Decoding Downset codes over a finite grid
aa r X i v : . [ c s . CC ] A ug Decoding Downset codes over a grid
Srikanth Srinivasan ∗ Utkarsh Tripathi † S. Venkitesh ‡ August 21, 2019
Abstract
In a recent paper, Kim and Kopparty (Theory of Computing, 2017) gave a deter-ministic algorithm for the unique decoding problem for polynomials of bounded totaldegree over a general grid S × · · · × S m . We show that their algorithm can be adaptedto solve the unique decoding problem for the general family of
Downset codes . Here, adownset code is specified by a family D of monomials closed under taking factors: thecorresponding code is the space of evaluations of all polynomials that can be writtenas linear combinations of monomials from D . Polynomial-based codes play an important role in Theoretical Computer Science in gen-eral and Computational Complexity in particular. Combinatorial and computational char-acteristics of such codes are crucial in proving many of the landmark results of the area,including those related to interactive proofs [LFKN92, Sha92, BFL91], hardness of approxi-mation [ALM + d evaluatedat all points of a finite grid S = S × · · · × S m ⊆ F m for some field F . When d < k :=min i {| S i | | i ∈ [ m ] } , this space of polynomials forms a code of positive distance µ := | S | · (1 − ( d/k )) given by the well-known DeMillo-Lipton-Schwartz-Zippel lemma [DL78, Sch80, Zip79](DLSZ lemma from here on).A natural algorithmic question related to this is the Unique Decoding problem : given f : S → F that is guaranteed to have (Hamming) distance less than µ/ P of the code, can we find this P efficiently? This problem was solved in full generality onlyvery recently, by an elegant result of Kim and Kopparty [KK17] who gave a deterministicpolynomial-time algorithm for this problem. We refer to this algorithm as the KK algorithm.What about the Unique decoding problem when d ≥ k ? In this setting, one must becareful in defining the problem since the space of polynomials of total degree at most d no longer has positive distance. However, one can ensure positive distance by enforcing ∗ Department of Mathematics, IIT Bombay. Email: [email protected] . Supported by SERBgrant MTR/20l7/000958. † Department of Mathematics, IIT Bombay. Email: [email protected] . Supported bythe Ph.D. Scholarship of NBHM, DAE, Government of India. ‡ Department of Mathematics, IIT Bombay. Email: [email protected] . Supported by theSenior Research Fellowship of HRDG, CSIR, Government of India. e.g. if d ≥ | S j | , the non-zero polynomial Q a ∈ S j ( X j − a ) of degree at most d vanishes over all of S . individual degree constraints: specifically, we require that the degree of eachvariable X i in the underlying polynomial be strictly smaller than | S i | . With a little bitof effort, one can check that the KK algorithm can also be adapted to this setting. Inparticular, this means that the KK algorithm generalizes a result of Reed [Ree54] from the1950s, which gives an algorithm for decoding multilinear (i.e. all individual degrees are atmost 1) polynomials over { , } m . Motivated by this, we try to understand the scope of applicability of the KK algorithm.Can we show that the KK algorithm works for a cleanly defined general family of codesencompassing the results above? As a possible answer to this question, we put forwardthe class of
Downset Codes. A Downset D is a finite set of monomials (over the variables X , . . . , X m ) that is closed under taking factors. The downset code C ( S, D ) is the codeconsisting of all polynomials that can be written as linear combinations of monomials from D . The space of polynomials of total degree at most d , for example, is clearly a downset code.But one can also add individual degree constraints, weighted degree constraints, bounds onthe support-size (i.e. number of variables) in any monomial etc.. Downset codes thus yielda fairly general family of codes.Furthermore, there is a natural variant of the DLSZ lemma that yields a combinatorialcharacterization of the minimum distance of any downset code C ( S, D ). (The proof of thislemma uses a classical theorem of Macaulay [Mac27] that reduces the problem of estimatingthe size of a finite variety to counting the number of non-leading monomials in the ideal ofthe variety.) It is thus natural to ask if we can solve the unique decoding problem for suchcodes.Our main result is that the KK algorithm can be suitably adapted to yield a deterministicpolynomial-time algorithm that solves the unique decoding problem for any downset code C ( S, D ) . Furthermore, the algorithm and its proof of correctness are quite clean; in particular,working in the fairly general setting of downset codes leads to a simple abstract analysis ofthe algorithm.
