The Weight Distribution of Quasi-quadratic Residue Codes
Nigel Boston, Jing Hao

TL;DR
This paper investigates the properties of Quasi-quadratic Residue (QQR) codes, establishing their weight polynomial divisibility, developing an efficient computation algorithm, and connecting codeword weights to hyperelliptic curve point distributions.
Contribution
It proves the divisibility of QQR code weight polynomials, introduces an efficient algorithm for their computation, and links codeword weights to hyperelliptic curve point distributions.
Findings
Weight polynomials are divisible by (x^2 + y^2)^{d-1}.
An efficient algorithm for computing QQR weight polynomials is developed.
The distribution of hyperelliptic curve points is asymptotically normal.
Abstract
In this paper, we begin by reviewing some of the known properties of QQR codes and proved that acts on the extended QQR code when . Using this discovery, we then showed their weight polynomials satisfy a strong divisibility condition, namely that they are divisible by , where is the corresponding minimum distance. Using this result, we were able to construct an efficient algorithm to compute weight polynomials for QQR codes and correct errors in existing results on quadratic residue codes. In the second half, we use the relation between the weight of codewords and the number of points on hyperelliptic curves to prove that the symmetrized distribution of a set of hyperelliptic curves is asymptotically normal.
| Divisible by | |||
|---|---|---|---|
| 3 | 2 | 0.33 | |
| 11 | 6 | 0.27 | |
| 19 | 8 | 0.21 | |
| 43 | 14 | 0.16 | |
| 59 | 18 | 0.15 | |
| 67 | 22 | 0.16 |
| Divisible by | |||
|---|---|---|---|
| 89 | 45 | 17 | |
| 97 | 49 | 15 | |
| 103 | 52 | 19 | |
| 113 | 57 | 15 | |
| 127 | 64 | 19 | |
| 137 | 69 | 21 | |
| 151 | 76 | 19 | |
| 167 | 84 | 23 |
| Divisible by | |||
|---|---|---|---|
| 137 | 69 | 21 | |
| 151 | 76 | 19 | |
| 167 | 84 | 23 |
| in table | corrected | |
|---|---|---|
| 51 | 223367511592873280 | 223367511592873284 |
| 52 | 326460209251122496 | 326460209251122492 |
| 55 | 840260234424082176 | 840260234424082220 |
| 56 | 1080334587116677120 | 1080334587116677140 |
| 59 | 1899366974583683328 | 1899366974583683220 |
| 60 | 2152615904528174336 | 2152615904528174316 |
| 63 | 2596788489999036416 | 2596788489999036307 |
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCoding theory and cryptography · Cryptography and Residue Arithmetic · graph theory and CDMA systems
The Weight Distribution of Quasi-Quadratic Residue Codes
Key words and phrases:
algebraic coding theory, weight enumerator, automorphism group, shadow, moment, quadratic residue code, hyperelliptic curve
1991 Mathematics Subject Classification:
Primary: 94B15, 94B60; Secondary: 11G20.
Nigel Boston
Department of Mathematics,
Department of Electric and Computer Engineering,
University of Wisconsin-Madison
WI 53706, United States
Jing Hao
Department of Mathematics,
University of Wisconsin-Madison
WI 53706, United States
1. Introduction
Quasi-quadratic residue codes (QQR codes) are a family of binary linear codes. They were first introduced by Bazzi and Mitter[2] as a quasi-cyclic code. Their work set foundations for the study of QQR codes. They discovered the relation between weights of a QQR code and number of points on hyperelliptic curves. Joyner[8] built upon this relation, and revealed the link between the QQR code and the famous Goppa’s Conjecture in coding theory.
We are interested in these codes mainly for two reasons: Firstly, they have close relations with hyperelliptic curves and Goppa’s Conjecture, and serve as a strong tool in studying those objects. Secondly, they are very good codes. Computational results show they have large minimum distances when .
QQR codes are similar to quadratic residue codes. They are asymptotically rate half codes (exactly rate half when ). Also, as we will show, acts as automorphisms of the extended QQR codes in a similar way as of the extended quadratic residue codes. Furthermore, when , we will show that the QQR code is equivalent to the even subcode of the corresponding quadratic residue code direct sum with itself, and therefore their weight enumerators have close relations.
We will utilize the result that acts on these codes to prove a new discovery about their weight polynomials, i.e. they are divisible by , where is the corresponding minimum distance. The proof uses shadows of codes, a powerful tool to study weight polynomials. We also apply this idea to quadratic residue codes, and prove that their weight polynomials are divisible by , with being the minimum distance.
