Optimal Codes from Fibonacci Polynomials and Secret Sharing Schemes

In this work, we study cyclic codes that have generators as Fibonacci polynomials over finite fields. We show that these cyclic codes in most cases produce families of maximum distance separable and optimal codes with interesting properties. We explore these relations and present some examples. Also, we present applications of these codes to secret sharing schemes.


Introduction
Error correcting codes are applied intensively in digital data transfer and storage. Due to this important nature, good error correcting codes which can be considered as codes with best possible parameters so called optimal codes and codes with rich algebraic structures are important for implementations. Cyclic codes serve such a purpose and studies on cyclic codes still cover an important part of the area. A linear code C is a subspace of V = F n p where F p denotes the finite field with p elements. The elements of a linear code are called codewords. In order to detect hence correct errors, Hamming metric serves such a purpose. Given two elements in V say u = (u 1 , u 2 , . . . , u n ), v = (v 1 , v 2 , . . . , v n ), the Hamming distance between u and v is the number of places that differ from each other i.e. d(u, v) = |{i|u i = v i }|. The smallest nonzero Hamming distance among the elements of C is referred as the Hamming distance of the code C and it is usually denoted by d(C) or simply d. If C is a linear code over F p with dimension k and minimum distance d, then C is said to be an [n, k, d] p -code. If an error detected while the received word is erroneous, then decoding this word to the closest codeword in C is called the majority decoding method. It is also well known that a linear code with minimum distance d = 2t + 1 or d = 2t + 2 can correct up to t errors. Given the length and the dimension, finding a linear code with best possible minimum distance is an important problem and it is an open problem except a few special cases. An inner product on V of u = (u 1 , u 2 , . . . , u n ), v = (v 1 , v 2 , . . . , v n ), is defined as usual u, v = ∑ n i=1 u i v i in F p . Then, we can associate a linear code C ⊥ , called the dual code of C, to a code C by C ⊥ = {v ∈ V| u, v = 0 for all u ∈ C}. If C is a linear code of length n and dimension k, then it is well-known that C ⊥ is a linear code of length n and dimension n − k. In literature, cyclic codes from sequences defined over some extension fields with special generators have been studied. Sequences over fields or rings in general have many applications such as Left Shift Registers (LSR), coding, cryptography, etc [17], [19]. This venue of the research is partially accomplished by considering some special sequences. In each case some special sequences are studied in order to understand the cyclic codes derived from them. Here, we study cyclic codes derived from Fibonacci sequences. In the literature there are studies where Fibonacci sequences and codes are related but to the best knowledge of the authors these studies are in different directions compared to the one presented in this paper. An example of such study is done by Lee et al. [11] where linear codes related to Fibonacci sequences are presented and burst error correction of such families are studied. There are further studies that are inspired by Fibonacci sequences [7], [10]. In the sequel we present some basic properties of both Fibonacci sequences and error correcting codes. In the next section, we relate Fibonacci sequences with cyclic codes and we study the properties of such codes. Moreover, we apply these families of codes to construction of secret sharing schemes.

Fibonacci Sequences and Some Properties
In this subsection, we present some basic properties and theorems regarding Fibonacci sequences that are going to be useful in the following sections. Definition 1 Let F 0 = 0 and F 1 = 1 be elements of a finite field F p . Then, the sequence defined by F n = F n−1 + F n−2 for n ≥ 2 is called the Fibonacci sequence in F p . If the we take the first two terms of the sequence as F 0 = a and F 1 = b, then the sequence is called generalized Fibonacci sequence and we will denote generalized Fibonacci sequence byḠ (a, b).

