathbb {D}_1} \times \mathscr {U}_{\mathbb {D}_2} \times \cdots \times \mathscr {U}_{\mathbb {D}_m}\).
Given a non-zero vector \(\mathbf{m} \in \mathbb {F}_q^k\) and a uniformly random \(k \times n\) matrix \(G\) over \(\mathbb {F}_q\), the vector \(\mathbf{m} \cdot G\) is uniformly distributed over \(\mathbb {F}_q^n\).
Let \(g_{ji}\) (\(1 \le j \le k\), \(1 \le i \le n\)) denote the \((j,i)\)-th entry of \(G\). Since \(G\) is a uniformly random \(k \times n\) matrix over \(\mathbb {F}_q\), by Lemma 91 each of the \(g_{ji}\) is an independent uniformly random element of \(\mathbb {F}_q\). It therefore suffices to show that for every \(1 \le i \le n\), the \(i\)-th entry \(b_i\) of \(\mathbf{m} \cdot G\) is an independent uniformly random element of \(\mathbb {F}_q\): since \(b_i\) and \(b_j\) for \(i \ne j\) are sums over disjoint sets of entries of \(G\), they are automatically independent once each \(b_i\) is shown to be uniform.
Write \(\mathbf{m} = (m_1, \dots , m_k)\); then \(b_i = \sum _{j=1}^k m_j g_{ji}\). Since \(\mathbf{m} \ne \mathbf{0}\), some \(m_j \ne 0\); without loss of generality \(m_1 \ne 0\). Write \(b_i = m_1 g_{1i} + \sum _{j=2}^k m_j g_{ji}\). Fix any assignment of values to \(g_{2i}, \dots , g_{ki}\) (there are \(q^{k-1}\) such assignments). As \(g_{1i}\) ranges over the \(q\) elements of \(\mathbb {F}_q\) (using \(m_1 \ne 0\)), \(b_i\) takes each of the \(q\) values of \(\mathbb {F}_q\) exactly once. Hence, over all \(q^{k-1}\) assignments to \(g_{2i}, \dots , g_{ki}\), each value of \(\mathbb {F}_q\) is taken by \(b_i\) exactly \(q^{k-1}\) times out of \(q^k\) total assignments, i.e. \(b_i\) is uniformly distributed over \(\mathbb {F}_q\), as claimed.
For any two events \(A\) and \(B\) defined on the same domain and probability distribution,
Let \(\mathbf{v}_1,\ldots ,\mathbf{v}_m \in \mathbb {R}^N\) be non-zero vectors.
If \(\langle \mathbf{v}_i,\mathbf{v}_j \rangle \le 0\) for all \(i \ne j\), then \(m \le 2N\).
Let \(\mathbf{v}_i\) be unit vectors for \(1 \le i \le m\). Further, if \(\langle \mathbf{v}_i,\mathbf{v}_j \rangle \le -\varepsilon {\lt} 0\) for all \(i \ne j\), then \(m \le 1 + \frac{1}{\varepsilon }\).
Let \(q\) be a prime power, \(0 \le \delta {\lt} 1-\frac{1}{q}\) and \(0 \le \varepsilon \le 1 - H_q(\delta )\). Let \(n\) be an integer and \(k = n(1-H_q(\delta )-\varepsilon )\). If a \(k \times n\) matrix \(\mathbf{G}\) over \(\mathbb {F}_q\) is picked uniformly at random, then with probability strictly greater than \(1 - q^{-\varepsilon n}\) the matrix \(\mathbf{G}\) has full rank and generates a linear code of rate \(1-H_q(\delta )-\varepsilon \) and relative distance at least \(\delta \).
For every pair of positive integers \(n,q\) and real \(\delta \in [0,1]\), writing \(d = \delta n\), there exists an \((n,k,d)_q\) code satisfying
In particular, for every positive integer \(q\) and real \(\delta \in [0, 1-1/q]\) there exists an infinite family of \(q\)-ary codes \(\mathscr {C}\) of rate \(R\) and relative distance \(\delta \) satisfying \(R \ge 1 - H_q(\delta )\).
For every \(q\) and \(n\), there exists a function \(f : [q]^n \longrightarrow \mathbb {R}^{nq}\) such that for every \(\mathbf{c}_1,\mathbf{c}_2 \in [q]^n\) we have
Consequently:
For every \(\mathbf{c} \in [q]^n\), \(\| f(\mathbf{c})\| = 1\).
If \(\Delta (\mathbf{c}_1,\mathbf{c}_2) \ge d\) then \(\langle f(\mathbf{c}_1),f(\mathbf{c}_2)\rangle \le 1 - \left(\frac{q}{q-1}\right)\left(\frac{d}{n}\right)\).
A finite union of proper linear subspaces of \(\mathbb {R}^N\) is not all of \(\mathbb {R}^N\).
Let \(E(x) \in \mathbb {F}_q[x]\) be an irreducible polynomial of degree \(s\). Then \(\mathbb {F}_q[x]/E(x)\) is a field of size \(q^s\).
The minimum distance of the Reed-Solomon code \(\mathrm{RS}\) of Definition 128 is \(n - k + 1\).
Fix arbitrary \(m_1 \neq m_2 \in \mathbb {F}_q^k\). The polynomials \(f_{m_1}(X), f_{m_2}(X) \in \mathbb {F}_q[X]\) are distinct polynomials of degree at most \(k-1\), so \(f_{m_1}(X) - f_{m_2}(X) \neq 0\) also has degree at most \(k-1\). Since \(\mathrm{wt}(\mathrm{RS}(m_2) - \mathrm{RS}(m_1)) = \Delta (\mathrm{RS}(m_1), \mathrm{RS}(m_2))\), and the weight of \(\mathrm{RS}(m_2) - \mathrm{RS}(m_1)\) is \(n\) minus the number of zero coordinates, which equals \(n\) minus the number of roots of \(f_{m_1}(X) - f_{m_2}(X)\) among \(\{ \alpha _1, \ldots , \alpha _n\} \), we get
By the Degree Mantra (Proposition 120), \(f_{m_1}(X) - f_{m_2}(X)\) has at most \(k-1\) roots. Thus the weight of \(\mathrm{RS}(m_2) - \mathrm{RS}(m_1)\) is at least \(n - (k-1) = n-k+1\), so the minimum distance \(d\) of \(\mathrm{RS}\) satisfies \(d \geq n-k+1\). Since the Singleton bound (110) gives \(d \leq n-k+1\), we conclude \(d = n-k+1\).
The same argument shows distinct polynomials \(f_{m_1}(X) \neq f_{m_2}(X)\) of degree at most \(k-1\) are mapped to distinct codewords, since their Hamming distance is at least \(n-k+1 \geq 1\) (as \(k \leq n\)). Hence \(\mathrm{RS}\) has exactly \(q^k\) codewords and, by Lemma 129, dimension \(k\).
The Reed-Solomon code \(\mathrm{RS}\) of Definition 128 is a linear code.
If \(a \in \mathbb {F}_q\) and \(f(X), g(X) \in \mathbb {F}_q[X]\) are polynomials of degree at most \(k - 1\), then \(af(X)\) and \(f(X) + g(X)\) are also polynomials of degree at most \(k-1\). In particular, let messages \(m_1, m_2 \in \mathbb {F}_q^k\) be mapped to \(f_{m_1}(X), f_{m_2}(X)\); by the definition of \(f_m\),
Since evaluation at each \(\alpha _i\) is applied coordinatewise, this gives
Hence \(\mathrm{RS}\) is an \([n,k]_q\) linear code.
Let \(E^*:\{ 0,1\} ^k\to \{ 0,1\} ^n\) and \(D^*:\{ 0,1\} ^n\to \{ 0,1\} ^k\) satisfy
where \(\mathbf{m}\) is uniform on \(\{ 0,1\} ^k\). List the messages as \(\mathbf{m}_1,\ldots ,\mathbf{m}_{2^k}\) and let \(P_i=\Pr _{\mathbf{e}\sim \mathrm{BSC}_p}[D^*(E^*(\mathbf{m}_i)+\mathbf{e})\ne \mathbf{m}_i]\); assume \(P_1\le P_2\le \cdots \le P_{2^k}\). Then \(P_{2^{k-1}}\le 2\cdot 2^{-\delta 'n}\).
Let \(0\le p{\lt}\tfrac 12\) and \(0\le \varepsilon \le \tfrac 12-p\). For large enough \(n\), if \(k\ge \lceil (1-H(p)+\varepsilon )n\rceil \) then for every pair of encoding and decoding functions \(E:\{ 0,1\} ^k\to \{ 0,1\} ^n\) and \(D:\{ 0,1\} ^n\to \{ 0,1\} ^k\), there exists \(\mathbf{m}\in \{ 0,1\} ^k\) such that
Let \(0\le p{\lt}\tfrac 12\) and \(0{\lt}\varepsilon \le \tfrac 12-p\). For large enough \(n\), there exists a real \(\delta {\gt}0\), an encoding function \(E:\{ 0,1\} ^k\to \{ 0,1\} ^n\) and a decoding function \(D:\{ 0,1\} ^n\to \{ 0,1\} ^k\) where \(k\le \lfloor (1-H(p+\varepsilon ))n\rfloor \), such that the following holds for every \(\mathbf{m}\in \{ 0,1\} ^k\):
Let \(0\le p{\lt}\tfrac 12\), \(0{\lt}\varepsilon \le \tfrac 12-p\), and let \(\varepsilon '=\varepsilon /2\). Let \(k\le \lfloor (1-H(p+\varepsilon ))n\rfloor \). Suppose \(E:\{ 0,1\} ^k\to \{ 0,1\} ^n\) is chosen at random by picking \(E(\mathbf{m}')\) independently and uniformly at random from \(\{ 0,1\} ^n\) for every \(\mathbf{m}'\in \{ 0,1\} ^k\), and let \(D\) be the maximum likelihood decoding (MLD) function for \(E\). Then there is \(\delta '=\delta '(\varepsilon ,p){\gt}0\) such that for every fixed \(\mathbf{m}\in \{ 0,1\} ^k\) and large enough \(n\),
Let \(q \geq 2\) be an integer and let \(0 \leq x \leq 1 - \frac1q\). Then the following inequalities hold:
where the second inequality is strict for \(x {\gt} 0\).
We first prove
Both sides are zero at \(x=0\). The derivative of the left-hand side is \(\frac{1}{2\sqrt{1 - xq/(q-1)}}\) and of the right-hand side is \(\frac{1}{2\sqrt{1-x}}\); the former is always at least as large as the latter (since \(xq/(q-1) \geq x\)), so the left-hand side increases at least as rapidly as the right-hand side as \(x\) increases from \(0\), which proves the inequality (this is exactly \(J_q(x) \geq 1 - \sqrt{1-x}\)).
For the second inequality, since \(x \geq 0\),
which implies \(\left(1 - \frac{x}{2}\right)^2 \geq 1-x\), i.e., \(1 - \frac{x}{2} \geq \sqrt{1-x}\) (both sides nonnegative for \(x \leq 1\)), which in turn gives \(1 - \sqrt{1-x} \geq x/2\). Both inequalities used here are strict for \(x{\gt}0\), so \(1 - \sqrt{1-x} {\gt} x/2\) for every \(x {\gt} 0\), as desired.
Let \(q \geq 2\) be an integer, \(0 {\lt} \rho {\lt} 1 - \frac1q\) a real number, and \(L \geq 1\) an integer. Then there exists a \((\rho , L)\)-list decodable code with rate
We use the probabilistic method: we pick a random code and show it satisfies the required property with nonzero probability, by showing the probability of a “bad event” is small.
Pick a code \(C\) at random where \(|C| = q^k\) with \(k \leq \left(1 - H_q(\rho ) - \frac1L\right) n\), i.e., for every message \(\mathbf{m} \in [q]^k\), choose \(C(\mathbf{m})\) uniformly and independently at random from \([q]^n\).
Given \(\mathbf{y} \in [q]^n\) and distinct \(\mathbf{m}_0, \ldots , \mathbf{m}_L \in [q]^k\), say the tuple \((\mathbf{y}, \mathbf{m}_0, \ldots , \mathbf{m}_L)\) defines a bad event if
A code is \((\rho ,L)\)-list decodable if and only if no bad event occurs (a bad event witnesses \(L+1\) codewords all within distance \(\rho n\) of some \(\mathbf{y}\), exceeding the list-size bound \(L\)).
Fix \(\mathbf{y}\) and \(\mathbf{m}_0, \ldots , \mathbf{m}_L\). For each fixed \(i\), by the random choice of \(C\),
Since the random choices of codewords for distinct messages are independent,
By the union bound over the \(q^n\) choices of \(\mathbf{y}\) and the \(\binom {q^k}{L+1}\) choices of \(L+1\) distinct messages,
using \(\binom {a}{b} \leq a^b\) and \(k = Rn\). By assumption \(R \leq 1 - H_q(\rho ) - 1/L\), so \(1 - H_q(\rho ) - R \geq 1/L\), hence
and so
Since the probability of a bad event is strictly less than \(1\), by the probabilistic method there exists a code \(C\) with no bad event, i.e., a \((\rho , L)\)-list decodable code of rate \(R \leq 1 - H_q(\rho ) - 1/L\).
