Jun 24, 1997 - Recently A. R. Hammons, P. V. Kumar, A. R. Calderbank,. N. J. A. Sloane, and P. Sol e ... the (uju + v) construction and codes de ned over Z4.
Quaternary Quadratic Residue Codes and Unimodular Lattices
Alexis Bonnecaze Patrick Sol�e
CNRS I3S 250, rue A. Einstein Les Lucioles 1 06560 Valbonne FRANCE
A. R. Calderbank
Mathematical Sciences Research Center AT&T Bell Laboratories Murray Hill, New Jersey 07974 USA June 24, 1997
ABSTRACT We construct new self-dual and isodual codes over the integers modulo 4. The binary images of these codes under the Gray map are nonlinear, but formally self-dual. The construction involves Hensel lifting of binary cyclic codes. Quaternary quadratic residue codes are obtained by Hensel lifting of the classical binary quadratic residue codes. Repeated Hensel lifting produces a universal code de ned over the 2-adic integers. We investigate the connections between this universal code and the codes de ned over Z4, the composition of the automorphism group, and the structure of idempotents over Z4. We also derive a square root bound on the minimum Lee weight, and explore the connections with the nite Fourier transform. Certain self-dual codes over Z4 are shown to determine even unimodular lattices, including the extended quadratic residue code of length q + 1, where q � ?1(mod 8) is a prime power. When q = 23, the quaternary Golay code determines the Leech lattice in this way. This is perhaps the simplest construction for this remarkable lattice that is known.
Keywords:
Leech Lattice.
Codes over Rings, Self-Dual Codes, Quadratic Residue Codes, Even Unimodular Lattices,
A preliminary version of part of this paper was presented by Bonnecaze and Sol�e at the First Franco-Israeli Workshop on Coding Theory, Paris, July 1993.
Quaternary Quadratic Residue Codes and Unimodular Lattices
Alexis Bonnecaze Patrick Sol�e CNRS I3S 250, rue A. Einstein Les Lucioles 1 06560 Valbonne FRANCE
A. R. Calderbank
Mathematical Sciences Research Center AT&T Bell Laboratories Murray Hill, New Jersey 07974 USA
1. Introduction Error-correcting and error-detecting codes play important roles in applications ranging from data networking to satellite communication to compact disks. Most coding theory emphasizes linear codes. Here the codewords are vectors with entries in some nite eld, and the code is closed under vector addition and multiplication by scalars from the nite eld. Linear codes have a clean structure that makes them simpler to discover, to understand and to encode and decode. However in order to get the largest possible number of codewords with a xed block size and correction capability, it is sometimes necessary to consider more general codes, without this special linear structure. Some of the best known examples of nonlinear binary error-correcting codes that are better than any corresponding linear code are the NordstromRobinson, Kerdock and Preparata codes (for a description of these codes see [24], [26]). The Nordstrom-Robinson and Preparata codes, for example, are twice as large as the best linear codes for the same parameters (see [7]). The Kerdock and Preparata codes are \dual" to one another in a particular formal sense, even though algebraic duality is de ned only for linear codes. The sense in which they \look like duals" is that the MacWilliams transform of the distance distribution of one yields the distance distribution of the other. This property is known always to hold for linear codes that are actually duals of one another. Recently A. R. Hammons, P. V. Kumar, A. R. Calderbank, N. J. A. Sloane, and P. Sol�e [19] explained this formal duality by showing that the Kerdock and Preparata codes are in fact linear, if one views them in the right way over the ring of integers modulo 4 instead of the binary eld, and that, over this larger ring the two codes are algebraic duals. The Gray map between the binary and mod 4 versions of these codes is extremely simple.