These results impose strong conditions on the weight polynomials of quadratic residue codes and QQR codes. Combining the divisibility result and Gleason’s Theorem, we can derive an efficient algorithm to compute the weight polynomials of QQR codes. We also use these results to correct the existing computational results for the weight polynomials of quadratic residue codes that were originally posted on [17].
We also answer in the negative the question posted by Joyner[8] asking whether QQR codes satisfy Riemann hypothesis.
On the other hand, the weight of their codewords can be expressed in terms of the number of points on corresponding hyperelliptic curves over finite fields. As it is usually easier to study linear codes, this provides a way of studying point distributions of hyperelliptic curves. We will implement this idea to prove a variant of a result of Larsen[10] on asymptotic normal distribution of numbers of points on hyperelliptic curves.
2. Construction and properties
We first give constructions and introduce properties of QQR codes. We also include an introduction to quadratic residue codes, as these will be used in later sections.
Throughout the entire paper, if not stated otherwise, is a prime satisfying .
Let be a subset of . We can assign to a polynomial in by
[TABLE]
Let be the set of quadratic residues in and be the quadratic non-residues in .
Definition 2.1** (Quadratic residue code).**
Let ,
[TABLE]
are the quadratic residue codes associated with .
is equivalent to since can be obtained from via the permutation
[TABLE]
where is a primitive element of .
Notation**.**
Note that with abuse of notation, we use to denote both the quadratic residues and the code generated by . It should be clear in the context what we are referring to. Similarly for .
The generating matrices for and are circulant matrices, and we denote them as and respectively.
Definition 2.2** (Quasi-quadratic residue code).**
For an odd prime ,
[TABLE]
is called the quasi-quadratic residue code associated with . is identified with an element in in the usual way.
Notation**.**
By “the corresponding quadratic residue code” to a QQR code, we mean the quadratic residue code associated with the same . Similarly for “the corresponding QQR code” to a quadratic residue code, we mean the QQR code associated with the same .
If we write
[TABLE]
then the generating matrix for the QQR code can be written as
[TABLE]
This generating matrix is double circulant. Clearly .
We list some known properties of QQR codes below. Interested readers can check [8] for more information.
QQR codes are even weight codes. They have length and dimension . QQR codes are self-dual.
Proposition 2.3** (Gaborit[5]).**
When , . Equivalently, .
This proposition is a result of Perron’s Theorem[11] on quadratic residues.
Proposition 2.4** (Bazzi, Mitter[1]).**
When , the QQR code also has a standard double circulant form, i.e. its generating matrix can be written as .
Proof.
By Proposition 2.3, is invertible and
[TABLE]
Therefore is also a generating matrix for the QQR code. ∎
When Bazzi and Mitter first introduced QQR codes, their generating matrices were given in the form . They gave a proof that these codes also have generating matrices in the form when . Most references on double circulant codes study codes whose generating matrices are in the form , where is cyclic, such as Karlin’s original paper on double circulant codes[9].
Joyner defined QQR codes using as their generating matrices, and we will also use this version in our paper. Note that when , the code generated by is not equivalent to the code generated by , and therefore these two definitions are not the same.
From the definitions of quadratic residue code and QQR code, it is obvious that when , by only taking the first bits of a QQR code, we can obtain the corresponding quadratic residue code. Moreover, we can show a stronger connection between quadratic residue codes and QQR codes in this case.
Notation**.**
We denote as the function that outputs the minimum distance of a code .
Proposition 2.5**.**
When , let be the QQR code associated with , and let and be the corresponding quadratic residue codes. Then is the even subcode of .
Moreover, their minimum distances satisfy
[TABLE]
Proof.
Since , , we have .
Also is even, and therefore is a subcode of the even subcode of . contains the all 1 codeword, and hence is not even. Therefore is also not even, and its even subcode is of codimension 1, which is .
Since , is equal to the even subcode of .
For the last statement, as we will show in Proposition 3.16, is odd. Also, there exists a codeword in with weight [3]. Therefore . On the other hand, since is even, is in the even subcode of . So . ∎
2.1. Hyperelliptic Curves and Goppa’s Conjecture
For a code , is the information rate. is the relative minimum distance. indicates the error-correcting ability of a code. Ideally we want and both large, but Manin[12] proved that for a fixed field , there exists a function such that for a given , there are infinitely many linear codes with rate approaching only for rates below .
