On nested code pairs from the Hermitian curve

07/11/2018
by   René Bødker Christensen, et al.
Aalborg University
0

Nested code pairs play a crucial role in the construction of ramp secret sharing schemes [16] and in the CSS construction of quantum codes [15]. The important parameters are (1) the codimension, (2) the relative minimum distance of the codes, and (3) the relative minimum distance of the dual set of codes. Given values for two of them, one aims at finding a set of nested codes having parameters with these values and with the remaining parameter being as large as possible. In this work we study nested codes from the Hermitian curve. For not too small codimension, we present improved constructions and provide closed formula estimates on their performance. For small codimension we show how to choose pairs of one-point algebraic geometric codes in such a way that one of the relative minimum distances is larger than the corresponding non-relative minimum distance.

READ FULL TEXT VIEW PDF
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

09/17/2019

On the weights of dual codes arising from the GK curve

In this paper we investigate some dual algebraic-geometric codes associa...
04/22/2019

Steane-Enlargement of Quantum Codes from the Hermitian Curve

In this paper, we study the construction of quantum codes by applying St...
11/01/2021

Flag Codes: Distance Vectors and Cardinality Bounds

Given 𝔽_q the finite field with q elements and an integer n≥ 2, a flag i...
06/28/2021

Two-point AG codes from the Beelen-Montanucci maximal curve

In this paper we investigate two-point algebraic-geometry codes (AG code...
04/25/2020

Randomized Nested Polar Subcode Constructions for Privacy, Secrecy, and Storage

We consider polar subcodes (PSCs), which are polar codes (PCs) with dyna...
12/05/2017

Efficient sequential experimental design for surrogate modeling of nested codes

Thanks to computing power increase, the certification and the conception...
11/30/2021

A Combinatorial Approach to Flag Codes

In network coding, a flag code is a collection of flags, that is, sequen...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

1 Introduction

In this paper we study improved constructions of nested code pairs from the Hermitian curve. Here the phrase ‘improved construction’ refers to optimizing those parameters important for the corresponding linear ramp secret sharing schemes as well as stabilizer asymmetric quantum codes. Our work is a natural continuation of [7], where improved constructions of nested code pairs were defined from Cartesian product point sets. The analysis in the present paper includes a closed formula estimate on the dimension of order bound improved Hermitian codes, which is of interest in its own right, i.e. also without the above mentioned applications.

A linear ramp secret sharing scheme is a cryptographic method to encode a secret message in into shares from . These shares are then distributed among a group of parties and only specified subgroups are able to reconstruct the secret. A secret sharing scheme is characterized by its privacy number and its reconstruction number . The first is defined as the largest number such that no subgroup of this size can obtain any information on the secret. The second is defined to be the smallest number such that any subgroup of this size can reconstruct the entire secret. A linear ramp secret sharing scheme can be understood as the following coset construction. Consider linear codes . Let be a basis for and extend it to a basis for . Here, of course, is the codimension of and . Choose elements uniformly and independent at random and encode the secret as the codeword . Then use as the shares. The crucial parameters for the construction are the codimension of the pair of nested codes and their relative minimum distances and . Recall that these are defined as

and similar for the dual codes. The following well-known theorem (see for instance [15]) shows how to determine the privacy number and the reconstruction number.

Theorem 1.

Given -linear codes of length and codimension , the corresponding ramp secret sharing scheme encodes secrets into a set of shares from . The privacy number equals , and the reconstruction number is .

A linear -ary asymmetric quantum error-correcting code is a dimensional subspace of the Hilbert space where error bases are defined by unitary operators and , the first representing phase-shift errors, and the second representing bit-flip errors [2, 21, 14]. In [13] it was identified that in some realistic models phase-shift errors occur more frequently than bit-flip errors, and the asymmetric codes were therefore introduced [13, 19, 5, 16, 25] to balance the error correcting ability accordingly. For such codes we write the set of parameters as where is the minimum distance related to phase-shift errors and is the minimum distance related to bit-flip errors. The CSS construction transforms a pair of nested classical linear codes into an asymmetric quantum code. From [19] we have

Theorem 2.

