880 IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 36, NO. 4, JULY 1990

2) If there are m 2 I errors in C’, then after using P to decode C’, the parity p’ is recomputed and compared with the received parity p. If p ‘ f p then the decoder detects four errors.

The detailed decoding flowchart is shown in Fig. 2.

IV. CONCLUSION A new type of algebraic algorithm for decoding the (32,16,8)

quadratic residue (QR) code is given. This new algebraic decod- ing algorithm applies to two three-error-correcting QR codes, the (24,12,8) Golay code and the (32,16,8) QR code. However, the method given in this correspondence can be extended to any three-error-correcting cyclic code which has 1,5,9,19 and any another odd integers in its cyclotomic set Q. It is expected that this new algebraic decoding algorithm can be extended to larger QR codes.

REFERENCES M. Elia, “Algebraic decoding of the (23,12,7) Golay code,” / € € E Trans. Infuim. Theory, vol. IT-33, no. I , Jan. 1987. F. J. Macwilliams and N. J. A. Sloane, The Theury of Error-Cuwecring Codes. New York: North-Holland, 1977. L. Weisner, lntrudirctiun IO the Theury of Eqirations. New York: Macmillan, 1938. W. W. Peterson and E. J . Weldon, Jr.. Error-Cufreciing Codes, 2nd ed. Cambridge, MA: The MIT Press, 1972. P. Bours, J. C. M. Janssen, M. van Asperdt, and H. C. A. van Tilborg, “Algebraic decoding beyond eBCH of some binary cyclic codes, when e > eBCH,” IEEE Trans. Infurin. Theory, vol. 36, no. I , pp. 214-222, Jan. 1990. E. R. Berlekamp, AIgehraic Coding Theory. New York: McGraw-Hill, 1968. 1. S. Reed, X. Yin, and T. K. Truong, “Decoding the (24.12.8) Golay code,” to be published in Proc. IEE.

Pseudocyclic Maximum-Distance-Separable Codes ARVIND K R I S H N A , STUDENT MEMBER, IEEE, AND

DILIP v . SARWATE, FELLOW, IEEE

Abstract -The (n, k ) pseudocyclic maximum-distance-separable (MDS) codes modulo ( x ” - a ) over GF(q) are considered. Suppose that n is a divisor of 9 + 1. If n is odd, pseudocyclic MDS codes exist for all k . However, if n is even, nontrivial pseudocyclic MDS codes exist for odd k (but not for even k ) if a is a quadratic residue in GF(q), and they exist for even k (but not for odd k ) if a is not a quadratic residue in GF(q). We also consider the case when n is a divisor of q - 1 , and show that pseudocyclic MDS codes exist if and only if the multiplicative order of a divides ( 9 - l ) / n , and that when this condition is satisfied, such codes exist for all k . If the condition is not satisfied, every pseudocyclic code of length n is the result of interleaving a shorter pseudocyclic code.

1. INTRODUCTION A pseudocyclic code [l] (also known as a constacyclic code [2])

enjoys the property that if (CO, C,, C,, . . . , C,,-2,C,1 - ,) is a code- word, then its pseudocyclic shift (aC,,- ,, CO, C,; . ., C,, - 2 ) is also

Manuscript received July 5, 1988; revised November 22, 1989. This work wdS presented at the IEEE International Symposium on Information Theory, San Diego, CA, January 1990. This work was supported by the U.S. Army Research Office under Contracts DAAG29-84-K-0088 and DAAL03-87-K- 0097.

The authors are with the Coordinated Science Laboratory and the Depart- ment of Electrical and Computer Engineering, University of Illinois at Urbana-Champaign, Urbana, 1L 61801.