Let \(q \geq 2\) be an integer and \(0 {\lt} \rho {\lt} 1 - \frac1q\) a real number. For every \((\rho , L)\) code \(C\) of rate \(1 - H_q(\rho ) + \varepsilon \), it is necessary that \(L \geq 2^{\Omega (\varepsilon n)}\).
We show, via the probabilistic method, that there exists \(\mathbf{y} \in [q]^n\) such that \(|C \cap B(\mathbf{y}, \rho n)|\) is exponentially large (in particular \(q^{\Omega (\varepsilon n)}\)); since a \((\rho , L)\)-list decodable code must have \(|C \cap B(\mathbf{y}, \rho n)| \leq L\) for every \(\mathbf{y}\), this forces \(L \geq q^{\Omega (\varepsilon n)} = 2^{\Omega (\varepsilon n)}\) (as \(q \geq 2\) is a constant).
Pick \(\mathbf{y} \in [q]^n\) uniformly at random. Fix \(\mathbf{c} \in C\); then
By linearity of expectation,
using \(|C| = q^{Rn}\) and \(R \geq 1 - H_q(\rho ) + \varepsilon \). Since the expectation of \(|C \cap B(\mathbf{y}, \rho n)|\) over uniformly random \(\mathbf{y}\) is at least \(q^{\Omega (\varepsilon n)}\), there must exist a specific \(\mathbf{y}\) with \(|C \cap B(\mathbf{y}, \rho n)| \geq q^{\Omega (\varepsilon n)}\), as desired.
Let \(C\) be an \((n,k,d)_q\) code. If we fix the values in \(n-d+1\) out of the \(n\) positions in a possible codeword, then at most one codeword in \(C\) can agree with the fixed values.
Suppose two distinct codewords \(\mathbf{c}_1 \neq \mathbf{c}_2 \in C\) both agree with the fixed values on the same set of \(n-d+1\) positions. Then \(\mathbf{c}_1\) and \(\mathbf{c}_2\) agree with each other on those \(n-d+1\) positions, so they can disagree on at most \(n - (n-d+1) = d-1\) positions, i.e., \(\Delta (\mathbf{c}_1, \mathbf{c}_2) \leq d - 1 {\lt} d\). This contradicts the minimum distance of \(C\) being \(d\). Hence at most one codeword of \(C\) can agree with the fixed values on any fixed set of \(n-d+1\) positions.
Given a \(q\)-ary code \(C \subseteq [q]^n\) and \(0 \le e \le n\), there exists a Hamming ball of radius \(e\) containing at least \(\dfrac {|C|\, \mathrm{Vol}_q(e,n)}{q^n}\) codewords of \(C\).
We prove the existence of the required Hamming ball by the probabilistic method. Pick a received word \(\mathbf y \in [q]^n\) uniformly at random. The expected value of \(|B(\mathbf y, e) \cap C|\) equals \(\dfrac {|C|\, \mathrm{Vol}_q(e,n)}{q^n}\); indeed \(\mathbb {E}[|B(\mathbf y,e)\cap C|] = \sum _{\mathbf c \in C} \Pr [\mathbf c \in B(\mathbf y,e)] = \sum _{\mathbf c \in C} \dfrac {\mathrm{Vol}_q(e,n)}{q^n} = \dfrac {|C|\, \mathrm{Vol}_q(e,n)}{q^n}\), since for a fixed codeword \(\mathbf c\), \(\Pr _{\mathbf y}[\Delta (\mathbf c,\mathbf y) \le e] = \mathrm{Vol}_q(e,n)/q^n\). By the probabilistic method, there thus exists a \(\mathbf y \in [q]^n\) such that \(|B(\mathbf y,e) \cap C| \ge \dfrac {|C|\, \mathrm{Vol}_q(e,n)}{q^n}\), as desired.
For \(i, \ell \in \{ 0,1,\dots ,n\} \),
where \(a\) is an arbitrary vector in \(\{ 0,1\} ^n\) of Hamming weight \(i\) (the sum on the right does not depend on the choice of such \(a\), by symmetry).
Let \(d \le n\), and suppose \(\beta _1,\dots ,\beta _n \ge 0\) are real numbers such that
Then every binary code \(C \subseteq \{ 0,1\} ^n\) of minimum distance at least \(d\) satisfies
Let \(A_i = A_i^C\) be the normalized distance distribution of \(C\) (Definition 171), which by the proof of Theorem 172 is feasible for the linear program, with objective value \(|C|\). Since \(A_0 = 1\) and \(A_i = 0\) for \(1 \le i {\lt} d\), the constraint \(\sum _{i=0}^n K_\ell (i) A_i \ge 0\) may be rewritten as
Multiplying (8.8) by \(\beta _\ell \ge 0\) and summing over \(\ell = 1,\dots ,n\) gives
By hypothesis \(-\sum _{\ell =1}^n \beta _\ell K_\ell (i) \ge 1\) for \(i \ge d\), and \(A_i \ge 0\), so the left side is at least \(\sum _{i=d}^n A_i\). Hence
Adding \(A_0 = 1\) to both sides,
The left side equals \(|C|\) (the objective value of \(A^C\)), giving the claim.
If \(q,r,s,t,s',t',b\) are non-negative integers such that \(r = s(q-1)+t\), \(r-b = s'(q-1)+t'\), \(t,t' \leq q-2\) and \(b \leq q-1\), then
Let \(q,r,s,t\) be non-negative real numbers such that \(q \geq 2\), \(r = s(q-1)+t\) and \(t \leq q-2\). Then
A nonzero univariate polynomial \(f(X)\) of degree \(t\) over a field \(\mathbb {F}_q\) has at most \(t\) distinct roots in \(\mathbb {F}_q\). (This restates Prop. 5.1.5 of the book. It is deliberately restated locally rather than cited across chapters, since the corresponding Ch5 label is not part of the canonical cross-chapter table used to build this blueprint.)
For every finite field \(\mathbb {F}_q\) and every \(a \in \mathbb {F}_q\), \(a^q - a = 0\).
For fixed \(m\), \(K_{q,m,r}\) is monotone non-decreasing in \(q\) and in \(r\).
Let \(P \in \mathbb {F}_q[X_1,\ldots ,X_m]\) be such that \(\deg _{X_i}(P) \leq q-1\) for every \(i \in [m]\), and suppose \(P(\mathbf{a}) = 0\) for every \(\mathbf{a} \in \mathbb {F}_q^m\). Then \(P = 0\) as a polynomial. Consequently, for every \(\mathbf{d} \in S_{q,m,r}\) (Definition 193) the evaluations of the monomials \(\mathbf{X}^{\mathbf{d}}\) are linearly independent, and (together with the fact that they span \(\mathrm{RM}(q,m,r)\)) they form a basis for \(\mathrm{RM}(q,m,r)\).
Let \(f\) be a non-zero polynomial from \(\mathbb {F}_2[X_1,\ldots ,X_m]\) with \(\deg _{X_i}(f) \leq 1\) for every \(i \in [m]\). Then
Let \(f\) be a non-zero polynomial from \(\mathbb {F}_q[X_1,\ldots ,X_m]\) with \(\deg _{X_i}(f) \leq q-1\) for every \(i \in [m]\) and \(\deg (f) \leq r\). Furthermore, let \(s,t\) be the unique non-negative integers such that \(t \leq q-2\) and
Then
Hence \(\mathrm{RM}(q,m,r)\) has distance at least \(q^{m - \frac{r}{q-1}}\).
Let \(f \in \mathbb {F}_q[X_1,\ldots ,X_m]\) be a non-zero polynomial with \(\deg (f) \leq r\). Then the fraction of zeroes of \(f\) is at most \(\frac{r}{q}\), i.e.,
For events \(\mathcal{E}_1, \mathcal{E}_2\) in a common probability space, \(\Pr [\mathcal{E}_1 \cup \mathcal{E}_2] \leq \Pr [\mathcal{E}_1] + \Pr [\mathcal{E}_2]\).
If \(C_{out} \subseteq \mathbb {F}_{q^k}^N\) is an \(\mathbb {F}_{q^k}\)-linear code and \(C_{in} \subseteq \mathbb {F}_q^n\) is an \(\mathbb {F}_q\)-linear code of dimension \(k\), then (using an \(\mathbb {F}_q\)-linear identification of \(\mathbb {F}_{q^k}\) with \(\mathbb {F}_q^k\) to instantiate the bijection of Definition 202) the code \(C_{out}\circ C_{in} \subseteq \mathbb {F}_q^{nN}\) is \(\mathbb {F}_q\)-linear.
Fix an \(\mathbb {F}_q\)-linear bijection \(\varphi : \mathbb {F}_{q^k} \to \mathbb {F}_q^k\), e.g. by fixing an \(\mathbb {F}_q\)-basis of \(\mathbb {F}_{q^k}\) and mapping each element to its coordinate vector, and use \(\varphi \) (applied coordinatewise) to realize the bijection between \([Q]=[q^k]\) and \([q]^k\) required in Definition 202. Let \(\mathbf{G}_{out}\) be a \(K\times N\) generator matrix for \(C_{out}\) over \(\mathbb {F}_{q^k}\) and \(\mathbf{G}_{in}\) a \(k\times n\) generator matrix for \(C_{in}\) over \(\mathbb {F}_q\). The outer encoding map \(\mathbf{m}\mapsto \mathbf{m}\mathbf{G}_{out}\) is \(\mathbb {F}_{q^k}\)-linear and, since \(\mathbb {F}_q \subseteq \mathbb {F}_{q^k}\), is in particular \(\mathbb {F}_q\)-linear once source and target are viewed as \(\mathbb {F}_q\)-vector spaces via \(\varphi \) applied coordinatewise. For each coordinate, encoding a symbol \(c \in \mathbb {F}_{q^k}\) under \(C_{in}\) is, via \(\varphi \), the \(\mathbb {F}_q\)-linear map \(\varphi (c) \mapsto \varphi (c)\mathbf{G}_{in}\). The map \(\mathbf{m} \mapsto C_{out}\circ C_{in}(\mathbf{m})\) is thus the coordinatewise application, to the \(\mathbb {F}_q\)-linear image \(\varphi (C_{out}(\mathbf{m}))\) of an \(\mathbb {F}_q\)-linear map of \(\mathbf{m}\), of the \(\mathbb {F}_q\)-linear map \(\varphi (c)\mapsto \varphi (c)\mathbf{G}_{in}\); a composition of \(\mathbb {F}_q\)-linear maps is \(\mathbb {F}_q\)-linear, so \(C_{out}\circ C_{in}\) is \(\mathbb {F}_q\)-linear. Explicitly, a generator matrix for \(C_{out}\circ C_{in}\) is obtained from \(\mathbf{G}_{out}\) by replacing each entry \(\mathbf{G}_{out}[i,j] \in \mathbb {F}_{q^k}\) with the \(k\times n\) block \(\varphi (\mathbf{G}_{out}[i,j])\, \mathbf{G}_{in}\).
Fix a prime power \(q\) and \(\varepsilon {\gt}0\). Let \(C_{out}\) be a \(q^k\)-ary code meeting the Singleton bound (Theorem 110) with rate \(R\), i.e. with relative distance \(\delta _{out} \ge 1-R\) (for instance a Reed–Solomon code, Definition 128, by Theorem 131), and let \(C_{in}\) be a \(q\)-ary code meeting the Gilbert–Varshamov bound (Theorem 105) with rate \(r{\gt}0\), i.e. with relative distance \(\delta _{in} \ge H_q^{-1}(1-r) - \varepsilon \). Then \(C := C_{out}\circ C_{in}\) has rate \(rR\) and relative distance \(\delta = (1-R)\big(H_q^{-1}(1-r)-\varepsilon \big)\). Consequently, expressing \(R\) as a function of \(\delta \) and \(r\), and optimizing over the choice of \(r\), the rate of such a concatenated code satisfies
where the constraint \(r {\lt} 1-H_q(\delta +\varepsilon )\) is exactly what is needed to ensure the maximized quantity is positive. This lower bound on the rate (as a function of the relative distance \(\delta \)) is called the Zyablov bound.
By Theorem 203, \(C = C_{out}\circ C_{in}\) has rate \(Rr\) and relative distance \(\delta _{out}\cdot \delta _{in} \ge (1-R)\big(H_q^{-1}(1-r)-\varepsilon \big)\). Setting \(\delta = (1-R)\big(H_q^{-1}(1-r)-\varepsilon \big)\) and solving for \(R\) gives
Substituting into the rate \(Rr\) of \(C\), and then maximizing over the free parameter \(0 {\lt} r {\lt} 1\) (subject to the constraint, coming from Theorem 105, that \(\delta _{in} = H_q^{-1}(1-r) - \varepsilon \) needs to be a valid relative distance, i.e. \(\delta _{in}{\gt}0\), which after rearranging using monotonicity of \(H_q\) gives \(r {\lt} 1 - H_q(\delta +\varepsilon )\)) and letting \(\varepsilon \to 0\) yields the stated bound on the rate \(\mathscr {R}\) achievable by concatenated codes of relative distance \(\delta \).