Gilbert[6] and Varshamov[19] showed . When , this is believed to be an equality by many people, known as the following conjecture.
Conjecture 1** (Goppa’s Conjecture).**
The Gilbert-Varshamov bound is tight in the binary case.
QQR codes play an important role in the study of Goppa’s Conjecture because of the following explicit relation with hyperelliptic curves.
Notation**.**
We denote by the function that outputs the weight of a codeword .
Proposition 2.6** (Joyner[8]).**
Let be a QQR code associated with , and , where .
Define . Let be the set of points on the hyperelliptic curve over .
- (1)
If is even
[TABLE] 2. (2)
If is odd and
[TABLE] 3. (3)
If is odd and
[TABLE]
Remark 1**.**
By the points on hyperelliptic curves we mean affine points, not including the points at infinity.
This relation builds a connection between Goppa’s Conjecture and hyperelliptic curves as in the following theorem. Interested readers can find more details in [8].
Theorem 2.7** (Joyner).**
Let be the statement: For all subsets , holds. If is true for infinitely many primes with , then Goppa’s Conjecture is false.
Not only do QQR codes play an important role in this connection, but they are very good codes when . Computational results so far all exceed the Gilbert-Varshamov bound. Since QQR codes are rate half codes, exceeding the Gilbert-Varshamov bound is equivalent to . This gives Goppa’s Conjecture a serious challenge.
3. Weight Polynomials of QQR codes
In this section, we will show a new result on weight polynomials of QQR codes.
Definition 3.1**.**
The weight polynomial of a code (or a subset of it) is
[TABLE]
where denotes the number of codewords with weight in , and is the length of the code.
When computing the weight polynomials of QQR codes, we found that they are divisible by , where is at least its minimum distance minus 1, and . See Table 1. We can also see that for these ’s, are all well above .
The fact that can be shown using Gleason’s theorem.
Theorem 3.2** (Gleason).**
If is self-dual code, then its weight polynomial is a polynomial in
[TABLE]
So for QQR codes, . Since the degree of is , and , we must have for all . Therefore .
The other property of the weight polynomial is stated in the following theorem.
Theorem 3.3**.**
The weight polynomial of a QQR code is divisible by , where is its minimum distance.
Since needs to satisfy , is larger than sometimes.
To prove Theorem 3.3, we need to introduce shadows.
3.1. Shadows
We say a binary code is doubly-even if all its weights are divisible by , or singly-even if its weights are even, but not doubly-even.
Let be a binary self-orthogonal code. Then is even. Let be the subset of doubly-even codewords of . If is singly-even, then is a linear subcode of index in .
Definition 3.4** (Shadow[13]).**
The shadow of a self-orthogonal binary code is
[TABLE]
We will follow the notation of [13] and denote the weight polynomial of the shadow of as . can be computed from the weight polynomial of .
Lemma 3.5**.**
, where .
We include the proof given in [13] here since it’s short.
Proof.
If is singly-even, this is immediate using MacWilliams identity. Assume is doubly-even. consists of the terms in whose powers of are divisible by . So
[TABLE]
Using MacWilliams identity, we have
[TABLE]
So
[TABLE]
∎
Under a simple change of variable, the following lemma is immediate.
Lemma 3.6**.**
.
When is singly-even, the shadow of is , which does not contain the [math] codeword. Therefore if has minimum distance , is divisible by . From the lemma above, we immediately have the following.
Lemma 3.7**.**
Let be singly-even, and be the minimum distance of its shadow. The weight polynomial of is divisible by .
Therefore, it is clear that, to prove Theorem 3.3, we just need to show the minimum distance of the shadow is at least its minimum distance minus 1.
In the next section, we will show this by proving a result about the automorphism group of extended QQR codes.
3.2. Automorphism groups
Let be the QQR code associated with .
Since , and , is singly-even. By definition, the shadow of is .
Let .
[TABLE]
is a basis for .
Denote to be the all one codeword .
All the codewords can be expressed in both vector forms and polynomial forms like . We will alternate between them depending on which one is appropriate in the context.
Proposition 3.8**.**
* is generated by*
[TABLE]
The proof uses the following lemma.
Lemma 3.9**.**
If each generator of a code has weight divisible by , then so does every codeword.
This is a standard result that is easy to prove, and can be found in [11].
Proof.