Section 2 contains background information on quaternary codes, including the Gray map, restrictions on weight enumerators provided by invariant theory, and the connection between the (uju + v ) construction and codes de ned over Z4. The construction of the Z4-linear Kerdock code by Hammons et al. [19] involves the Hensel lift of a binary cyclic code to a cyclic code de ned over Z4. Hensel lifting is an algebraic procedure that associates a unique polynomial with coe�cients in Z4 to each binary polynomial. The Hensel lift of a binary cyclic code C2 is the Z2-linear code C4 that is generated by the Hensel lift of any generator polynomial for C2. Section 3 treats Hensel lifts of general cyclic codes and the construction of idempotents over the larger alphabet. The construction of the Nordstrom-Robinson code involves the Hensel lift of a particular binary cyclic code; the quadratic residue code of length 7. The quadratic residue codes are one of the most interesting families of binary cyclic codes. Determining the asymptotic error-correcting capability of these codes appears as a research problem in MacWilliams and Sloane [26], and has not yet been resolved. Repeated Hensel lifting produces quadratic residue codes de ned over Z2a for every a � 1, and a universal code de ned over the 2-adic integers. Section 3 considers the relationship between this universal code and the local codes de ned over Z2a that are obtained by reduction modulo 2a. We hope to better understand the original binary codes by viewing them as the tip of a 2-adic iceberg. In any case the Z4-linear quadratic residue codes are of considerable interest in themselves. We consider the automorphism group, the construction of idempotents, a square root bound on the minimum Lee weight, and following Blahut [5], the connection with the nite Fourier transform. The Hensel lift of the binary Golay code is particularly interesting, and we examine this code in some detail. Section 4 describes how to construct even unimodular lattices from self-dual codes over Z4. The class of even unimodular lattices includes the Gosset lattice E8 and the Leech lattice �24. These lattices have been proposed as codes for the Gaussian channel; see Lang and Longsta� [22] for a description of a prototype modem involving �24. The signals to be transmitted are simply vectors in the Euclidean space R2N , and the coordinate entries correspond to voltage levels on a transmission line. The signal constellation consists of all lattice points within a region R. Let V (R) be the volume of the region R. For any unimodular lattice R there are approximately V (R) lattice points within the region R. The performance of the signal code is measured against uncoded QAM transmission (at the same rate) which uses the unimodular lattice Z2N . The performance is determined by the minimum squared Euclidean distance 2
between distinct-signal points (the minimum norm of the lattice), and the cost of achieving this reliability is the average signal power (which is independent of the choice of unimodular lattice). Since the integer lattice Z2N has minimum norm equal to 1, the factor by which performance is improved is just the minimum norm of the unimodular lattice �. For the Leech lattice �24 performance is improved by a factor 4, for a 6 dB nominal coding gain. This gain is not realized at signal to noise ratios of practical interest because �24 has a great many more nearest neighbors than Z24. Nevertheless, this application has motivated a great deal of recent work on soft-decision decoding of codes and lattices; see Conway and Sloane [14], Forney [17], Amrani et al. [1] and the references given there. Perhaps it is also fair to say that this gap between nominal and e�ective coding gain comes from an insistence on maximizing nominal gain while minimizing block length. This application to unimodular lattices inspires the de nition of the Euclidean weight of a vector v 2 ZN4 . The Euclidean weights of 0; 1; 2; 3 of Z4 are 0; 1; 4; 1 respectively, and the Euclidean weight of a vector is just the rational sum of the Euclidean weights of its components. A Z4-linear code C determines a lattice �(C ) consisting of all integer vectors that are congruent to some codeword modulo 4. We prove that if C is self-dual with all Euclidean weights divisible by 8 then �(C )=2 is an even unimodular lattice. We show that when q � ?1 (mod 8) is a prime power, the quaternary extended quadratic residue codes satisfy this condition. The quaternary Golay code determines the Leech lattice �24 in this way, and is perhaps the simplest construction for this lattice that is known.
2. Quaternary Codes By a quaternary code C of length N we shall mean a linear block code over Z4, that is an additive subgroup of ZN4 . We de ne an inner product on ZN4 by (a; b) = a1 b1 + � � � + aN bN (mod 4), and then the notions of dual code (C ?), self-orthogonal code (C � C ? ) and self-dual code (C = C ? ) are de ned in the standard way. We shall say that two quaternary codes are equivalent if one can be obtained from the other by permuting the coordinates and (if necessary) changing the signs of certain coordinates. The automorphism group Aut(C ) consists of all monomial transformations (coordinate permutations and sign changes) that preserve the set of codewords. We shall say that a code C is isodual if it is equivalent to its dual C ? . Several weight enumerators are associated with a quaternary code C . The complete weight 3