Throughout fix a field F . Let S , . . . , S m be finite non-empty subsets of F and let S denotethe grid S × S × · · · × S m . We use k i to denote | S i | . Given functions f, g : S → F , we use∆( f, g ) to denote the Hamming distance between f and g , i.e. the number of points wherethey differ.Let M denote the set { , . . . , k − } × · · · × { , . . . , k m − } with the natural partialorder (cid:22) . For each α ∈ M , we denote by ∇ ( α ) the set { β ∈ M | α (cid:22) β } and by ∆( α ) theset { β ∈ M | β (cid:22) α } . For any α ∈ M , we will identify the monomial X α := X α · · · X α m m with α and use the monomial notation and the multi-index notation interchangeably.The following fact is standard. In particular, a code C ( S, D ) has positive distance if and only if all the monomials in D have individualdegree less than k i w.r.t. each variable X i . act 1. Each f : S → F has a unique representation as a polynomial P ( X , . . . , X m ) wherethe degree of X i in P is at most k i − for each i ∈ [ m ] . Equivalently, there is a naturalone-one correspondence between the space of all functions from S to F and C ( S, M ) . Given a downset
D ⊆ M , we associate with it the linear code C ( S, D ), called a downsetcode , defined by C ( S, D ) = { f : S → F | f can be represented by a linear combination of monomials from D} . The following lemma allows us to compute the minimum distance µ ( S, D ) for any downset D ⊆ M . Recall (see e.g. [CLO07]) that a monomial order on monomials in X , . . . , X m is atotal ordering ⊑ of the monomials that is a well order and moreover satisfies the followingfor any α, β, γ ∈ N m : X α ⊑ X β ⇒ X α + γ ⊑ X β + γ . Lemma 2 (Schwartz-Zippel Lemma for C ( S, D )) .
1. Let f ∈ C ( S, M ) be arbitrary andlet X α be the leading monomial of f w.r.t. a monomial order. Then, | Supp( f ) | ≥|∇ ( α ) | .
2. For each α ∈ M , there is an f : S → F such that | Supp( f ) | = |∇ ( α ) | and f can berepresented by a linear combination of monomials from ∆( α ) . In particular, if α ∈ D , then such an f ∈ C ( S, D ) . Thus, µ ( S, D ) = min α ∈D |∇ ( α ) | . In particular, given D , it can be found in polynomialtime.Proof. Item 1 is an easy consequence of the proof of Macaulay’s theorem [Mac27] (seealso [CLO07, Chapter 5.3, Proposition 4]). For completeness, we present a short proofhere. Given any polynomial P ∈ F [ X , . . . , X m ], let mSupp( P ) denote the set of monomialswith non-zero coefficient in P . For any set of monomials M ′ , let ∆( M ′ ) denote the set ofmonomials that divide some monomial in M ′ . For any i ∈ [ m ], let f i ( X i ) = Q a ∈ S i ( X i − a ) . Note that f i is a univariate polynomial ofdegree k i that vanishes on S . Given any polynomial P ∈ F [ X , . . . , X m ], the remainder P i obtained upon dividing P by f i has degree < k i in the variable X i and evaluates to the samevalue as P at points in S . Further, each monomial in mSupp( P i ) divides some monomial inmSupp( P ) (i.e. mSupp( P i ) ⊆ ∆(mSupp( P ))) . Repeating this process, we eventually obtaina polynomial e P ∈ C ( S, M ∩ ∆(mSupp( P ))) representing the same function as P .Let A be the subset of points in x ∈ S where f ( x ) = 0 . To prove item 1 of the lemma, itsuffices to show that every g : A → F can be represented as a polynomial from C ( S, M\∇ ( α )) . Standard linear algebra then implies that | A | ≤ |M| − |∇ ( α ) | = | S | − |∇ ( α ) | , which provesitem 1.To prove the above, fix any g : A → F . By extending g in an arbitrary way to S , we knowthat g can be represented by some polynomial Q ∈ C ( S, M ) . If mSupp( Q ) does not containany monomial from ∇ ( α ) , then we are done. Otherwise, we choose the largest (w.r.t. ⊑ )monomial X β ∈ ∇ ( α ) ∩ mSupp( Q ). Let a be the coefficient of X β in Q .Assume that f ( X ) = X α + f ( X ) where LM ( f ) < X α . Multiplying by X β − α , we seethat the polynomial X β + X β − α f ( X ) vanishes on A . Note that Q = Q − a X β − α f is a3olynomial such that mSupp( Q ) X β that also represents the function g at points in A .Repeating this process, we eventually obtain a polynomial P without any monomials from ∇ ( X α ) that represents g . The polynomial e P (obtained by dividing by f i as mentioned above)also represents g and furthermore is an element of C ( S, M∩ ∆(mSupp( P )) ⊆ C ( S, M\∇ ( α )) . For item 2, assume that S i = { a i , . . . , a ik i } for each i ∈ [ m ] and consider f ( X ) = Q i ∈ [ m ] Q j ≤ α i ( X i − a ij ) . Let f M denote { , . . . , k − } × · · · × { , . . . , k m − − } with its natural partial order. Let e S denote the set S × · · · × S m − . Given a downset
D ⊆ M as above, let deg m ( D ) = max { j ∈ [ k m − | ∃ α ∈ D s.t. α m = j } . For i ∈ { , . . . , deg m ( D ) } , define D i = { β ∈ f M | ( β, i ) ∈ D} . The following observation will be useful.
