Coding Theory Series — 07

BCH Codes

Algebraic codes with guaranteed error correction — from finite field theory to flash memory

Mathematics Code History

Use arrow keys or swipe to navigate • ESC for overview

Roadmap

History

Hocquenghem, Bose & Ray-Chaudhuri — independent discovery

Finite Fields

GF(2^m), minimal polynomials, cyclotomic cosets

Code Construction

BCH bound, generator polynomial, designed distance

Encoding

Systematic & non-systematic methods

Decoding

PGZ, Berlekamp-Massey, Chien search

Applications

Flash memory, satellite, connection to RS codes

Historical Origins

History

Alexis Hocquenghem (1959)

French mathematician at the Conservatoire National des Arts et Metiers in Paris.

Published the construction of a class of multiple-error-correcting codes in Comptes Rendus, September 1959.

His work was less well-known initially due to the French publication venue.

Bose & Ray-Chaudhuri (1960)

Raj Chandra Bose and Dwijendra Kumar Ray-Chaudhuri at the University of North Carolina.

Published independently in March 1960 in the Journal of Information and Control.

Provided a more detailed treatment with proofs of the BCH bound.

BCH = Bose-Chaudhuri-Hocquenghem. One of the most important families of cyclic error-correcting codes. Reed-Solomon codes are a special case!

Finite Fields: GF(2^m) Review

Mathematics

Construction via Irreducible Polynomials

GF(2^m) is constructed as GF(2)[x] / p(x), where p(x) is an irreducible polynomial of degree m over GF(2).

GF(2⁴): p(x) = x⁴ + x + 1 (irreducible over GF(2))

Elements

GF(2^m) has 2^m elements:

0 (additive identity)
1, α, α², ..., α^{2^m-2}

α is a root of p(x), called the primitive element.

Key Property

α^{2^m-1} = 1 (cyclic group of order 2^m-1).

Every nonzero element is a power of α.

Addition: XOR of polynomial coefficients.

Multiplication: polynomial multiplication mod p(x).

GF(2⁴) Worked Example

Mathematics

p(x) = x⁴ + x + 1, so α⁴ = α + 1

Power	Polynomial	Binary	Decimal
0	0	0000	0
α⁰	1	0001	1
α¹	α	0010	2
α²	α²	0100	4
α³	α³	1000	8
α⁴	α + 1	0011	3
α⁵	α² + α	0110	6
α⁶	α³ + α²	1100	12
α⁷	α³ + α + 1	1011	11

Table continues for α⁸ through α¹⁴. All 15 nonzero elements are distinct powers of α.

Minimal Polynomials

Mathematics

Definition

The minimal polynomial m_i(x) of αⁱ is the smallest degree polynomial over GF(2) that has αⁱ as a root:

m_i(αⁱ) = 0, m_i(x) ∈ GF(2)[x], m_i(x) is irreducible

Key Properties

m_i(x) divides x^{2^m-1} + 1
deg(m_i) divides m
If αⁱ is a root, so is α²ⁱ (Frobenius endomorphism)
Roots come in conjugate sets: {αⁱ, α²ⁱ, α⁴ⁱ, ...}

GF(2⁴) Minimals

m₁(x) = x⁴ + x + 1

Roots: α, α², α⁴, α⁸

m₃(x) = x⁴ + x³ + x² + x + 1

Roots: α³, α⁶, α¹², α⁹

m₅(x) = x² + x + 1

Roots: α⁵, α¹⁰

m₇(x) = x⁴ + x³ + 1

Roots: α⁷, α¹⁴, α¹³, α¹¹

Cyclotomic Cosets

Mathematics

Definition

The cyclotomic coset of i modulo 2^m-1 is:

C_i = { i, 2i, 4i, 8i, ... } mod (2^m-1)

Elements in the same coset share the same minimal polynomial.

