You are on page 1of 10

Chapter 8

BCH Codes

8.1 Definitions

We defined the least common multiple lcm(f1 (x), f2 (x)) of two nonzero polynomials
f1 (x), f2 (x) ∈ Fq [x] to be the monic polynomial of the lowest degree which is a multiple
of both f1 (x) and f2 (x). Suppose we have t nonzero polynomials f1 (x), f2 (x), . . . , ft (x) ∈
Fq [x]. The least common multiple of f1 (x), . . . , ft (x) is the monic polynomial of the
lowest degree which is a multiple of all of f1 (x), . . . , ft (x), denoted by lcm(f1 (x), . . . , ft (x)).

It can be proved that the least common multiple of the nonzero polynomials f1 (x),
f2 (x), f3 (x) is the same as lcm(lcm(f1 (x), f2 (x)), f3 (x)) By induction, one can prove
that the least common multiple of the polynomials f1 (x), f2 (x), . . . , ft (x) is the same as
lcm(lcm(f1 (x), . . . , ft−1 (x)), ft (x)).

Lemma 8.1. Let f (x), f1 (x), f2 (x), . . . , ft (x) be nonzero polynomials over Fq . If nonzero
polynomial f (x) is divisible by every polynomial fi (x) for i = 1, 2, . . . , t, then f (x) is
divisible by lcm(f1 (x), f2 (x), . . . , ft (x)) as well.

Definition 8.2 (BCH codes). Let α be an element of order n in a finite field Fqm .
A BCH code of length n and design distance d is a cyclic code generated by the least
common multiple of minimal polynomials in Fq [x] of the elements α, α2 , . . . , αd−1 .

Remark. 1). Since n|q m − 1, then we have gcd(n, q) = 1.

2). In this course, we focus on the case n = q m − 1 then α is a primitive element of field
Fqm . The resulting BCH code is known as a primitive BCH code.

77
78 Math 422. Coding Theory

Example 8.1. Let α ∈ F8 be a root of 1+x+x3 ∈ F2 [x]. Then it is a primitive element of
F8 = F2 [α]. The polynomials M (1) (x) and M (2) (x) are both equal to 1 + x + x3 . Hence, a
narrow-sense binary BCH code of length 7 generated by lcm(M (1) (x), M (2) (x)) = 1+x+x3
is a [7, 4]-code. In fact, it is a binary [7, 4, 3]-Hamming code.

Lecture 24, April 7, 2011

Remark. For t ≥ 1, t and 2t belong to the same cyclotomic coset of 2 modulo 2m − 1.
This is equivalent to the fact that M (t) (x) = M (2t) (x). Therefore,

lcm(M (1) (x), . . . , M (2t−1) (x)) = lcm(M (1) (x), . . . , M (2t) (x))

i.e., the primitive binary BCH codes of length 2m − 1 with designed distance 2t + 1 are
the same as the primitive binary BCH codes of length 2m − 1 with designed distance 2t.

In this course, we focus on primitive BCH codes. Now let’s discuss Parameters of
BCH codes. The length of a primitive BCH code is clearly q m − 1. For the rest of this
subsection, we study the minimum distance of BCH codes.

Lemma 8.3. Let C be a q-ary cyclic code of length n with generator polynomial g(x).
Suppose α1 , . . . , αr are all the roots of g(x) and the polynomial g(x) has no multiple roots.
Then an element u(x) of Rqn = Fq [x]/(xn − 1) is a codeword of C if and only if u(αi ) = 0
for all i = 1, . . . , r.

Proof. If u(x) is a codeword of C = hg(x)i, then there exists a polynomial f (x) such that
u(x) = g(x)f (x). Thus, we have u(αi ) = g(αi )f (αi ) = 0 for all i = 1, . . . , r.

Conversely, if u(αi ) = 0 for all i = 1, . . . , r, then u(x) is divisible by g(x) since g(x)
has no multiple roots. This means that u(x) is a codeword of C.

Theorem 8.1 (Vandermonde Determinants). For t ≥ 2 the t×t Vandermonde matrix
 
1 1 ··· 1
e1 e2 ··· et
 
 
e21 e22 e2t
 
G= ··· 
.. .. .. ..
 
