7 A Simple Construction of IPP Codes

We depict an (n, N, q; d)-code C as an N × n matrix M (C) on q symbols, where each row of the matrix corresponds to one of the codewords of C. For

any a ∈ Q, define

m_j(a) = |{i | M (C)_ij = a}|,

i.e.,m_j(a) is the frequency of a on the j-th column of M (C). Define

m(C) = max_{1≤j≤n,a∈Q}(m_j(a)).

Example 7.1. Set

M (C) =











1 0 1 0 1 1 0 0 1









 ,

then m₁(0) = 2, m₂(0) = 2, m₃(0) = 0 and m₁(1) = 1, m₂(1) = 1, m₃(1) = 3.

So m(C) = 3.

Definition 7.2. Let C be an (n, N, q; d)-code.We say that C has an σ-resolution if the codewords of C can be partitioned into s subsets A1,. . . ,As, where |A_i| = σ, for i = 1, . . . , s, in such a way that each A_i is a code of minimum distance equal to n, i.e., any two codewords of Ai agree in no position.

We see an example.

Example 7.3. Set

C = {123, 132, 213, 231, 312, 321}

be a (3, 6, 3; 2)-code. Set

A₁ = {123, 231, 312}, A₂ = {132, 321, 213}.

Since C can be partitioned into 2-subsets A₁, A₂, and the minimum distance of A₁ and A₂ are equal to n = 3, we say C has a 3-resolution.

Theorem 7.4. (Tran and Sosina, 2004 )[16]. Let C₁ be an (n₁, N₁, q₁; d₁ )-code over Q1 and let C2 be an (n2, N2, q2; d2)-code over Q2 with a σ-resolution A₁, . . . , A_s such that s ≥ m(C₁). Then the following hold.

(i) there exist an (n1n2, σN1, q1q2; n1n2− (n1− d1)(n2− d2)) code C.

(ii) Further, if q₁q₂ ≥ N₁, then C can be extended to a code C^∗ having parameters (n1n2 + 1, σN1, q1q2; d), where d = min{n1n2; n1n2 + 1 − (n₁ − d₁)(n₂− d₂)}.

Proof. Let C1 be an (n1, N1, q1; d1)-code over Q1. Let C2 be an (n2, N2, q2; d2) code over Q₂ with a σ-resolution A₁, . . . , A_s. Suppose s ≥ m(C₁). For each a ∈ Q1 denote by C2(a) a copy of C2 defined over Q(a) such that

Q(a₁) ∩ Q(a₂) = ∅ if a₁, a₂ ∈ Q₁ and a₁ 6= a₂. Denote by A₁(a), . . . , A_s(a) a σ-resolution of C₂(a).

Let col_j = (a_1,j, a_2,j, . . . , a_b1,j)^T be the j-th column of M (C₁), 1 ≤ j ≤ n₁. Let a(1), . . . , a(t), say, be t positions of col_j at which symbol a ∈ Q₁ appears.

Note that t ≤ m(C₁). Now replace a at position a(1) by A₁(a), a at position a(2) by A₁(a), etc., and a at position a(t) by A_t(a). Perform this process for every symbol of Q₁ and for every column of M (C₁). The resulting code C obtained by this replacement has parameters (n₁n₂, σN₁, q₁q₂; n₁n₂ − (n₁− d₁)(n₂− d₂)).

Obviously, the length and the number of codewords of C is n₁n₂ and σN₁ respectively. Further, any two codewords c₁, c₂ ∈ C₁ agree in at most

(n₁− d₂) positions. After replacement c₁ and c₂ correspond to two subsets R₁ and R₂ of σ codewords each. Any two codewords in R₁ (resp. R₂) agree in no position, whereas a codeword from R₁ and a codeword from R₂ agree in at most (n₁− d₁)(n₂− d₂) positions. Hence the minimum distance of C is n₁n₂− (n₁− d₁)(n₂− d₂) , as stated.

Further, if q₁q₂ ≥ N₁then C can be extended to a code C^∗having parame-ters (n₁n₂+1, σN₁, q₁q₂; d), where d = min{n₁n₂, n₁n₂+1−(n₁−d₁)(n₂−d₂)}.

Let Q = {a₁, a₂, . . . , a_q1q2} be the alphabet of C and let C₁ = {c₁, c₂, . . . , c_N1}.

By construction, any codeword c_i ∈ C₁ corresponds to a subset R_i of σ code-words. For any i = 1, . . . , N₁, we add symbol a_i to the (n₁n₂+ 1)-th column because their components at the (n₁n₂ + 1)-th column are distinct.

We illustrate the construction in Theorem 7.4 by the following example.

Example 7.5. Let C₁ be a (3, 4, 2; 2)-code over Q₁ = {0, 1} given by

A₂(0):

M (C) =

M (C^∗) =

We describe a simple construction for q-ary codes which has been pre-sented by Bush (1952)[3] for orthogonal arrays.

Theorem 7.6. (Bush,1952 )[3]. Let C₁ be an (n, N₁, q₁; d₁)-code over Q₁

Then it is easy to verify that

C = {c(a, b) | a ∈ C1, b ∈ C2} ⊆ Qⁿ is an (n, N₁N₂, q₁q₂; d)-code, where d = min{d₁, d₂}.