Definition 2
The smallest t > 0 such that F 0 ≡ F t mod p and F 1 ≡ F t+1 mod p, where F t is the t th Fibonacci number, is called Pisano period of p and we denote this period by l p .
For example, the Fibonacci sequence computed in F 11 is 0, 1, 1, 2, 3, 5, 8, 2, 10, 1, 0, 1, 1 . . . which implies that Pisano period l 11 is 10. Theorem 1 [21] F n mod p forms a periodic sequence. That is, the sequence keeps repeating its values periodically. There has not been established a direct formula for computing l p yet. However, the following theorem gives a restriction for possible values of l p . Theorem 2 [21] Let l p denote the period of the Fibonacci sequence modulo p. Then, 1. If p is prime and p ≡ ±1 mod 10, then l p |p − 1.
2. If p is prime and p ≡ ±3 mod 10, then l p |2(p + 1). Lemma 1 [5] 5 is a quadratic residue modulo primes of the form 5t ± 1 and a quadratic non-residue modulo primes of the form 5t ± 2. Lemma 2 [22] If a prime p is of the form 5t ± 1 then F p−1 ≡ 0 and F p ≡ 1 mod p. If a prime p is of the form 5t ± 2, then F p ≡ −1 and F p+1 ≡ 0 mod p.
Let α (p) denote the index of the subscript of the first nonzero term of the Fibonacci sequence which is divisible by p. Let s (p) be the least residue of F α(p)+1 mod p and let β (p) denote the order of s (p) modulo p i.e. the smallest positive integer β (p) such that s (p) β(p) ≡ 1 mod p. Theorem 3 [18] As a result of Theorem 3, β (p) can be considered as the number of zeros in a single period of Fibonacci sequence computed in F p .

Error Correcting Code Basics
In this subsection we present some basic theory about linear codes especially cyclic codes. For further and more detailed information regarding this topic the readers may refer to [13]. Let F p be a finite field with p elements where p is prime and F n p be an n dimensional vector space. A linear code C of length n over F p is a subspace of F n p . A subset S of F n p is cyclic if (a n−1 , a 0 , a 1 , . . . , a n−2 ) ∈ S whenever (a 0 , a 1 , . . . , a n−1 ) ∈ S.
A linear code C is called a cyclic code if C is also a cyclic set.
Definition 3 [13] Let α be a primitive element of F p m and denote by M (i) (x) the minimal polynomial of α i with respect to F p . A (primitive) BCH code over F p of length n = p m − 1 with designed distance δ is a p−ary cyclic code generated by for some integer a. Furthermore, the code is called narrow-sense if a = 1.
Definition 4 [13] A p−ary Reed Solomon code (RS code) is a p−ary BCH code of length p − 1 generated by In order to relate the combinatorial structure of cyclic codes with algebraic structures, the following map ϕ is defined as . . , a n−2 , a n−1 ) = a 0 + a 1 x + . . . + a n−2 x n−2 + a n−1 x n−1 . (1) is a principal ideal rings and ϕ corresponds each subspace of F n p to an ideal in The following theorem states this connection:

Theorem 5 [13] Let ϕ be the linear map defined in the Equation (1). Then a nonempty subset C of F n p is a cyclic code if and only if ϕ(C) is an ideal of
Corollary 2 [13] The nonempty subset C of F n p is a cyclic code of length n if and only if g(x)|x n − 1 and ϕ(C) = g(x) .
Example 1 The code C = {000, 111, 222} is a ternary cyclic code. The corresponding ideal in Since the minimum distance determines the error correction and detection capability of a code, it is an important parameter for codes, and also determining it is a very difficult problem. There are at least some bounds that help on estimating the minimum distance of a code. Now, we present definitions and theorems regarding some special bounds that are going to be referred in the sequel.
Definition 6 [13] A linear code with parameters [n, k, d] such that k + d = n + 1 is called a maximum distance separable (MDS) code.
The code presented in Example 1 is MDS.

Theorem 6 (Griesmer Bound) [13] Let C be a p−ary code of parameters
Here, if α is a real number, then ⌈α⌉ denotes the smallest integer larger or equal to (the ceil) α.

Cyclic Codes Obtained from Fibonacci Polynomials
In this section we study cyclic codes that are generated by polynomials related to Fibonacci sequences. For a periodic sequence S = {s 0 , s 1 , . . .} with a period N we have s i+N − s i = 0, so x N − 1 is a characteristic polynomial of S. If N is a period of S, then the minimal polynomial of S is . .} denote the Fibonacci sequence over F p and suppose that the period of this sequence is equal to l.
be the Fibonacci polynomial with period l = p − 1 and β (p) = 1. Then, Proof 1. By direct checking and applying the properties of Fibonacci sequence we see that be the cyclic code of length p − 1 generated by g(x) and dimension p − 1 − deg(g(x))) = 2. This codes has exactly p 2 codewords. Since g(x) = f (x) x , w( f (x)) = w(g(x)). Since the number of zeros in a single period of given Fibonacci sequence is only one, then we have w(g(x)) = p − 2. Also, w(xg(x)) = p − 2 for which xg(x) ∈ C. The codeword g(x) has the zero entry in its first coordinate and xg(x) has the zero entry in its second coordinate. Suppose that a codeword c(x) ∈ C has two entries with zeros. Then, g(x), xg(x), c(x) will give a linearly independent subset of vectors in C which is a contradiction to the dimension 2 of C. 3. Follows from previous part and Definition 6.