IEEE Log Number YO3494Y.

a codeword. The class of pseudocyclic codes includes as sub- classes the important class of cyclic codes (corresponding to a = 1) and the class of negacyclic codes (corresponding to a = - 1). Note however, that in contrast to the Lee-metric nega- cyclic codes over prime fields that were defined in [2], the negacyclic codes considered here are defined over GF(q) where q is an arbitrary prime power, and the distance measure is the Hamming distance. The construction of pseudocyclic codes over GF(q) is a straightforward generalization of the construction of cyclic codes. Thus, the codeword polynomials in an (n, k ) pseu- docyclic code mod (x“ - a ) over GF(q) are of the form u ( x ) g ( x ) where g(x), the generator polynomial of degree n - k , is a divisor of x” - a over GF(q), and u ( x ) is an arbitrary polyno- mial over GF(q) of degree at most k - 1. As with cyclic codes, we assume that gcd(n, q) = 1 in order to avoid special cases.

A maximum-distance-separable (MDS) code has redundancy r and minimum distance r +l . In this correspondence, we consider the existence of pseudocyclic (n, k ) MDS codes modulo (x” - a ) over GF(q). For all a , the (n, n ) code is trivially both MDS and pseudocyclic, and thus we restrict attention to codes for which k < n. Da Rocha [l] studied pseudocyclic MDS codes of length q + 1 over GF(q) and showed that such codes exist for all even k whenever a is a primitive element of GF(q). Apart from this, most of the previously known results on such codes are concerned with the subclass of cyclic codes. The best known examples of cyclic MDS codes over GF(q) are the cyclic Reed-Solomon codes [2]-[4] of length q - 1, though, of course, the length can be any divisor of q - 1 also. The Reed-Solomon construction provides cyclic (n, k ) MDS codes for all divisors n of q-1, and for all k . Roth and Seroussi [5] showed that nontrivial cyclic MDS codes of length q over GF(q) exist if and only if q is prime. Cyclic MDS codes of length q + 1 over GF(q) are also known to exist. In their well-known book [3], MacWilliams and Sloane stated that cyclic ( q + 1, k ) MDS codes over GF(q) exist for all k , 1 I k I q + 1, constructed such codes for the case q = 2”’, and claimed that a similar construction could be used when q was odd. In the preface of the third printing of [3], however, they state that the construction is valid for even q only. Actually, the construction is also valid when both q and k are odd, but it fails when q is odd and k is even. In this latter case, it is possible to obtain a cyclic BCH ( q + 1, k ) code with designed minimum distance q + l - k whereas an MDS code must have minimum distance q + 2- k. The actual minimum distance of this BCH code is q + 1 - k, and the code is not MDS. In fact, no nontrivial cyclic (q + 1, k ) MDS code exists when q is odd and k is even. This is a special case of a result due to Georgiades [6] who proved that for odd q and n a divisor of q + 1, nontrivial cyclic (n, k ) MDS codes over GF(q) do not exist if both n and k are even.

The failure of the MacWilliams-Sloane construction to pro- vide nontrivial cyclic (q + 1, k ) MDS codes for odd q and even k led us to consider whether negacyclic MDS codes with these parameters exist. In the original version of this correspondence, we proved that such codes exist only in certain cases. An anonymous referee suggested that our results could be general- ized to pseudocyclic codes, and this generalization is stated in the following theorem.

Theorem I: Nontrivial pseudocyclic ( n , k ) MDS codes mod(x” - a ) over GF(q), with n a divisor of q + 1, exist if and

IEEE TRANSACTIONS ON INFORMATION THEORY, VOI.. 36, NO. 4. JUI.Y 1990

only if one of the three conditions is satisfied:

1) n is odd, 2) n is even, q is odd, k is odd, and a is a quadratic residue

3) n is even, q is odd, k is even, and a is not a quadratic in GF(q),

residue in GF(q).

This result includes as special cases the results of Da Rocha on pseudocyclic MDS codes [l], the results of MacWilliams and Sloane [3] and Georgiades [61 on cyclic MDS codes, and our earlier results on negacyclic MDS codes [7]. We also consider the case when n is a divisor of q - 1 and prove the following result.