Lemma 3.
Let
D ⊆ M be any downset, and let d = deg m ( D ) .
1. For each i ∈ { , . . . , d } , D i is a downset in f M . Further, we have D ⊇ D ⊇ · · · ⊇ D d .
2. For each i ∈ { , . . . , d } , we have µ ( S, D ) ≤ µ ( e S, D i ) · µ ( S m , { , . . . , i } ) . Proof.
1. Clear from the definition, since D is a downset.2. Let U ∈ C ( e S, D i ) and have weight equal to µ ( e S, D i ), and V ∈ C ( S m , { , . . . , i } ) andhave weight equal to µ ( S m , { , . . . , i } ). Let X α be any monomial in U ( X ) and Y j beany monomial in V ( Y ). So X α ∈ D i and j ∈ { , . . . , i } . Then by Item 1, D i ⊆ D j andso X α ∈ D j , that is, X α Y j ∈ D . Thus, U · V ∈ C ( S, D ) and hence, has weight at least µ ( S, D ). So we see that µ ( S, D ) ≤ µ ( e S, D i ) · µ ( S m , { , . . . , i } ) . (Note that the quantity µ ( S m , { , . . . , i } ) is the distance of the degree- i Reed-Solomoncode on the set S m . )As in the result of Kim and Kopparty, we work with the more general problem of decoding Weighted functions (or weighted received word). A weighted function over S is a function w : S → F × [0 ,
1] or equivalently a pair ( f, u ) where f : S → F and u : S → [0 , . Given aweighted function w = ( f, u ) and a function g : S → F , we define their distance ∆( w, g ) by∆( w, g ) = X x : f ( x )= g ( x ) u ( x )2 + X x : f ( x ) = g ( x ) (cid:18) − u ( x )2 (cid:19) . A (unweighted) function h : S → F is identified with the weighted function ( h, u ) where u isthe identically zero function. Note that with this identification, ∆(( h, u ) , g ) agrees with the4tandard Hamming distance ∆( h, g ) between h and g . In particular, the unique decodingproblem for C ( S, D ) immediately reduces to the problem of finding a codeword of distanceless than µ ( S, D ) / C ( S, D ). The proof (in a more general setting) can be found in [KK17, Lemma 2.1]. Lemma 4.
Assume that
G, H ∈ C ( S, D ) are distinct. Let f : S → F × [0 , be any weightedreceived word. Then, ∆( f, G ) + ∆( f, H ) ≥ ∆( G, H ) ≥ µ ( S, D ) . In particular, both G and H cannot be at distance strictly less than µ ( S, D ) / from f . Theorem 5.
There is a deterministic polynomial time algorithm that given, S, D and aweighted codeword w : S → F × [0 , produces a codeword C ∈ C ( S, D ) such that ∆( w, C ) <µ ( S, D ) / , if one exists. (If no such codeword C exists, the algorithm outputs some arbitrarypolynomial.) For the case when m = 1, a result of Forney [Jr.66] yields a deterministic polynomial-timealgorithm for this problem. We call this algorithm WeightedRSDecoder and refer the readerto [Jr.66] or [KK17] for a description.
Proof.