GF(2⁴) Cyclotomic Cosets (mod 15)

Coset	Elements	Size	Minimal Polynomial
C₀	{0}	1	x + 1
C₁	{1, 2, 4, 8}	4	x⁴ + x + 1
C₃	{3, 6, 12, 9}	4	x⁴ + x³ + x² + x + 1
C₅	{5, 10}	2	x² + x + 1
C₇	{7, 14, 13, 11}	4	x⁴ + x³ + 1

Sizes sum to 15: 1 + 4 + 4 + 2 + 4 = 15 = 2⁴ - 1. The coset structure determines the possible BCH code parameters.

The BCH Bound

Mathematics

Designed Distance

BCH Bound: If the generator polynomial g(x) has α^b, α^b+1, ..., α^b+d-2 as roots (d-1 consecutive powers of α), then the minimum distance of the code is at least d.

d_min ≥ d_designed = δ

The designed distance δ is a guaranteed lower bound on d_min. Often d_min = δ exactly, but sometimes d_min > δ.

Why Does This Work?

If c(x) is a codeword and g(x)|c(x), then c(αⁱ) = 0 for all roots of g(x). A codeword of weight < d would give a system of equations with a Vandermonde matrix that must have a nontrivial solution — but Vandermonde is always invertible for distinct roots! Contradiction.

Generator Polynomial Construction

Mathematics

Recipe for a t-Error-Correcting BCH Code

Step 1: Choose designed distance δ = 2t + 1 (to correct t errors).

Step 2: The generator must have roots α, α², ..., α^2t.

Step 3: Compute g(x) = LCM(m₁(x), m₂(x), ..., m_2t(x)).

Since conjugate roots share minimal polynomials, many m_i's are redundant.

Example: Double-Error-Correcting BCH(15, 7)

t = 2, need roots α, α², α³, α⁴ in g(x).

m 1 (x) = x 4 + x + 1 (contains roots α, α 2, α 4) m 3 (x) = x 4 + x 3 + x 2 + x + 1 (contains root α 3)

g(x) = m₁(x) · m₃(x) = x⁸ + x⁷ + x⁶ + x⁴ + 1

n = 15, deg(g) = 8, so k = 15 - 8 = 7. BCH(15, 7, 5) code.

BCH Code Parameters

Mathematics

Primitive Narrow-Sense BCH Codes over GF(2^m)

n = 2^m - 1, k ≥ n - mt, d ≥ 2t + 1

Example Codes

m	n	t	k	d_min	Rate
4	15	1	11	3	0.733
4	15	2	7	5	0.467
4	15	3	5	7	0.333
5	31	1	26	3	0.839
5	31	3	16	7	0.516
5	31	5	11	11	0.355
8	255	2	239	5	0.937
8	255	4	223	9	0.875

Note: The t=1 case for any m gives the Hamming code — BCH generalizes Hamming codes!

BCH Encoding

Mathematics Code

Non-Systematic

Simply multiply:

c(x) = m(x) · g(x)

Message polynomial m(x) of degree < k produces codeword c(x) of degree < n.

Simple but message bits are not directly readable in the codeword.

Systematic

Place message in high-order positions:

c(x) = x^n-k·m(x) + r(x)

where r(x) = [x^n-k·m(x)] mod g(x)

Codeword = [parity bits | message bits]

First k bits of the codeword are the original message — easy to extract after decoding!

Encoding Example: BCH(15, 7)

Mathematics Code

Systematic Encoding

g(x) = x⁸ + x⁷ + x⁶ + x⁴ + 1

Message: m = (1 0 1 1 0 0 1) → m(x) = x⁶ + x⁴ + x³ + 1

Step 1: Compute x⁸ · m(x) = x¹⁴ + x¹² + x¹¹ + x⁸

Step 2: Divide by g(x):

x 14 + x 12 + x 11 + x 8 = q(x)\cdotg(x) + r(x)

Step 3: r(x) = x⁷ + x⁶ + x⁴ + x³ + x² + x (the remainder)

Step 4: c(x) = x⁸·m(x) + r(x)

Codeword: (1 1 0 1 1 1 1 0 | 1 0 1 1 0 0 1)
parity message

BCH Decoding Pipeline

Mathematics

Received
r(x)

→

Syndromes
S₁...S₂ₜ

→

Error Locator
σ(x)

→

Error Locations
Chien Search

→

Correct
ĉ(x)

Step 1: Syndrome Computation

Evaluate r(x) at the roots of g(x):

S j = r(α j) = e(α j)

If all S_j = 0, no errors detected.