 
 . . . . 
et−1
1 et−1
2 ··· et−1
t

t
Q
has determinant (ei − ej ).
1≤j<i≤t
§ 8.1. Definitions 79

Theorem 8.2. A BCH code with designed distance d has minimum distance at least d.

Proof. Let α be a primitive element of Fqm and let C be a BCH code generated by
g(x) = lcm(M (1) (x), . . . , M (d−1) (x)). It is clear that the elements α, α2 , · · · , , αd−1 are
roots of g(x).

Suppose that the minimum distance r of C is less than d. Then there exists a nonzero
codeword u(x) = a0 + a1 x + · · · + an−1 xn−1 such that wt(u(x)) = r < d. By proof of
Lemma 8.5, we have u(αi ) = 0 for all i = 1, . . . , d − 1 i.e.,
  
1 α α2 ··· αn−1 a0
 1 α2 (α2 )2 · · · (α2 )n−1   a1 
  
 1 α3 (α3 )2 · · · (α3 )n−1 
  
  a2  = 0.
 
 .. .. .. .. ..   .. 

 . . . . .  . 
d−1 d−1 2 d−1 n−1
1 α (α ) · · · (α ) an−1
Let R = {i1 , . . . , ir } such that 0 ≤ i1 < i2 < · · · < ir ≤ n − 1 and cj 6= 0 if and only if
j ∈ R. Then we have
  
(α)i1 (α)i2 (α)i3 ··· (α)ir ai 1
 (α2 )i1 (α2 )i2 (α2 )i3 ··· (α2 )ir ai 2
  
 
 (α3 )i1 (α3 )i2 (α3 )i3 (α3 )ir
  
···  ai 3  = 0.
.. .. .. .. .. ..
  
  
 . . . . .  . 
d−1 i1 d−1 i2
(α ) (α ) (αd−1 )i3 · · · (αd−1 )ir ai r
Since r ≤ d − 1, we obtain the following system of equations by choosing the first r
equations of the above system of equations:
  
(α)i1 (α)i2 (α)i3 · · · (α)ir ai 1
 2 i1
 (α ) (α2 )i2 (α2 )i3 · · · (α2 )ir   ai2 
 
 3 i1
 (α ) (α3 )i2 (α3 )i3 · · · (α3 )ir   ai3  = 0.
 
 .. .. .. .. ..   .. 
  
 . . . . .  . 
(αr )i1 (αr )i2 (αr )i3 · · · (αr )ir ai r
The determinant D of the coefficient matrix of the above equation is equal to
 
1 1 1 ··· 1
 (α)i1 (α)i2 (α)i3 ··· (α)ir 
 
Yr r
ij
 2 i1 2 i2 2 i3 2 ir 
 Y ij
Y
α det 
 (α ) (α ) (α ) · · · (α ) = α (αik − αil ) 6= 0.
.. .. .. .. ..

j=1   j=1 1≤l<k≤r
 . . . . . 
(αr−1 )i1 (αr−1 )i2 (αr−1 )i3 · · · (αr−1 )ir
Combining these, we obtain (ai1 , ai2 , ai3 , . . . , air ) = 0. This is a contradiction.
80 Math 422. Coding Theory

Example 8.2. Let α be a root of 1 + x + x4 ∈ F2 [x]. Then α is a primitive element of F16 .
Consider the primitive binary BCH code of length 15 with designed distance 7. Then the
generator polynomial is

g(x) = lcm(M (1) (x), . . . , M (6) (x)) = M (1) (x)M (3) (x)M (5) (x) = 1+x+x2 +x4 +x5 +x8 +x10 .

Therefore, d(C) ≤ wt(g(x)) = 7. On the other hand, we have, by Theorem 8.3, that
d(C) ≥ 7. Hence, d(C) = 7.

8.2 Decoding of BCH codes

Suppose α is a primitive element of field Fqm . Let C be a primitive q-ary BCH code of
length n = q m − 1 and design distance d. Set
 
1 α α2 ··· αn−1
1 α2 (α2 )2 ··· (α2 )n−1
 
 
α3 (α3 )2 (α3 )n−1
 
H= 1 ··· 
.. .. .. .. ..
 