Definition 7.7. A code C ⊆ F_qⁿ is a [n, k, d]-linear code if C is a subspace of F_qⁿ with dimension k and minimum distance d.

Definition 7.8. A [n, k, d]-linear code with d = n−k+1 is called a maximum distance separable code, denoted M DS codes.

Theorem 7.6 can be used to construct q-ary codes achieving M DS codes, for which q is not a prime power, in the language of orthogonal arrays an (n, N, q; d) M DS code is an OA₁(n − d + 1, n, q); here we have N = q^n−d+1.

We record this special case of the Bush construction in the following theorem.

Theorem 7.9. (Bush, 1952)[3] The existence of (n, q₁^k, q1; d) and (n, q₂^k, q2; d) MDS codes having the same d = n − k + 1 implies the existence of an (n, (q1q2)^k, q1q2; d) MDS code.

As a consequence of Theorem 7.9 , we have the following corollary.

Corollary 7.10. For any integer n ≥ 2 and s with a prime factorization s = p^e₁¹...p^e_r^r such that n ≤ p^e_iⁱ, i = 1, 2, ..., r, there is an (n, s^k, s) MDS codes, for all 2 ≤ k ≤ n.

Proof. The corollary follows from the existence of (n, (p^e_iⁱ)^k, (p^e_iⁱ)) MDS codes for i = 1, ..., r.

By combining Corollary 7.10 and Corollary 3.6 we obtain the following theorem.

Theorem 7.11. Let w ≥ 2 be any given integer. For any integer n > w² and s having s = p^e₁¹...p^e_k^k as its prime factorization with n ≤ p^e_iⁱ for all i = 1, ..., k there exists an w-IPP (n, N, s)-code, where N = s^dw2ne.  Definition 7.12. Let C₁ be an (n₂, N₂, q₂)-code over Q₂ and let C₂ be an (n₁, q₂, q₁)-code over Q₁. We define the concatenated code of C₁ and C₂ as following: Let Q₂ = {a₁, ..., a_q2} and let C₂ = {b₁, ..., b_q2}. Let θ : Q₂ → C₂ be the one-to-one mapping defined by

θ(ai) = bi

for 1 ≤ i ≤ q₂. For any codeword a = (a₁, ..., a_n2) ∈ C₁ we denote by

˜a = (θ(a₁), ..., θ(a_n2)) = (b₁, ..., b_n2)

the q₁-ary sequence of length n₁n₂ obtained from a by using θ. The set C = {˜a = (b₁, ..., b_n2) | a = (a₁, ..., a_n2) ∈ C₁}

is an (n₁n₂, N₂, q₁)-code, called the concatenated code of C₁ and C₂. Example 7.13. Set

C₁ = {12, 13, 23}

be a (2,3,3)-code over {a₁ = 1, a₂ = 2, a₃ = 3}. Set C₂ = {b₁ = 445, b₂ = 455, b₃ = 555}

be a (3, 3, 2)-code over {4, 5}. Define θ be the one to one mapping by θ(a_i) = b_i for i = 1, 2, 3. Then the concatenated code C of C₁ and C₂ presented

C = {(445, 455), (445, 555), (455, 555)}

be a (6, 3, 2)-code.

Next important theorem shows that the concatenation technique works for IPP codes.

Theorem 7.14. (Tran and Sosina, 2005 )[17]. Let C₁ be an w-IPP (n₂, N₂, q₂ )-code over Q₂ and let C₂ be an w-IPP (n₁, q₂, q₁)-code over Q₁. Then the concatenated code C of C₁ and C₂ is an w-IPP (n₁n₂, N₂, q₁)-code.

Proof. Let x = (x₁, ..., x_n1n2) ∈ Qⁿ₁¹ⁿ². We partition x into n₂blocks x₁, ..., x_n2 with x_i = (x_(i−1)n1+1, ..., x_in1) ∈ Qⁿ₁¹, 1 ≤ i ≤ n₂. We will write x = (x₁, ..., x_n2). Specially, if x = c = (b₁, ..., b_n2) ∈ C, then b⁰_is are them-selves blocks of the partition of c.

Suppose x ∈ desc(C_i), 1 ≤ i ≤ r, where C_i ⊆ C with |C_i| = α_i ≤ w. We prove that T

1≤i≤r(C_i) 6= ∅, i.e. C is a w-IPP code.

Let C_i = {c⁽ⁱ⁾₁ , ..., c⁽ⁱ⁾αi} ⊆ C, where c⁽ⁱ⁾_j = (b⁽ⁱ⁾_j1, ..., b⁽ⁱ⁾_jn

2). For any 1 ≤ i ≤ r and any 1 ≤ ` ≤ n<sub>2</sub> define D<sub>`</sub>⁽ⁱ⁾ = {b⁽ⁱ⁾_1`, ..., b⁽ⁱ⁾_α

i`}, i.e. D<sub>`</sub>⁽ⁱ⁾ is the collection of all `th blocks of the codewords of C<sub>i</sub>. In other words, D<sup>(i)</sup><sub>`</sub> ⊆ C₂ is a subset of α_i codewords. As x ∈ desc(C_i) by the assumption, we have x_{`</sub> ∈ desc(D<sup>(i)</sup><sub>`} ) for 1 ≤ i ≤ r and 1 ≤ ` ≤ n2. Since C2 is a w-IPP code, we have

\

1≤i≤r

D_`⁽ⁱ⁾ 6= ∅.

