Page 1

A parametric approach to list decoding of

Reed-Solomon codes using interpolation

Mortuza Ali and Margreta Kuijper∗ †

April 15, 2011

Abstract

In this paper we present a minimal list decoding algorithm for Reed-Solomon (RS) codes.

Minimal list decoding for a code C refers to list decoding with radius L, where L is the minimum

of the distances between the received word r and any codeword in C. We consider the problem

of determining the value of L as well as determining all the codewords at distance L. Our

approach involves a parametrization of interpolating polynomials of a minimal Gr¨ obner basis

G. We present two efficient ways to compute G. We also show that so-called re-encoding can

be used to further reduce the complexity. We then demonstrate how our parametric approach

can be solved by a computationally feasible rational curve fitting solution from a recent paper

by Wu. Besides, we present an algorithm to compute the minimum multiplicity as well as the

optimal values of the parameters associated with this multiplicity which results in overall savings

in both memory and computation.

1Introduction

Reed-Solomon (RS) codes are important linear block codes that are of significant theoretical and

practical interest. A (n,k) RS code C, defined over a finite field F, is a k dimensional subspace of

the n dimensional space Fn. For a message polynomial m(x) = m0+ m1x + ··· + mk−1xk−1, the

encoding operation is to evaluate m(x) at x1,x2,...,xn, where the xi’s are n distinct elements of

F. The rich algebraic properties and geometric structures of RS codes lead to the invention of a

number of efficient decoding algorithms such as Sugiyama algorithm [26], Berlekamp-Massey (BM)

algorithm [4, 20], and Welch-Berlekamp (WB) algorithm [28]. These classical decoding algorithms

guarantee correct decoding as long as the number of errors is upper bounded by t = ?(d − 1)/2?,

where d = n − k + 1 is the minimum distance of the code.

In classical decoding, the error correcting radius of t = ?(d − 1)/2? originates from the requirement

of unique decoding since for t > ?(d − 1)/2? multiple codewords within distance t from the received

word r may exist. One way to circumvent this limitation is to increase the decoding radius beyond

?(d − 1)/2? and allow the decoder to output a list of codewords rather than one single codeword.

However, such list decoding is only feasible if there are few codewords in the list. In [9] Guruswami

showed that for a code of relative distance δ = d/n, any Hamming sphere of radius ≤ n(1−√1 − δ)

around a received word r contains only a polynomial number of codewords. Therefore, a (n,k) RS

code with d = n−k+1 can be list decoded up to the error correcting radius of n−?n(k − 1) which

∗M. Ali and M. Kuijper are with the Department of Electrical and Electronic Engineering, University of Melbourne,

VIC 3010, Australia mortuzaa@unimelb.edu.au; mkuijper@unimelb.edu.au

†This work was supported by the Australian Research Council(ARC).

Guruswami named as the Johnson bound.

1

arXiv:1011.1040v3 [cs.IT] 14 Apr 2011

Page 2

A list decoding algorithm was first discovered for low rate RS codes by Sudan [25] and later improved

and extended for all rates by Guruswami and Sudan [10]. The Guruswami-Sudan algorithm can

correct errors up to the Johnson bound n −?n(k − 1). Given a received word r, the essential idea

most t values of i ∈ {1,2,...,n}. The Guruswami-Sudan algorithm finds these polynomials in two

steps: the interpolation step and the factorization step. In the interpolation step, it computes a

bivariate polynomial Q(x,r) that passes through all the points (x1,r1),(x2,r2),...,(xn,rn) with a

prescribed multiplicity s satisfying a certain weighted degree constraint (see [10] for the definition

of weighted degree). Then the bivariate polynomial Q(x,r) is factorized to find all the factors of the

form r−m(x), where m is a polynomial of degree less than k. Now a polynomial m is a valid message

polynomial if it is of degree less than k and m(xi) ?= ri for at most t values of i ∈ {1,2,...,n}.