 
 . . . . . 
1 αd−1 (αd−1 )2 · · · (αd−1 )n−1

Then
   
a0 u(α)
a1 u(α2 )
   
   
u(α3 )
   
u(x) = a0 + a1 x + · · · + an−1 xn−1 n
∈ C ⊂ Rq ⇐⇒ H  a2 =  = 0.
.. ..
   
   
 .   . 
an−1 u(αd−1 )

In decoding rule of BCH codes, for any word u = (a0 , a1 , . . . , an−1 ) ∈ Fqn we define
the syndrome S(u) of u as S(u) = Hut .

The decoding procedure for C is now as follows: Suppose a vector f is received, which
we think of as a polynomial of degree < n. We assume that d = 2t + 1 is odd. We need
to compute the error vector e.

1). Compute the syndromes: S1 = f (α), S2 = f (α2 ), . . . , Sd−1 = f (αd−1 ). These
are elements of Fqm .
§ 8.2. Decoding of BCH codes 81

2). If all of the Si are zero, f is a codeword. Otherwise, for k = 1, 2, 3, . . . , t consider
 
S1 S2 · · · Sk
 S2 S3 · · · Sk+1 
 
Mk =  .
 .. .. .. 
 .. . . . 

Sk Sk+1 · · · S2k−1
This is a k × k matrix with entries in Fqm .
Find the maximum value k such that det Mk 6= 0. We think of k as the number of
errors that occurred. It is potentially possible that det Mk = 0 for all k but some
Si are nonzero nevertheless. In this case more than t errors occurred, and we have
to seek retransmission.
We assume that k is the number of errors that actually occurred.

3). Solve the following system of linear equations (over Fqm ):

Mk b = −S

with indeterminate b and coefficient matrix S
   
bk Sk+1
 bk−1   Sk+2
   

b=  . . , S =  .
 .

.  .

  
b1 S2k

The solution to this system gives us the error locator polynomial

σ(x) = bk xk + bk−1 xk−1 + · · · + b1 x + 1.

The coefficients bi of σ(x) are elements of Fqm in general, and need not be elements
of Fq .

4). Find the roots of the error locator polynomial. σ(x) must have precisely k
distinct roots β1 , β2 , . . . , βk unless more than k errors occurred. Again, the roots
are in Fqm . If the roots do not exist, then we have to seek retransmission.

5). Compute the error locations: First compute αi = βi−1 . Now find l1 , l2 , . . . , lk
such that αi = αli . Notice that the li are unique as long as we require 0 ≤ li < n =
q m − 1.
We now have worked our way to an error vector of the form

e(x) = e1 xl1 + e2 xl2 + · · · + ek xlk

We therefore conjecture the error locations to be l1 , l2 , . . . , lk .
82 Math 422. Coding Theory

6). Determine the values of e1 , e2 , . . . , ek . Solve the equations

Si = e1 (αl1 )i + e2 (αl2 )i + · · · + ek (αlk )i (i = 1, 2, . . . , 2k)

for the ej in Fq . (Notice that often not all 2k equations are needed to determine
the ei because each single equation corresponds to multiple linear equations over
Fq , but you still need to check all 2k equations hold).
It could potentially happen that the ei computed in this manner are not elements
of Fq but are in Fqm rather. In this case, decoding is not possible, because of course
our error vector must have coecients in Fq .

7). Check for consistency. Check that Si = e(αi ) for i = 2k+1, 2k+2, . . . , 2t = d−1.
If this fails for any i, more than t errors occurred, and decoding is not possible.

8). Celebrate. We are done. The decoded codeword is now u = f − e.

Lecture 25, April 12, 2011

We focus on primitive BCH codes:

Let α be a primitive element of Fqm . A BCH code C of length n = q m − 1 and design
distance d is a cyclic code generated by the least common multiple of minimal polynomials
in Fq [x] of the elements α, α2 , . . . , αd−1 .

C = hg(x)i, where g(x) = lcm(M (1) (x), . . . , M (d−1) (x)).

Fact. Let α be a primitive element of Fqm and C be a q-ary primitive BCH code of length
n = q m − 1 with design distance d. Then we have

C = {u(x) ∈ Rqn = Fq [x]/(xn − 1) | u(αi ) = 0 for all i = 1, 2, . . . , d − 1}.

Theorem 8.1. A BCH code with designed distance d has minimum distance at least
d.