Theorem 2: Pseudocyclic ( n , k ) MDS codes mod (x“ - a ) over GF(q), with n a divisor of q - 1 , exist if and only if the multiplicative order of a divides ( q - l ) /n . When the condition is satisfied, such codes exist for all k. As special cases of this result, we note that cyclic MDS codes exist for all n that are divisors of q - 1, and that the only nontrivial pseudocyclic MDS codes of length q - 1 are the cyclic MDS (that is, Reed-Solomon) codes. When the condition of Theorem 2 is not satisfied, every pseudocyclic code is obtained by interleaving a shorter pseudocyclic code. Specifically, we have the following.

Theorem 3: If the multiplicative order of a is not a divisor of ( q - l ) /n , every pseudocyclic code mod(x” - a ) over GF(q) is obtained by interleaving a pseudocyclic code mod(x”/’ - a ) where I is the multiplicative order of a(‘/- )) Iff.

11. SOME PRELIMINARY RESULTS

In the remainder of this correspondence, f, denotes the coefficient of x i in the polynomial f ( x ) . The following facts and lemmas are useful in studying pseudocyclic MDS codes.

Fact I : A code C is MDS if and only if its dual code C’ is MDS ([3], Theorem 11.2).

Fact 2: All the coefficients of the generator polynomial of a pseudocyclic MDS code are nonzero.

Fact 3: If a is a primitive nth root of unity, then f 1 - I

x” - S’l = n ( x -Sa;). i = 0

The next result is a straightforward generalization of Theorem 7.4 in [3], and is proved in a similar fashion.

Lemma I: The dual code of a ( n , k ) pseudocyclic code C generated by-g(x) is a ( n , n - k ) pseudocyclic code C’ generated by h ( x ) = h; lx ’h(x - ’ ) , where h ( x ) = (x” - a ) / g ( x ) is the parity check polynomial for C.

Proofi Let c(x) denote a codeword in C. Then, c(x)= u ( x ) g ( x ) , and

c ( x ) h ( x ) = u ( x ) g ( x ) h ( x ) = 0 mod(x” - a) .

Since degh(x) = k, $ follows that E ~ = o h , ~ , - r = 0, for all j, k I j I n - 1 . Thus, h ( x ) is the generator polynomial for the dual code. 0

Lemma 2: If

then

~

j = O y f f f + , + f f - ; = 0, 0 I i I t , t 2 1.

88 1

Proofi If y = 0, the rcsult is trivially truc. For nonzero y , it is easily verified that x ” f ( y x - ’ ) = - y ‘ f (x1 . We equate the coefficients of XI-‘ on either side of this identity and deduce the rcsult. U

Note that in a field of odd characteristic, f, = 0 for a polynomial f ( x ) of the form (1). From the previous facts and lemmas, we deduce immediately the following result.

Lemma 3: If either the generator polynomial or the parity check polynomial of a pseudocyclic code over a field of odd characteristic has the form ( I ) , then the code is not MDS.

The next lemma is useful in proving that certain codes are MDS. It is a straightforward generalization of the BCH bound, and can be proved in a similar fashion (see e.g., [3, Theorem 7.81).

Lemma 4: Suppose that the codewords in a ( n , k ) code over GF(q) are all the multiples of degree less than n of a generator polynomial g(x) of degree n - k. Suppose the roots of g(x) include Sa’, i = 1,2; . . ,d - 1 ~ n - k, where S and a are nonzero elements in GF(q) or in some extension field GF(q”’), and a is an element of order n or more. Then the minimum distance of the code is at least d.

Proofi The parity-check matrix of this code can be taken to be

H =

1 ( S a 2 ) ( S a y . ’ . (Sa2)“-I

1 a a d - l (&p)* . . . ( S a d - l ) ” - l

. . .

. . .

. . .

. . .