The construction of Q(x,r) with the prescribed multiplicity and weighted degree constraint ensures

that for all valid message polynomials m, r − m(x) appears as a factor of Q(x,r). Even though the

algorithm may produce implausible polynomials, the total number of polynomials L in the list will

satisfy the bound L < (s + 0.5)?n/(k − 1), see [21].

tion of the bivariate polynomial Q(x,r). Computation of Q(x,r) involves solving a system of O(ns2)

homogeneous equations which using Gaussian elimination can be done in time cubic in the number

of equations [27]. Clearly the algorithmic complexity of the interpolation step is dominated by the

multiplicity s. Recently Wu [29] transformed the interpolation problem to a ‘rational interpola-

tion problem’ which involves smaller multiplicity. Given the received word r, Wu’s algorithm first

computes the syndrome s of r followed by the computation of the error locator polynomial Λ and

error correction polynomial B using the Berlekamp-Massey algorithm. Wu demonstrated that all

valid error locator polynomials can be expressed as a parametrization of Λ and B. More specifi-

cally, given a list decoding radius t, Wu’s algorithm aims at finding all polynomials λ and β such

that Λ?= λΛ + βB has at most t distinct roots. Wu showed that similar to the Guruswami-Sudan

approach, this problem can be reduced to a curve fitting problem but with significantly smaller

multiplicity.

It may be observed that the set of all Q(x,r) ∈ F[x,r] passing through the points (xi,ri), for

i = 1,2,...,n, with multiplicity s is an ideal Is. From this observation several authors including

Alekhnovich [2], Nielsen and Høholdt [23], Kuijper and Polderman [16], O’Keeffe and Fitzpatrick [24],

and Lee and O’Sullivan [19], formulated the interpolation step of the list decoding algorithm as the

problem of finding the minimal weight polynomial from the ideal Is. Clearly the minimal weight

polynomial will appear as the minimal polynomial in a minimal Gr¨ obner basis of Iscomputed with

respect to the corresponding weighted term order. Lee and O’Sullivan also showed that the minimal

polynomial in the ideal Is can be computed more efficiently from a minimal Gr¨ obner basis of a

submodule of F[x]qfor a sufficiently large q1. Let F[x,r]q = {f ∈ F[x,r]|r-deg(f) < q}. Then

F[x,r]qcan be viewed as a free module over F[x]qwith a free basis 1,r,...,rq−1. Then the essential

observation of Lee and O’Sullivan is that the minimal polynomial of Is can be constructed from

the minimal Gr¨ obner basis of a submodule of F[x]qalong with the free basis 1,r,...,rq−1, for large

enough q.

In this paper we employ the theory of minimal Gr¨ obner bases to perform minimal list decoding.

Given the received word r, let L denote the value of dH(r,C) where

of the algorithm is to find all the polynomials m of degree less than k such that m(xi) ?= rifor at

The most computationally intensive operation in the Guruswami-Sudan algorithm is the construc-

dH(r,C) := min

c∈C{dH(r,c)}.

Our main objective is to determine the value of L as well as all codewords c which are at a distance L

from the received word r. Clearly, if L is larger than the classical error correcting radius ?(d−1)/2?,

1Here the integer q is not related to the size of the field.

2

Page 3

the task is a list decoding operation. Our algorithm, unlike the Lee and O’Sullivan approach, starts

with computing a minimal Gr¨ obner basis G of a submodule of F[x]2, rather than F[x]q. We then

demonstrate that all valid message polynomials can be extracted from a parametrization in terms of

the elements of G. For computational feasibility, we show that this parametric approach, like Wu’s

algorithm, can be translated into a ‘rational interpolation problem’. However, our approach has at

least three features that distinguishes it from Wu’s algorithm. Firstly, our parametric formulation

of the problem of list decoding, without the detour of syndrome computation, is simpler than Wu’s

formulation.Secondly, while Wu’s algorithm, for each valid Λ?, resorts to Forney’s formula to

compute the error values, our algorithm immediately leads to a valid message polynomial. Finally,

we provide an algorithm to compute the minimum multiplicity along with the optimal values of the

associated parameters to be used in the rational interpolation step. Use of these optimal parameters

in the rational interpolation step results in savings of both memory and computation as compared

to Wu’s algorithm.