Consider linear codes . Then the corresponding asymmetric quantum code defined using the CSS construction has parameters

where and .

Quantum codes with or are called impure, and they are desirable due to the fact that one can take advantage of this property in connection with the error-correction. More precisely, one can tolerate phase-shift errors and bit-flip errors, respectively, but in the decoding algorithms it is only necessary to correct up to and errors, respectively. Despite this observation, only few impure codes have been presented in the literature.

With the above two applications in mind, the challenge is to find nested codes such that two of the parameters , , attain given prescribed values, and the remaining parameter is as large as possible. In this paper we analyse two good constructions from the Hermitian function field. In the first we consider code pairs such that is an order bound improved primary code [1, 10] and such that is the dual of an order bound improved dual code [12]. Considering in this case the minimum distances rather than the relative distances is no restriction due to the optimized choice of codes – the minimum distances and being so good that there is essentially no room for or to hold. For this construction to work, the codimension cannot be very small. For small codimension when and are far from each other we then show how to choose ordinary one-point algebraic geometric codes such that one of the relative distances becomes larger than the corresponding ordinary minimum distance. In particular, this construction leads to impure asymmetric quantum codes.

The paper is organized as follows. In Section 2 we collect material from the literature on how to determine parameters of primary and dual codes coming from the Hermitian curve, and we introduce the order bound improved codes111This section also contains a collective treatment of the order bounds for general primary as well as dual (improved) one-point algebraic geometric codes which may not be easy to find in the literature.. In Section 3 we establish closed formula lower bounds on the dimension of order bound improved Hermitian codes of any designed minimum distance. We then continue in Section 4 by determining the pairs , for which the order bound improved primary code of designed distance contains , the dual of an order bound improved dual code of designed distance . This and the information from Section 3 is then translated into information on improved nested code pairs of not too small codimension in Section 5. Next, in Section 6 we determine parameters of nested one-point algebraic geometric code pairs of small codimension for which one of the relative distances is larger than the non-relative. Finally, in Section 7 samples of the given constructions are compared with known asymmetric quantum codes, with existence bounds on asymmetric quantum codes, and with non-existence bounds on linear ramp secret sharing schemes. Section 8 is the conclusion.

2 Hermitian codes and their parameters

Given an algebraic function field over a finite field, let be rational places. By we denote the Weierstrass semigroup of , and we write

where . Recall that the dual code of is written . The order bound [12, 4] then tells us that if

(which can only happen if ), then the Hamming weight of satisfies

(1)

where

The similar bound for the primary case [8, 1, 10] tells us that if

then

(2)

where

Besides implying that

(3)

which are both as strong as the Goppa bound, it tells us that for with it holds that

(4)

and similarly

(5)

Furthermore, for let . Then we obtain the improved primary code

which clearly has minimum distance at least and highest possible dimension for a primary code with that designed distance. Similarly, the improved dual code

has minimum distance at least and again the highest possible dimension for a dual code with that designed distance.

Turning to the Hermitian curve over where is a prime power, it is well-known that the corresponding function field has exactly rational places . Choosing one obtains and

(6)

In [23] it was shown that

(7)

for any , and the minimum distance was established for dimensions up to a certain value. The minimum distance for the remaining dimensions was then settled in [26]. In the present paper we shall need improved code constructions, and we will in some cases also be occupied with the relative distances rather than minimum distances. To this end we recall material from [8] on the functions and – stated there in the more general case of norm-trace curves, but adapted here to the Hermitian case.

Proposition 3.

Consider the Hermitian curve. For we have

(8)

and . For each there exists a word having Hamming weight equal to .

Proof.

Given a numerical semigroup with finitely many gaps and an element , we know from [12, Lem. 5.15] that . As we therefore obtain . On the other hand, it is clear that by the definition of . Taking the maximum between these two expressions, we obtain the right hand side of (8). That these estimates on are the true values and that the last part of the proposition holds true both follow as a consequence of [8, Lem. 4]. The details of applying  [8, Lem. 4] are left for the reader. Finally, the relation between and is a consequence of being a box in the parameters and , see (6). ∎

In Appendix A we list a series of lemmas which all follow as corollaries to Proposition 3 and which will be needed in Sections 3 and 4.