If \(G\) is a \((\gamma ,\varepsilon )\)-disperser and \(\Delta (C) \ge \gamma n\), then \(\Delta (G(C)) \ge (1-\varepsilon )m\), where \(n=|L|\) and \(m=|R|\).
Let \(G\) be an \((n,m,c,\gamma ,\alpha )\) bipartite expander. Then there exists another bipartite graph \(G'\) that is an \((n,m',c,\gamma ,\alpha )\) bipartite expander such that
\(m \le m' \le 2m\);
every right vertex in \(G'\) has degree at most \(\left\lceil \frac{nc}{m}\right\rceil \).
Let \(q=2^s\) for integer \(s \ge 1\). Let \(C_{\text{out}}:\mathbb {F}_q^k \to (\mathbb {F}_q^b)^n\) and \(C_{\text{in}}:\mathbb {F}_q^b \to \mathbb {F}_q^B\) be \(\mathbb {F}_2\)-linear codes of relative distance \(\delta _{\text{out}}\) and \(\delta _{\text{in}}\) respectively. Let \(G\) be the double cover of an \((n,B,\lambda )\)-expander. Then if \(\lambda \le \varepsilon \sqrt{\delta _{\text{out}}}B\) then \(\delta (\mathscr {CA}(C_{\text{out}},C_{\text{in}},G)) \ge \delta _{\text{in}}-\varepsilon \).
Let \(G=(L,R,E)\) be an \((n,m,c,\gamma ,\alpha )\)-bipartite-expander with \(\alpha \cdot \gamma \ge (1-\varepsilon )m/n\). Then \(G\) is a \((\gamma ,\varepsilon )\)-disperser.
Let \(G\) be an \((n,d,\lambda )\)-spectral expander. Then the double cover \(H\) of \(G\) is a \(d\)-regular \((\gamma ,\varepsilon )\)-disperser for \(\varepsilon = \frac{\lambda ^2}{\gamma d^2}\).
Let \(X = (V,E)\) be a \((n,d,\lambda )\)-graph. Then for every \(A,B \subseteq V\) (possibly \(A=B\)) we have
In particular, this implies
For every \(\varepsilon ,\gamma {\gt} 0\) and for every large enough \(d\), there is an explicit (poly-time constructible) family of \(d\)-regular \((\gamma ,\varepsilon )\)-dispersers on \(n\) left and right vertices, for every sufficiently large \(n\). Furthermore one can take \(d = \Theta \left(\frac{1}{\gamma \varepsilon }\right)\).
Every real symmetric \(n \times n\) matrix has \(n\) real eigenvalues (counted with multiplicity). In particular, since the adjacency matrix of a graph on \(n\) vertices is real and symmetric, we may associate to the graph the \(n\) eigenvalues \(\lambda _1 \ge \lambda _2 \ge \cdots \ge \lambda _n\) of its adjacency matrix.
Let \(G = (L,R,E)\) be an \((n,m,c,\gamma ,c(1-\varepsilon ))\) bipartite expander with \(\varepsilon {\lt} 1/2\). Then for every \(S \subseteq L\) with \(|S| \le \gamma n\), we have
For every input sequence \(\{ (\alpha _i,y_i)\} _{i=1}^n\) with \(\alpha _i\) distinct and every \(\ell \ge 1\), Step 1 of Algorithm 266 has a non-zero solution \(Q(X,Y)\) with \(\deg _X(Q) \le \ell \) and \(\deg _Y(Q) \le n/\ell \) satisfying \(Q(\alpha _i,y_i)=0\) for all \(1 \le i \le n\).
A non-zero polynomial \(f \in \mathbb {F}[X]\) of degree \(d\) over a field \(\mathbb {F}\) has at most \(d\) roots in \(\mathbb {F}\).
For each \(\)i\(, the constraint that \)Q(X,Y)\( has \)r\( roots at \)(α_i,y_i)\( imposes \)r+12\( homogeneous linear constraints on the coefficients of \)Q(X,Y)\(. \)
Suppose \((P(\alpha _i))_{i=1}^n\) is transmitted, where \(P(X)\) has degree at most \(k-1\), and the received word \(y\) satisfies \(\Delta (y,(P(\alpha _i))_{i=1}^n) \le e\). Then there exist polynomials \(E^*(X)\) of degree exactly \(e\) and \(N^*(X)\) of degree at most \(e+k-1\) satisfying Step 1 of Algorithm 259 such that \(N^*(X)/E^*(X) = P(X)\).
Let \(Q(X,Y)\) be a bivariate polynomial of \((1,w)\)-degree at most \(D\), and let \(P(X)\) be a polynomial with \(\deg (P) \le w\). Then \(\deg (Q(X,P(X))) \le D\).
Let \(\)C’⊆F_2^N’\( be a binary linear code with \)k∣N’\(, and suppose \)D’\( is a decoding algorithm for \)C’\( that, given any word within relative Hamming distance \)ρ\( of a codeword of \)C’\(, returns that codeword. Fix an \)F_2\(-linear bijection \)ϕ:F_2^kF_2^k\(, and let \)C_out⊆F_2^k^N\(, \)N=N’/k\(, be the code obtained from \)C’\( by grouping each consecutive block of \)k\( bits into a single symbol of \)F_2^k\( via \)ϕ\( (``folding''); \)C_out\( has the same rate as \)C’\(. Then there is a decoding algorithm \)D_out\( for \)C_out\(, running in the time of \)D’\( plus \)O(N)\(, such that, given any word within relative Hamming distance \)ρ\( (over \)F_2^k\() of a codeword of \)C_out\(, \)D_out\( returns that codeword. \begin{proof} \uses{def:c10-concatenation, def:c02-linear-code} Let \end{proof}\)yF_2^k^N\( be within relative Hamming distance \)ρ\( of some codeword \)cC_out\(, i.e.\ \)y\( and \)c\( disagree on at most \)ρN\( of their \)N\( symbols. Let \)D_out\( act by first ``unfolding'' \)y\( into \)y’F_2^N’\( (applying \)ϕ^-1\( to each symbol and concatenating the resulting \)k\(-bit strings), running \)D’\( on \)y’\( to obtain \)c’C’\(, and then folding \)c’\( back into a codeword of \)C_out\(. Let \)c’C’\( be the unfolding of \)c\(. Every symbol on which \)y\( and \)c\( agree unfolds to \)k\( bits on which the unfoldings \)y’\( and \)c’\( agree; hence each of the (at most \)ρN\() symbols on which \)y,c\( disagree contributes at most \)k\( of the bit-level disagreements between \)y’\( and \)c’\(, and every bit-level disagreement arises this way. Thus \[ \Delta (\mathbf y',\mathbf c')\ \le \ k\cdot \rho N\ =\ \rho N', \] i.e.\ \)y’\( is within relative Hamming distance \)ρ\( of \)c’C’\(. By the guarantee on \)D’\(, \)D’(y’)=c’\(, so \)D_out(y)\(, obtained by folding \)c’\(, equals \)c\(, as desired. The running time is that of \)D’\( plus the \)O(N)\( (equivalently \)O(N’)\() time to fold and unfold. \)
For jointly distributed random variables
For a simple, locally polarizing sequence with
A homogeneous system of linear equations over a field with strictly more variables than equations has a non-zero solution.
There is a constant \(\)B\( such that for all \)k\(, \)R_k(x)\( can be computed in time at most \)Bk\( for \)x F_2^k\(. \)
With notation as in Construction 426, the code \(\)C^*\( has dimension exactly \)k\(. \begin{proof} \uses{constr:c19-cstar} Write \end{proof}\)k = k’r/(r+1)\(; this means \)k = (k’r + a)/(r+1)\( for some integer \)a\( with \)0 < a ≤r\( (we cannot have \)a = 0\(, since if \)k = k’r/(r+1)\( were an integer then \)(k’-1)r/(r+1)\( would already equal \)k\(, contradicting minimality of \)k’\(). Inverting for \)k’\(, \[ k' = \frac{(r+1)k - a}{r} = k + \frac{k-a}{r} \, , \] and since \)0 < a ≤r\( one checks \)(k-a)/r = k/r - 1\( (writing \)k = qr + s\( with \)1 ≤s ≤r\( so \)k/r= q+1\(; if \)a ≤s\( then \)(k-a)/r = q + (s-a)/r\( is only an integer when \)a=s\(, giving \)(k-a)/r = q = k/r- 1\(; the divisibility of \)k’\( forces \)a ≡k r\(, i.e. \)a = s\( in this range). Hence \[ k' = k + \left\lceil \frac{k}{r}\right\rceil - 1 \, . \tag {} \]\)*\(\)
Among the coefficients \(\)f_0, …, f_k’-1\(, the ones forced to zero are \)f_r, f_2r+1, f_3r+2, …\(, i.e. every \)(r+1)\('th coefficient starting at index \)r\(; the number of such indices that are at most \)k’ - 1\( equals \)(k’-1-r)/(r+1)+ 1 = k’/(r+1)\(. Therefore the dimension of \)C^*\( (the number of free coefficients) equals \[ k' - \left\lfloor \frac{k'}{r+1}\right\rfloor = \left\lceil \frac{k'r}{r+1}\right\rceil = k \] by the defining relation for \)k’\(. (The evaluation map on \)F_q^*\( is injective on polynomials of degree \)<k’≤q-1\(, so dimension as a vector space of message-coefficient-tuples equals dimension of the code.) \)
With notation as in Construction 426 and \(\)k’\( related to \)k\( as in the proof of Lemma~ \ref{lem:c19-cstar-dimension}, the code \)C^*\( has minimum distance \[ d \geq n - k' + 1 = n - k - \left\lceil \frac{k}{r}\right\rceil + 2 \, . \] \begin{proof} \uses{constr:c19-cstar, def:c05-reed-solomon, lem:c19-cstar-dimension} \end{proof}\)C^*\( is by definition a sub-code of the Reed-Solomon code of dimension \)k’\( and block length \)n = q-1\(, obtained by restricting the message polynomials to a sub-space of the degree-\)(<k’)\( polynomials. A sub-code of a code has distance at least that of the ambient code, so \)d ≥n - k’ + 1\( (the distance of the ambient Reed-Solomon code). Substituting the relation \)k’ = k + k/r- 1\( from the proof of Lemma~ \ref{lem:c19-cstar-dimension} gives \)d ≥n - k - k/r+ 2\(. \)
With notation as in Construction 426, every codeword symbol of \(\)C^*\( has a local recovery set of size \)r\(; that is, \)C^*\( satisfies property (ii) of Definition~ \ref{def:c19-lrc} with locality \)r\(. \begin{proof} \uses{constr:c19-cstar, lem:c19-roots-unity-product} Let \end{proof}\)U = {1, ω, ω^2, …, ω^r}\(, the set of \)(r+1)\('th roots of unity in \)F_q^*\(. Since \)F_q^*\( is cyclic of order \)q - 1\( and \)|U| = r+1\( divides \)q-1\(, the distinct multiplicative cosets \)αU = {α, αω, …, αω^r}\(, for \)α\( ranging over coset representatives, partition \)F_q^*\( into \)(q-1)/(r+1)\( cosets of size \)r+1\( each; it suffices to prove the local recovery property on each individual coset \)αU\(. Fix a codeword symbol location \)αω^i_0 αU\( coming from a polynomial \)f(X) = ∑_i=0^k’-1 f_i X^i\( with \)f_i = 0\( whenever \)i ≡r r+1\( (as in Construction~ \ref{constr:c19-cstar}). Reducing \)f(X)\( modulo \)X^r+1 - α^r+1\( gives a polynomial \)g^(α)(X)\( of degree at most \)r\( that agrees with \)f\( on all of \)αU\( (since each point of \)αU\( is a root of \)X^r+1 - α^r+1\(, by Lemma~ \ref{lem:c19-roots-unity-product} applied with this \)α\(, so \)f(X) ≡g^(α)(X) X^r+1 - α^r+1\( implies \)f\( and \)g^(α)\( take the same values at every root of \)X^r+1-α^r+1\(). Since only the coefficients \)f_i\( with \)i ≡r r+1\( are forced to vanish, and reduction modulo \)X^r+1-α^r+1\( only combines coefficients whose indices are congruent modulo \)r+1\(, the coefficient of \)X^r\( in \)g^(α)(X)\( is (up to a nonzero scalar power of \)α\() a sum of the vanishing coefficients \)f_r, f_2r+1, …\( of \)f\(, and hence is itself \)0\(. Thus \)g^(α)(X)\( has degree at most \)r - 1\( (strictly less than \)r\(). By Lemma~ \ref{lem:c19-roots-unity-product}, the \)r+1\( points of \)αU\( are precisely the roots of \)X^r+1 - α^r+1 = ∏_i=0^r (X - αω^i)\(. A polynomial \)g^(α)\( of degree at most \)r-1\( evaluated at these \)r+1\( distinct points satisfies a single nontrivial linear constraint \)∑_i=0^r λ_αω^i g^(α)(αω^i) = 0\( with all \)λ_αω^i ≠0\(: this is because the \)(r+1)×(r+1)\( Vandermonde-type evaluation matrix at the \)r+1\( points \){αω^i}\( has a \)1\(-dimensional left null space (since evaluation of degree \)≤r-1\( polynomials at \)r+1\( points has rank \)r\(, the space of degree \)≤r\( polynomials), and the coefficient \)λ_αω^i\( corresponding to a given point is (up to scalar) the value at that point of the degree-\)r\( polynomial vanishing at the other \)r\( points of \)αU\(, which is nonzero at \)αω^i\( itself (else it would have \)r+1\( roots while having degree \)r\(). Since \)f(X)\( and \)g^(α)(X)\( agree on \)αU\(, this same linear constraint \)∑_i=0^r λ_αω^i f(αω^i) = 0\( holds among the codeword symbols indexed by \)αU\(, with every coefficient nonzero. In particular, for each \)i_0\(, the codeword symbol at \)αω^i_0\( is recoverable (via this linear equation) from the other \)r\( codeword symbols at \)αU ∖{αω^i_0}\(. As \)αU\( ranges over all cosets partitioning \)F_q^*\(, every codeword location has a local recovery set of size \)r\(, as required. \)