Let b_` ∈ T

1≤i≤rD_{`</sub><sup>(i)</sup> be an arbitrary but fixed codeword, i.e. b<sub>`} is a guilty user for x_` in code C₂. Set y = (b₁, ..., b_n2). Let ¯y = (a₁, ..., a_n2) ∈ Qⁿ² be

the corresponding sequence obtained from y using θ, i.e. a_i = θ⁻¹(b_i). In the same way let ¯C_i = {¯c⁽ⁱ⁾₁ , ..., ¯c⁽ⁱ⁾αi} ⊆ C₁ denote the corresponding subset of C_i. Since y ∈ desc(C_i) by the construction, we have ¯y ∈ desc( ¯C_i). for 1 ≤ i ≤ r. Hence

¯ y ∈ \

1≤i≤r

desc( ¯C_i).

Since C₁ is a w-IPP code, we have

\

1≤i≤r

C¯_i 6= ∅.

Let ¯z⁰ = (a⁰₁, ..., a⁰_n2) ∈ T

1≤i≤r( ¯C_i) be a guilty user for ¯y in C₁. Then z⁰ = (b⁰₁, ..., b⁰_n2) ∈ C_i for 1 ≤ i ≤ r, where z⁰ the codeword of C corresponding to ¯z⁰. Therefore

\

1≤i≤r

C_i 6= ∅.

Thus C is an w-IPP code.

References

[1] Biehl, I., Meyer, B., Protocols for collusion-secure asymmetric finger-printing. 14th Symposium on Theoretical Aspects of Computing, Lec-ture Notes in Computer Science, Vol. 1200 (1997). Springer, Berlin, pp.

399-412.

[2] Boneh, D., Shaw, J., Collusion-secure fingerprinting for digital data, Advances in Cryptology-Crypto ’95. Lecture Notes in Computer Science, Vol. 963. Springer, Berlin, (1995) pp. 452-465.

[3] Bush, K.A., Federer, W.T., Pesotan, H., Raghavarao, D., New combina-torial designs and their application to group testing, J. Statist. Plann.

Inference 10, (1984) 335-343.

[4] Chee, Y.M., Tur´an-type problems in group testing, coding theory and cryptography, Ph.D. Thesis, University of Waterloo. (1996)

[5] Chor, B., Fiat, A., Naor, M., Tracing traitors. Advances in Cryptology-Crypto ’94, Lecture Notes in Computer Science, Vol. 839. Springer, Berlin, (1994) pp. 257-270.

[6] Du, D.-Z., Hwang, F.K., Pooling designs and nonadaptive group testing, World Scientific, Singapore. (2006)

[7] A. J. Macula. A simple construction of d-disjunct matrices with certain constant weights, Discrete Math. (1996) 162:311–312.

[8] A. J. Macula,. Error-correcting nonadaptive group testing with d^e -disjunct matrices, Discrete Appl. Math. (1997) 80:217-222.

[9] Marcel Fernandez and Miguel Soriano, Intellectual property protection of e-learing contents, International conference on network universities and e-Learing. 8-9 May (2003), Valencia. Spain.

[10] Pfitzmann, B., Trials of traced traitors, Workshop on Information Hiding, Lecture Notes in Computer Science, Vol. 1174. Springer, Berlin, (1996) pp. 49-64.

[11] Pfitzmann, B., Waidner, M., Asymmetric fingerprinting for larger col-lusions, Fourth ACM Conference on Computer and Communications Security. (1997a)

[12] Pfitzmann, B., Waidner, M., Anonymous fingerprinting. Advances in Cryptology-Eurocrypt ’97, Lecture Notes in Computer Science, Vol.

1233. Springer, Berlin, (1997b) pp. 88-102.

[13] J. N. Staddon, D. R. Stinson and R. Wei, Combinatorial properties of frameproof and traceability codes, IEEE Trans. Inform. Theory, Vol.

47 (2001) pp. 1042-1049.

[14] D. R. Stinson, Tran van Trung and R. Wei, Secure frameproof codes, key distribution patterns, group testing algorithms and related structures, Journal of Statistical Planning and Inference 86 (2000) 595-617.

[15] Stinson, D.R., Wei, R., Combinatorial properties and constructions of traceability schemes and frameproof codes, SIAM J. Discrete Math. 11, (1998)41-53.

[16] Tran van Trung and Sosina Martirosyan, On a class of traceability codes, Design, Codes and Cryptography, 31, (2004) 125-132.

[17] Tran van Trung and Sosina Martirosyan, New constructions for IPP codes, Design, Codes and Cryptography, 35, (2005) 227-239.