. . . -1 . where the first d - 1 rows correspond to the specified roots and the remaining rows to the other roots. Consider the ( d - l ) X ( d - 1) submatrix formed from the first (d - 1) rows and the i1th,i2th; . .,ic/- ,th columns of H. This matrix can be expressed as VD, where V is a Vandermonde matrix whose (i, j)th entry is (af lY- ’ , and D = diag[(Sa)’l,(Sa)’2,.. .,(Sa)’11-1] is a diagonal matrix. Since a’l,af?; . . ,af<‘-! are distinct elements V and hence VD is nonsingular. Thus, any set of d - 1 or fewer columns of the parity-check matrix is a linearly independent set of vectors. It follows that the minimum distance of the code is at least d. 0

111. PSEUDOCYCLIC ( n , k ) MDS CODES WHERE

n DIVIDES q + 1 Proof of Theorem 1: We begin by considering the roots of

x” - a. Let 6 denote a primitive element of GF(q’). Then, 6”” is a primitive element of GF(q). Suppose that a = ~ ’ ~ I ( ‘ ~ + l ) for some integer io. Since n is a divisor of q + 1, we let 6 denote . $ ‘ ~ ~ ( ~ / + l ) / f f E GF(q’), so that 6“ = a . Note that in general, S is not a member of GF(q). Letting a = [(‘/:- denote a primi- tive nth root of unity in GF(q2), we get from Fact 3 that

If - I

I = 0

I1 - I

I = 0

I1 - I

x“ - a = n ( x - Sa’) (2)

1 = n [ - p , ( r / + I ) / n + / W - ! ) / U

= n ( X - P , ) (3)

882 IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 36, NO. 4, JULY 1990

Fig. 2. Conjugacy relationships between roots of x" - a , n l(q + I ) , n even, Fig. I . Conjugacy relationships between roots of Y" - a , n I ( q + 1). n odd. a is quadratic residue.

where

p, = a a ] = 5 r 1 1 ( 4 + t ) / l l + J ( 4 ~ - 1 ) / ~ 1 (4) The p's form a sequence with period n, that is, p, = /3J+,l. The roots of the generator polynomial g(x) of any pseudocyclic code of length n are a subset of the p's. It follows from Lemma 4 that if the generator polynomial of an ( n , k ) pseudocyclic code has n - k consecutive elements from the sequence of p's as roots, then the code is MDS. However, in order to obtain a code over GF(q), it is necessary to ensure that g(x) has coefficients in GF(q), and thus we need to consider the conjugacy relations between the p's.

The conjugate of p, is

(p,)" = ( 5 1 , 1 ( 4 + t ) / n + J ( 4 ~ - I ) / , l 1" PI[,-, ( 5 ) . - - ~ ~ , , ~ ~ + ~ ~ / n + ~ r , , + n - i X q ' - l ~ / i i =

where the subscripts are taken modulo n. From (4) we get that

p J ( p J ) 4 = ~ 4 + ~ a / ( ~ + I ) = 5 r l l ( 4 + I ~ 4 + I ) / ~ r = a ( 4 + I ) / n = ~ 4 + I (6)

independent of j . Let y denote ~ ( ~ + l ) / " . Then, any irreducible quadratic factor of x" - a over GF(q) must be of the form (x2 --@, + pI,,-,)x + y ) . Next, note that p, E GF(q) if and only if

This equation can have zero, one, or two solutions correspond- ing to three different possible factorizations of x" - a over GF(q), and we discuss these cases in detail.

j = i o - j mod n. (7)