For every \(\)g>1\( there is a deterministic polynomial time reduction from \)Gap_gDBD\( to \)Gap_gMinDist\(. \begin{proof} \uses{def:c23-gap-dbd, def:c23-gap-mindist} Given an instance \end{proof}\)(F,G,v,t)\( of \)Gap_gDBD\( with \)GF^k×n\(, form the \)(k+1)×n\( matrix \)G’ =
G
v
\( (i.e. \)G\( with the row \)v\( adjoined), and output \)(F,G’,d)\( with \)d=t\(. This is computable in polynomial time. The nonzero codewords generated by \)G’\( are exactly the vectors \)c·v+xG\( for \)cF\(, \)xF^k\(, not both \)c=0,x=0\(. Those with \)c=0\( are exactly the nonzero codewords of the code generated by \)G\(, of weight at least \)d(G)\(. Those with \)c≠0\( may be rescaled (dividing by \)c\(, which does not change Hamming weight) to the form \)v + xG\( for \)xF^k\( arbitrary (reparametrizing \)x ↦x/c\(); as \)x\( ranges over \)F^k\( so does \)-x\(, so \){wt(v+xG) : xF^k} = {wt(v-xG):x} = {Δ(v,xG):xF^k}\(. Hence \[ d(\mathbf{G}') = \min \Big(d(\mathbf{G}),\ \min _{\mathbf{x}\in \mathbb {F}^k}\Delta (\mathbf{v},\mathbf{x}\mathbf{G})\Big). \] Now suppose \)(F,G,v,t)Gap_gDBD_Yes\(, so \)d(G)≥gt\( and there exists \)x\( with \)Δ(v,xG)≤t\(; then \)d(G’) ≤t = d\(, so \)(F,G’,d)Gap_gMinDist_Yes\(. Suppose instead \)(F,G,v,t)Gap_gDBD_No\(, so \)d(G)≥gt\( and for every \)x\(, \)Δ(v,xG)>gt\(; then \)d(G’) = (d(G), _xΔ(v,xG)) > gt = gd\(, so \)(F,G’,d)Gap_gMinDist_No\(. This proves correctness of the reduction. \)
For every \(\)g>1\( and \)g’<∞\( there is a deterministic polynomial time reduction from \)Gap_gMinDist\( to \)Gap_g’MinDist\(. \begin{proof} \uses{def:c23-gap-mindist} Given an instance \end{proof}\)(F,G,d)\( of \)Gap_gMinDist\( and a positive integer \)ℓ\(, let \)G^⊗ℓ\( denote the generator matrix of the \)ℓ\(-fold tensor power of the code generated by \)G\( with itself. Using the fact that tensoring multiplies minimum distances, \)d(G^⊗ℓ) = d(G)^ℓ\(, the reduction outputs \)(F,G^⊗ℓ,d^ ℓ)\(, computable in polynomial time (for fixed \)ℓ\() from \)(F,G,d)\(. If \)d(G)≤d\( then \)d(G^⊗ℓ) = d(G)^ℓ≤d^ ℓ\(, so YES instances map to YES instances. If \)d(G)>gd\( then \)d(G^⊗ℓ) = d(G)^ℓ> (gd)^ℓ= g^ℓd^ ℓ\(, so NO instances of \)Gap_gMinDist\( map to instances \)(F,G^⊗ℓ,d^ ℓ)\( with \)d(G^⊗ℓ) > g^ℓd^ ℓ\(. Choosing \)ℓ\( large enough that \)g^ℓ≥g’\(, this shows such instances lie in \)Gap_g’MinDist_No\(. This proves the reduction is correct. \)
The problem \(\)MaxLinearEq(k,n,n)\( (i.e. determining whether there is a solution satisfying \emph{all} \)n\( equations) can be solved in time \)O(kn^2)\(. \)
Given a code \(C \subseteq \Sigma ^n\), the following are equivalent:
\(C\) has minimum distance \(d \ge 2\).
If \(d\) is odd, \(C\) can correct \((d-1)/2\) errors.
\(C\) can detect \(d-1\) errors.
\(C\) can correct \(d-1\) erasures.
Let \(C\) be a code with minimum distance \(d\), for \(d\) even. Then \(C\) can correct \(d/2-1\) errors but cannot correct \(d/2\) errors. Consequently, if a code \(C\) is \(t\)-error correctable (for the largest possible such \(t\)), then \(C\) has distance either \(2t+1\) or \(2t+2\).
For any binary linear code \(C\), its minimum distance equals the minimum Hamming weight of any non-zero codeword:
For every \([n,k,d]_q\) code \(C\) with parity check matrix \(H\), \(d\) equals the size of the smallest subset of columns of \(H\) that is linearly dependent.
For every \([n,k,d]_q\) code \(C\), \(d = \min _{\substack {\mathbf{c}\in C,\\ \mathbf{c}\ne \mathbf{0}}} \mathrm{wt}(\mathbf{c})\).
For any \([n,k]_q\) linear code, given its generator matrix, encoding can be done with \(O(nk)\) operations over \(\mathbb {F}_q\).
For any \([n,k]_q\) linear code, given its parity check matrix, error detection can be performed in \(O(n(n-k))\) operations over \(\mathbb {F}_q\).
\(C_{Sim,r}\) is a \([2^r-1, r, 2^{r-1}]_2\) code and \(C_{Had,r}\) is a \([2^r, r, 2^{r-1}]_2\) code.
Any \([n,k]_q\) linear code can be represented with \(\min (nk, n(n-k))\) symbols from \(\mathbb {F}_q\).
For small enough \(\varepsilon \), the inequality
holds if and only if \(q\) is \(2^{\Omega (1/\varepsilon )}\).
First note that, by definition of \(H_q(\rho )\) and \(H(\rho )\) (writing \(\log \) for \(\log _2\)),
(\(\Leftarrow \)) Suppose \(q \ge 2^{1/\varepsilon }\). Then \(\log _q(q-1) \le 1\) and \(H(\rho ) \le 1\) for every \(\rho \), and \(\log _2 q \ge 1/\varepsilon \), so
hence \(1 - H_q(\rho ) \ge 1 - \rho - \varepsilon \) for every \(0 {\lt} \rho \le 1 - 1/q\), as desired.
(\(\Rightarrow \)) Suppose \(q = 2^{o(1/\varepsilon )}\). We first claim that for small enough \(\varepsilon \), if \(q \ge 1/\varepsilon ^2\) then \(\log _q(q-1) \ge 1 - \varepsilon \): indeed,
which is at least \(1-\varepsilon \) once \(q \ge 1/\varepsilon ^2\) (and \(\varepsilon \) small enough). Next, if \(q = 2^{o(1/\varepsilon )}\), then for fixed \(\rho \),
Combining, for \(q = 2^{o(1/\varepsilon )}\) with \(q \ge 1/\varepsilon ^2\),
which implies \(1 - H_q(\rho ) {\lt} 1 - \rho - \varepsilon \), as desired. Finally, for \(q \le 1/\varepsilon ^2\), Lemma 97 (applied with \(q\) and \(q^m = 1/\varepsilon ^2\)) shows \(1-H_q(\rho ) \le 1 - H_{1/\varepsilon ^2}(\rho ) {\lt} 1 - \rho - \varepsilon \), using the case already established for the base \(1/\varepsilon ^2 \ge 2^{1/\varepsilon }\). This completes the proof of the “only if” direction.
For small enough \(\varepsilon {\gt} 0\),
where \(c_q\) is a constant that depends only on \(q\).
Since \(H_q'(x) = 0\) at \(x = 1-1/q\), the intuition is that in the Taylor expansion of \(H_q(1-1/q-\varepsilon )\) around \(\varepsilon = 0\) the linear term vanishes; we make this precise assuming \(\varepsilon {\lt} 1/q\). Writing \(x = 1-1/q-\varepsilon \) (so \(1-x = 1/q+\varepsilon \)), by definition of \(H_q\),
Expanding \(\ln (1+x) = x - x^2/2 + x^3/3 - \cdots \) for each logarithm above and collecting the \(\varepsilon ^3\) and smaller terms into \(o(\varepsilon ^2)\), one obtains after simplification
for \(\varepsilon \) small enough. Taking \(c_q = \frac{q^2}{4\ln q\, (q-1)}\) completes the proof.
For small enough \(\varepsilon {\gt} 0\),
By definition,
Since every term on the right is non-negative,
which gives the lower bound (the \(\Omega \) half of the claim). For the upper bound, one has \((1-\varepsilon )\log _q(1/(1-\varepsilon )) \le 2\varepsilon /\ln q\) for small enough \(\varepsilon \), so
Together, the two displayed bounds give \(H_q(\varepsilon ) = \Theta \! \left(\frac{1}{\log q}\cdot \varepsilon \log (1/\varepsilon )\right)\), as claimed.
Let \(q \ge 2\) be an integer and \(0 \le p \le 1 - \frac{1}{q}\) be a real number. Then:
\(\mathrm{Vol}_q(pn, n) \le q^{H_q(p)n}\); and
for large enough \(n\), \(\mathrm{Vol}_q(pn,n) \ge q^{H_q(p)n - o(n)}\).
Proof of (i). Starting from the binomial expansion of \(1 = (p + (1-p))^n\),
Since \(0 \le p \le 1 - 1/q\) implies \(\frac{p}{(q-1)(1-p)} \le 1\), and \(i \le pn\) in the sum, raising a number in \([0,1]\) to a larger power can only decrease it, so \(\left(\frac{p}{(q-1)(1-p)}\right)^i \ge \left(\frac{p}{(q-1)(1-p)}\right)^{pn}\) for every \(i \le pn\). Hence
where the last line uses \(q^{-H_q(p)n} = \left(\frac{p}{q-1}\right)^{pn} (1-p)^{(1-p)n}\), which follows directly from the definition of \(H_q\). Rearranging gives \(\mathrm{Vol}_q(pn,n) \le q^{H_q(p)n}\), which proves (i).
Proof of (ii). By Stirling’s approximation for \(n!\),
where \(\ell (n) = \dfrac {e^{\lambda _1(n) - \lambda _2(pn) - \lambda _2((1-p)n)}}{\sqrt{2\pi p(1-p)n}}\) (with \(\lambda _1, \lambda _2\) the error terms of Stirling’s approximation). Then, keeping only the last term of the sum defining \(\mathrm{Vol}_q(pn,n)\),
where the last inequality follows from the definition of \(H_q(\cdot )\) and the fact that \(\ell (n) = q^{-o(n)}\) for large enough \(n\). This proves (ii) and completes the proof.
Given random variables \(V_1, \dots , V_m\) defined over the same domain \(\mathbb {D}\) and with the same probability distribution \(p\),
Given \(m\) binary random variables \(A_1, \dots , A_m\),
Let \(\mathscr {C}\) be an infinite family of \(q\)-ary codes with rate \(R = R(\mathscr {C})\) and relative distance \(\delta = \delta (\mathscr {C})\). Then
A nonzero polynomial \(f(X)\) of degree \(t\) over a field \(\mathbb {F}_q\) has at most \(t\) distinct roots in \(\mathbb {F}_q\).
Let \(C \subseteq \Sigma ^n\) of integral dimension \(k\) be an MDS code. Then for every \(S \subseteq [n]\) with \(|S| = k\), we have \(C_S = \Sigma ^k\).
Consider the \(|C| \times n\) matrix whose rows are the codewords of \(C\); there are \(|C| = |\Sigma |^k\) rows (since \(C\) has dimension \(k\)) and \(n\) columns. Since \(C\) is MDS, its minimum distance is \(d = n-k+1\).
