The Hamming code was (equivalent to) a cyclic linear code. That it is cyclic means that if b₆b₅b₄b₃b₂b₁b₀ was a codeword, then so was b₅b₄b₃b₂b₁b₀b₆. In terms of polynomials, this says that if b₆x⁶+b₅x⁵+b₄x⁴+b₃x³+b₂x²+b₁x+b₀ is a code-polynomial then so is b₅x⁶+b₄x⁵+b₃x⁴+b₂x³+b₁x²+b₀x+b₆. This corresponds to just multiplying the polynomial by x since (b₆x⁶+b₅x⁵+b₄x⁴+b₃x³+b₂x²+b₁x+b₀)x = b₆x⁷+b₅x⁶+b₄x⁵+b₃x⁴+b₂x³+b₁x²+b₀x = b₅x⁶+b₄x⁵+b₃x⁴+b₂x³+b₁x²+b₀x+b₆ since x⁷ = 1  (mod x⁷+1). So saying a code is cyclic is the same as saying that for every code-polynomial p(x), xp(x) is also a code-polynomial.

That the code was linear means that if b₆b₅b₄b₃b₂b₁b₀ and c₆c₅c₄c₃c₂c₁c₀ are both codewords, and a_i = b_i + c_i for i = 0,1,...,6, then a₆a₅a₄a₃a₂a₁a₀ is also a codeword. In terms of polynomials, this means that if b₆x⁶+b₅x⁵+b₄x⁴+b₃x³+b₂x²+b₁x+b₀ and c₆x⁶+c₅x⁵+c₄x⁴+c₃x³+c₂x²+c₁x+c₀ are both code-polynomials, then a₆x⁶+a₅x⁵+a₄x⁴+a₃x³+a₂x²+a₁x+a₀ is a code-polynomial where a_i = b_i + c_i for i = 0,1,...,6. This just means that if p(x) and q(x) are code-polynomials, then so is p(x) + q(x).

Now consider a code that is both cyclic and linear, like the Hamming code. In this case if p(x) is a code-polynomial, then so is xp(x), and hence also x²p(x), x³p(x), and so on. Since the code is also linear, we can add these code-polynomials to conclude x²p(x) + p(x) = (x²+1)p(x) is also a code-polynomial. In fact, if p(x) is a code-polynomial, then a(x)p(x) is a code-polynomial for any polynomial a(x) (not necessarily a code-polynomial). So the collection of all code-polynomials of any linear cyclic code of length n is a set I of elements of Z₂[x]/(xⁿ + 1) such that if p(x) Î I, then a(x)p(x) Î I for every a(x) and if p(x),q(x) Î I, then p(x) + q(x) Î I. Such a set I is called an ideal of the ring Z₂[x]/(xⁿ + 1) and plays an important role in the theory of rings. We will now look at how to find such ideals, and hence how to find linear cyclic codes.

Suppose I is an ideal in Z₂[x]/(xⁿ + 1), i.e. I is a set of code-polynomials of a linear cyclic code. Let g(x) be the non-zero polynomial of smallest degree in I. We then have the following.

Theorem: Every element of I is of the form a(x)g(x) for some polynomial a(x).

Proof: Let p(x) Î I, then we can write p(x) = q(x)g(x) + r(x) for some polynomials q(x) and r(x) with deg(r(x)) < deg(g(x)). Moving q(x)g(x) to the other side of the equation (and remembering that in Z₂ addition and subtraction are the same) we get r(x) = p(x) +q(x)g(x). But since g(x) ΠI, so is q(x)g(x) and since p(x) Î I as well, so is p(x) + q(x)g(x), hence r(x) Î I. But deg(r(x)) < deg(g(x)) and g(x) was selected to be the non-zero polynomial in I of smallest degree. So r(x) must be zero, and p(x) = q(x)g(x).

Theorem: g(x) divides xⁿ + 1.

Proof: We can write xⁿ+1 = q(x)g(x) + r(x) for some polynomials q(x) and r(x) with deg(r(x)) < deg(g(x)). As in the previous proof, we can rewrite this as r(x) = xⁿ+1 + q(x)g(x). But now r(x) = q(x)g(x)  (mod xⁿ+1), so r(x) Î I. But as before, g(x) was selected to be the non-zero polynomial of I of smallest degree, so since deg(r(x)) < deg(g(x)), we must have r(x) = 0 and q(x)g(x) = xⁿ + 1.

This now tells us how to build a linear cyclic code. Fix a length n, say n = 17. Then we want to work with polynomials in Z₂[x]/(x¹⁷ + 1). Next pick a generator g(x) that divides x¹⁷ + 1, which is easier if you first factor x¹⁷ + 1 = (1+x) (1+x+x²+x⁴+x⁶+x⁷+x⁸) (1+x³+x⁴+x⁵+x⁸). Say we pick g(x) = 1+x³+x⁴+x⁵+x⁸. This generator has degree 8, so we will work with 9 = 17 - 8 data bits. Put the nine data bits into polynomial form d(x) = d₈x⁸ + ... + d₀. Encode the data-polynomial into a code-polynomial by computing d(x)g(x). If our data-polynomial is x⁸+x⁵+x²+1 (which represents the data bits 100100101), then we compute d(x)g(x) = x¹⁶+x¹²+x¹¹+x⁹+x⁸+x⁷+x⁶+x⁵+x⁴+x³+x²+1 (which represents the codeword 10001101111111101). We now transmit the codeword. When we receive a word, we convert it back to polynomial form to get w(x). Next we divide w(x) divide by g(x) to get w(x) = q(x)g(x) + r(x). If no errors have occurred, then r(x) = 0 and q(x)=d(x) and we have recovered the original data bits. Now suppose an error occurs and we receive the word 10011101111111101. In this case we have w(x) = x¹⁶+x¹³+x¹²+x¹¹+x⁹+x⁸+x⁷+x⁶+x⁵+x⁴+x³+x²+1 = (x⁸+x)( 1+x³+x⁴+x⁵+x⁸) + (x⁷+x³+x²+x+1). The remainder is x⁷+x³+x²+x+1 rather than 0, which tells us that an error has been made. To fix the error, we assume first that only a single error has been made. If an error is made in the j^th position, then we will receive w(x) = d(x)g(x) + x^j. So w(x) = x^j  (mod g(x)) and all we have to do is find j so x^j = x⁷+x³+x²+x+1 (mod g(x)). There are several shortcuts you can take here, but the most straightforward approach is just to compute all the remainders of x^j (mod 1+x³+x⁴+x⁵+x⁸). The first few are very quick ( x⁰ = 1 (mod g(x)), x¹ = x (mod g(x)), ... x⁷ = x⁷ (mod g(x)) ) and then things get a little more complicated ( x⁸ = x⁵+x⁴+x³+1 (mod g(x)) ) until we eventually find x¹³ = x⁷+x³+x²+x+1, so the error occurred in the 13^th bit. We correct this bit to get 10001101111111101, which we then decode to find the original data bits 100100101.

We now have a general procedure for building linear cyclic codes. But we haven’t proved that the code we’ve built will actually be able to correct any single error (and there is one more condition we will need to add to the mix before that will be true). We haven’t started looking at how we could correct more than one error at a time. We haven’t worried about finding the most efficient coding scheme. All of these questions will lead us deeper into the study of polynomial rings.