(of Proposition 3.8):
Let be the code generated by . Since , by Lemma 3.9, is doubly-even. Therefore .
Note that
[TABLE]
So are linearly dependent. The rank of is less than or equal to .
On the other hand, if a subset of with elements is linearly dependent, we have
[TABLE]
So
[TABLE]
If is odd, then . But we already have . Since is a basis of , there can’t be two different ways to write a vector in linear combinations of ’s. Contradiction.
If is even, then , contradictory to the ’s being linearly independent.
We conclude that has rank . Since also has dimension , . ∎
Let , and .
Proposition 3.10**.**
* is generated by and (or by and ).*
Proof.
Since is self-dual, and , so . is also in because
[TABLE]
So . Since has odd weight, . The code generated by and has rank , and so does , and hence they are the same. ∎
From this proposition, we can see that is the even weight subcode of .
Next, we will define an extended code for by adding two parity check columns.
Definition 3.11**.**
Let be the extended code of by adding a parity check for the first bits and a parity check for the last bits, i.e. if
[TABLE]
then it extends to
[TABLE]
Notation**.**
If , denote as the corresponding codeword in the extended code.
Clearly, (or ) constitutes a basis for .
If we use as the basis, then the generating matrix for can be written as
[TABLE]
The permutations that showed up in our results act on the left half and the right half of a codeword in the same way. For simplicity, in the following theorem and its proof, we relabel the positions in a codeword by their original positions modulo , starting from [math]. By convention, we label the parity check positions by . So starting from left, the positions in a codeword would be called position .
Below is the main result on the automorphism group of .
Theorem 3.12**.**
The automorphism group of contains as a subgroup. Here is generated by the three permutations
[TABLE]
where is a primitive element of .
When , we have shown that the code generated by is the same as the code generated by . Therefore also entails a generating matrix as following.
[TABLE]
This form has been extensively studied before, and is usually referred to as bordered double circulant codes. It has been shown that acts on these codes using the generating matrices above in previous work, such as [5] and [16]. Our proof is an alternate to those when . When , these two codes are not equivalent, and therefore this is a new result.
The calculations presented in this proof are inspired by the proof of the theorem that the automorphism group of the extended quadratic residue code contains . One can check [11] for that. It uses the following theorem from number theory.
Theorem 3.13** (Perron).**
Let , and let be the quadratic residues in , be the quadratic non-residues in . .
- •
If , then contains quadratic residues and quadratic non-residues.
- •
If , then contains [math], quadratic residues and quadratic non-residues.
- •
If , then contains [math], quadratic residues and quadratic non-residues.
- •
If , then contains quadratic residues and quadratic non-residues.
Proof.
(of Theorem 3.12)
Let .
sends position to and sends to . Since is double-circulant, it’s fixed by . is also fixed by .
fixes since it fixes both and . The positions are sent to themselves. also fixes .
Therefore, what’s left to show is that also fixes .
We will show that by proving the following:
- •
- •
If ,
- •
If ,
- •
: If is a quadratic residue, then is a quadratic non-residue, and vice versa. It follows immediately that the equality is true for all positions that are neither [math] or . It’s easy to check the equality also follows through at [math] and .
- •
If , we will prove
[TABLE]
instead.
Focus on the left bits first, and consider
[TABLE]
According to Theorem 3.13, has quadratic non-residues, quadratic residues. Therefore has quadratic residues, and quadratic non-residues.
contains [math], quadratic residues, and quadratic non-residues.
We want to know whether any terms in would cancel with terms in . In this case, they need to have the same powers of .
If , then
[TABLE]
- (1)
If is a quadratic residue, then (2) . Therefore there does not exist , s.t. . Since there are terms in (2) with quadratic residue powers of , all terms with quadratic residue powers will show up in the sum. 2. (2)
If is a quadratic non-residue, then there exists satisfying . Since there are quadratic non-residues in both and , they will cancel in pairs. None of the terms with quadratic non-residue powers of will show up in the sum.
Lastly, check the [math] and positions separately.
Since has at position [math], and so does , they will cancel in the sum.
has [math] at , therefore the sum has at .
We conclude that
[TABLE]
Now for the right bits, consider
[TABLE]
contains [math], quadratic residues, quadratic non-residues. Therefore contains residues and non-residues and .
contains quadratic residues, quadratic non-residues.