Fix \(S \subseteq [n]\) with \(|S| = k\). For any distinct \(c^i \neq c^j \in C\), the projections \(c^i_S \neq c^j_S \in C_S\) are distinct: if they agreed, then \(c^i\) and \(c^j\) would agree on all \(k\) coordinates in \(S\), so \(\Delta (c^i, c^j) \leq n - k = d - 1\), contradicting that the minimum distance of \(C\) is \(d\). Hence every codeword of \(C\) maps to a distinct element of \(C_S\), giving \(|C_S| = |C| = |\Sigma |^k\). Since \(C_S \subseteq \Sigma ^k\) and \(|C_S| = |\Sigma ^k|\), we conclude \(C_S = \Sigma ^k\).
Given polynomials \(f(X), g(X) \in \mathbb {F}_q[X]\) with \(g \neq 0\), there exist unique polynomials \(q(X)\), the quotient, and \(r(X)\), the remainder, with \(\deg (r) {\lt} \deg (g)\), such that \(f(X) = q(X)g(X) + r(X)\). If \(g(X) = X - \alpha \) for \(\alpha \in \mathbb {F}_q\), then \(r(X)\) is the degree-\(0\) polynomial \(f(\alpha )\), i.e., the evaluation of \(f\) at \(\alpha \).
Let \(0\le p{\lt}\tfrac 12\) and \(0{\lt}\varepsilon \le \tfrac 12-p\). If an algorithm \(A\) can handle \(p+\varepsilon \) fraction of worst case errors (i.e. correctly recovers the transmitted message from up to \((p+\varepsilon )n\) adversarially chosen errors, for codewords of block length \(n\)), then \(A\) can be used for reliable communication over \(\mathrm{BSC}_p\).
For each \(\ell = 0,\dots ,n\), the polynomial \(K_\ell (X)\) has degree exactly \(\ell \). Consequently \(\{ K_\ell (X)\} _{\ell =0}^n\) is a basis of the space of real polynomials of degree at most \(n\), and the functions \(K_\ell : \{ 0,1,\dots ,n\} \to \mathbb R\), \(\ell = 0,\dots ,n\), form a basis of all real-valued functions on \(\{ 0,1,\dots ,n\} \). Consequently every function \(g : \{ 0,\dots ,n\} \to \mathbb R\) can be expressed uniquely as
for real coefficients \(\hat g(0),\dots ,\hat g(n)\).
Each summand \((-1)^j \binom {X}{j}\binom {n-X}{\ell -j}\) is, as a polynomial in \(X\), of degree \(j\) (from \(\binom {X}{j}\)) plus degree \(\ell - j\) (from \(\binom {n-X}{\ell -j}\), itself a degree-\((\ell -j)\) polynomial in \(X\)), hence of degree exactly \(\ell \). One checks, e.g. by induction on \(\ell \) using the standard three-term recurrence for Krawtchouk polynomials, that the coefficient of \(X^\ell \) in the sum does not vanish, so \(\deg K_\ell (X) = \ell \) exactly. Thus \(K_0(X),\dots ,K_n(X)\) are \(n+1\) polynomials of pairwise distinct degrees \(0,1,\dots ,n\), hence linearly independent, and so they form a basis of the \((n+1)\)-dimensional space of real polynomials of degree at most \(n\).
Since every function on the finite set \(\{ 0,1,\dots ,n\} \) agrees with a unique interpolating polynomial of degree at most \(n\), restricting the basis \(K_0(X),\dots ,K_n(X)\) to \(\{ 0,1,\dots ,n\} \) again gives a basis, now of the space of all real-valued functions on \(\{ 0,1,\dots ,n\} \). The displayed expansion of an arbitrary \(g\) is exactly the (unique) expression of \(g\) in this basis.
For any \(r \leq m\), the dimension of the Reed-Muller code \(\mathrm{RM}(2,m,r)\) is exactly \(\sum _{i=0}^{r} \binom {m}{i}\).
For every prime power \(q\) and integers \(m \geq 1\) and \(r \geq 0\), the dimension of the code \(\mathrm{RM}(q,m,r)\) is \(K_{q,m,r}\).
If \(r {\lt} q\) then the dimension of the Reed-Muller code \(\mathrm{RM}(q,m,r)\) equals \(\binom {m+r}{r}\).
For integers \(q \geq 2\), \(m \geq 1\) and \(r \geq 0\), let
and let
Then there are universal constants \(c_1, c_2\) (\(c_1 {\lt} 3.1\) and \(c_2 {\lt} 8.2\) suffice) such that
Let \(\varepsilon {\gt}0\). The Justesen code \(C^*\) of Definition 210 has relative distance at least \((1-R-\varepsilon )\cdot H_q^{-1}\big(\frac12-\varepsilon \big)\).
Consider arbitrary \(\mathbf{m}^1 \ne \mathbf{m}^2 \in (\mathbb {F}_{q^k})^K\). By the distance of the outer Reed–Solomon code, \(|S| \ge (1-R)N\) where
Call the \(i\)-th inner code \(C_{in}^i\) good if it has relative distance at least \(d/(2k)\) where \(d \overset {\mathrm{def}}{=} H_q^{-1}\big(\frac12-\varepsilon \big)\cdot 2k\), and bad otherwise. By Theorem 209, at most \(\varepsilon N\) of the \(N\) inner codes are bad. Let \(S_g\) be the good indices in \(S\) and \(S_b\) the bad indices in \(S\); since \(|S_b| \le \varepsilon N\),
For each good \(i \in S\), since \(C_{out}(\mathbf{m}^1)_i \ne C_{out}(\mathbf{m}^2)_i\) and \(C_{in}^i\) has relative distance at least \(d/(2k)\),
Since \(C^*(\mathbf{m}^1)\) and \(C^*(\mathbf{m}^2)\) disagree in at least \(d\) coordinates within the block corresponding to each of the at least \(|S_g| \ge (1-R-\varepsilon )N\) good positions in \(S\), the distance of \(C^*\) is at least
Dividing by the block length \(2kN\) of \(C^*\) gives relative distance at least \((1-R-\varepsilon )\cdot H_q^{-1}\big(\frac12-\varepsilon \big)\), as desired.
Let \(G = (L,R,E)\) be a bipartite graph with \(|L| = n\) and \(|R| = n-k\). Then \((c_1,\ldots ,c_n) \in \{ 0,1\} ^n\) is in \(C(G)\) if and only if the following holds (where \(S = \{ i \in [n] \mid c_i \ne 0\} \)) for every \(r \in R\):
where the sum is over \(\mathbb {F}_2\).
Given non-negative integer multiplicities
Consider a uniform choice of an affine form
Affine substitutions do not increase the degree of a polynomial. Specifically, if
Let \(\)C^*=C_out○C_in\( be as in Construction~ \ref{constr:c15-concatenated-scheme}, and let \)y\( be the result of transmitting a codeword of \)C^*\( over \)BSC_p\( (applied independently to each of the \)N\( inner blocks). Then Algorithm~ \ref{alg:c15-decoder} fails to recover the transmitted message with probability at most \)e^-γN/6=2^-Ω(γN/n)\(. \begin{proof} \uses{constr:c15-concatenated-scheme, alg:c15-decoder, def:c06-bsc} Fix \end{proof}\)i[N]\(. Since \)C_in\( is transmitted independently over \)BSC_p\( for each block (Definition~ \ref{def:c06-bsc}), and by the guarantee on \)D_in\( in Construction~ \ref{constr:c15-concatenated-scheme}(ii), the event \)E_i\( that \)y_i’≠C_out(m)_i\( (i.e.\ that the \)i\(-th inner decoding is wrong) has \)[E_i]≤γ/2\(; moreover the events \)E_1,…,E_N\( are mutually independent, since the \)BSC_p\( noise affecting distinct blocks is independent. Let \)X=∑_i=1^N 1[E_i]\( be the number of erroneous inner decodings; by linearity of expectation, \)E[X]≤γN/2\(. By the multiplicative Chernoff bound applied to \)X\(, a sum of \)N\( independent \){0,1}\(-valued random variables, \[ \Pr [X{\gt}\gamma N] \; =\; \Pr \big[X {\gt} 2\cdot \mathbb E[X]\big]\ \le \ \Pr \big[X{\gt}(1+1)\mathbb E[X]\big] \; \le \; e^{-\mathbb E[X]/3}\ \le \ e^{-\gamma N/6}. \] Since \)C_out\('s decoder \)D_out\( is only guaranteed to correct up to \)γ\( fraction of worst-case errors (Construction~ \ref{constr:c15-concatenated-scheme}(i)), Algorithm~ \ref{alg:c15-decoder} can only fail to recover \)m\( if \)X>γN\(, i.e.\ if the intermediate word \)y’\( has more than \)γN\( errors with respect to \)C_out(m)\(. Hence the overall decoding error probability is at most \)e^-γN/6\(, which, since \)γ\( and \)p\( are constants and \)k=Θ(n)\(, is \)2^-Ω(γN/n)\(. \)
Let \(\)C^*=C_out○C_in\( be as in Construction~ \ref{constr:c15-concatenated-scheme}. Then \)C^*\( can be encoded in time \[ O(N^2k^2)+O(Nkn)\le O(N^2n^2)=O(\mathcal{N}^2), \] and Algorithm~ \ref{alg:c15-decoder} decodes \)C^*\( in time \[ N\cdot T_{in}(k)+T_{out}(N)\ \le \ \mathrm{poly}(\mathcal N), \] provided \)T_out(N)=N^O(1)\( and \)T_in(k)=2^O(k)\(. \begin{proof} \uses{constr:c15-concatenated-scheme, alg:c15-decoder} Both \end{proof}\)C_out\( and \)C_in\( are linear, so encoding \)C^*\( amounts to multiplying the message by a generator matrix for \)C_out\( (a \)K×N\( matrix over \)F_2^k\(, i.e.\ \)O(N^2)\( operations over \)F_2^k\(, each implementable with \)O(k^2)\( operations over \)F_2\(, giving \)O(N^2k^2)\() followed by, for each of the \)N\( resulting symbols, an \)O(k)×O(n)\( matrix multiplication over \)F_2\( to apply \)C_in\( (giving \)O(Nkn)\( total). Since \)k≤n\(, both terms are at most \)O(N^2n^2)=O(N^2)\(. For decoding, Algorithm~ \ref{alg:c15-decoder} runs \)D_in\( on each of the \)N\( blocks of \)y\( (total time \)N·T_in(k)\() and then runs \)D_out\( once (time \)T_out(N)\(). If \)T_out(N)=N^O(1)\( and \)T_in(k)=2^O(k)\(, both terms are \)N^O(1)\(, so the total decoding time is \)poly(N)\(. \)
For \(\)C_in\( as in Construction~ \ref{constr:c15-inner-code}, the decoding algorithm \)D_in\( (maximum-likelihood decoding) runs in time \)T_in(k)=2^O(k)\(, and \)C_in\( can be constructed in time \)2^O(n^2)\(. \begin{proof} \uses{constr:c15-inner-code} The only known implementation of maximum-likelihood decoding for a general linear code enumerates all \end{proof}\)2^k\( codewords, taking time \)2^O(k)\(; this is \)T_in(k)\(. For the construction time: there are \)2^O(kn)\( candidate generator matrices to search over. For each candidate code, we must compute its decoding error probability, which requires checking, for each of the \)2^k\( possible transmitted codewords, whether maximum-likelihood decoding errs on each of the \)2^n\( possible received words (this takes time \)2^O(k)\( per received word by the previous paragraph, together with a polynomial-time computation of the probability with which that received word occurs given the transmitted codeword), and averaging; since \)k≤n\(, this is \)2^n+O(k)=2^O(n)\( time per codeword, hence \)2^k·2^O(n)=2^O(n)\( time per candidate code. Multiplying by the \)2^O(kn)=2^O(n^2)\( (using \)k=Θ(n)\() candidate generator matrices, the total construction time is \)2^O(n^2)·2^O(n)= 2^O(n^2)\(. \)
With \(\)γ=ε^3\(, the code \)C_out\( of Construction~ \ref{constr:c15-outer-code} has rate \[ R = R_1 r_1 = 1-O\Big(\sqrt\gamma \log \frac1\gamma \Big)\ \ge \ 1-\frac{\varepsilon }{2}, \] matching Construction~ \ref{constr:c15-concatenated-scheme}(i). \begin{proof} \uses{constr:c15-outer-code, def:c03-q-ary-entropy} Since \end{proof}\)H^-1(1-r_1)=γ\( and \)H\( is the (compositional) inverse of \)H^-1\( on the relevant range, \[ 1-r_1 = H(\sqrt\gamma ) = \sqrt\gamma \log _2\frac1{\sqrt\gamma } +(1-\sqrt\gamma )\log _2\frac1{1-\sqrt\gamma }. \] As \)γ0\(, \)_2=Θ(γ)\(, so \)(1-γ)_2=Θ(γ)\(, and \)γ_2=12γ_2\(. Hence \)1-r_1=O(γ(1/γ))\(, i.e. \)r_1=1-O(γ(1/γ))\(. Since \)R_1=1-2γ\( is also \)1-O(γ(1/γ))\(, \[ R=R_1r_1=\Big(1-O\big(\sqrt\gamma \log \tfrac 1\gamma \big)\Big)^2 =1-O\Big(\sqrt\gamma \log \frac1\gamma \Big). \] It remains to check \)O(γ(1/γ))≤ε/2\( when \)γ=ε^3\(: then \)γ=ε^3/2\( and \)(1/γ)=3(1/ε)\(, so \)γ(1/γ)=3ε^3/2(1/ε) =ε·3ε(1/ε)=o(ε)\( as \)ε0\( (since \)ε(1/ε)0\(), so this holds for small enough \)ε\(, and the hidden constant may be absorbed for all \)ε\( in range by adjusting the implicit constant in \)γ=Θ(ε^3)\(. \)
There exists a randomized algorithm that, given a bivariate polynomial
For every \((n,k,d)_q\) code,
Every binary code with block length \(n\), dimension \(k\), distance \(d=3\) satisfies
Every finite field has size \(p^s\) for some prime \(p\) and integer \(s\ge 1\). Conversely, for every prime \(p\) and integer \(s\ge 1\) there exists a field of size \(p^s\).