The algorithm is specified as
WeightedDownsetDecoder below (Algorithm 1). Weprove its correctness by induction on m .For the base case m = 1, we simply use the algorithm WeightedRSDecoder and so thereis nothing to prove.Now we assume the correctness of
WeightedDownsetDecoder algorithm for m − w : S → F × [0 ,
1] be a received weighted word. Suppose there is a C ∈ C ( S, D ) with∆( w, C ) < µ ( S, D ) /
2. We can write C ( X , Y ) = d X i =0 P i ( X ) Y d − i , where d = deg m ( D ) as in Algorithm 1.We show, by induction on i ∈ { , . . . , d } , that the algorithm correctly decodes the poly-nomial P i ( X ) . In other words, for each i ∈ { , . . . , d } , the polynomial Q i ( X ) computed byAlgorithm 1 is the same as the polynomial P i ( X ) . Fix i ∈ { , . . . , d } . Assume that the algorithm has correctly decoded P j ( X ) for each j < i . Let C i ( X , Y ) = P dj = i P j ( X ) Y d − j . Note that P j ∈ C ( e S, D d − j ), for all j ∈ { , . . . , d } .To show that Q i ( X ) = P i ( X ) , it is enough to show that ∆( f i , P i ) < µ ( e S, D d − i ) / f i is as computed by the algorithm. Then, the induction hypothesis implies that Q i ( X ) = P i ( X ). In the algorithm, we will only need this for m = 1, i.e. for the Reed-Solomon code. lgorithm 1 WeightedDownsetDecoder : Decoding a downset code over a grid Input: ( S, D , w ), where • S = S × · · · × S m is a finite grid in F n with k i = | S i | . ⊲ We have e S = S × · · · × S m − . • D ⊆ M is a downset. • w : S → F × [0 ,
1] is a weighted received word. if m = 1 then return WeightedRSDecoder ( S, D , w ). ⊲ Here S ⊆ F and D = { , . . . , d } , for some d . else Define r : S → F and u : S → [0 ,
1] by w ( x , y ) = ( r ( x , y ) , u ( x , y )) , for all ( x , y ) ∈ e S × S m . for i = 0 , . . . , d = deg m ( D ) do Define w i : S → F × [0 ,
1] by w i ( x , y ) = r ( x , y ) − i − X j =0 Q j ( x ) y d − j , u ( x , y ) ! , for all ( x , y ) ∈ e S × S m . for x ∈ e S do Define w i, x : S m → F by w i, x ( y ) = w ( x , y ), for all ( x , y ) ∈ e S × S m . Let G x ( Y ) = WeightedRSDecoder ( S m , { , . . . , d − i } , w i, x ) ∈ F [ Y ]. if ∆( w i, x , G x ) < µ ( S m , { , . . . , d − i } ) / then σ x = coeff( Y d − i , G x ( Y )). δ x = ∆( w i, x , G x ). else σ x = 0. δ x = µ ( S m , { , . . . , d − i } ) / end if end for Define weighted word f i : e S → F × [0 ,
1] and δ i : e S → [0 ,
1] by f i ( x ) = (cid:18) σ x , δ x µ ( S m , { , . . . , d − i } ) / (cid:19) = ( σ x , δ i ( x )) . Let Q i ( X ) = WeightedDownsetDecoder ( e S, D d − i , f i ). end for return P di =0 Q i ( X ) Y d − i . end if w i : S → F × [0 ,
1] as in the algorithm by w i ( x , y ) = r ( x , y ) − i − X j =0 Q j ( x ) y d − j , u ( x , y ) ! =: ( r i ( x , y ) , u i ( x , y )) , for all ( x , y ) ∈ e S × S m . By induction, we know that Q j ( X ) = P j ( X ) for j < i . Hence, we observe that r i ( X , Y ) − C i ( X , Y ) = (cid:18) r i ( X , Y ) + i − X j =0 P j ( X ) Y d − j (cid:19) − (cid:18) C i ( X , Y ) + i − X j =0 P j ( X ) Y d − j (cid:19) = (cid:18) r i ( X , Y ) + i − X j =0 Q j ( X ) Y d − j (cid:19) − C ( X , Y )= r ( X , Y ) − C ( X , Y ) . Hence, ∆( w i , C i ) = ∆( w, C ) < µ ( S, D ) / f i , P i ) . Recall that we have∆( f i , P i ) = X x ∈ e S : σ x = P i ( x ) δ i ( x )2 + X x ∈ e S : σ x = P i ( x ) (cid:18) − δ i ( x )2 (cid:19) . Fix some x ∈ e S . Define C i, x ( Y ) = C i ( x , Y ) . Also, define∆( f i ( x ) , P i ( x )) = δ i ( x )2 , σ x = P i ( x )1 − δ i ( x )2 , σ x = P i ( x )We claim that ∆( f i ( x ) , P i ( x )) ≤ ∆( w i, x , C i, x ) µ ( S m , { , . . . , d − i } ) . (1)We prove (1) by a case analysis.