Step 2: Error-Locator Polynomial

Find σ(x) = (1 + X₁x)(1 + X₂x)...(1 + X_vx)

Where X_i = α^e_i marks error positions.

For binary BCH: errors are always in GF(2), so we only need to find error locations (bit positions to flip). Non-binary codes also need error values.

Syndrome Computation

Mathematics

Calculating Syndromes

For a t-error-correcting BCH code, compute 2t syndromes:

S_j = r(α^j) = Σ_i=0^n-1 r_i · α^ij, j = 1, 2, ..., 2t

Syndromes in Terms of Error Positions

If v errors occurred at positions e₁, e₂, ..., e_v:

S 1 = X 1 + X 2 + ... + X v S 2 = X 12 + X 22 + ... + X v 2 S 3 = X 13 + X 23 + ... + X v 3 ⋮ S 2t = X 1 2t + X 2 2t + ... + X v 2t

where X_i = α^e_i are the error locators.

Property: S_2j = S_j² in binary fields (Frobenius). This halves the independent equations but also the unknowns!

Peterson-Gorenstein-Zierler Decoder

Mathematics

Direct Matrix Approach

The error-locator polynomial σ(x) = 1 + σ₁x + σ₂x² + ... + σ_vx^v satisfies Newton's identities:

S₁	S₂	⋯	S_v
S₂	S₃	⋯	S_v+1
⋮	⋮	⋱	⋮
S_v	S_v+1	⋯	S_2v−1

σ_v

σ_v−1

⋮

σ₁

S_v+1

S_v+2

⋮

S_2v

Algorithm

Start with v = t (assume maximum errors)
Form the syndrome matrix
If det = 0, reduce v by 1 and retry
Solve the linear system over GF(2^m)
Find roots of σ(x) via Chien search

Complexity

Matrix inversion: O(t³) field operations.

Practical for small t, but Berlekamp-Massey is preferred for t > 3 due to O(t²) complexity.

Berlekamp-Massey Algorithm

Mathematics

Iterative Error-Locator Polynomial Construction

The BM algorithm finds the shortest LFSR (Linear Feedback Shift Register) that generates the syndrome sequence S₁, S₂, ..., S₂ₜ.

Algorithm Outline

Initialize: σ⁽⁰⁾(x) = 1, B(x) = 1, L = 0, r = 1
For each r = 1 to 2t:
- Compute discrepancy: Δ_r = S_r + σ₁S_r-1 + ... + σ_LS_r-L
- If Δ_r = 0: do nothing (current LFSR works)
- If Δ_r ≠ 0: update σ(x) using correction term
- If 2L < r: increase LFSR length, update B(x)
Output: σ(x) of degree v ≤ t

Complexity: O(t²) — much better than PGZ's O(t³). This is the standard decoder for practical BCH/RS implementations.

Chien Search

Mathematics

Finding Roots of σ(x)

Named after R.T. Chien (1964). An exhaustive search made efficient by exploiting the structure of finite fields.

Test each α^-i for i = 0, 1, ..., n-1: σ(α^-i) = 0?

If σ(α^-i) = 0, then position i has an error.

Efficient Implementation

Instead of recomputing from scratch each time, update incrementally:

T j \leftarrow σ j \cdot α -j (initially) T j \leftarrow T j \cdot α -j (each step)

Only v multiplications per step instead of evaluating the full polynomial.

Hardware Friendly

Constant-time operation (n iterations always)
Parallelizable — test multiple roots simultaneously
Only multipliers and adders in GF(2^m)
Can be pipelined for high throughput

Binary vs. Non-Binary BCH

Mathematics

Binary BCH Codes

Symbols are in GF(2) (bits)
Roots of g(x) are in GF(2^m)
Error values are always 1 (just flip the bit)
Only need to find error positions
Code length n = 2^m - 1

Simpler decoding — no need for Forney's algorithm.