If , then
[TABLE]
- (1)
If , (4) , there does not exist such that the two terms cancel. Since there are in total terms in (3) with quadratic residue powers, all terms with quadratic residue powers will show up in the sum. 2. (2)
If , there exists , such that . Since there are quadratic non-residues in both and , they will cancel in pairs. None of the terms with quadratic non-residue powers of will show up in the sum.
Just like before, we can check (3) has at position [math] and [math] at .
We conclude that
[TABLE]
Combining these two parts, we have
[TABLE]
- •
The case of can be proved in a similar fashion.
Lastly, .
Since sends all basis elements into , fixes C. ∎
In the same way that the result on automorphism groups of extended quadratic residue codes reveals the relation between its minimum distance and that of its expurgated code, this result leads to the following theorem on the minimum distance of the QQR code.
Theorem 3.14**.**
Let be a QQR code. The minimum distance of the shadow of is at least that of less 1.
Proof.
If is even, then since is the even weight subcode of , we must have . Therefore .
Let be odd. Let be a codeword in that achieves the minimum distance. WLOG, assume has an odd number of non-zero elements in the first bits; then has an even number of non-zero elements in the last bits. is in the form
[TABLE]
We claim that we can find a position , such that the coordinate on position from the left bits is [math], and the coordinate on position from the right bits is also [math]. Otherwise, for each position , at least one of the coordinates is , and so , which contradicts the fact that has minimum weight. So is in the following form:
[TABLE]
Since acts transitively on , we can find an element in that exchanges and . Recall that acts on the left half and the right half of a codeword in the same fashion. We would therefore obtain a new codeword in in the following form:
[TABLE]
By losing the two parity checks, we obtain a new codeword in that has weight . Note that this codeword also belongs to , and therefore
[TABLE]
Equivalently,
[TABLE]
∎
Combining this with Lemma 3.7, we have provided a proof for Theorem 3.3.
3.3. Computation algorithms for QQR codes
Computation of the weight polynomials is always an important topic in coding theory. Researchers have come up with clever enumeration methods to reduce the computation load and speed up the process. However in general, little was known about the structure of the weight polynomials, and therefore good tests for computational results were missing.
Theorem 3.3 imposes a strong condition on the weight polynomials of QQR codes, and could serve as a test for existing and future computational results on the weight polynomials of QQR codes. On the other hand, we can also use this to derive an algorithm around this and dramatically reduce the amount of computation needed.
Since QQR codes are self-dual, by Gleason’s theorem, their weight polynomials can be written as linear combinations of , with .
Now for a QQR code , let
[TABLE]
We should have
[TABLE]
We can use a recursive algorithm to recover the whole weight polynomial by knowing only a few .
- (1)
because of the 0 codeword. Comparing coefficients of on both sides of (3), we have . 2. (2)
We obtain a new equation by subtracting on both sides of (5)
[TABLE]
with the highest power of being . 3. (3)
because . Compare coefficients of on both sides of (6), and we have . 4. (4)
Repeat the steps until we have all the ’s.
Since is divisible by , we only need for .
For the case of , computing the whole weight enumerator using MAGMA using brutal force would take 190 years. Using this strategy, however, we need only a few ’s. Assume the minimum distance is at least 14, which is reasonable based on the result for . This can also be confirmed computationally. Then the weight polynomial is divisible by . Therefore to get all the , we only need ’s for , which takes a few hours to compute. Note that this time is based on using existing commands in MAGMA, and could be even faster if combined with enumeration techniques.
The huge speed up is because not all coefficients are created equal. The ones we needed for our computation are those ’s with very small or very large . These take much less time than those ones in the middle. We are avoiding, and computing using our algorithm, those coefficients in the middle that could take years to compute.
3.4. Zeta polynomials and Riemann hypothesis
In the last part of this section, we answer a question that was originally posted by Joyner in [8].
Let be the minimum distance of a code and the minimum distance of its dual code. Iwan Duursma introduced the zeta function associated to a linear code over a finite field [4].
[TABLE]
where is a polynomial of degree . This is a polynomial with rational coefficients, called the zeta polynomial of the code .
Given a self-dual code, it is always of interest whether its zeta polynomial satisfies the Riemann hypothesis. (In other words, its roots occur in self-reciprocal pairs). Joyner asked this question about the QQR codes for . Using SAGE to compute zeta polynomials, we found that it does not satisfy the Riemann hypothesis for .
For , it has 15 pairs of complex conjugate roots of absolute value , together with real roots 0.508887881 and 0.982534697. The last two roots cause the code to fail the Riemann hypothesis.