The organization of the rest of the paper is as follows. In Section 2, we briefly review the relevant

theory of Gr¨ obner bases. In Section 3, we develop the theory and present the main algorithm

along with two ways to compute the minimal Gr¨ obner basis. In this section we also explain how

so-called re-encoding can be applied to the proposed approach.

parametric approach into a ‘rational interpolation problem’ and present an efficient algorithm for

the computation of the minimum value of the multiplicity and other parameters to be used in the

rational interpolation step. We demonstrate that the use of these optimal values of the parameters

results in less memory requirement as well as less computational requirement as compared to Wu’s

approach. Finally we conclude the paper in Section 5.

In Section 4, we translate the

2 Preliminaries

The theory of Gr¨ obner bases for modules in F[x]qis generally recognized as a powerful conceptual

and computational tool that plays a role similar to Euclidean division for modules in F[x]. More

specifically, minimal Gr¨ obner bases prove themselves as an effective tool for various types of inter-

polation problems. In recent papers [18, 17] this effectiveness was ascribed to a powerful property of

minimal Gr¨ obner bases, explicitly identified as the ‘Predictable Leading Monomial Property’. The

proofs in this paper make use of this property. Before recalling the PLM property let us first recall

some terminology on Gr¨ obner bases.

Let e1,...,eqdenote the unit vectors in Fq. The elements xαeiwith i ∈ {1,...,l} and α ∈ N0are

called monomials. Let n1,...,nq be nonnegative integers. In this paper we define the following

two types of monomial orders:

• The (n1,··· ,nq)-weighted term over position (top) order, defined as

xαei< xβej

:⇔ α + ni< β + njor (α + ni= β + njand i < j).

• The (n1,··· ,nq)-weighted position over term (pot) order, defined as

xαei< xβej

:⇔ i < j or (i = j and α + ni< β + nj).

Clearly, whatever order is chosen, every nonzero element f ∈ F[x]qcan be written uniquely as

f =

L

?

i=1

ciXi,

where L ∈ N, the ci’s are nonzero elements of F for i = 1,...,L and the polynomial vectors

X1,...,XLare monomials, ordered as X1> ··· > XL. Using the terminology of [1] we define

3

Page 4

• lm(f) := X1as the leading monomial of f

• lt(f) := c1X1as the leading term of f

• lc(f) := c1as the leading coefficient of f

Writing X1= xα1ei1, where α1∈ N0and i1∈ {1,...,l}, we define

• lpos(f) := i1as the leading position of f

• wdeg(f) := α1+ ni1as the weighted degree of f.

Note that for zero weights n1= ··· = nq= 0 the above orders coincide with the reflected versions

of the standard TOP order and POT order, respectively, as introduced in the textbook [1].

Also note that, unlike with TOP, the introduction of weights does not change the POT ordering of

monomials. In this paper, weighted POT order is needed only because we need the associated notion

of ‘weighted degree’.

We now recall some basic definitions and results on Gr¨ obner bases, see [1]. Below we denote the

submodule generated by a polynomial vector f by ?f?.

Definition 2.1 Let F be a subset of F[x]q. Then the submodule L(F), defined as

L(F) := ?lt(f) | f ∈ F?

is called the leading term submodule of F.

Definition 2.2 Let M ⊆ F[x]qbe a module and G ⊆ M. Then G is called a Gr¨ obner basis of M

if

L(G) = L(M).

In order to define a concept of minimality we have the following definition.