For every prime power \(q\) there is a unique finite field with \(q\) elements, up to isomorphism. Thus \(\mathbb {F}_q\) unambiguously denotes “the” finite field on \(q\) elements.
The \([n=2^r-1, 2^r-r-1, 3]_2\) Hamming code is 1-error correctable. Furthermore, decoding can be performed in time \(O(n\log n)\).
If \(S \subseteq \mathbb {F}_q^n\) is a linear subspace then:
\(|S| = q^k\) for some \(k\ge 0\). The parameter \(k\) is called the dimension of \(S\).
There exists at least one set of linearly independent vectors \(\mathbf{v}_1,\dots ,\mathbf{v}_k \in S\), called basis elements, such that every \(\mathbf{x}\in S\) can be expressed as \(\mathbf{x} = a_1\mathbf{v}_1+\dots +a_k\mathbf{v}_k\) where \(a_i\in \mathbb {F}_q\) for \(1\le i \le k\). In other words, there exists a full-rank \(k\times n\) matrix \(G\) (a generator matrix) with rows \(\mathbf{v}_1,\dots ,\mathbf{v}_k\), with entries from \(\mathbb {F}_q\), such that every \(\mathbf{x}\in S\) satisfies \(\mathbf{x} = (a_1,\dots ,a_k)\cdot G\) for some \((a_1,\dots ,a_k)\in \mathbb {F}_q^k\).
There exists a full-rank \((n-k)\times n\) matrix \(H\) (a parity check matrix) such that for every \(\mathbf{x}\in S\), \(H\mathbf{x}^T = \mathbf{0}\).
\(G\) and \(H\) are orthogonal, that is, \(G\cdot H^T = \mathbf{0}\).
Let \(X_1, \dots , X_m\) be independent binary random variables and define \(X = \sum _i X_i\). Then the multiplicative Chernoff bound states that for \(0 {\lt} \varepsilon \le 1\),
and the additive Chernoff bound states that
Let \(q \ge 2\). For every \(0 \le \delta {\lt} 1 - \frac{1}{q}\) there exists a family of \(q\)-ary codes \(\mathscr {C}\) with rate \(R(\mathscr {C}) \ge 1 - H_q(\delta )\) and relative distance \(\delta (\mathscr {C}) \ge \delta \). If \(q\) is a prime power then there exists such a \(q\)-ary family of linear codes. Furthermore, for every \(0 \le \varepsilon \le 1 - H_q(\delta )\) and integer \(n\), if a matrix \(\mathbf{G}\) is picked uniformly at random from \(\mathbb {F}_q^{k \times n}\) for \(k = n(1 - H_q(\delta ) - \varepsilon )\), then \(\mathbf{G}\) generates a code of rate \(1 - H_q(\delta ) - \varepsilon \) and relative distance at least \(\delta \) with probability strictly greater than \(1 - q^{-\varepsilon n}\).
The following hold for any code \(C \subseteq [q]^n\) with distance at least \(d\):
If \(d = \left(1-\frac{1}{q}\right)n\), then \(|C| \le 2qn\).
If \(d {\gt} \left(1-\frac{1}{q}\right)n\), then \(|C| \le \dfrac {qd}{qd-(q-1)n}\).
For every \((n,k,d)_q\) code,
Consequently, if \(\mathscr {C}\) is an infinite family of codes of rate \(R\) and relative distance \(\delta \), then \(R \le 1 - \delta \).
For all \(s \geq 2\) and prime \(p\), there exists an irreducible polynomial of degree \(s\) over \(\mathbb {F}_p\). In fact, the number of such monic irreducible polynomials is \(\Theta \! \left(\dfrac {p^s}{s}\right)\). (The existence statement holds more generally over any finite field \(\mathbb {F}_q\), not just prime fields \(\mathbb {F}_p\).)
Let \(E(X)\) be an irreducible polynomial of degree \(s \geq 2\) over \(\mathbb {F}_p\), \(p\) prime. Then the set of polynomials in \(\mathbb {F}_p[X]\) modulo \(E(X)\), denoted \(\mathbb {F}_p[X]/E(X)\), with addition, multiplication, additive/multiplicative identities and inverses induced by the ring \(\mathbb {F}_p[X]\), is a field.
\(\mathrm{RS}\) is an \([n, k, n-k+1]_q\) code. That is, Reed-Solomon codes match the Singleton bound.
For real numbers \(p,\varepsilon \) such that \(0\le p{\lt}\tfrac 12\) and \(0\le \varepsilon \le \tfrac 12-p\), the following statements are true for large enough \(n\):
There exists a real \(\delta {\gt}0\), an encoding function \(E:\{ 0,1\} ^k\to \{ 0,1\} ^n\) and a decoding function \(D:\{ 0,1\} ^n\to \{ 0,1\} ^k\) where \(k\le \lfloor (1-H(p+\varepsilon ))n\rfloor \), such that the following holds for every \(\mathbf{m}\in \{ 0,1\} ^k\):
\[ \Pr _{\mathbf{e}\sim \mathrm{BSC}_p}[D(E(\mathbf{m})+\mathbf{e})\ne \mathbf{m}]\le 2^{-\delta n}. \]If \(k\ge \lceil (1-H(p)+\varepsilon )n\rceil \) then for every pair of encoding and decoding functions \(E:\{ 0,1\} ^k\to \{ 0,1\} ^n\) and \(D:\{ 0,1\} ^n\to \{ 0,1\} ^k\), there exists \(\mathbf{m}\in \{ 0,1\} ^k\) such that
\[ \Pr _{\mathbf{e}\sim \mathrm{BSC}_p}[D(E(\mathbf{m})+\mathbf{e})\ne \mathbf{m}]{\gt}\frac12. \]
For every \(q\)-ary code with block length \(n\) and distance \(d\), if \(e \leq n - \sqrt{n(n-d)}\), then the code is \((e/n, qnd)\)-list decodable.
Let \(\delta = d/n\) and \(\rho = e/n\). The hypothesis \(e \leq n - \sqrt{n(n-d)}\) is equivalent to
By Lemma 155 (with \(x = \delta \)), \(J_q(\delta ) \geq 1 - \sqrt{1-\delta } \geq \rho \). Hence \(\rho \leq J_q(\delta ) = J_q(d/n)\), so by the Johnson Bound (Theorem 154), the code is \((\rho , qdn)\)-list decodable, i.e., \((e/n, qnd)\)-list decodable.
Let \(C \subseteq [q]^n\) be a code of distance \(d\). If \(\rho {\lt} J_q\! \left(\frac{d}{n}\right)\), then \(C\) is a \((\rho , qdn)\)-list decodable code, where the function \(J_q(\delta )\) is defined as
We prove the theorem here only for the binary case, \(q = 2\); the general case is left by the book as an exercise. We use double counting: we bound the same quantity above and below, and derive the desired bound from the resulting inequality.
For notational convenience, let \(e = \rho n\). We must show that for every binary code \(C \subseteq \{ 0,1\} ^n\) with distance \(d\) (i.e., \(\Delta (\mathbf{c}_1, \mathbf{c}_2) \geq d\) for all distinct \(\mathbf{c}_1 \neq \mathbf{c}_2 \in C\)) and every \(\mathbf{y} \in \{ 0,1\} ^n\),
Fix arbitrary \(C\) and \(\mathbf{y}\). Let \(\mathbf{c}_1, \ldots , \mathbf{c}_M \in B(\mathbf{y}, e)\); we show \(M \leq 2dn\). Define \(\mathbf{c}_i' = \mathbf{c}_i - \mathbf{y}\) for \(1 \leq i \leq M\), and let
We bound \(S\) above and below.
Lower bound on \(S\). Since \(\mathbf{c}_i \in B(\mathbf{y}, e)\), we have \(\mathrm{wt}(\mathbf{c}_i') \leq e\) for all \(1 \leq i \leq M\). Since \(\Delta (\mathbf{c}_i, \mathbf{c}_j) \geq d\) for \(i \neq j\), subtracting \(\mathbf{y}\) from both coordinates preserves Hamming distance, so \(\Delta (\mathbf{c}_i', \mathbf{c}_j') \geq d\) for every \(i \neq j\). Hence
Upper bound on \(S\). Consider the \(n \times M\) matrix whose columns are \(\mathbf{c}_1'^{\, T}, \ldots , \mathbf{c}_M'^{\, T}\). Let \(m_i\) be the number of \(1\)’s in row \(i\), for \(1 \leq i \leq n\). Row \(i\) contributes \(m_i(M - m_i)\) to \(S\), since this is exactly the number of \(0\)-\(1\) pairs in that row (each such pair contributes exactly \(1\) to the Hamming distance sum \(S\)). Hence
Define \(\bar e\) by \(\bar e M = \sum _{i=1}^n m_i\). Since \(\sum _{i=1}^n m_i = \sum _{j=1}^M \mathrm{wt}(\mathbf{c}_j') \leq eM\), we get \(\bar e \leq e\). By the Cauchy-Schwarz inequality (taking \(\mathbf{x} = (m_1, \ldots , m_n)\), \(\mathbf{z} = (1/n, \ldots , 1/n)\)),
i.e., \(\sum _{i=1}^n m_i^2 \geq (\bar e M)^2 / n\). Thus
Combining the two bounds,
which, dividing by \(M {\gt} 0\) and rearranging, gives
where the middle equality is a direct algebraic identity, and the last inequality holds because \(\bar e \leq e \leq n/2\), so \((n - 2\bar e)^2 \geq (n-2e)^2\) and hence the denominator only shrinks.
Finally, since \(\rho = e/n {\lt} J_2(d/n) = \frac12\left(1 - \sqrt{1 - 2d/n}\right)\), we get \(n - 2e {\gt} \sqrt{n(n-2d)}\), i.e., \((n-2e)^2 {\gt} n(n-2d)\). Since \(n, e\) are integers, \((n-2e)^2 - n(n-2d) \geq 1\), and therefore \(M \leq 2dn/1 = 2dn\), as required.
Let \(q \geq 2\) be an integer, and \(0 {\lt} \rho {\lt} 1 - \frac1q\) be a real number.
Let \(L \geq 1\) be an integer; then there exists a \((\rho , L)\)-list decodable code with rate \(R \leq 1 - H_q(\rho ) - \frac1L\).
For every \((\rho , L)\) code of rate \(1 - H_q(\rho ) + \varepsilon \), it is necessary that \(L \geq 2^{\Omega (\varepsilon n)}\).
Let \(q \geq 2\), \(0 \leq \rho {\lt} 1 - \frac1q\), and \(\varepsilon {\gt} 0\) be a small enough real. Then the following holds for codes of large enough block length \(n\):
If \(R \leq 1 - H_q(\rho ) - \varepsilon \), then there exists a \(\big(\rho , O(\frac1\varepsilon )\big)\)-list decodable code.
If \(R \geq 1 - H_q(\rho ) + \varepsilon \), every \((\rho , L)\)-list decodable code has \(L \geq q^{\Omega (\varepsilon n)}\).
Immediate from Theorem 161 by taking \(L = \lceil 1/\varepsilon \rceil \): part (i) of Theorem 161 then gives a \((\rho , L)\)-list decodable code, i.e., a \((\rho , O(1/\varepsilon ))\)-list decodable code, of rate \(R \leq 1 - H_q(\rho ) - 1/L \leq 1 - H_q(\rho ) - \varepsilon /2\) (for \(\varepsilon \) small enough this is at most \(1 - H_q(\rho ) - \varepsilon \) up to renaming constants), giving (i); and part (ii) of Theorem 161 directly gives (ii).
Let \(\varepsilon {\gt} 0\) be a real and \(q \geq 2^{\Omega (1/\varepsilon )}\) be an integer. Then the following is true for every \(0 {\lt} \delta {\lt} 1 - 1/q\) and large enough \(n\). Let \(C \subseteq \{ 0, 1, \ldots , q-1\} ^n\) be a code with relative distance \(\delta \) and let \(S \subseteq [n]\) be such that \(|S| = (1-\rho )n\), where \(0 {\lt} \rho \leq \delta - \varepsilon \).