3.5. Quadratic residue codes
As mentioned earlier, when , QQR codes have a close relation with quadratic residue codes. In this section, we will first prove a similar divisibility property of quadratic residue codes using shadows of codes, and use their relation with QQR codes to give an alternative proof to Theorem 3.3.
We first introduce expurgated quadratic residue codes.
Definition 3.15** (Expurgated quadratic residue code).**
Let and be the quadratic residue codes associated with .
The even subcodes of and , which are denoted as and respectively, are called expurgated quadratic residue codes.
We list some well-known properties of quadratic residue codes that will be used later. All can be found in [11].
Proposition 3.16** ([11]).**
Let , then
- (1)
* and both have dimension . and have dimension .* 2. (2)
If , , . If , , . 3. (3)
* is generated by and the all one codeword, is generated by and the all one codeword.* 4. (4)
* and are doubly-even.* 5. (5)
Let be the minimum distance. If , . If , then is odd.
Similar to Lemma 3.17, we can prove the following.
Lemma 3.17**.**
Let be a self-orthogonal binary code, and its maximum weight. Then the weight polynomial of its shadow is divisible by .
Proof.
[TABLE]
So is divisible by .
From Lemma 3.5, it’s immediate that is divisible by . ∎
We can now prove a divisibility property on the weight polynomial of the quadratic residue code.
Theorem 3.18**.**
Let be prime, and the quadratic residue code associated with , then is divisible by , where is its minimum distance.
Proof.
We will only prove this for . The case for is similar.
When , let be the corresponding expurgated quadratic residue code. Then and is generated by and the all one codeword.
Since , . Let be a codeword that achieves the minimum distance, and let be the sum of and the all one codeword. Then has even weight , and therefore is contained in . Since has odd length , does not contained the all one codeword, and therefore has the largest weight in .
By definition, is the shadow of . Therefore by Lemma 3.17, the weight polynomial of is divisible by . ∎
When , the QQR code is the even subcode of . Therefore we have the following relation between their weight polynomials.
Proposition 3.19**.**
When , let be the QQR code associated with , and the corresponding quadratic residue code, then
[TABLE]
Proof.
The weight polynomial of the direct sum of two codes is the product of their respective weight polynomials, and the weight polynomial of the even weight subcode of a code is just the sum of terms in its weight polynomials with even powers of .
This proposition is immediate after combining these two facts with Proposition 2.5. ∎
We now give an alternative proof to Theorem 3.3 in the case using this relation.
Proof.
When , let be the QQR code associated with , and let and be the corresponding quadratic residue code and the expurgated quadratic residue code respectively.
Since is generated by and the all one codeword,
[TABLE]
Note that the minimum distance of is , we have
[TABLE]
Change for and respectively, where . We obtain
[TABLE]
Since is doubly-even, for each term in , powers of are all divisible by and powers of are .
Therefore
[TABLE]
Hence
[TABLE]
Lastly
[TABLE]
which is divisible by . ∎
3.6. Weight polynomials of quadratic residue codes in the literature
Previously, weight polynomials of quadratic residue codes have been computed up to . We are referring to the online table Weight Distributions of Quadratic Residue and Quadratic Double Circulant Codes over GF(2)[17]. This table is also the source for the same entries on The On-Line Encyclopedia of Integer Sequences (OEIS)[14].
We tested these results against Theorem 3.18. The results are shown in Table 2.
The weight polynomials posted for are only divisible by and no further, and therefore errors existed in these results. We investigated each case and give the results as follows.
3.6.1.
For , we found that the numbers from the original references of the online table are different from the numbers posted in the online table.
In particular, for , the numbers in the paper [15] are different from the online table.
For , the numbers in [18] are different from the online table.
We tested Theorem 3.18 against the numbers in these references and confirmed they satisfy the divisibility conditions. See Table 3.
They also satisfy the following checks:
- (1)
All the ’s are divisible by , except for and . (This should hold because quadratic residue codes are cyclic.) 2. (2)
. 3. (3)
is divisible by . 4. (4)
The corresponding weight polynomial for the extended quadratic residue codes satisfy the MacWilliams identity. (This should hold because extended quadratic residue codes are self-dual). In other words,
[TABLE]
should satisfy
[TABLE]
Since the divisibility condition and the four checks are highly non-trivial, we believe the original references are correct, and the numbers in the online tables are off possibly due to rounding using double-precision floating-point format[20].