Definition 2.3 ([1, Def. 4.1.1]) Let 0 ?= f ∈ F[x]qand let F = {f1,...,fs} be a set of nonzero

elements of F[x]q. Let αj1,...,αjm∈ N0and βj1,...,βjmbe nonzero elements of F, where 1 ≤ m ≤ s

and 1 ≤ ji≤ s for i = 1,...,m, such that

1. lm(f) = xαjilm(fji) for i = 1,...,m and

2. lt(f) = βj1xαj1lt(fj1) + ··· + βjmxαjmlt(fjm).

Define

h := f − (βj1xαj1fj1+ ··· + βjmxαjmfjm).

Then we say that f reduces to h modulo F in one step and we write

f

F

− → h.

If f cannot be reduced modulo F, we say that f is minimal with respect to F.

Lemma 2.4 ([1, Lemma 4.1.3]) Let f, h and F be as in the above definition. If f

or lm(h) < lm(f).

F

− → h then h = 0

Definition 2.5 ([1]) A Gr¨ obner basis G is called minimal if all its elements g are minimal with

respect to G\{g}.

4

Page 5

It is well known [1, Exercise 4.1.9] that a minimal Gr¨ obner basis exists for any module in F[x]qand

that all leading positions of its elements are different. In [18, 17] another important property of a

minimal Gr¨ obner basis is identified; the theorem below merely formulates a well known result.

Theorem 2.6 ( [18]) Let M be a submodule of F[x]qwith minimal Gr¨ obner basis G = {g1,...,gm}.

Then for any 0 ?= f ∈ M, written as

f = a1g1+ ··· + amgm,

where a1,...,am∈ F[x], we have

lm(f) =max

1≤i≤m;ai?=0(lm(ai)lm(gi)).

(1)

(2)

The property outlined in the above theorem is called the Predictable Leading Monomial (PLM)

property, as in [18]. Note that this property involves not only degree information (as in the

‘predictable degree property’ first introduced in [5]) but also leading position information. Most

importantly, the above theorem holds irrespective of which monomial orders top or pot is chosen,

for a proof see [18].

Clearly, in the above theorem m = rank (M) and all minimal Gr¨ obner bases of M must have

rank (M) elements, no matter which monomial order is chosen. Furthermore, we have the following

theorem.

Theorem 2.7 Let n1,...,nq be nonnegative integers and let M be a module in F[x]q. Let G =

{g1,...,gm} be a minimal Gr¨ obner basis of M with respect to the (n1,··· ,nq)-weighted top order;

denote ?i:= wdeggifor i = 1,...,m. Let˜G = {˜ g1,..., ˜ gm} be a minimal Gr¨ obner basis of M with

respect to the (n1,··· ,nq)- weighted pot order; denote˜?i:= wdeg ˜ gifor i = 1,...,m. Then

m

?

i=1

?i=

m

?

i=1

˜?i. (3)

Proof

G and˜G are bases for M (in a linear algebraic sense) that there exists a unimodular polynomial

matrix U ∈ F[x]q×qsuch that

col {g1,...,gq} = Ucol {˜ g1,..., ˜ gq}.

Without restrictions we may assume that the leading positions within each Gr¨ obner basis are strictly

increasing. Clearly it follows from the above equation that also

We first prove the theorem for the case m = q. It follows easily from the fact that both

V = UW,(4)

where V = col {g1,...,gq}diag {xn1,··· ,xnq} and W = col {˜ g1,..., ˜ gq}diag {xn1,··· ,xnq} Since

U is unimodular we must have deg det V = deg det W. Clearly deg det V =?m

it follows immediately from (4) that the maximum degree of all minors of V equals the maximum

degree of all minors of W. On the other hand, the maximum degree of all minors of V clearly equals

?m

i=1?iand deg det

W =?m

i=1?iand similarly the maximum degree of all minors of W equals?m

i=1˜?ifrom which (3) follows. Next, we prove the general case m ≤ q. For this, we note that

i=1˜?i. The theorem now

follows.

?

We call the sum in (3) the (n1,··· ,nq)-weighted degree of M, denoted by wdeg (M). For zero

weights n1= ··· = nq= 0 the above result expresses that the sum of the degrees of a (reflected)

5