Then, for all \(\mathbf{c} \in C\) and all but a \(q^{-\Omega (\varepsilon n)}\) fraction of error patterns \(\mathbf{e} \in \{ 0, 1, \ldots , q-1\} ^n\) such that
the only codeword within Hamming distance \(\rho n\) of \(\mathbf{c} + \mathbf{e}\) is \(\mathbf{c}\) itself.
Fix \(\mathbf{c} \in C\) for the rest of the proof, and let \(d = \delta n\). Let \(\mathcal{E}_S\) be the set of all error patterns \(\mathbf{e}\) with \(\mathbf{e}_S = \mathbf{0}\) and \(\mathrm{wt}(\mathbf{e}) = \rho n\); since \(\mathbf{e}_S = \mathbf{0}\) and \(\mathrm{wt}(\mathbf{e}) = \rho n = |[n] \setminus S|\), every position of \([n] \setminus S\) must be nonzero in \(\mathbf{e}\), and each such position has \(q-1\) nonzero choices, so
Call \(\mathbf{e} \in \mathcal{E}_S\) bad if there exists another codeword \(\mathbf{c}' \neq \mathbf{c}\) with \(\Delta (\mathbf{c}', \mathbf{c} + \mathbf{e}) \leq \rho n\). We must show the number of bad error patterns is at most \(q^{-\Omega (\varepsilon n)}|\mathcal{E}_S|\).
For a bad \(\mathbf{e}\), let \(c(\mathbf{e}) \neq \mathbf{c}\) be its associated codeword (Definition 162), and let \(A \subseteq [n]\) be the set of positions where \(c(\mathbf{e})\) agrees with \(\mathbf{c} + \mathbf{e}\). Write \(|A| = \alpha n\). Since \(\Delta (c(\mathbf{e}), \mathbf{c}+\mathbf{e}) \leq \rho n\), they agree on at least \((1-\rho )n\) positions, so
Fix \(A\) with \(|A| = \alpha n\); we count how many bad \(\mathbf{e}\) map to this \(A\), and later aggregate over all (at most \(2^n\)) choices of \(A\). Let \(A_1 = A \cap S\) and \(A_2 = A \setminus A_1\), and write \(|A_1| = \beta n\), so \(|A_2| = (\alpha - \beta ) n\) and \(\beta \leq \alpha \).
We overestimate the number of \(\mathbf{e}\) mapping to \((A_1, A_2)\) as follows.
First, the values of \(\mathbf{e}\) on \([n] \setminus (S \cup A_2)\) must all be nonzero (since \(\mathbf{e}\) is supported exactly on \([n]\setminus S\)), so the number of possible values of \(\mathbf{e}_{[n]\setminus (S \cup A_2)}\) is at most
\[ (q-1)^{n - |S| - |A_2|} \leq q^{\, n - (1-\rho )n - (\alpha -\beta )n}. \]Fix a nonzero choice \(\mathbf{x}\) for \(\mathbf{e}_{[n]\setminus (S \cup A_2)}\). Since \(A_1 \subseteq S\), we have \(\mathbf{e}_{A_1} = \mathbf{0}\), so \((\mathbf{c} + \mathbf{e})_{A_1} = \mathbf{c}_{A_1}\); since \(A_1 \subseteq A\), \(c(\mathbf{e})\) agrees with \(\mathbf{c}+\mathbf{e}\) on \(A_1\), so \(c(\mathbf{e})_{A_1} = \mathbf{c}_{A_1}\) is already determined (as \(\mathbf{c}\) is fixed). By Lemma 163 applied to \(C\) (an \((n, k, d)_q\) code), fixing the values of \(c(\mathbf{e})\) on any \(n - d + 1 = (1-\delta )n + 1\) positions determines \(c(\mathbf{e})\) completely; since \(|A_1| = \beta n\) positions of \(c(\mathbf{e})\) are already fixed (equal to \(\mathbf{c}_{A_1}\)), fixing a further \((1-\delta )n + 1 - \beta n\) positions of \(c(\mathbf{e})_{A_2}\) determines \(c(\mathbf{e})\) completely, and hence determines \(\mathbf{e}\) completely (via \(\mathbf{e} = c(\mathbf{e}) - \mathbf{c}\) on \(A\), together with the already-fixed values elsewhere). Thus the number of choices for \(\mathbf{e}\) compatible with this \(\mathbf{x}\) is at most
\[ q^{(1-\delta )n + 1 - \beta n}. \]
Combining, the number of bad \(\mathbf{e}\) mapping to \((A_1, A_2)\) is at most
where the inequality uses \(\alpha \geq 1 - \delta + \varepsilon \) (so \(-\alpha n \leq -(1 - \delta + \varepsilon ) n\), and \(\rho n - \alpha n + (1-\delta )n \leq \rho n - \varepsilon n\)), and the last equality uses \(|\mathcal{E}_S| = (q-1)^{\rho n} \leq q^{\rho n}\) together with absorbing the base change into the asymptotic notation (as in the book).
Finally, summing over all (at most \(2^n\)) choices of \(A = (A_1, A_2)\), the total number of bad error patterns is at most
where the last inequality holds because for \(q \geq \Omega (1/\varepsilon )\) and \(n\) large enough, \(n/\log _2 q + 1 {\lt} 3\varepsilon n /4\). Hence the fraction of bad error patterns in \(\mathcal{E}_S\) is at most \(q^{-\Omega (\varepsilon n)}\), i.e., for all but a \(q^{-\Omega (\varepsilon n)}\) fraction of \(\mathbf{e} \in \mathcal{E}_S\), \(\mathbf{e}\) is not bad, which means \(\mathbf{c}\) is the unique codeword within Hamming distance \(\rho n\) of \(\mathbf{c} + \mathbf{e}\), as required.
Every \(q\)-ary code of rate \(R\), relative distance \(\delta \), and large enough block length \(n\) satisfies
Let \(C \subseteq \{ 0,1\} ^n\) be any (not necessarily linear) code of minimum distance at least \(d\). Then \(|C| \le \mathrm{LP}(n,d)\).
For a family of binary codes of relative distance \(\delta \in (0,1)\), the rate \(R\) satisfies
and \(h(\cdot )\) denotes the binary entropy function.
One constructs, for a suitable choice of the symmetric functions \(\phi , \Gamma : \{ 0,1\} ^n \to \mathbb R\) and a positive integer parameter \(m\), a dual-feasible solution \(\beta (X)\) (via Corollary 175 and Definition 176) whose value \(\beta (0)\), evaluated asymptotically as \(n \to \infty \) with \(d/n \to \delta \), equals \(2^{n(R_{\mathrm{MRRW}}(\delta ) + o(1))}\). The book takes \(\phi (x) = (n-2|x|)^m - (n-2d)^m\), so that \(\phi (x) \le 0\) whenever \(|x| \ge d\), and sets \(g(x) = \phi (x)\Gamma (x)^2\) (so \(g(x) \le 0\) whenever \(|x|\ge d\), since \(\Gamma (x)^2 \ge 0\)), but the choice of \(\Gamma \), the verification that the resulting \(\beta _\ell \)’s are all nonnegative, and the final asymptotic evaluation are not given on the assigned pages.
For every \(r \leq m\), the Reed-Muller code \(\mathrm{RM}(2,m,r)\) is a code of block length \(2^m\), dimension \(\sum _{i=0}^{r}\binom {m}{i}\) and distance \(2^{m-r}\).
If \(C_{out}\) is an \((N,K,D)_{q^k}\) code and \(C_{in}\) is an \((n,k,d)_q\) code, then \(C_{out}\circ C_{in}\) is an \((nN,kK,dD)_q\) code. In particular, if \(C_{out}\) (resp. \(C_{in}\)) has rate \(R\) (resp. \(r\)) and relative distance \(\delta _{out}\) (resp. \(\delta _{in}\)), then \(C_{out}\circ C_{in}\) has rate \(Rr\) and relative distance \(\delta _{out}\cdot \delta _{in}\).
The claim on block length, dimension and alphabet follows directly from Definition 202; the claim on rate and relative distance follows immediately once the claim on block length, dimension and distance \(\ge dD\) is established. So it remains to show \(C_{out}\circ C_{in}\) has distance at least \(dD\).
Consider arbitrary \(\mathbf{m}_1 \ne \mathbf{m}_2 \in [Q]^K\). Since \(C_{out}\) has distance \(D\),
Define \(S = \{ i \in [N] \mid C_{out}(\mathbf{m}_1)_i \ne C_{out}(\mathbf{m}_2)_i \} \); by the displayed inequality, \(|S| \ge D\). For each \(i \in S\), since \(C_{out}(\mathbf{m}_1)_i \ne C_{out}(\mathbf{m}_2)_i\) and \(C_{in}\) has distance \(d\),
Since \(C_{out}\circ C_{in}(\mathbf{m}_1)\) and \(C_{out}\circ C_{in}(\mathbf{m}_2)\) disagree by at least \(d\) coordinates within the block corresponding to inner-code position \(i\), for each of the at least \(D\) positions \(i \in S\), we get
As \(\mathbf{m}_1 \ne \mathbf{m}_2\) were arbitrary, \(C_{out}\circ C_{in}\) has distance at least \(dD\), completing the proof.
Let \(\varepsilon {\gt} 0\). There exists an ensemble of inner codes \(C_{in}^1, C_{in}^2,\ldots ,C_{in}^N\) of rate \(\frac{1}{2}\), where \(N = q^k - 1\), such that for at least \((1-\varepsilon )N\) values of \(i\), the code \(C_{in}^i\) has relative distance \(\ge H_q^{-1}\big(\frac{1}{2}-\varepsilon \big)\). In fact, this ensemble may be taken to be the Wozencraft ensemble \(\{ C_{in}^\alpha \} _{\alpha \in \mathbb {F}_{q^k}^*}\) of Definition 207.
Fix \(\mathbf{y} = (\mathbf{y}_1,\mathbf{y}_2) \in \mathbb {F}_{q^k}^{2} \setminus \{ \mathbf{0}\} \); note this forces \(\mathbf{y}_1 \ne \mathbf{0}\) or \(\mathbf{y}_2 \ne \mathbf{0}\) (not both zero). We first claim \(\mathbf{y} \in C_{in}^\alpha \) for at most one \(\alpha \in \mathbb {F}_{q^k}^*\). Note that if \(\mathbf{y} \in C_{in}^\alpha \) then \(\mathbf{y}_2 = \alpha \cdot \mathbf{y}_1\). We case on \(\mathbf{y}\):
If \(\mathbf{y}_1 \ne \mathbf{0}\) and \(\mathbf{y}_2 \ne \mathbf{0}\), then \(\mathbf{y} \in C_{in}^\alpha \) exactly for \(\alpha = \mathbf{y}_2/\mathbf{y}_1\), a single value.
If \(\mathbf{y}_1 \ne \mathbf{0}\) and \(\mathbf{y}_2 = \mathbf{0}\), then \(\mathbf{y} \notin C_{in}^\alpha \) for every \(\alpha \in \mathbb {F}_{q^k}^*\), since \(\alpha \mathbf{y}_1 \ne \mathbf{0}\) whenever \(\alpha , \mathbf{y}_1 \in \mathbb {F}_{q^k}^*\).
If \(\mathbf{y}_1 = \mathbf{0}\) and \(\mathbf{y}_2 \ne \mathbf{0}\), then \(\mathbf{y} \notin C_{in}^\alpha \) for every \(\alpha \in \mathbb {F}_{q^k}^*\), since \(\alpha \mathbf{y}_1 = \mathbf{0} \ne \mathbf{y}_2\).
This proves the claim.
Now assume \(\mathrm{wt}(\mathbf{y}) {\lt} H_q^{-1}\big(\frac{1}{2}- \varepsilon \big)\cdot 2k\). If \(\mathbf{y} \in C_{in}^\alpha \) for some \(\alpha \), then (by the claim just proved) \(C_{in}^\alpha \) is “bad”, i.e. has relative distance \({\lt} H_q^{-1}\big(\frac{1}{2}-\varepsilon \big)\), for at most this one value of \(\alpha \). So the total number of bad values of \(\alpha \) is at most the number of nonzero vectors of weight \({\lt} H_q^{-1}(\frac12-\varepsilon )\cdot 2k\) in \(\mathbb {F}_q^{2k}\), which by the upper bound on the volume of a Hamming ball (Proposition 95, part (i)) is at most
where the strict inequality holds for large enough \(k\). Thus for at least \((1-\varepsilon )N\) values of \(\alpha \in \mathbb {F}_{q^k}^*\), the code \(C_{in}^\alpha \) has relative distance at least \(H_q^{-1}\big(\frac12-\varepsilon \big)\), as desired. Each \(C_{in}^\alpha \) has rate \(k/(2k) = 1/2\) by construction, completing the proof.
