Locally Decodable Codes from Nice Subsets of Finite Fields and Prime Factors of Mersenne Numbers

1
Locally Decodable Codes from Nice Subsets of
Finite Fields and Prime Factors of Mersenne
Numbers

Kiran Kedlaya Sergey Yekhanin
MIT Microsoft Research
2
An Inequality
?
3
Error Correcting Codes
n bit message
Decoder processes the (corrupted) codeword
0 1 0 1
Adversarial noise
N bit codeword
0 0 1 0 0 1 1
0 1 1 0 0 0 1

• In classical error correcting codes decoder needs
  to process the whole (corrupted) codeword to
  recover even a single bit of the original message!

4
Locally Decodable Codes
Codes with sub-linear decoding complexity!
n bit message
Decoder reads only k bits
0 1 0 1
Adversarial noise
N bit codeword
0 0 1 0 0 1 1
0 1 1 0 0 0 1

• Definition A code C encoding n bits to N bits is
  called k-LDC if given a (linearly) corrupted
  codeword one can recover any particular bit of
  the message (w.h.p.) by reading only k randomly
  chosen bits.

5
Locally Decodable Codes

• Example There is a 2-query LDC of length Exp(n).
• Major question
• What is the length of optimal k-query LDCs?
• Applications
• Cryptography (private information retrieval).
• Worst-case to average case reductions.
• Fault tolerant computation.
• Data transmission / storage.

6
LDCs progress in bounds

• 2-query Tight bound - Exp(n) KdW.
• 3-query
• Lower bound - O(n2 / log log n) W.
• Upper bounds
• - Exp(n1/2) BIK. (Polynomial interpolation.)
• - Exp(n1/t), where 2t-1 is prime Y. (Point
  removal method.)
• Exp(n1/32,582,657) - unconditionally.
• Exp(no(1)) - if there exist infinitely many
  Mersenne primes.
• Goal Obtain constant-query LDCs of length
  Exp(no(1)) unconditionally.

Primes
Mersenne primes
7
This work

• We undertake an in-depth study of the point
  removal method of Y to answer two questions
• Are Mersenne primes essential to the method?
• Has the method been pushed to its limit?

8
Heart of the point removal method

• Definition A set S ? Fq is t - combinatorially
  nice if .
• Definition A set S ? Fq is k - algebraically
  nice if .
• Theorem If for some Fq there exists S ? Fq such
  that
• - S is t-combinatorially nice and
• - S is k-algebraically nice
• then there exist k-query LDCs of length
  Exp(n1/t).
• Lemma Let p 2t-1 be a Mersenne prime then S
  1,2,4,,2t-1 in Fp is t-combinatorially nice
  and 3-algebraically nice.

9
Are Mersenne primes essential?
Primes

• Answer No.
• Mersenne numbers with large prime
• factors are good enough!
• Theorem Let ? gt 0. If P(2t-1) gt (2t-1)? p
  then
• 1,2,,2t-1 ? Fp is t-comb. nice and
  k(?)-algebr. nice thus
• exist k(?) query LDCs of length Exp(n1/t).
• Notation P(m) the largest prime factor of m.

Large prime factors of Mersenne numbers
Mersenne primes
10
Has the method been pushed to its limit?

• Answer Yes.
• Unless we progress on some old number theory
  questions.
• Primes that are somewhat large factors of
  Mersenne numbers are necessary!
• Theorem If for infinitely many t there is an Fq
  and S ? Fq that is k-algebraically nice and
  t-combinatorially nice then infinitely often
  P(2t-1) gt ( t / 2 )11 / (k-2).
• The largest function f(t) for that P(2t-1) gt f(t)
  unconditionally infinitely often is f(t) t
  log2 t / log log t. Stewart

11
LDCs and factors of Mersenne numbers
P(2t-1) gt t log2 t / log log t
Known
P(2t-1) gt ( t / 2 )11 / (k-2)
Necessary
P(2t-1) gt (2t-1)?
P(2t-1) 2t-1
Sufficient
Goal Obtain constant-query codes of
subexponential length.
12
About the proof

• Mersenne numbers with large prime factors yield
  nice subsets.
• Nice subsets of finite fields yield Mersenne
  numbers with somewhat large prime factors.
• (We will see a piece of the second proof.)

13
Nice subsets to large factors of Mersenne numbers

• Claim 3-algebraically nice subsets of prime
  fields yield large prime factors of Mersenne
  numbers.
• Theorem Suppose S ? Fp is 3-algebraically nice
  then
• - p 2t-1
• - p gt 0.75 t2.

14
Proof two steps

• S ? Fp is 3-algebraically nice
• then there exist ?1 ?2 ?3 in Cp such that ?1
  ?2 ?3 0.
• There exist ?1 ?2 ?3 in Cp such that ?1 ?2
  ?3 0
• then p 2t-1 and p gt 0.25 t2.
• Notation Cp - the set of p-th roots of unity in
  F2.
• (We will go over the second step.)

15
Proof of the second step - I

• Lemma There exist ?1 ?2 ?3 in Cp such that ?1
  ?2 ?3 0
• then p 2t-1 and p gt 0.25 t2.
• Proof
• Let t be the smallest such that Cp ? F2 .
• p 2t-1
• Elements of Cp \ 1 are proper elements of F2
  i.e.,
• for ? in Cp \ 1, and f(x) in F2x, deg f lt
  t f(?) 0.

F2
t
t
Cp
t
16
Proof of the second step - II

• Proof (continued)
• Let ?i denote elements of Cp.
• ?1 ?2 ?3 0 yields ?4 1 ?5.
• ?4 ?2-1.?1 ?5 ?2-1.?3
• Fix ? in Cp such that (1 ?) is in Cp.
• Consider the set Z?a (1 ?)b a,b in 0 ,,
  t/2-1.
• ?a (1 ?)b ??c (1 ?)d else we would have f(?)
  0, where deg f lt t.
• Thus, Z (t / 2)2 and hence p gt (t / 2)2 .

17
Conclusions

• Summary
• Further progress on upper bounds for LDCs via
  point removal method is tied to progress on lower
  bounds for prime factors of Mersenne numbers.
• Hopes
• Progress in number theory problems.
• Broader generalizations of the method. (finite
  rings?)