Rank error-correcting code

Rank codes
Rank codes
Classification
Hierarchy	Linear block code ; Rank code
Block length	n
Message length	k
Distance	n−k + 1
Alphabet size	Q = qN (q prime)
Notation	[n, k, d]-code
Algorithms
	Berlekamp–Massey ; Euclidean ; with Frobenius polynomials
	v ; t ; e ;

Last updated August 13, 2023

In coding theory, rank codes (also called Gabidulin codes) are non-binary^[1] linear error-correcting codes over not Hamming but rank metric. They described a systematic way of building codes that could detect and correct multiple random rank errors. By adding redundancy with coding k-symbol word to a n-symbol word, a rank code can correct any errors of rank up to t = ⌊ (d − 1) / 2 ⌋, where d is a code distance. As an erasure code, it can correct up to d− 1 known erasures.

Rank metric

Let $X^{n}$ be an n-dimensional vector space over the finite field $GF\left({q^{N}}\right)$ , where $q$ is a power of a prime and $N$ is a positive integer. Let $\left(u_{1},u_{2},\dots ,u_{N}\right)$ , with $u_{i}\in GF(q^{N})$ , be a base of $GF\left({q^{N}}\right)$ as a vector space over the field $GF\left({q}\right)$ .

Every element $x_{i}\in GF\left({q^{N}}\right)$ can be represented as $x_{i}=a_{1i}u_{1}+a_{2i}u_{2}+\dots +a_{Ni}u_{N}$ . Hence, every vector ${\vec {x}}=\left({x_{1},x_{2},\dots ,x_{n}}\right)$ over $GF\left({q^{N}}\right)$ can be written as matrix:

{\vec {x}}=\left\|{\begin{array}{*{20}c}a_{1,1}&a_{1,2}&\ldots &a_{1,n}\\a_{2,1}&a_{2,2}&\ldots &a_{2,n}\\\ldots &\ldots &\ldots &\ldots \\a_{N,1}&a_{N,2}&\ldots &a_{N,n}\end{array}}\right\|

Rank of the vector ${\vec {x}}$ over the field $GF\left({q^{N}}\right)$ is a rank of the corresponding matrix $A\left({\vec {x}}\right)$ over the field $GF\left({q}\right)$ denoted by $r\left({{\vec {x}};q}\right)$ .

The set of all vectors ${\vec {x}}$ is a space $X^{n}=A_{N}^{n}$ . The map ${\vec {x}}\to r\left({\vec {x}};q\right)$ ) defines a norm over $X^{n}$ and a rank metric:

d\left({{\vec {x}};{\vec {y}}}\right)=r\left({{\vec {x}}-{\vec {y}};q}\right)

Rank code

A set $\{x_{1},x_{2},\dots ,x_{n}\}$ of vectors from $X^{n}$ is called a code with code distance $d=\min d\left(x_{i},x_{j}\right)$ . If the set also forms a k-dimensional subspace of $X^{n}$ , then it is called a linear (n, k)-code with distance $d$ . Such a linear rank metric code always satisfies the Singleton bound $d\leq n-k+1$ with equality.

Generating matrix

There are several known constructions of rank codes, which are maximum rank distance (or MRD) codes with d = n − k + 1. The easiest one to construct is known as the (generalized) Gabidulin code, it was discovered first by Delsarte (who called it a Singleton system) and later by Gabidulin ^[2] (and Kshevetskiy ^[3] ).

Let's define a Frobenius power $[i]$ of the element $x\in GF(q^{N})$ as

x^{[i]}=x^{q^{i\mod N}}.\,

Then, every vector ${\vec {g}}=(g_{1},g_{2},\dots ,g_{n}),~g_{i}\in GF(q^{N}),~n\leq N$ , linearly independent over $GF(q)$ , defines a generating matrix of the MRD (n, k, d = n − k + 1)-code.

G=\left\|{\begin{array}{*{20}c}g_{1}&g_{2}&\dots &g_{n}\\g_{1}^{[m]}&g_{2}^{[m]}&\dots &g_{n}^{[m]}\\g_{1}^{[2m]}&g_{2}^{[2m]}&\dots &g_{n}^{[2m]}\\\dots &\dots &\dots &\dots \\g_{1}^{[(k-1)m]}&g_{2}^{[(k-1)m]}&\dots &g_{n}^{[(k-1)m]}\end{array}}\right\|,

where $\gcd(m,N)=1$ .

Applications

There are several proposals for public-key cryptosystems based on rank codes. However, most of them have been proven insecure (see e.g. Journal of Cryptology, April 2008^[4]).

Rank codes are also useful for error and erasure correction in network coding.