Non-Binary BCH (Reed-Solomon)

Symbols are in GF(2^m) (m-bit symbols)
Each symbol can take 2^m values
Error values are arbitrary field elements
Must find positions AND values
Code length n = 2^m - 1 symbols

Needs Forney's algorithm to compute error magnitudes.

Reed-Solomon codes are non-binary BCH codes where the symbols and roots are in the same field. This gives them the MDS property: d = n - k + 1.

BCH → Reed-Solomon Connection

Mathematics

The Family Tree

Linear Codes

→

Cyclic Codes

→

BCH Codes

→

Reed-Solomon

BCH Code (Binary)

Alphabet: GF(2)
Length: n = 2^m - 1 bits
g(x) has roots in GF(2^m)
d ≥ 2t + 1 (BCH bound)
NOT MDS in general

Reed-Solomon Code

Alphabet: GF(2^m)
Length: n = 2^m - 1 symbols
g(x) = Π(x - αⁱ), consecutive roots
d = n - k + 1 (exactly!)
Always MDS!

Subtle difference: In RS codes, minimal polynomials are degree-1 (since roots are in the same field as the coefficients). In binary BCH, minimal polynomials have degree up to m, which is why binary BCH codes are not MDS.

Applications of BCH Codes

Applications

Flash Memory (NAND)

BCH codes are the standard ECC for NAND flash storage.

SLC flash: 1-bit BCH sufficient
MLC flash: 4-8 bit BCH needed
TLC flash: 40-72 bit BCH or LDPC

BCH preferred for its deterministic latency and low power.

Satellite Communications

DVB-S2 uses BCH outer code + LDPC inner code.

BCH cleans up LDPC error floor
Typical: BCH(65535, 65343, t=12)
Near Shannon limit performance

Barcodes & QR Codes

QR codes use RS (a BCH generalization) for error correction at multiple levels.

L: 7%, M: 15%, Q: 25%, H: 30% correction capability.

Disk Drives

Hard drives use BCH/RS codes in the read channel alongside other signal processing.

Typical: t = 10-20 error correction.

Python: BCH Encoder

Code

def gf2_poly_mod(dividend, divisor):
    """Polynomial division over GF(2), return remainder."""
    dividend = list(dividend)  # copy
    for i in range(len(dividend) - len(divisor) + 1):
        if dividend[i] == 1:
            for j in range(len(divisor)):
                dividend[i + j] ^= divisor[j]
    return dividend[-(len(divisor)-1):]

def gf2_poly_mult(a, b):
    """Polynomial multiplication over GF(2)."""
    result = [0] * (len(a) + len(b) - 1)
    for i, ai in enumerate(a):
        if ai:
            for j, bj in enumerate(b):
                result[i + j] ^= bj
    return result

class BCHCode:
    def __init__(self, n, g_coeffs):
        """
        n: code length (2^m - 1)
        g_coeffs: generator polynomial as list [high...low]
        """
        self.n = n
        self.g = g_coeffs
        self.n_minus_k = len(g_coeffs) - 1
        self.k = n - self.n_minus_k

    def encode_systematic(self, message):
        """Systematic BCH encoding."""
        assert len(message) == self.k
        # x^(n-k) * m(x)
        shifted = message + [0] * self.n_minus_k
        # Compute remainder
        remainder = gf2_poly_mod(shifted, self.g)
        # Codeword = message | parity
        codeword = message + remainder
        return codeword

    def compute_syndrome(self, received, alpha_powers):
        """Compute syndromes by evaluating r(x) at roots."""
        # This requires GF(2^m) arithmetic - simplified here
        pass  # Full implementation needs GF arithmetic

Python: BCH(15,7) Demo

Code

# BCH(15, 7, 5) generator: x^8 + x^7 + x^6 + x^4 + 1
g = [1, 1, 1, 0, 1, 0, 0, 0, 1]  # coefficients high to low

bch = BCHCode(15, g)

# Encode a message
message = [1, 0, 1, 1, 0, 0, 1]
codeword = bch.encode_systematic(message)
print(f"Message:  {message}")
print(f"Codeword: {codeword}")
# Output: [1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0]
#          |--- message ---|  |--- parity ---|