Throughout the rest of the paper we restrict to considering codes derived from the Hermitian curve, and we always assume the length to be . From Proposition 3 we see that the bound (4) on the relative distance of is sharp. A similar remark then holds for the bound (5) on the dual codes due to (7). Finally, we observe from [8, Sec. 4] that

(9)

holds. Proposition 3 therefore not only gives us the true value of the minimum distance of the improved primary codes (without loss of generality we may assume for some ), but also does it for the improved dual codes.

We conclude the section with some information on the cases where the improved primary codes coincide with one-point algebraic geometric codes.

Corollary 4.

For we have , but is strictly contained in .

This corollary implies that the dimension of can be determined from the usual one-point Hermitian codes whenever . For later reference we state these dimensions in terms of .

Proposition 5.

Denote by the genus of Hermitian function field. If , then the dimension of is given by . If , we have

where for and .

Proof.

First, note that in both cases Corollary 4 implies the equality . For the first case recall from [24, Cor. II.2.3] that the code has dimension whenever . By the assumptions on , we have , meaning that has dimension . By the observation in the beginning of the proof, the same holds true for .

To prove the second case, observe that the dimension of is exactly the number of elements in with . By (6) such elements have the form , but equivalently we can write where . By the division algorithm this representation is unique for . For to satisfy the requirements of (6), we also require . That is, contains the integers whose quotients modulo are at least their remainders modulo .

Writing with using the division algorithm, the number of elements in less than is given by . If , which happens only if , this number is also the number of elements with value at most . Otherwise, the count includes elements of that are greater than . Hence, subtracting gives the desired count in both cases. ∎

It remains to establish information on the dimension of for since the improved codes differ from the usual Hermitian codes in this case. This subject is treated in the next section.

3 The dimension of improved codes

As explained in the previous section, the dimension of can be determined from well-known methods as long as . In this section we present closed formula lower bounds on the dimension in the remaining cases. We start with an important lemma.

Lemma 6.

Let . The number of integer points

with is at least

(10)

If , then the number of integer points is at least

(11)

which is stronger than (10).

Proof.

The number of integer points in the given Cartesian product is at least that of the volume of

which equals

where we used the substitution . Since the number of integer points is integral, we obtain the bound , which is the same as (10).

If , then the number of integer points is at least the combined volumes of

and

The first mentioned volume equals . The latter volume is

Adding up the two volumes, we obtain (11) by applying the ceiling function as above. ∎

The dimension of the improved codes of designed distance at most is covered by the following two propositions. Recall from (9) that the equality holds for codes defined from the Hermitian function field. Hence, the stated formulas for primary codes also hold for the dual codes.

Proposition 7.

Given write

where and .
If , then

If , then

Proof.

Let be the number of gaps in , i.e. the genus of the function field. As is well-known, for the number of with equals . Therefore, by choosing the restriction on as given in the proposition implies that there are exactly elements with . These elements then satisfy by Lemma 25. From (8) we see that the additional elements in with must belong to

(12)

Lemma 6 gives an estimate on the total number of elements in (12) with . Adding this number to , we have counted the elements in (12) with twice. By using similar arguments as in the proof of Proposition 5, the number of such elements equals when , and it equals when . This proves the proposition. ∎

Proposition 8.

Given the dimension of the code satisfies

Proof.

By Lemma 30 the elements which do not satisfy must belong to . The number of elements in this set having is bounded above by by Lemma 6. Since the total number of monomials in is , the result follows. ∎

4 Inclusion of improved codes

As already mentioned our first construction of improved nested code pairs consists of choosing and such that . To treat this construction we therefore need a clear picture of the pairs of minimum distances that imply this inclusion. We establish this in the present section. As it turns out, the formulas for and given in Proposition 3 mean that several cases must be considered, and each case is presented as a separate proposition.