Case I: n is odd. When n is odd, there is only one solution to (7) given by

j,, = i o /2 if io is even, and by j o =(io + n)/2 if io is odd. Consequently, over GF(q), x n - a has one linear factor ( x - p'") and (n -1)/2 quadratic factors. It is also straightforward to verify that for 1 I i I (n - 1)/2, p,,,,, and /3,,,-, are distinct conjugate elements. The conjugacy relations are illustrated in Fig. 1 in which the periodic sequence of the p's is arranged on the circumference of a circle and solid straight lines join pairs of conjugate elements. The figure also illustrates how one can choose the roots of g(x) to get a MDS code over GF(q). More specifically, consider the pseudocyclic code with redundancy r = 2s + 1 generated by

with redundancy r = 2s generated by s - 1

g(x) = n ( x - P , , , + ( n - 1 ) / 2 - r ) ( x - P , , , - ( n - t ) / 2 + 0 I = 0

s - l

= r = O n [ ~ 2 - ( ~ , , , + ( n - ~ ) / 2 - r + ~ , , , - ( n - l ) / 2 + r ) ~ + ~ ] . ( 9 )

Once again, g(x) has coefficients in GF(q) and its r roots are consecutive elements from the sequence of p's. Hence, the code is MDS. We conclude that when n, a divisor of q + 1, is odd, pseudocyclic ( n , k ) MDS codes mod(x" - a ) exist for all k, 1 I k I n, and for all nonzero a E GF(q). As a special case, we note that whenever q is even, n is necessarily odd, and there- fore, pseudocyclic MDS codes over GF(2") exist for all k and all nonzero a.

Case 11: n is even, q is odd, and a is a quadratic residue in

When a is a quadratic residue in GF(q), io is even, and t!.ere are two solutions to (7) given by j O = i o /2 and j$ =(io + n ) / 2 = j o + n / 2 . Furthermore, PJ,,+, and @,,,-, are distinct conjugate elements for 1 I i < n /2. Similarly, PJd+r and p,a-l are distinct conjugate elements for 1 I i < n /2. We conclude that x" - a has two linear factors (x - p,,,) and (x - /3,$) = (x + p,,,), and (n - 2)/2 quadratic factors. The conjugacy relations are illus- trated in Fig. 2, in which the sequence of p's is arranged on a circle, and solid lines join conjugate elements. It is easy to see that for odd redundancy r = 2s + 1, the pseudocyclic code gen- erated by g(x) as given in (8) is an MDS code. The figure also illustrates that we can use j b instead of j,, in (8) to get a different (but equivalent) pseudocyclic MDS code.

On the other hand, consider an arbitrary pseudocyclic code with even redundancy. The two linear factors of x" - a must both divide g(x) or they must both divide h ( x ) . However, it is easy to verify that

GF(q).

( x - P , , , ) ( x - P,ly) = (. - p, , ,>(x + P,,,) = (x2 - 4 . Since the quadratic factors of x" - a are all of the form (x2 + a,x + y) . we see that either g(x) or h ( x ) is of the form (l), and hence from Lemma 3, the code cannot be MDS. We conclude that when n is even and a is a quadratic residue in GF(q), pseudocyclic MDS codes exist for odd k but not for even k.

S Case III: n is even, q is odd, and a is not a quadratic residue

there are no solutions to (71, and x" - a has n / 2 quadratic

g(') = - p,,,) n ( - p,,,+I)(' - p J 1 j - I ) in GF(q). r = l When a is not a quadratic residue in GF(q), i, is odd. Thus,

factors. It follows immediately that no pseudocyclic code can have odd dimension k, and thus there cannot be any pseudo- cyclic MDS codes of odd dimension either. There are, of course, pseudocyclic codes of even dimension, and some of these are MDS codes. To exhibit the construction of these pseudocyclic

S

= - P I , , ) n [ x2 - (P,,,+I + p,,,-l)x + 71. (8)

Clearly, g(x) has coefficients in GF(q). Furthermore, its r roots are consecutive elements from the sequence of p's, and thus the code is MDS. Similarly, consider the pseudocyclic code

r = l

IEEE TRANSACTIONS O N INFORMATION THEORY, VOI . 36, NO. 4, JULY 1990 883

7 such that 6" = a. From Fact 3, we get

I1 - I

x"- -a= n ( x - 8 a ' ) ( 1 1 )

4 = n ( . - P i ) (12)

J = 0

I 1 - I

J j = 0

ai E GF(q), we have that (a')4 = a'. Hence where, as in the proof of Theorem 1, we set pi = sa'. Since

0 E

Fig. 3. Conjugacy relationships between roots of x" ~ a , n I ( r , + I ) , n odd, a not quadratic residue.