# Verify: codeword should be divisible by g(x)
remainder = gf2_poly_mod(codeword, g)
print(f"Remainder (should be all zeros): {remainder}")
# [0, 0, 0, 0, 0, 0, 0, 0]

# Introduce 2 errors (max correctable)
received = codeword.copy()
received[3] ^= 1  # flip bit 3
received[10] ^= 1  # flip bit 10
print(f"Received: {received}")

# Check syndrome (non-zero = errors detected)
rem = gf2_poly_mod(received, g)
print(f"Syndrome check: {rem}")
print(f"Errors detected: {any(rem)}")  # True

# Encode all 2^7 = 128 messages to verify code properties
min_weight = 15
for i in range(1, 128):
    m = [(i >> j) & 1 for j in range(6, -1, -1)]
    c = bch.encode_systematic(m)
    w = sum(c)
    min_weight = min(min_weight, w)
print(f"Minimum weight (= d_min): {min_weight}")  # 5

Summary

BCH Code Essentials

Cyclic codes with algebraic decoding
n = 2^m-1, guaranteed d ≥ 2t+1
Generator = LCM of minimal polynomials
Generalize Hamming codes (t=1 case)

Decoding Pipeline

Syndromes → Error-locator → Roots → Correct
PGZ: O(t³), small t
Berlekamp-Massey: O(t²), standard
Chien search: O(n) root finding

The Big Picture

Hamming
t=1

→

BCH
t-error binary

→

Reed-Solomon
non-binary BCH, MDS

Next up: Reed-Solomon codes — the "most widely deployed error correction code in history." Everything from CDs to QR codes to deep space.

End of Part 07 • BCH Codes

BCH Codes

Roadmap

History

Finite Fields

Code Construction

Encoding

Decoding

Applications

Historical Origins

Alexis Hocquenghem (1959)

Bose & Ray-Chaudhuri (1960)

Finite Fields: GF(2m) Review

Construction via Irreducible Polynomials

Elements

Key Property

GF(24) Worked Example

p(x) = x4 + x + 1, so α4 = α + 1

Minimal Polynomials

Definition

Key Properties

GF(24) Minimals

Cyclotomic Cosets

Definition

GF(24) Cyclotomic Cosets (mod 15)

The BCH Bound

Designed Distance

Why Does This Work?

Generator Polynomial Construction

Recipe for a t-Error-Correcting BCH Code

Example: Double-Error-Correcting BCH(15, 7)

BCH Code Parameters

Primitive Narrow-Sense BCH Codes over GF(2m)

Example Codes

BCH Encoding

Non-Systematic

Systematic

Encoding Example: BCH(15, 7)

Systematic Encoding

BCH Decoding Pipeline

Step 1: Syndrome Computation

Step 2: Error-Locator Polynomial

Syndrome Computation

Calculating Syndromes

Syndromes in Terms of Error Positions

Peterson-Gorenstein-Zierler Decoder

Direct Matrix Approach

Algorithm

Complexity

Berlekamp-Massey Algorithm

Iterative Error-Locator Polynomial Construction

Algorithm Outline

Chien Search

Finding Roots of σ(x)

Efficient Implementation

Hardware Friendly

Binary vs. Non-Binary BCH

Binary BCH Codes

Non-Binary BCH (Reed-Solomon)

BCH → Reed-Solomon Connection

The Family Tree

BCH Code (Binary)

Reed-Solomon Code

Applications of BCH Codes

Flash Memory (NAND)

Satellite Communications

Barcodes & QR Codes

Disk Drives

Python: BCH Encoder

Python: BCH(15,7) Demo

Summary

BCH Code Essentials

Decoding Pipeline

The Big Picture

Finite Fields: GF(2^m) Review

GF(2⁴) Worked Example

p(x) = x⁴ + x + 1, so α⁴ = α + 1

GF(2⁴) Minimals

GF(2⁴) Cyclotomic Cosets (mod 15)

Primitive Narrow-Sense BCH Codes over GF(2^m)