Polar codes form a very powerful family of codes with a low complexity decoding algorithm that attains many information theoretic limits in error correction and source coding. These codes are closely related to Reed-Muller codes because both can be described with the same algebraic formalism, namely they are generated by evaluations of monomials. However, finding the right set of generating monomials for a polar code which optimises the decoding performances is a nontrivial task and is channel dependent. The purpose of this paper is to reveal some universal properties of these monomials. We will namely prove that there is a way to define a nontrivial (partial) order on monomials so that the monomials generating a polar code devised for a binary-input symmetric channel always form a decreasing set. We call such codes decreasing monomial codes. The fact that polar codes are decreasing monomial codes turns out to have rather deep consequences on their structure. Indeed, we show that decreasing monomial codes have a very large permutation group by proving that it contains a group called lower triangular affine group. Furthermore, the codewords of minimum weight correspond exactly to the orbits of the minimum weight codewords that are obtained from evaluations of monomials of the generating set. In particular, it gives an efficient way of counting the number of minimum weight codewords of a decreasing monomial code and henceforth of a polar code. Index TermsPolar codes, Reed-Muller codes, capacity-achieving codes, decreasing monomial codes, lower triangular affine group, post-quantum cryptography.I. INTRODUCTION Polar codes and Reed Muller codes viewed as monomial codes. Polar codes were discovered by Arıkan [1] and form a very powerful family of codes that gave a nice constructive way of attaining many information theoretic limits in error correction and source coding. In particular, they allow to attain the capacity of any symmetric memoryless channel with a low complexity decoding algorithm (namely the successive cancellation decoder of Arıkan). These codes are closely related to Reed-Muller codes in the sense that they can both be described with the same algebraic formalism, namely as monomial codes. Monomial codes are evaluation codes where a specific set of monomials provides a generator matrix. A Reed-Muller code R(r, m) is generated by the evaluation over F m 2 of all monomials degree at most r in m variables. A polar code of length 2 m is also generated by evaluation of monomials, but not necessarily by the same monomials as a Reed-Muller code: if we want a polar code of a certain dimension for a certain channel, we are going to take a very specific set of monomials which is in general significantly different from the Reed-Muller choice. This choice will give good performances for the Arıkan successive cancellation decoder. It turns out that this decoder is very closely related to Dumer's recursive algorithm for decoding Reed-Muller codes [2] based on the (u|u + v) decomposition. Basically Dumer's de...
a b s t r a c tA fundamental problem in computer science is that of finding all the common zeros of m quadratic polynomials in n unknowns over F 2 . The cryptanalysis of several modern ciphers reduces to this problem. Up to now, the best complexity bound was reached by an exhaustive search in 4 log 2 n2 n operations. We give an algorithm that reduces the problem to a combination of exhaustive search and sparse linear algebra. This algorithm has several variants depending on the method used for the linear algebra step. We show that, under precise algebraic assumptions on the input system, the deterministic variant of our algorithm has complexity bounded by O(2 0.841n ) when m = n, while a probabilistic variant of the Las Vegas type has expected complexity O(2 0.792n ). Experiments on random systems show that the algebraic assumptions are satisfied with probability very close to 1. We also give a rough estimate for the actual threshold between our method and exhaustive search, which is as low as 200, and thus very relevant for cryptographic applications.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.