3.6.2. Correction for
We could not find a reference for these numbers, but were able to find the correct weight polynomial in this case.
In fact, all the numbers in the online table are correct except and should be changed from to . The resulted weight polynomial satisfy Theorem 3.18 and the four checks we listed above.
3.6.3. Correction for
We could not find a reference for either. Therefore we deduced the correct weight polynomial based on the criteria it needs to satisfy.
By Theorem 3.18, the weight polynomial is divisible by , therefore we have
[TABLE]
for some integers ’s. Our goal is to solve these ’s.
Expand Equation 7 and compare coefficients, we have
[TABLE]
Therefore if the number of correct ’s we know are greater than or equal to , we can set up enough equations to solve all the ’s. Below are the ’s we use.
- •
Since , we know and .
- •
when [11].
- •
We use to (and to ) from the posted result, hoping they were correct. Therefore we used 13 coefficients from the table.
Fortunately the 13 coefficients we use from the table seem correct. The weight polynomial we obtained using this approach passes the four checks we listed above. Therefore we are confident the answer is correct.
Below are the ’s that needed to be corrected. Since the weight polynomials for quadratic residue codes are symmetric, we only listed ’s for .
4. Weight Distribution and Hyperelliptic Curves
The weights of QQR codes are closely linked with numbers of points on corresponding hyperelliptic curves. This connection enables us to study the distribution of number of points on hyperelliptic curves using the weight distribution of QQR codes.
In this section, we will first show a result on the weight distribution of QQR codes, and then demonstrate how to use this result to prove a corresponding result on hyperelliptic curves.
Let , and let . According to Proposition 2.6, we have
- •
If is even, then
[TABLE]
- •
If is odd, then
[TABLE]
Remark 2**.**
The original statement posted in Joyner’s paper is slightly different, since his count includes points at infinity. For simplicity, we modified the statement to restrict only to affine points.
In order to link the weight distribution of the QQR codes and the point distributions of hyperelliptic curves, we also need the following results:
Proposition 4.1**.**
Let .
- •
If is even, then .
- •
If is odd, then .
We give a sketch of the proof as following:
Proof.
(sketch) Let be the quadratic residue character, which is 1 on the quadratic residues , -1 on the quadratic non-residues, and 0 on 0.
Then
[TABLE]
Since , we just need to show the following:
- •
If is even, .
- •
If is odd, .
These are proven by induction on , as follows:
- (1)
Consider the simplest case. If , then
[TABLE] 2. (2)
If , then take , and let . We can show that
[TABLE] 3. (3)
In particular, when , by (8), we have
[TABLE] 4. (4)
Assume for , the statements are true. We can show the following relation
[TABLE]
Combining with (8), we have
[TABLE]
If is odd, then is even. By assumption , and therefore
[TABLE]
Similarly, if is even, then is odd, and we have
[TABLE]
∎
In Proposition 4.1, we notice that when is even, a codeword is associated with a curve . When is odd, is associated with a curve with even.
Therefore the curves that are linked with QQR codes are in the form
[TABLE]
where is even. We denote this set of curves as .
Let be the number of curves in that have affine points over , and let be the number of codewords with weight .
From Proposition 2.6, it’s clear that
[TABLE]
and from Proposition 4.1, we have the following relation between and :
Proposition 4.2**.**
Let and be described as above, then
- •
If is odd, .
- •
If , .
- •
If , .
Therefore we have obtained an explicit relation between the weight distribution of a QQR code associated with and the point distribution of the hyperelliptic curves in the set .
The following diagram illustrates this interlacing pattern for . ’s can be obtained from ’s by symmetrizing the distribution of ’s with respect to .
{k}$${0}$${2}$${4}$${6}$${8}$${10}$${12}$${14}$${16}$${18}$${20}$${22}$${B_{k}}$${0}$${0}$${0}$${77}$${0}$${616}$${0}$${330}$${0}$${0}$${0}$${1}$${A_{k}}$${1}$${0}$${0}$${77}$${330}$${616}$${616}$${330}$${77}$${0}$${0}$${1}
Next we will show a result on the point weight distribution of QQR codes. But firstly we need to formally define the moments of QQR codes from the discrete values of . These are standard definitions and can be found in [11].
Definition 4.3** (Moments).**
For a code of length , let , where ’s are the coefficients of its weight polynomial. The mean and variance of are defined by
[TABLE]
and the central moment is
[TABLE]
Definition 4.4** (Cumulative Distribution Function).**
The cumulative distribution function(c.d.f.) of a code is given by
[TABLE]
The following is a classical theorem on the weight distribution of codes.