Notes

↑ Codes for which each input symbol is from a set of size greater than 2.
↑ Gabidulin, Ernst M. (1985). "Theory of codes with maximum rank distance". Problems of Information Transmission. 21 (1): 1–12.
↑ Kshevetskiy, Alexander; Gabidulin, Ernst M. (4–9 September 2005). "The new construction of rank codes". Proceedings. International Symposium on Information Theory, 2005. ISIT 2005. pp. 2105–2108. doi:10.1109/ISIT.2005.1523717. ISBN 978-0-7803-9151-2. S2CID 11679865.
↑ Overbeck, R. (2008). "Structural Attacks for Public Key Cryptosystems based on Gabidulin Codes". Journal of Cryptology. 21 (2): 280–301. doi: 10.1007/s00145-007-9003-9 . S2CID 2393853.

Related Research Articles

In mathematics, a tensor is an algebraic object that describes a multilinear relationship between sets of algebraic objects related to a vector space. Tensors may map between different objects such as vectors, scalars, and even other tensors. There are many types of tensors, including scalars and vectors, dual vectors, multilinear maps between vector spaces, and even some operations such as the dot product. Tensors are defined independent of any basis, although they are often referred to by their components in a basis related to a particular coordinate system; those components form an array, which can be thought of as a high-dimensional matrix.

In mathematics, the tensor product $of two vector spaces V and W is a vector space to which is associated a bilinear map that maps a pair to an element of denoted$

Reed–Solomon codes are a group of error-correcting codes that were introduced by Irving S. Reed and Gustave Solomon in 1960. They have many applications, the most prominent of which include consumer technologies such as MiniDiscs, CDs, DVDs, Blu-ray discs, QR codes, data transmission technologies such as DSL and WiMAX, broadcast systems such as satellite communications, DVB and ATSC, and storage systems such as RAID 6.

<span class="mw-page-title-main">Linear independence</span> Vectors whose linear combinations are nonzero

In the theory of vector spaces, a set of vectors is said to be linearly independent if there exists no nontrivial linear combination of the vectors that equals the zero vector. If such a linear combination exists, then the vectors are said to be linearly dependent. These concepts are central to the definition of dimension.

In mathematics, a quadric or quadric surface (quadric hypersurface in higher dimensions), is a generalization of conic sections (ellipses, parabolas, and hyperbolas). It is a hypersurface (of dimension D) in a (D + 1)-dimensional space, and it is defined as the zero set of an irreducible polynomial of degree two in D + 1 variables; for example, D = 1 in the case of conic sections. When the defining polynomial is not absolutely irreducible, the zero set is generally not considered a quadric, although it is often called a degenerate quadric or a reducible quadric.

In the mathematical field of differential geometry, a metric tensor is an additional structure on a manifold $M$ that allows defining distances and angles, just as the inner product on a Euclidean space allows defining distances and angles there. More precisely, a metric tensor at a point $p$ of $M$ is a bilinear form defined on the tangent space at $p$ , and a metric tensor on $M$ consists of a metric tensor at each point $p$ of $M$ that varies smoothly with $p$ .

In mathematics, the Hodge star operator or Hodge star is a linear map defined on the exterior algebra of a finite-dimensional oriented vector space endowed with a nondegenerate symmetric bilinear form. Applying the operator to an element of the algebra produces the Hodge dual of the element. This map was introduced by W. V. D. Hodge.

In mathematics, and in particular linear algebra, the Moore–Penrose inverse $of a matrix is the most widely known generalization of the inverse matrix. It was independently described by E. H. Moore in 1920, Arne Bjerhammar in 1951, and Roger Penrose in 1955. Earlier, Erik Ivar Fredholm had introduced the concept of a pseudoinverse of integral operators in 1903. When referring to a matrix, the term pseudoinverse, without further specification, is often used to indicate the Moore-Penrose inverse. The term generalized inverse is sometimes used as a synonym for pseudoinverse.$

In mathematics, the covariant derivative is a way of specifying a derivative along tangent vectors of a manifold. Alternatively, the covariant derivative is a way of introducing and working with a connection on a manifold by means of a differential operator, to be contrasted with the approach given by a principal connection on the frame bundle – see affine connection. In the special case of a manifold isometrically embedded into a higher-dimensional Euclidean space, the covariant derivative can be viewed as the orthogonal projection of the Euclidean directional derivative onto the manifold's tangent space. In this case the Euclidean derivative is broken into two parts, the extrinsic normal component and the intrinsic covariant derivative component.

In mathematics, the Kronecker product, sometimes denoted by ⊗, is an operation on two matrices of arbitrary size resulting in a block matrix. It is a specialization of the tensor product from vectors to matrices and gives the matrix of the tensor product linear map with respect to a standard choice of basis. The Kronecker product is to be distinguished from the usual matrix multiplication, which is an entirely different operation. The Kronecker product is also sometimes called matrix direct product.