MDS codes, we first illustrate the conjugacy relations of the p's in Fig. 3 . Note that if we set j o = i o /2, then for 0 _< i < n /2, PI, , - L, and p,,,+ ++, are distinct conjugate elements. Conse- quently, the pseudocyclic code with even redundancy r = 2s generated by

F - I

i = o

is an MDS code. As indicated on Fig. 3, a different (but equivalent) MDS code can be formed by replacing j ,) by j O + n/2. We conclude that when n is even and a is not a quadratic residue in GF(q), pseudocyclic MDS codes exist for even k but not for odd k . This concludes the proof of Theorem 1. 0

The following corollaries to Theorem 1 are readily deduced. When q is odd, a primitive element of GF(q) cannot be a quadratic residue. Hence, we have the following.

Corollary 1.1-(Da Rocha [I]): Let a denote a primitive ele- ment of GF(q), q odd. Then, pseudocyclic codes mod x" - a over GF(q) exist for even k only.

Since q + 1 is odd when q is even, and since 1, the multiplica- tive identity, is a quadratic residue in GF(q), we have the following.

Corollary 1.2-(MacWilliams-SIoane PI): Cyclic ( q + 1, k ) MDS codes exist for all k when q is even, and they exist for odd k when q is odd.

Corollary 1.3-(Georgiades [6]): If n , a divisor of q + 1 is even, then cyclic (n, k ) MDS codes do not exist for even k .

For odd q, - 1 is a quadratic residue in GF(q) if and only if q = 1 mod 4. Thus, we have the following.

Corollary 1.4--(Krishna VI): Negacyclic ( q + 1, k ) MDS codes over GF(q), q odd, exist if and only if q = 1 mod 4 and k is odd, or q = 3 mod 4 and k is even.

Now, a("")/" is an nth root of unity. We write = am =

b and note that the elements Pj rP I+ , , = bp,, P , + 2 , = b'P,; .., p,+( / - I)m = b/-'fi , in (12) are conjugates over GF(q), where I = n /gcd(n,m) denotes the multiplicative order of b. There- fore, over GF(q), x" - a factors into n / I irreducible polynomi- als of degree 1. Each such irreducible factor is of the form

/ - I n ( x - (pi) b' ) = x' - (pi)/, 0 I j < n / I (13) i = o

where the right-hand side in (13) follows from Fact 3. Note that (p i ) ' E GF(q), and that the (p,)' are distinct for 0 I j < n / 1 .

Now, any nontrivial divisor g ( x ) of x n - a over GF(q) is a polynomial in X I . If 1 > 1, g , = 0 whenever i is not a multiple of I , and therefore, by Fact 2, g ( x ) cannot generate a pseudocyclic MDS code. On the other hand, when 1 = 1, the factorization in (11) is over GF(q). In this case, we conclude from (111, (121, and Lemma 4, that for any redundancy r ,

defines the generator polynomial of a pseudocyclic MDS code. Thus, pseudocyclic MDS codes mod x" - a exist if and only if 1 = 1, which occurs if and only if b = = 1, which happens if and only if ( q - l ) /n is a multiple of e , the multiplicative order of a. If this condition is satisfied, it is possible to construct pseudocyclic MDS codes for all k . Thus, Theorem 2 is proved.