Theorem 4.5** (Sidel’nikov [11]).**
Let be a binary code, and the minimum distance of its dual code , then
[TABLE]
where is the c.d.f. for the normal distribution.
In other words, if tends to infinity for a series of codes, then its weight distribution is asymptotically normal.
In Proposition 2.5, we showed that when , the minimum distance of a QQR code is the minimum distance of its corresponding quadratic residue code plus 1. Since the minimum distances of quadratic residue codes have a well-known lower bound of , the minimum distance of QQR codes are bounded below by .
When , Helleseth and Voloch have proven the following bound for QQR codes.
Theorem 4.6**.**
[7]** The minimum distance of a QQR code when is bounded by
[TABLE]
Combining these and Theorem 4.5, we have the following theorem.
Theorem 4.7**.**
The weight distribution of QQR codes are asymptotically normal.
Figure 1 shows the comparison of the c.d.f among normal distribution, the QQR code with , and the QQR code with . Both and are approximating the normal distribution. Their c.d.f’s are step functions by construction. oscillates more frequently and more closely to the normal distribution. We imagine that with bigger, the oscillation will become more frequent and closer to the normal distribution.
Since proposition 4.2 gives an explicit relation between the point distribution of hyperelliptic curves and weight distribution of QQR codes, we can get all the ’s by using ’s. Namely, set
[TABLE]
Therefore we have shown that, after symmetrizing the point distribution of hyperelliptic curves in , the result will converge to the normal distribution when .
A recent study by Larsen[10] showed that, more or less, for a random curve of random genus, over a random finite field , , is normally distributed, where is the number of points on the curve. More precisely,
- •
Fix . As , defines a measure on . e.g. for , is the Sato-Tate measure.
- •
The limit of these measures when is the measure given by the standard normal distribution.
Our result is a variant of Larsen’s. The main differences are:
- •
The set of curves in Larsen’s result consist of all hyperelliptic curves defined over while ours is a subset of that given by the definition of .
- •
We showed that after being symmetrized, the distribution approaches the standard normal distribution, while Larsen’s result is on the point distribution itself.
- •
Larsen’s result uses theoretical results on hyperelliptic curves among others, while our result is simply a corollary from the study on QQR codes.
5. Conclusion
In this paper, we begin by reviewing some of the known properties of QQR codes, and proved that acts on the extended QQR code when . Using this discovery, we then showed their weight polynomials satisfy a strong divisibility condition, namely that they are divisible by , where is the corresponding minimum distance. Using this result, we were able to construct an efficient algorithm to compute weight polynomials for QQR codes and correct errors in existing results on quadratic residue codes.
In the second half, we use the relation between the weight of codewords and the number of points on hyperelliptic curves to prove that the symmetrized distribution of a set of hyperelliptic curves is asymptotically normal.
6. Acknowledgment
The authors want to thank Prof. Iwan M Duursma for his keen observation on the relation between weight polynomials and shadows.
The reference list from the paper itself. Each links out to its DOI / PubMed record.
- 1[1] L. M. J. Bazzi and S. K. Mitter, Some randomized code constructions from group actions, IEEE Transactions on Information Theory , 52 (2006), 3210–3219.
- 2[2] L. M. J. Bazzi, Minimum distance of error correcting codes versus encoding complexity , symmetry , and pseudorandomness , Ph D thesis, MIT EECS, 2003.
- 3[3] R. E. Blahut, Algebraic codes on lines, planes, and curves: an engineering approach , Cambridge University Press, 2008.
- 4[4] I. Duursma, From weight enumerators to zeta functions, Discrete Applied Mathematics , 111 (2001), 55–73.
- 5[5] P. Gaborit, On quadratic double circulant codes over fields, Electronic Notes in Discrete Mathematics , 6 (2001), 423–432.
- 6[6] E. N. Gilbert, A Comparison of Signalling Alphabets, Bell System Technical Journal , 31 (1952), 504–522.
- 7[7] T. Helleseth and J. F. Voloch, Double circulant quadratic residue codes, IEEE Transactions on Information Theory , 50 (2004), 2154–2155.
- 8[8] D. Joyner, On quadratic residue codes and hyperelliptic curves, Discrete Mathematics and Theoretical Computer Science , 10 (2008), 129–146.