enumerator (or c.w.e.) of C is
cweC (W; X; Y; Z ) =
X
a2C
W n0 (a) X n1 (a)Y n2 (a)Z n3 (a) ;
where ni (a) is the number of components of a that are congruent to i modulo 4. Since a monomial transformation may change the sign of a component, the appropriate weight enumerator for an equivalence class of codes is the symmetrized weight enumerator (or s.w.e.) given by
sweC (W; X; Y ) = cweC (W; X; Y; X ) : The MacWilliams identity over Z4 expresses the symmetrized weight enumerator of the dual code C ? in terms of sweC (W; X; Y ):
sweC ? (W; X; Y ) = jC1 j sweC (W + 2X + Y; W ? Y; W ? 2X + Y ) : Any Z4-linear code is permutation equivalent to a code C with generator matrix of the form � � I M N k 1 G = 0 2I 2P ; k2 where all entries in M , P are 0 or 1 and N is de ned over Z4. The dimension dim(C ) of the code C over Z4 is given by dim(C ) = log4 jC j = log4 (4k1 2k2 ) = k1 + k2 =2 : Hammons et al. [19] explore the Gray map � which is a distance preserving map or isometry from (ZN4 , Lee distance) to (Z22N , Hamming distance). Recall that the Lee weights of the elements 0; 1; 2; 3 of Z4 are respectively 0; 1; 2; 1, and that Lee weight of a vector a 2 ZN4 is just the rational sum of the Lee weights of its components. This weight function de nes the Lee metric on ZN4 . We de ne maps ; from Z4 to Z2 by
c (C ) (C )
0 1 2 3
0 0 1 1
0 1 1 0
and extend them in the obvious way to maps from ZN4 to Z22N . The Gray map � : ZN4 ! Z22N is given by �(c) = ( (c); (c)). It is evidently distance preserving. 4
The binary image �(C ) of a Z4-linear code C under the Gray map need not be Z2-linear, so that the dual code may not even be de ned. We de ne the Z4-dual of �(C ) to be the code C? = �(C ? ). Thus � C ?! �(C ) dual
? ? ? ? y
;
� C ? ?! C? = �(C ? )
but note that one cannot add an arrow marked \dual" to the right side to produce a commuting diagram. A binary code C2 is said to be distance invariant if the Hamming weight distribution of the translate u + C2 , u 2 C2 is independent of u. A binary linear code is clearly distance invariant, but so is the binary image �(C ) of a Z4-linear code C under the Gray map. Hammons et al. [19] also prove that the Hamming weight distributions of �(C ) and �(C ? ) are MacWilliams transforms of one another. These authors also give necessary and su�cient conditions for a binary code to be Z4-linear and for the binary image of a Z4-linear code to be Z2-linear. The binary image under the Gray map of a self-dual code over Z4 is formally self-dual. Kennedy and Pless [20] have shown there often exist formally self-dual codes with higher minimum weight than the best self-dual code of that same length.
2.1. Invariant Theory Klemm [21] has recently studied the conditions satis ed by the complete weight enumerator of a self-dual code over Z4. The MacWilliams transform determines a group of substitutions, each of which xes the complete weight enumerator. This weight enumerator belongs to the ring of polynomials xed by the group of substitutions and it is possible to nd explicit generators for this ring (see [26, Chapter 19] for an introduction to invariant theory). Conway and Sloane [16] obtained an analogous characterization of the symmetrized weight enumerator which we give below as Theorem 2.1.
Theorem 2.1. The symmetrized weight enumerator of a self-dual code of length N over Z4 containing a vector �1 belongs to the ring S � 8S � 82S ; where S is the ring of polynomials in
�4 = W 4 + 6W 2 Y 2 + Y 4 + 8X 4 ; 5
�8 = (W 2 Y 2 ? X 4)((W 2 + Y 2 )2 ? 4X 4) ; �12 = X 4(W 2 ? Y 2)4 ; and
8
is the polynomial 8=X
4(W
? Y )4 :
This ring has Molien series
+ �8 + �16 S (�) = (1 ? �41)(1 ? �8)(1 ? �12) = 1 + �4 + 3�8 + 4�12 + 7�16 + 9�20 + 13�24 + 16�28 + 21�32 + 25�36 + 31�40 + 36�44 + 43�48 + � � � : Recall that the coe�cient of �i in the Molien series gives the number of linearly independent homogeneous invariants of degree i. Example. The octacode O8 is a remarkable self-dual code over Z4 with block length 8. A generator matrix for O8 can be found in Section 4.1; note that this code is equivalent to a code containing the vector �1, and that the symmetrized weight enumerator is an invariant of equivalence classes of codes over Z4. In this case we have
sweO8 (W; X; Y ) = ?28 8 ? 12�8 + �24 :
2.2. Constructions of Quaternary Codes The (uju + v ) construction appears in Plotkin [29], was rediscovered by Sloane and Whitehead [31], and was renamed the squaring construction by Forney [17]. Let Ci , i = 1; 2 be an (n; Mi; di) binary code. Then
C = f(uju + v) u 2 C2; v 2 C1 g is a (2n; M1M2 ; min(2d1; d2)) binary code. The next lemma explores the connection with the Gray map and quaternary codes.
Lemma 2.1. Let C1, C2 be Z2-linear codes and let C1 + 2C2 = fv + 2u j v 2 C1; u 2 C2g : Then C1 + 2C2 is Z4-linear if and only if a � b 2 C2 for all a; b 2 C1, where � denotes componentwise multiplication. In this case
�(C1 + 2C2) = f(uju + v) u 2 C2; v 2 C1g ; 6
where � is the Gray map.