(a) δ i ( x ) = 1 . This implies that ∆( w i, x , G x ) ≥ µ ( S m , { , . . . , d − i } ) / . In particular, this implies that∆( w i, x , C i, x ) ≥ µ ( S m , { , . . . , d − i } ) / C i, x instead of G x . This immediately implies (1).So from now we will assume that δ i ( x ) = ∆( w i, x , G x ) / ( µ ( S m , { , . . . , d − i } ) / < . ByLemma 4, it follows that ∆( w i, x , C i, x ) ≥ µ ( S m , { , . . . , d − i } ) / > ∆( w i, x , G x ) . (b) δ i ( x ) < σ x = P i ( x ).In this case, we immediately have∆( f i ( x ) , P i ( x )) = δ i ( x )2 = ∆( w i, x , G x ) µ ( S m , { , . . . , d − i } ) ≤ ∆( w i, x , C i, x ) µ ( S m , { , . . . , d − i } ) . δ i ( x ) < σ x = P i ( x ).As in the previous case, we have δ i ( x )2 = ∆( w i, x , G x ) µ ( S m , { , . . . , d − i } ) . But as σ x = P i ( x ) , we have G x = C i, x . Thus, by Lemma 4, it follows that ∆( w i, x , C i, x ) + ∆( w i, x , G x ) ≥ µ ( S m , { , . . . , d − i } ). Hence∆( f i ( x ) , P i ( x )) = 1 − δ i ( x )2 = µ ( S m , { , . . . , d − i } ) − ∆( w i, x , G x ) µ ( S m , { , . . . , d − i } ) ≤ ∆( w i, x , C i, x ) µ ( S m , { , . . . , d − i } ) . This concludes the proof of (1). Using (1), we get∆( f i , P i ) = X x ∈ e S ∆( f i ( x ) , P i ( x )) ≤ X x ∈ e S ∆( w i, x , C i, x ) µ ( S m , { , . . . , d − i } )= ∆( w i , C i ) µ ( S m , { , . . . , d − i } ) = ∆( w, C ) µ ( S m , { , . . . , d − i } ) < µ ( S, D )2 µ ( S m , { , . . . , d − i } ) ≤ µ ( e S, D d − i )2 , by Lemma 3 Item 2 . This completes the proof.
Acknowledgments.
The authors are grateful to Swastik Kopparty and Madhu Sudan fortheir helpful comments and encouragement.
References [ALM +
98] Sanjeev Arora, Carsten Lund, Rajeev Motwani, Madhu Sudan, and MarioSzegedy. Proof verification and the hardness of approximation problems.
J.ACM , 45(3):501–555, 1998.[BFL91] L´aszl´o Babai, Lance Fortnow, and Carsten Lund. Non-deterministic exponentialtime has two-prover interactive protocols.
Computational Complexity , 1:3–40,1991.[BFNW93] L´aszl´o Babai, Lance Fortnow, Noam Nisan, and Avi Wigderson. BPP has subex-ponential time simulations unless EXPTIME has publishable proofs.
Computa-tional Complexity , 3:307–318, 1993.[CLO07] David Cox, John Little, and Donal O’Shea.
Ideals, varieties, and algorithms .Undergraduate Texts in Mathematics. Springer, New York, third edition, 2007.An introduction to computational algebraic geometry and commutative algebra.8DL78] Richard A. DeMillo and Richard J. Lipton. A probabilistic remark on algebraicprogram testing.
Inf. Process. Lett. , 7(4):193–195, 1978.[Jr.66] G. David Forney Jr. Generalized minimum distance decoding.
IEEE Trans.Information Theory , 12(2):125–131, 1966.[KK17] John Y. Kim and Swastik Kopparty. Decoding reed-muller codes over productsets.
Theory of Computing , 13(21):1–38, 2017.[LFKN92] Carsten Lund, Lance Fortnow, Howard J. Karloff, and Noam Nisan. Algebraicmethods for interactive proof systems.
J. ACM , 39(4):859–868, 1992.[Mac27] F. S. Macaulay. Some properties of enumeration in the theory of modular sys-tems.
Proceedings of the London Mathematical Society , s2-26(1):531–555, 1927.[Ree54] Irving S. Reed. A class of multiple-error-correcting codes and the decodingscheme.
Trans. of the IRE Professional Group on Information Theory (TIT) ,4:38–49, 1954.[Sch80] Jacob T. Schwartz. Fast probabilistic algorithms for verification of polynomialidentities.
J. ACM , 27(4):701–717, 1980.[Sha92] Adi Shamir. IP = PSPACE.
J. ACM , 39(4):869–877, 1992.[STV01] Madhu Sudan, Luca Trevisan, and Salil P. Vadhan. Pseudorandom generatorswithout the XOR lemma.
J. Comput. Syst. Sci. , 62(2):236–266, 2001.[Zip79] Richard Zippel. Probabilistic algorithms for sparse polynomials. In