In the following, quantifiers on are considered on the domain . Given , define to be the maximal value of such that holds. This inclusion is equivalent to

(13)

We first observe that if we can find a such that

(14)

is true, then (13) is also true whenever . In particular, we therefore have

(15)

On the other hand, we immediately see from (13) that a with

(16)

implies the bound

(17)

In the proofs of each of the following propositions, our strategy therefore is to determine and satisfying (14) and (16), respectively, while also satisfying . From (15) and (17) it then follows that . Note, however, that and need not be distinct. If , we shall simply use .

With this strategy in mind, the following lemmas will prove very useful.

Lemma 9.

Let , meaning that and . In addition, assume that , , or . If satisfies , then .

Proof.

For both the cases and , the claim follows by Lemma 26. If , Lemma 28 implies that , and any satisfying has by Lemma 29. This also holds true for by the first part of the proof.

Finally, for consider with . If , the claim follows by Lemmas 27 and 29. Otherwise, is at most , meaning that by Lemma 26. The proof follows by noting that . ∎

Lemma 10.

Let , meaning that and . In addition, assume that or . If satisfies , then .

Proof.

This proof is similar to the one of Lemma 9. Defining the notation , the translation of Lemma 25 into information on gives whenever

(18)

Additionally, if with , then where the is defined in the same way as . This implies that when satisfies (18). This immediately proves the claim for .

For the -equivalent of Lemma 28 gives , and any elements between have greater -value by the translation of Lemma 29. The remaining elements greater than are covered by the first part of the proof.

The last part of the proof is and , which follows the same procedure as the last part of the proof of Lemma 9. ∎

Proposition 11.

Let . Then if and only if .

Proof.

Let . We have by (8), and Lemma 9 implies that for all . Additionally, Lemmas 27 and 29 yield that is the smallest element in with a strictly smaller -value. Combining this with Lemma 10 applied to reveals that satisfies (14). However, (16) is satisfied as well since . Thus, . ∎

Proposition 12.

Let . Then if and only if

where for and .

Proof.

First, observe that , meaning that is at most .

Assume that . Then has , meaning that it satisfies (16). Note that , which can be rewritten to obtain the claimed expression.

If , we can use , which satisfies (16) since . Here, we see that

Finally, for we can let with . Again, satisfies (16). Calculating the value of gives .

In all three of the above situations, the element immediately preceding in is given by , and the reader may verify that . In each case applying Lemma 9 to implies that for all . Lemma 10 applied to then shows that satisfies (14) as well. In conclusion, the specified values of satisfy both (14) and (16), and computing each value of gives the expression in the proposition. ∎

Proposition 13.

Let . Then if and only if .

Proof.

Set and observe that where is the genus of the Hermitian function field. Thus, is a non-gap in , and by (8). Lemma 9 implies that any smaller element of has -value at least . We see, however, that has , and it must be the smallest such value. At the same time it meets the requirements of Lemma 10, implying that (14) is fulfilled. As already noted satisfies (16) as well, meaning that . ∎

Proposition 14.

Let . Then if and only if

where for and .

Proof.

First note that , implying that is at most . Assume that and let . This element satisfies the requirements of Lemma 10, and satisfies the requirements of Lemma 9. This means that fulfils (14). Simultaneously, (16) is met since . Thus, .

Let and . Applying Lemmas 9 and 10 to and as above, we see that satisfies (14). It also meets (16) since . Subsequently, .

Now, consider and let and . We can apply both Lemmas 9 and 10 to to obtain that it satisfies (14). On the other hand, implies that (16) is fulfilled. In addition, , which gives .

The remaining part is . If this happens, note that has , whereas has . By the same arguments as in the first part of the proof, we obtain that . ∎

Proposition 15.

Let . Then if and only if

where for and .

Proof.

Assume first that , and set and . The latter meets the assumptions of Lemmas 9 and 10, meaning that satisfies (14). Observe that and . From this we see that .

Otherwise, if , let , which satisfies (16) by the observation that . The element of immediately preceding is , which has . As in the previous proofs, applying Lemmas 9 and 10 to