Example 8.3. Let α be a root of 1 + x + x3 ∈ F2 [x] and C be the binary primitive BCH
code of length 7 with designed distance 3 = 2 × 1 + 1. Note α is a primitive element
F8 = F2 [x]/(1 + x + x3 ). Indeed all elements in F2 [α] can be expressed as powers of α:

F8 = {0, 1, α, α2 , α3 = α + 1, α4 = α2 + α, α5 = α2 + α + 1, α6 = α2 + 1}.

Suppose a vector u = (1, 0, 0, 1, 1, 0, 0) is received, then the corresponding polynomial is
u(x) = 1 + x3 + x4 .
§ 8.2. Decoding of BCH codes 83

1). Compute the syndromes:

S1 = u(α) = 1 + α3 + α4 = 1 + α + 1 + α2 + α = α2 ,

S2 = u(α2 ) = 1 + α6 + α8 = 1 + α2 + 1 + α = α + α2 .

2). Notice that t = 1 and det M1 = S1 = α2 6= 0. We assume that 1 error occurred.

3). Solve the following system of linear equations (over Fqm ):

Mk b = −S, i.e., S1 b1 = −S2 .

We get b1 = α−2 (α2 + α) = α5 (α2 + α) = 1 + α6 = 1 + α2 + 1 = α2 . Thus the error
locator polynomial is

σ(x) = bk xk + bk−1 xk−1 + · · · + b1 x + 1 = b1 x + 1 = α2 x + 1.

4). Find the roots of the error locator polynomial: Obviously σ(x) has just one
root, namely, −α−2 = α5 . Thus β1 = α5 .

5). Compute the error locations: α1 = β −1 = α2 . Hence we have l1 = 2 such that
α1 = αl1 .

6). Determine the values of e1 , e2 , . . . , ek : The error vector e(x) = e1 x2 . we need to
compute e1 . Solve the equations

S1 = e1 α2 and S2 = e1 (α2 )2 = e1 α4 = e1 (α2 + α).

We get e1 = 1.

7). Check for consistency: Since t = k so we do not need to check.

8). Celebrate: We are done. The decoded codeword is now u(x) − e(x) = 1 + x2 +
x3 + x4 = (1 + x)(1 + x + x3 ) ∈ C.

Example 8.4. Let α be a root of 2 + x + x2 ∈ F3 [x] and C be the ternary primitive BCH
code of length 8 with designed distance d = 5 = 2 × 2 + 1. So here m = 2, q = 3 and
t = 2. Note α is a primitive element F9 = F3 [x]/(2 + x + x2 ). Indeed all elements in F3 [α]
can be expressed as powers of α:

F9 = {0, 1, α, α2 = 1 + 2α, α3 = 2α + 2, α4 = 2, α5 = 2α, α6 = 2 + α, α7 = α + 1}. (8.1)

Suppose a vector u = (2, 0, 1, 1, 1, 1, 0, 0) is received, then the corresponding polynomial
is u(x) = 2 + x2 + x3 + x4 + x5 . Then
84 Math 422. Coding Theory

1). S1 = u(α) = 2 + α2 + α3 + α4 + α5 = 2 + 1 + 2α + 2α + 2 + 2 + 2α = 1,
S2 = u(α2 ) = 2 + α4 + α6 + α8 + α10 = 2 + 2 + 2 + α + 1 + 1 + 2α = 2,
S3 = u(α3 ) = 2 + α6 + α9 + α12 + α15 = 2 + 2 + α + α + 2 + α + 1 = 1,
S4 = u(α4 ) = 2 + α8 + α12 + α16 + α20 = 2 + 1 + 2 + 1 + 2 = 2.
(Note: it is an accident that all syndromes are in Fq = Z3 rather than in F9 .)

2). Notice that " #
1 2
M2 =
2 1
and det(M2 ) = 1−4 = 0. Now we know that either 1 or more than 2 errors occurred.
M1 = [1], so det M1 = 1 6= 0. We assume that 1 error occurred.

3). The syndrome equations now take the form M1 b1 = −S2 , or b1 = −2 = 1. Thus
the error locator polynomial σ(x) = x + 1.

4). σ(x) has just one root −1 = 2. Thus β1 = 2.