Corollary 3
The codes given in Theorem 7 are RS codes.
Proof Clearly the length of C ⊥ is p − 1. Let us now determine the dimension and minimum distance of We know that C is MDS, so is C ⊥ [14]. By the Singleton bound we have p − 1 .
be the Fibonacci polynomial with period l = p − 1.
be the Fibonacci polynomial with period l = 2p + 2 and β (p) = 2, 4. Then, Proof Follows from Theorem 7.  Proof We know that there are l − β (p) nonzero terms in a sequence and if we obtain zero term in a sequence, then the length of subsequent terms until another zero term must be a multiple of the preceding part of the sequence. So there are l−β(p) β(p) − 1 non-zero, non-multiple and different, two consecutive terms in a sequence.

Theorem 10
The cyclic codes given in the Theorem 7, Corollary 4 and Theorem 9 are constant one or two weight codes. Table 2 The weight distribution of the codes given in Theorem 7 for β (p) = 1

Length
Weight w Multiplicity A w Table 3 The weight distribution of the codes given in Corollary 4 and Theorem 9 for β (p) = 2

Length
Weight w Multiplicity A w Proof Since the dimension of given codes are 2, the generator matrix is of the form Thus we can generate in total p 2 codewords from the generator matrix G where clearly one of them is all the zero vector. The number of nonzero coefficients of f (x) is the same as with x f (x) and the weight of these codewords are l − β (p) . So, from the rows of generator matrix G, we can obtain 2 (p − 1) codewords of weight l − β (p) . Also, generalized Fibonacci sequences (for details see [9]) satisfies the following facts: 1. If we start with any two consecutive fibonacci numbers for a and b,Ḡ(a, b, i) will be essentially the same as the fibonacci sequence but with its indices changed. The general rule is 2. Multiplying all the terms by k gives the same sequence as the one with starting values ka and kb G(ka, kb, i) = kḠ(a, b, i).
The Equation (2) says that if we start with any two consecutive Fibonacci numbers, then we obtain codewords whose weight are the same with the codewords of the form f (x). By Lemma 3, there are l−β(p) β(p) − 1 non-zero, non-multiple and different, two consecutive terms in a Fibonacci sequence mod p. Also from the Equation (3), there are p − 1 multiple of each non-zero two consecutive terms. Then, we have l−β(p) β(p) − 1 (p − 1) codewords which has same weight with f (x). Therefore, the total number of the codewords of weight l − β (p) are 2 (p − 1) + l−β(p) β(p) − 1 (p − 1) . Since the minimum weight of the codes given in Theorem 7, Corollary 4 and Theorem 9 are d = l − β (p), the other weights of the codewords must be l. Because every Fibonacci sequence mod p has β (p) parts and all these parts have the same weight. Thus, the number of codewords of weight l are Table 2, 3, 4.

Cyclic Codes From Generalized Fibonacci Polynomials
If we take F 0 = 2 and F 1 = 1 as initial values for Fibonacci sequence, then we obtain the wellknown Lucas sequence. A natural problem then is to figure out the structure of cyclic codes if they are defined in a more general setting, with general initial values, which is known as generalized Fibonacci sequences. Let f (x) be a generalized Fibonacci polynomial with F 0 = a and F 1 = b. Then, If we consider this polynomial as the generator polynomial of a cyclic code, as generator polynomial of an ideal in F p [x]/(x p−1 − 1), then this means that Hence, if a = 0, then a is a unit in the ring So, the only case to get a non trivial cyclic code from generalized Fibonacci polynomials are the cases where a = 0. In case where a = 0 all cyclic codes (ideals) are the same. So the Fibonacci polynomial codes are the only interesting ones among this family that we already studied above.