0

The following corollaries to Theorem 2 are easily deduced. Corollary 2.1: For any divisor n of q - 1, there exist cyclic

( n , k ) MDS codes for all k .

a - 1 are the cvclic MDS codes. IV. PSEUDOCYCLIC (n, k ) MDS CODES WHERE Corollary 2.2: The only pseudocyclic MDS codes of length

n DIVIDES q - 1 We now consider pseudocyclic codes whose length n is a

divisor of q - 1 . In contrast to the situation when n is a divisor of q + 1, we shall show that for any given n and a, either there are pseudocyclic MDS codes for all k , or there are no such codes except of course, the trivial ( n , n) code.

When e does not divide ( q - l ) / n , a pseudocyclic code is obtained by interleaving a shorter pseudocyclic code.

Proof of Theorem 3: Suppose that ( q - l ) /n is not a multiple of e . As in the proof of Theorem 2, we have the factorization

Proofof Theorem 2: Let e denote the multiplicative order of a , and let 77 denote a primitive element of GF(q) such that

GF(q). Let 6 denote an element in an extension field of GF(q)

n / / - I

J = 0 U = ~ ( ~ - I ) / ' . Then a = ~ 7 ( ~ - ' ) / " is an element of order n in x'I - a = n ( x ' - ( p i ) ' )

884 IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 36, NO. 4, JULY 1990

over GF(q). Fact 3 thus implies that Decoder Malfunction in BCH Decoders

n / / - I

j n = 0 ( x +,)’)

is the factorization of (~‘~1‘ - a ) over GF(q). Hence, any divisor g ( x ) of (x” - a) is of the form f ( x ‘ ) where f ( x ) is a divisor of (x”/‘ - a). It follows that the codewords in the pseudocyclic code of length n generated by g ( x ) are obtained by interleaving I codewords from the pseudocyclic code of length n / l gener- ated by f ( x ) . As in the proof of Theorem 2, 1 is the order of the element a(4-1)’’7. U

DlLlP V. SARWATE, FELLOW, IEEE, A N D ROBERT D. MORRISON

Abstract -A t -error-correcting hounded-distance decoder either pro- duces the codeword nearest the received vector (if there is a codeword at distance no more than I ) , or indicates that no such codeword exists. However, BCH decoders based on the Peterson-Gorenstein-Zierler algorithm or the Euclidean algorithm can malfunction and produce output vectors that are not codewords at all. For any integer i no greater than t / 2 , if the received vector is at distance at most t - 2i from a codeword belonging to a ( t - iberror-correcting BCH supercode, then the BCH decoder output is that codeword from the supercode.

Corollary 3.1: If n is a divisor of q - 1, and the multiplicative order of a is not a divisor of ( q - l ) / n , then there exist pseudocyclic codes mod(x” - a) which are the result of inter- leaving a pseudocyclic MDS code mod(x”/‘- a).

I. INTRODUCrlON

Let Y(x) denote the set of vectors at Hamming distance at most t from a vector x. The output of a t-error-correcting bounded-distance decoder for a code 8 with minimum distance d 2 2t + 1 is the codeword c if and only if the received vector r V. CONCLUSION

We have studied the existence of pseudocyclic MDS codes of lengths q + 1, q -1, and divisors thereof. For n a divisor of q + 1, cyclic MDS codes do not exist if both n and k are even. On the other hand, by choosing a to be a suitable quadratic nonresidue, we can always find a pseudocyclic MDS code with these parameters. Thus, pseudocyclic MDS codes are an inter- esting alternative to cyclic MDS codes in applications where specific values of n and k (for which a cyclic MDS code does not exist) are required. Fortunately, the decoding of pseudo- cyclic MDS codes is not very different from the decoding of cyclic MDS codes. The pseudocyclic MDS codes are variations of BCH codes, and thus, with slight modifications, the standard BCH decoding algorithms such as the Peterson- Gorenstein-Zierler algorithm, the Berlekamp-Massey algo- rithm and the Euclidean algorithm [4] can be applied to their decoding. Details of the necessary modifications for the case of negacyclic codes can be found in [7]. Thus, one of the major advantages of using cyclic MDS codes, namely, the efficient decoding techniques, is preserved when using pseudocyclic MDS codes.