Proof. It is clear that the condition is necessary. To see that it is su�cient write a = a1 +2a2, b = b1 +2b2 2 C1 +2C2, where a1 ; b1 2 C1 and a2 ; b2 2 C2. The result follows from the identity a + b = a1 � b1 + 2[a2 � b2 � (a1 � b1)] where � denotes binary addition.
Example 2A. Let R8 be the repetition code of length 8, and let P8 be the single parity check
code of length 8. The Z4-linear code R8 + 2P8 is the self-dual code �8 introduced by Klemm [21]; �(�8 ) is the [16; 8; 4] binary self-dual code which appears as E16 in Pless [27].
Example 2B. The extended binary [8; 4; 4] Hamming code H8 is �(R4 + 2P4), where R4 is the repetition code of length 4, and P4 is the single parity check code of length 4.
Example 2C. There are 3 self-dual codes of length 16 with minimum distance 4. Since one of these codes is H8 � H8 it remains to describe the third code in terms of Z4. We observe that the binary image �(�08 ) under the Gray map, of the self-dual code �08 introduced by Conway and Sloane [16] appears as F16 in Pless [27]; see Section 4.1 for a generator matrix of �08 .
3. Quadratic Residue Codes The class of extended binary quadratic residue codes includes the [8; 4; 4] Hamming code and the [24; 12; 8] Golay code. These two codes are perhaps the most remarkable members of the larger class of extended binary cyclic codes. The block length of an extended binary quadratic residue code is q + 1, where q � �1 (mod 8) is a power of an odd prime p. The standard method of constructing these codes is to start with a cyclic code and to append an overall parity check. The Gleason-Prange Theorem ([2], but see also [24], [26], [28], and [5]) gives a group of automorphisms of the extended code, and the proof appears as something of a computational miracle. We shall construct the extended quadratic residue codes in an elementary way from representations of the group PSL2 (q ) of linear fractional transformations. This is the approach taken in the Ph.D. thesis of Calderbank [8], which is a simpli cation of the constructions of Camion [13] and Ward [34]. We shall see that it dovetails naturally with the discrete Fourier transform approach taken by Blahut [5]. A di�erent elementary construction is given by van Lint and MacWilliams [25]. 7
We shall start by de ning a group G of monomial matrices. We then brie y describe the algebra that underlies this group, and the reason that the ambient space splits into two irreducible subspaces. These subspaces are the universal extended quadratic residue codes. The group G is generated by the monomial matrices given as (1), (2), and (3) below. The rows and columns of each matrix are indexed by the elements of the projective line Fq [ f1g. If j 2 Fq , then we shall write j = 0, j = 2, or j 6= 2 according as j is zero, j is a nonzero square, or j is a nonsquare respectively. We adopt the standard conventions about operations involving 1. (1) Ti , i 2 Fq ; the matrix corresponding to the permutation z ! z + i, (2) Pi , i = 2; the matrix corresponding to the permutation z ! iz , and (3) a matrix � corresponding to the permutation z ! ?1=z given by 8 > > > > > > >
> > > > > > :
�; 1; 1; ?1; 0;
if j = 0 and i = 1 if j = 1 and i = 0 if j = ?1=i and i = 2 if j = ?1=i and i 6= 2 otherwise
where � = (?1)(q?1)=2. If q � 1 (mod 4), then � 2 = I , jGj = (q + 1)q (q ? 1)=2, and G a�ords a representation of the group PSL2 (q ) of linear fractional transformations z ! (az + b)=(cz + d), with a; b; c; d 2 Fq and ad ? bc = 2. If q � ?1 (mod 4), then � 2 = ?I , jGj = (q + 1)q (q ? 1), and G is a central extension of PSL2(q ); this means that the center Z (G ) = f�I g, and G =Z (G ) � = PSL2(q ). The group PSL2 (q ) acts 2-transitively on the projective line; this means that given pairs (i; j ); (k; `) with i; j; k; ` 2 Fq [f1g, there exists g 2 PSL2(q ) such that g (i) = k and g (j ) = `. Now consider an arbitrary doubly transitive permutation group G acting on a set of size n � 3. Let w 2 and let H = Ga be the stabilizer in G of a. We shall suppose that H has a normal subgroup N of index 2. When G = PSL2 (q ) and w = 1, we have H = fz ! az + b j a; b 2 Fq ; a = 2g and N = fz ! az + b j a; b 2 Fq ; a = 2; b = 0 or b = 2g. Let ' and � be the characters of H given by 8