For every prime power \(q\), there exists an explicit \(q\)-ary code that achieves the Zyablov bound. Specifically, for every \(\varepsilon {\gt}0\) there exists an algorithm that, given \(\delta \in \big[0, 1-\frac{1}{q}\big]\) and \(n\), outputs, in time polynomial in \(n\), the generator matrix of a code of block length \(n\) and rate
Fix \(\varepsilon {\gt} 0\), \(\delta \) and \(n\). Let \(C_{out}\) be an \([N,K]_Q\) Reed–Solomon code (Definition 128) evaluated over \(\mathbb {F}_Q^*\) where \(Q = q^k\) and \(N = Q-1\); by Theorem 131, \(C_{out}\) meets the Singleton bound, and it has polynomial-time (indeed strongly explicit) construction given \(N\) and \(K\), so \(k = \Theta (\log N)\).
It remains to construct an inner code \(C_{in}\) of block length \(n' = O(k) = O(\log N)\) meeting the Gilbert–Varshamov bound (which exists by Theorem 105). We do not have a poly\((k)\)-time construction of such a code (that would resolve the general open question of an explicit code on the GV bound), but since \(k = O(\log N)\), it suffices to construct \(C_{in}\) in time exponential in \(k\) while remaining polynomial in \(N\). Concretely, one may either:
perform an exhaustive search among all \(q^{O(kn')}\) candidate generator matrices for one meeting the GV bound (which exists by Theorem 105); using \(k = \Theta (n')\) this search takes \(q^{O(k^2)} = N^{O(\log N)}\) time, which is quasi-polynomial in \(N\); or
construct \(C_{in}\) directly in \(q^{O(n')} = q^{O(k)} = N^{O(1)}\) time.
Using the latter (polynomial-in-\(N\)) construction for \(C_{in}\), and combining \(C_{out}\) and \(C_{in}\) via Definition 202, the overall construction of the generator matrix of \(C = C_{out}\circ C_{in}\) takes time polynomial in \(N\), hence polynomial in \(n = n' N\). By Lemma 205, letting \(\varepsilon \to 0\) along this construction, \(C\) has rate at least the claimed bound, completing the proof.
For every \(\varepsilon {\gt} 0\) and large enough \(m \le n\), there exists an \((n,m,c,\gamma ,c(1-\varepsilon ))\) bipartite expander where \(c = \Theta \! \left(\frac{\log (n/m)+\log (1/\varepsilon )}{\varepsilon }\right)\) and \(\gamma = \Theta \! \left(\frac{\varepsilon m}{c n}\right)\).
Let \(X\) be an \((n,d,\lambda )\)-spectral expander. Let \(G'\) be the double cover of \(X\) and \(G\) be the edge-vertex incidence graph of \(G'\). Then, for every \(\beta \) such that \(\lambda \le \beta \le d\), we have that \(G\) is a \(d\)-right regular \(\left(dn,2n,2,\frac{\beta (\beta -\lambda )}{d^2},\frac{2}{\beta }\right)\)-expander.
Let \(G\) be an \((n,n-k,c,\gamma ,c(1-\varepsilon ))\) bipartite expander with \(\varepsilon {\lt} \frac12\). Then \(C(G)\) is a \([n,k',\gamma n+1]_2\) code for some \(k' \ge k\).
For every constant \(\varepsilon {\gt} 0\) and every desired ratio \(0 {\lt} \beta {\lt} 1\), there exist explicit \((n,m,c,\gamma ,c(1-\varepsilon ))\) bipartite expanders for any large enough \(n\) (and \(m = \beta n\)) with \(c\) and \(\gamma {\gt} 0\) being constants (that only depend on \(\varepsilon \) and \(\beta \)).
For every \(\varepsilon {\gt} 0\), for all large enough \(d\), there exists an infinite family of \(d\)-regular \((n,d,\lambda )\)-graphs with \(\lambda \le \varepsilon d\). Here by explicit we mean that the adjacency matrix of the graph can be constructed in polynomial time. Furthermore, we can take \(d = O(1/\varepsilon ^2)\), which in turn implies that for large enough \(d\), we can in polynomial time construct an \(\left(n,d,O(\sqrt d)\right)\)-graph.
Let \(G\) be an \((n,n-k,c,\gamma ,c(1-\varepsilon ))\) bipartite expander with \(\varepsilon {\lt} \frac12\). Then \(C(G)\) has distance at least \(2\gamma (1-\varepsilon )n\).
For every \(r\), \(0 {\lt} r {\lt} 1\), and \(\varepsilon {\gt} 0\), there exists \(q=2^s\), \(b\), \(B\) and an \(\mathbb {F}_2\)-linear code \(C_{\text{in}} : \mathbb {F}_q^b \to \mathbb {F}_q^B\), alphabet \(\Sigma = \mathbb {F}_q^B\) of size bounded by \(\exp \! \left(O\! \left(\varepsilon ^{-4}\log ^3(1/\varepsilon )\right)\right)\), such that there exists an infinite family of \(C_{\text{in}}\)-coded amplified codes over \(\Sigma \) of rate \(r\) and relative distance at least \((1-r-\varepsilon )\). Further the codes are \(\mathbb {F}_2\)-linear.
Let \(G\) be a \(d\)-right regular \((n,m,c,\gamma ,\alpha )\) bipartite expander. Let \(C_0\) be a \([d,\ell ,\Delta ]_2\) code. Then \(X(G,C_0)\) has distance strictly greater than \(\gamma n\) provided \(\alpha {\gt} c/\Delta \).
Let \(C_0 \subseteq \mathbb {F}_2^d\) have distance at least \(\delta _0 d\) and rate \(\rho {\gt} 1/2\). Let \(G\) be an \((n,d,\lambda )\)-spectral expander and let \(G'\) be the double cover of \(G\) and \(H\) be the edge-vertex incidence graph of \(G'\). Then for large enough degree \(d\), \(X(H,C_0)\) has rate at least \(2\rho - 1\) and relative distance at least \(\delta _0\left(\delta _0 - \frac{\lambda }{d}\right)\).
There is an algorithm that, given positive integer weights
If \((P(\alpha _i))_{i=1}^n\) is transmitted, where \(P(X)\) has degree at most \(k-1\), and at most \(e {\lt} \frac{n-k+1}{2}\) errors occur (i.e. \(\Delta (y,(P(\alpha _i))_{i=1}^n) \le e\)), then Algorithm 259 outputs \(P(X)\). Consequently, the Welch-Berlekamp algorithm corrects Reed-Solomon codes of rate \(R\) from up to \(\frac{1-R}{2}\) fraction of errors.
For every constant rate, there exists an explicit linear binary code on the Zyablov bound. Further, the code can be decoded up to half of the Zyablov bound in polynomial time.
By Theorem 206, for every constant rate there is an explicit concatenated linear code
For every constant \(\)p\( and \)0<ε<1-H(p)\(, there exists a linear code \)C^*\( of block length \)N\( and rate at least \)1-H(p)- ε\(, such that \begin{enumerate} \item[(a)]\end{enumerate}\)C^*\( can be constructed in time \)poly(N)+ 2^O(ε^-5)\(; \item [(b)] \)C^*\( can be encoded in time \)O(N^2)\(; and \item [(c)] there exists a \)poly(N)+N·2^O(ε^-5)\( time decoding algorithm that has an error probability of at most \)2^-Ω(ε^6N)\( over the \)BSC_p\(. \)
Set
\(\)γ=ε^3\(, let \)C_in\( be as in Construction~ \ref{constr:c15-inner-code} and \)C_out\( as in Construction~ \ref{constr:c15-outer-code}, and let \)C^*=C_out○C_in\(. By Proposition~ \ref{prop:c15-rate-of-concatenation} and Proposition~ \ref{prop:c15-outer-code-rate} (which shows \)R≥1-ε/2\() together with Construction~ \ref{constr:c15-inner-code} (which shows \)r≥1-H(p)-ε/2\(), \)C^*\( has rate at least \)1-H(p)-ε\(. \emph{(a) Construction time.} With \)γ=ε^3\(, the parameter \)k\( of Construction~ \ref{constr:c15-inner-code} is \)k=Θ(1/γ)/ε^2=Θ(1/ ε)/ε^2\(, and since \)p\( is constant, \)n= Θ(k)\(. By Proposition~ \ref{prop:c15-inner-code-complexity}, \)C_in\( can be constructed in time \)2^O(n^2)=2^Oε^-4 ^2(1/ε)\(. Since for any constant \)a>0\(, \)ε^-a^O(1)(1/ε)=O(ε^-a-1)\( (applying this with \)a=4\(), this construction time is \)2^O(ε^-5)\(. The outer code \)C_out\( (Construction~ \ref{constr:c15-outer-code}) is constructed in time \)poly(N)=poly(N)\(, via Theorem~ \ref{thm:c10-zyablov} and Lemma~ \ref{lem:c15-folding}. Hence the overall construction time for \)C^*\( is \)poly(N)+ 2^O(ε^-5)\(. \emph{(b) Encoding time.} By Proposition~ \ref{prop:c15-encoding-decoding-time}, encoding \)C^*\( takes time \)O(N^2)\(. \emph{(c) Decoding time and error probability.} By Proposition~ \ref{prop:c15-inner-code-complexity}, \)T_in(k)=2^O(k)\(; since \)k≤n\(, \)2^O(k)≤2^O(n^2)=2^O(ε^-5)\( as computed above. By Proposition~ \ref{prop:c15-encoding-decoding-time} (using \)T_out(N)=poly(N)\(, which holds for the GMD-based \)D_out\( of Construction~ \ref{constr:c15-outer-code}), the decoding time is \)poly(N)+N·2^O(k)≤poly (N)+N·2^O(ε^-5)\(. For the error probability, by Proposition~ \ref{prop:c15-decoding-error-probability}, decoding fails with probability at most \)2^-Ω(γN/n)\(. Since \)γ= ε^3\( and \)n=Θε^-2(1/ε) \(, this exponent is \[ \Omega \left(\frac{\gamma N}{n}\right) = \Omega \left(\frac{\varepsilon ^3}{\varepsilon ^{-2}\log (1/\varepsilon )} \cdot \frac{N n}{n}\right) =\Omega \left(\frac{\varepsilon ^5}{\log (1/\varepsilon )}\cdot N\right) =\Omega \left(\frac{\varepsilon ^5}{\log (1/\varepsilon )}\cdot \frac{\mathcal N}{n}\right), \] and since \)ε^5/(1/ε)≥ε^6\( for all small enough \)ε\( (as \)ε(1/ε)0\(), and \)n=O(ε^-2(1/ε))=O(ε^-δ)\( for any \)δ>0\( can be absorbed into the \)Ω(·)\(, this gives a decoding error probability of at most \)2^-Ω(ε^6 N)\(. \)
There exist linear-time encodable and linear-time decodable binary codes of rate
Computing hot items exactly by a deterministic one-pass algorithm needs
There exists a data streaming algorithm that computes the
The Nearest Codeword Problem (Problem 493) is \(\)NP\(-complete. \begin{proof} \uses{def:c23-ncp, def:c23-maxcut, thm:c23-maxcut-npc} \textbf{Membership in $\mathsf{NP}$.} Given an instance \end{proof}\)(F,G,v,t)\(, a certificate is a vector \)xF^k\(; the verifier checks \)Δ(v,xG)≤t\( in polynomial time and accepts iff this holds. Clearly a \textsc{Yes} instance has such a certificate and the verifier runs in polynomial time, so NCP is in \)NP\(. \textbf{$\mathsf{NP}$-hardness.} We reduce MaxCut to NCP with \)F=F_2\(. Given a graph \)H\( on vertex set \)V=[k]\( with edge set \)E\(, let \)n=|E|\(. Let \)GF_2^k×n\( be the incidence matrix of \)H\(: rows indexed by \)V\(, columns indexed by \)E\(, and \)G_u,e=1\( iff vertex \)u\( is incident to edge \)e\( (and \)0\( otherwise). Set \)v=1_n\( (the all-ones vector) and \)t=n-ℓ\(. This gives the NCP instance \)(F_2,G,v,t)\(. There is a one-to-one correspondence between \)xF_2^k\( and subsets \)S⊆V\( via \)x_i=1\( iff \)iS\(. For this \)x\(, the vector \)xG\( is exactly the characteristic vector of \)Cut(S)\(: for an edge \)e={i,j}\(, the coordinate \)(xG)_e = x_i+x_j 2\( equals \)1\( iff exactly one of \)i,j\( is in \)S\(, i.e., iff \)eCut(S)\(. Hence \[ \Delta (\mathbf{x}\mathbf{G},\mathbf{1}_n) = n - |\mathrm{Cut}(S)|. \] Consequently there exists \)xF_2^k\( with \)Δ(xG,1_n)≤n-ℓ\( if and only if there exists \)S⊆V\( with \)|Cut(S)|≥ℓ\(. Thus \)(F_2,G,v,t)\( is a \textsc{Yes} instance of NCP if and only if \)(H,ℓ)\( is a \textsc{Yes} instance of MaxCut. Since this reduction is computable in polynomial time and MaxCut is \)NP\(-hard (Theorem~ \ref{thm:c23-maxcut-npc}), NCP is \)NP\(-hard. Combining membership in \)NP\( and \)NP\(-hardness, NCP is \)NP\(-complete. \)