5). Compute the error locations:α1 = β1−1 = 2−1 = 2. Moreover, we have 2 = α4 ,
i.e., l1 = 4.

6). The error vector e(x) = e1 x4 . we need to compute e1 . Solve the equations

S1 = e1 α4 = 2e1 and S2 = e1 (α4 )2 = e1 .

We get e1 = 2.

7). We need to check S3 = e(α3 ) and S4 = e(α4 ). Now the first one follows because
e(α3 ) = 2α12 = 2 × 2 = 1 = S3 . The second e(α4 ) = 2 × 1 = 2 = S4 .

8). Celebrate: We are done. The decoded codeword is now u(x) − e(x) = 2 + x2 +
x3 + 2x4 + x5 ∈ C.

Example 8.5 (k = 2). Let C be the same code as above, but this time suppose we
receive u(x) = x + x3 + 2x4 + 2x5 + x6 . Then

1). S1 = u(α) = α + α3 + 2α4 + 2α5 + α6 = α + 2α + 2 + 1 + α + 2 + α = 2 + 2α = α3 ,
S2 = u(α2 ) = α2 + α6 + 2α8 + 2α10 + α12 = 1 + 2α + 2 + α + 2 + 2 + α + 2 = α,
S3 = u(α3 ) = α3 + α9 + 2α12 + 2α15 + α18 = 2α + 2 + α + 1 + 2α + 2 + 2α + 1 = α,
S4 = u(α4 ) = α4 + α12 + 2α16 + 2α20 + α24 = 2 + 2 + 2 + 1 + 1 = 2.
§ 8.2. Decoding of BCH codes 85

2). Notice that " #
α3 α
M2 =
α α
and det(M2 ) = α4 − α2 = 2 − 2α − 1 = α + 1 = α7 6= 0. Now we conclude that 2 or
more errors occurred. We assume that 2 errors occurred.

3). The syndrome equations is
" #" # " #
α3 α b2 α
=−
α α b1 2

We have " # " #
1 α −α α2 −α2
M2−1 = 7 =
α −α α3 −α2 α4
Hence
" # " # " #" # " # " # " #
2 2 3 2 5
b2 α α −α α α − 2α 2α α
= −M2−1 =− =− = =
b1 2 −α2 α4 2 1 − α3 2α + 1 α2

Thus the error locator polynomial σ(x) = α5 x2 + α2 x + 1.

4). Find the roots of σ(x): σ(x) = 0, i.e.,

0 = x2 + α5 x + α3 = x2 + (2α)x + α3 = (x − α4 )(x − α7 )

We conclude that the two roots are β1 = α4 = 2 and β2 = α7 . You can also run
through all 9 elements of F9 to find out the roots or try the quadratic formula for
roots:

−α5 ± α10 − 4α3 p √
β1,2 = = 2−1 (α± 1 + 2α − (2α + 2)) = 2(α± α4 ) = 2(α±α2 ),
2
i.e., β1,2 = 2α ± (α + 2) = 2, α + 1.

5). Compute the error locations: Now we have α1 = 2−1 = 2 = α4 and α2 =
(α7 )−1 = α. The supposed error locations are therefore l1 = 4 and l2 = 1.

6). The error vector e(x) = e1 x4 + e2 x. we need to compute e1 and e2 . Solve the
equations
α3 = S1 = e(α) = 2e1 + αe2

and
α = S2 = e(α2 ) = e1 + α2 e2
86 Math 422. Coding Theory

We have
α4 − α 2 + 2α
e1 = = =1
2α − 1 2α + 2
and
e2 = α−1 (α3 − 2) = α−1 (2α + 2 − 2) = 2.
We conclude that e(x) = x4 + 2x. We also need to check

e(α3 ) = α12 + 2α3 = 2 + α + 1 = α = S3

and
e(α4 ) = α16 + 2α4 = 1 + 4 = 2 = S4 .

7). We do not have to do any consistency checks, because k = t = 2.

8). Celebrate: We are done. The decoded codeword is now u(x) − e(x) = x + x3 +
2x4 + 2x5 + x6 − (2x + x4 ) = 2x + x3 + x4 + 2x5 + x6 ∈ C.

Note: always use (8.1) in Example 8.4 to do the computations.