In linear algebra, the Gram matrix of a set of vectors $in an inner product space is the Hermitian matrix of inner products, whose entries are given by the inner product . If the vectors are the columns of matrix then the Gram matrix is in the general case that the vector coordinates are complex numbers, which simplifies to for the case that the vector coordinates are real numbers.$

In coding theory, a cyclic code is a block code, where the circular shifts of each codeword gives another word that belongs to the code. They are error-correcting codes that have algebraic properties that are convenient for efficient error detection and correction.

The Eckart conditions, named after Carl Eckart, simplify the nuclear motion (rovibrational) Hamiltonian that arises in the second step of the Born–Oppenheimer approximation. They make it possible to approximately separate rotation from vibration. Although the rotational and vibrational motions of the nuclei in a molecule cannot be fully separated, the Eckart conditions minimize the coupling close to a reference configuration. The Eckart conditions are explained by Louck and Galbraith and in Section 10.2 of the textbook by Bunker and Jensen, where a numerical example is given.

The GF method, sometimes referred to as FG method, is a classical mechanical method introduced by Edgar Bright Wilson to obtain certain internal coordinates for a vibrating semi-rigid molecule, the so-called normal coordinatesQ_k. Normal coordinates decouple the classical vibrational motions of the molecule and thus give an easy route to obtaining vibrational amplitudes of the atoms as a function of time. In Wilson's GF method it is assumed that the molecular kinetic energy consists only of harmonic vibrations of the atoms, i.e., overall rotational and translational energy is ignored. Normal coordinates appear also in a quantum mechanical description of the vibrational motions of the molecule and the Coriolis coupling between rotations and vibrations.

DNA code construction refers to the application of coding theory to the design of nucleic acid systems for the field of DNA–based computation.

In machine learning, a ranking SVM is a variant of the support vector machine algorithm, which is used to solve certain ranking problems. The ranking SVM algorithm was published by Thorsten Joachims in 2002. The original purpose of the algorithm was to improve the performance of an internet search engine. However, it was found that ranking SVM also can be used to solve other problems such as Rank SIFT.

In mathematics, low-rank approximation is a minimization problem, in which the cost function measures the fit between a given matrix and an approximating matrix, subject to a constraint that the approximating matrix has reduced rank. The problem is used for mathematical modeling and data compression. The rank constraint is related to a constraint on the complexity of a model that fits the data. In applications, often there are other constraints on the approximating matrix apart from the rank constraint, e.g., non-negativity and Hankel structure.

In coding theory, Zemor's algorithm, designed and developed by Gilles Zemor, is a recursive low-complexity approach to code construction. It is an improvement over the algorithm of Sipser and Spielman.

In statistics, linear regression is a linear approach for modelling the relationship between a scalar response and one or more explanatory variables. The case of one explanatory variable is called simple linear regression; for more than one, the process is called multiple linear regression. This term is distinct from multivariate linear regression, where multiple correlated dependent variables are predicted, rather than a single scalar variable.

Short integer solution (SIS) and ring-SIS problems are two average-case problems that are used in lattice-based cryptography constructions. Lattice-based cryptography began in 1996 from a seminal work by Miklós Ajtai who presented a family of one-way functions based on SIS problem. He showed that it is secure in an average case if the shortest vector problem $(where for some constant) is hard in a worst-case scenario.$

References

Gabidulin, Ernst M. (1985), "Theory of codes with maximum rank distance", Problems of Information Transmission, 21 (1): 1–12
Kshevetskiy, Alexander; Gabidulin, Ernst M. (4–9 September 2005). "The new construction of rank codes". Proceedings. International Symposium on Information Theory, 2005. ISIT 2005. pp. 2105–2108. doi:10.1109/ISIT.2005.1523717. ISBN 978-0-7803-9151-2. S2CID 11679865.
Gabidulin, Ernst M.; Pilipchuk, Nina I. (June 29 – July 4, 2003). "A new method of erasure correction by rank codes". IEEE International Symposium on Information Theory, 2003. Proceedings. p. 423. doi:10.1109/ISIT.2003.1228440. ISBN 978-0-7803-7728-8. S2CID 122552232.

External links

MATLAB implementation of a Rank–metric codec

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[non-binary-1] Codes for which each input symbol is from a set of size greater than 2.

[2] Gabidulin, Ernst M. (1985). "Theory of codes with maximum rank distance". Problems of Information Transmission. 21 (1): 1–12.

[3] Kshevetskiy, Alexander; Gabidulin, Ernst M. (4–9 September 2005). "The new construction of rank codes". Proceedings. International Symposium on Information Theory, 2005. ISIT 2005. pp. 2105–2108. doi:10.1109/ISIT.2005.1523717. ISBN 978-0-7803-9151-2. S2CID 11679865.

[4] Overbeck, R. (2008). "Structural Attacks for Public Key Cryptosystems based on Gabidulin Codes". Journal of Cryptology. 21 (2): 280–301. doi: 10.1007/s00145-007-9003-9 . S2CID 2393853.

[1]

[2]

[3]

[4]