ACKNOWLEDGMENT

The authors are grateful to the referees for pointing out [61. We also owe a special debt of gratitude to referee A who suggested that our original results on negacyclic codes could be generalized to pseudocyclic codes.

REFERENCES [ I ] V. C. Da Rocha, Jr., “Maximum distance separable multilevel codes,”

IEEE Trans. Infonn. Theory, vol. IT-30, pp. 547-548, May 1984. [21 E. R. Berlekamp, Algebraic Coding Theory. New York: McGraw-Hill,

1968. [31 F. J. MacWilliams and N. J. A. Sloane, The Theory of Evor-Covecling

Codes. Amsterdam, Netherlands: North-Holland, 1977. [41 R. E. Blahut, Theory and Practice of Error Control Codes. Reading,

MA: Addison Wesley, 1983. [SI R. M. Roth and G. Seroussi, “On cyclic MDS codes of length q over

GF(q),” IEEE Trans. Infonn. Theory, vol. IT-32, pp. 284-285, Mar. 1986. J. Georgiades, “Cyclic ( q + 1,kkcodes of odd order q are not optimal,” Atti. Sefn. Mat. Fis. Unit.. Modena, vol. XXX, pp. 284-285, 1982. A. Krishna, “Negacyclic MDS codes of length q + I over GF(q),” M.S. thesis, Dept. Electr. Comput. Eng., Univ. of Illinois at Urbana- Champaign, 1987.

[61

[71

is in v ( c ) , the decoding sphere for c. If r is not in the decoding sphere of any codeword, then the decoder fails to decode r , and, usually, provides some suitable external indication of its failure to decode. Now, let c denote the transmitted codeword and let e denote the number of errors that actually occurred. If e I t, the decoder output is c, and is thus correct. If e > t, then two possibilities arise: either r is in the decoding sphere V,(c*) of some other codeword c* and thus a decoder error occurs, or r is not in the decoding sphere of any codeword and thus a decoder failure occurs.

It is generally believed that BCH decoders are well-behaved bounded-distance decoders in the sense that they successfully decode r (possibly into an incorrect codeword) if r is in the decoding sphere of a codeword, and they fail to decode r if r does not belong to the decoding sphere of any codeword. However, BCH decoders are not necessarily well behaved unless they are implemented carefully. We consider BCH decoders based on typical published descriptions of two well-known BCH decoding algorithms, namely, the Peterson-Gorenstein-Zierler (PGZ) matrix algorithm [ 2 ] , [6] and the Sugiyama- Kasahara-Hirasawa-Namekawa ( S K ” ) Euclidean algorithm [2], [4], [5]. When e > t and r is not in the decoding sphere of any codeword, sometimes these decoders may not indicate de- coder failure as expected, and may instead produce an output vector that is not a codeword at all. We refer to this event as a decoder malfunction. Note that a decoder malfunction is not the same as a decoder error. In the latter case, the decoder output is some codeword c* other than the transmitted codeword c, but the decoder has not malfunctioned in that it has correctly found the unique codeword c* at distance no more than t from r . On the other hand, when a decoder malfunction occurs, the decoder output is not a codeword, and the decoder is blissfully unaware of this. Decoder errors cannot be detected and are

Manuscript received August 30, 1988; revised December 1, 1989. This work was supported in part by the US Army Research Office under Contracts DAAG 29-84-K-0088 and DAALO3-87-K-0097.

D. V. Sawate is with the Coordinated Science Laboratory and the Depart- ment of Electrical and Computer Engineering, University of Illinois at Ur- bana-Champaign, Urbana, IL 61801.

R. D. Morrison is with 1TT Aerospace/Opticdl Division, Fort Wayne, IN 46801,

IEEE Log Number 9034945.

0018-9448/90/0700-0884$01 .OO 0 1990 IEEE