Cyclic Codes From Extended Fibonacci Polynomials
Let E 0 = 0 and E 1 = . . . = E r−1 = 1 be elements of a finite field F p . Then, the sequence defined by

Secret Sharing Schemes From Codes
Secret sharing system is a method of projecting a secret data to finitely many participants with the aim that a designed number of or designed participants can recover the data. In this system, a secret data s is divided into shares and distributed to participants from the set P = {P 1 , P 2 , ..., P n−1 } in such a way that only authorized subsets of P can reconstruct the secret whereas unauthorized subsets cannot reconstruct the secret. There are several secret sharing system in literature [3], [4], [16], [20]. One of them is based on coding theory. In 1993, Massey has shown that every linear code can be used to construct the secret sharing scheme [15]. Let now us recall the system given by Massey. Let C be an [n, k, d] linear code over finite field F p and G = [g 0 , g 1 , ..., g n−1 ] be a generator matrix of C where g i 's are the column vectors of G. In this system, column vectors of G are nonzero. Dealer, who is a person building the system, randomly choose a vector from u = (u 0 , u 1 , ..., u k−1 ) ∈ F k p to generate the codeword uG = (v 0 , v 1 , ..., v n−1 ). The dealer picks the first coordinate of a codeword as a secret, i.e., s = v 0 = ug 0 , and distributes v i to participants P i as a share for 1 ≤ i ≤ n − 1. Since s = v 0 = ug 0 , it is easily seen that set of shares v i 1 , v i 2 , ..., v i t determines the secret s if and only if g 0 is a linear combination of g i 1 , g i 2 , ..., g i t . To recover the secret s, firstly the linear equation x j g i j is solved and x j is found, then the secret is computed by Definition 8 [15] Let v be a vector of length n over F p . The support of v is defined as We say that a vector v 2 covers a vector v 1 if the support of vector v 2 contains that of v 1 i.e.supp(v 1 ) ⊆ supp(v 2 ). Definition 9 [15] A nonzero vector c is called minimal if it only covers its scalar multiples. If the first component of minimal vector c is 1, then the vector c is called minimal codeword.
Definition 10 [12] The family of all authorized subsets of P is called access structure of the scheme. Authorized subsets of P are called minimal access sets if they can reconstruct the secret s but any of its proper subsets cannot reconstruct the secret s.
Hence we have the following main lemma: Lemma 4 [15] Let C be an [n, k, d] linear code over finite field F p and C ⊥ be the dual code of C. In the secret sharing scheme based on C, a set of shares v i 1 , v i 2 , ..., v i t recovers the secret s if and only if there is a codeword in C ⊥ such that 1, 0, ..., 0, c i 1 , 0, ..., c i t , 0, ..., 0 where c i j = 0 for at least one j, 1 ≤ i 1 < ... < i m ≤ n − 1 and 1 ≤ m ≤ n − 1.
From Lemma 4, it is clear that there is a one to one correspondence between the set of minimal access sets and sets of minimal codewords. But, it is very hard to find the minimal codewords of linear codes in general.

Access Structures From Fibonacci Codes
In this section, we consider the secret sharing schemes obtained from Fibonacci codes whose minimal codewords can be characterized. Let us remind two lemmas in the literature which state the main results how to determine the access structure.
Lemma 5 [1], [2] Let C be an [n, k, d] code over F p . Let w min , w max be a minimum and maximum nonzero weight of C, respectively. If w min w max > p − 1 p then each nonzero codeword of C is a minimal vector.
Lemma 5 states that if the weights of a linear code are close enough to each other, then each nonzero codeword of the code is minimal. The following lemma characterizes minimal access set of C where each nonzero codeword is a minimal vector. Proof The codes of parameters [2p + 2, 2, 2p] are one weight codes and by Lemma 5 all codewords of such codes are minimal. Thus, from Lemma 6 there are p 2−1 = p minimal access sets. Also, from the Fibonacci sequence mod p and β (p) = 2, we have two multiple parts in a sequence. So, the g p+1 column is a multiple of g 0 . This means that P p+1 is a dictatorial participant. The other remaining participants are involved in (p − 1) p 2−2 = (p − 1) minimal access sets.
In the secret sharing scheme based on the dual code of C, the number of minimal access sets are 7, and the list of all these minimal access sets are as follows: {P 2 , P 3 , P 4 , P 5 , P 6 , P 7 , P 8 , P 10 , P 11 , P 12 , P 13 , P 14 , P 15 }.
In this example, P 8 is dictatorial participant and each participant is involved in exactly 6 minimal access sets.

Conclusion
In this paper, we studied cyclic codes with generator polynomials derived from Fibonacci sequences modulo a prime p. We showed that such cyclic codes enjoy very good properties as they give examples of MDS and optimal cyclic codes. Also, we are able to determine all parameters of such codes. Finally, we present applications to secret sharing schemes via Fibonacci codes.