lSlT 2000, Sorrento, Italy, June 25-30,2000

Hardness of Approximating the Minimum Distance of a Linear Code

Daniele Micciancio
Dept. of Computer Science and
Engineering
University of California a t San
Diego
La Jolla, CA 92093-0114,USA
Ilya Dumer’
College of Engineering
University of California at
Riverside
Riverside, CA 92521,USA
Madhu Sudan2
Dept. of Electrical Engineering and
Computer Science
Massachusetts Institute of
Technology
Cambridge, MA 02139,USA

Abstract - We show that the minimum distance d of
a linear code is not approximable to within any con-
stant factor in random polynomial time ( R P ) , unless
NP’equals R P . In the process we show that it is hard
to find the nearest codeword even if the number of
errors exceeds d / 2 by an arbitrarily small fraction Ed.
I. INTRODUCTION
Consider a linear code A[n, k,d], with generator matrix A E
Gxn. We study complexity of the following problems:
0 Approximate the Minimum Distance d of a linear code A;
Definition 2 (Nearest Codeword Problem)
An instance of GAPNCP,,, is a triple (A, v, t ) , such that:
(A, v , t ) is a YES instance if d(v,A) 5 t ;
(A, v,t) is a NO instance if d(v,A) > y . t .
Definition 3 (Relatively Near Codeword Problem)
An instance of G A P R N C is ~ ~a triple ( A , v , t ) , such that:
t < p.d(A);
(A, v, t ) is a YES instance if d(v,A) 5 t ;
(A, v, t ) is a NO instance if d(v,A) > y t .

0 Find the Nearest Codeword y for the received vector x.
Vardy [5] proved that it is NP-hard to compute d ezplicitly.
The (second) Nearest Codeword Problem (NCP) was proven
to be NP-hard in [3]. More generally, we can consider decoding
complexity given relatively low error weight. For real p, this
gives the Relatively Near Codeword Problem R N d P ) :
Given a generator matrix A E q X n - o f a linear code A
of minimum distance d, an integer t with the promise that
t < p . d, and a received word x E q ,find a codeword within
distance t from x. (The algorithm may fail if the promise is
violated, or if no such codeword exists.)
In particular, p = 112 in the “Bounded distance decoding
problem”. Till recently, not much was known about R N d P )
for constants p < CO, let alone p = 1/2. Now we show that
RNC(”) is NP-hard (under random reductions) for every p >
112. This result brings us closer to an eventual (negative?)
resolution of the bounded distance decoding problem.
We also show that the minimum distance is hard t o approx-
imate within any constant factor, unless N P = R P (i.e., every
problem in NP has a polynomial time probabilistic algorithm
that always rejects NO instances and accepts YES instances
with high probability). In our work, we adapt the proofs of
results for integer lattices obtained in [2] and [4], by using
linear codes that surpass random codes.
PROBLEMS
11. APPROXIMATION
A promise problem is a generalization of decision problem
when some strings are not required t o be either a YES or a
NO instance. However, given a string with the promise that
it is either a YES or N o instance, one has to decide which of
the two sets it belongs to. Below we use A E Cxn, v E q,
and t E Z+. Also, q is a prime power, y 2 1, and p > 0.
Definition 1 (Minimum Distance Problem)
An instance of GAPDIST,,~is a pair (A,d), such that:
( A , d) is a YES instance if d(A) 5 d;
( A , d ) is a NO instance if d(A) > y . d.
‘This work was supported by the NSF grant NCR-9703844.
2This work was supported by a Sloan Foundation Fellowship,
an MIT-NEC Research Initiation Grant and NSF Career Award
CCR-9875511.
Our reduction uses the promise problem GAPNCP,,, that is
proved t o be NP-hard [l] for every constant y 2 1. It is
also hard [l] t o approximate d(v,A) t o within a factor of
210g(’-‘) for-any E > 0, unless N P C Q P (deterministic quasi-
polynomial time).
We also use polynomial reverse unfaithful random reduc-
tions (RUR-reductions). Given a security parameter s, these
probabilistic algorithms require poly( s) time t o necessarily
map N o instances t o N o instances and YES instances t o YES
instances with high probability 1 - q-’.
Theorem 4 For any p > 1/2, y 2 1 and any finite field lFq :
GAPRNC?; is NP-hard under polynomial RUR-reductions;
GAPDIST,,, is NP-hard under polynomial RUR-reductions;
GAPDIST,,, is NP-hard under quasi-polynomial RUR-
reductions f o r ~ ( n=)210g(’-‘) n .
For further details, see [6]
REFERENCES
S. Arora, L. Babai, J. Stern, Z. Sweedyk, “The Hardness of
Approximate Optima in Lattices, Codes, and Systems of Lin-
ear Equations”, J . of Comp. and System Sci., Vol. 54, 1997,
pp. 317-331.
M. Ajtai, “The Shortest Vector Problem is NP-Hard for Ran-
domized Reductions”, Proc. 30th Symposium on Theory of
Computing, 1998, pp. 10-19.
E.R. Berlekamp, R.J. McEliece, H.C.A. van Tilborg, “On the
Inherent Intractability of Certain Coding Problems”, ZEEE
Zhns. Inform. Theory, Vol. 24, 1978, pp. 384-386.
D. Micciancio, “The Shortest Vector in a Lattice is Hard to
Approximate to within Some Constant”, in Proc. 39th Symp.
Foundations of Comp. Sci. 1998, pp. 92-98.
A. Vardy, “The Intractability of Computing the Minimum Dis-
tance of a Code,” IEEE ’Zhns. Inform. Theory, Vol. 43, 1997,
pp. 1757-1766.
1. Dumer., D. Micciancio, M. Sudan, “Hardness of ap-
proximating the minimum distance of a linear code,”
ECCC Technical Report TR99-029 (available from
http:\\vvv.eccc.uni-trier.de/eccc), 1999.

252
0-7803-5857-O/OO/%l O.OO 0 2 0 0 0 IEEE.