Error-Detection Codes: Algorithms and Fast Implementation: Gam D. Nguyen
Error-Detection Codes: Algorithms and Fast Implementation: Gam D. Nguyen
Error-Detection Codes: Algorithms and Fast Implementation: Gam D. Nguyen
JANUARY 2005
1 INTRODUCTION
performance comparisons of CRCs and these non-CRC codes. Perhaps the key reason for the appearance of the non-CRC codes is that CRCs are not very efficiently implemented in software. Software complexity refers to the number of programming operations and hardware complexity refers to the number of gates required for code implementation. Investigations reported in [4], [9] indicate that software processing of CRCs is slower than that of the non-CRC codes. Thus, it is desirable to design errordetection codes that are reliable and of low complexity. One code is better than another if, for a fixed number of check bits h, it has larger minimum distance d, larger bursterror-detecting capability b, longer maximum codeword length lmax , and lower complexity. An important performance measure of a code, which is not addressed in this paper, is its probability of undetected error. For the binary symmetric channel, this probability can be expressed in terms of the weight distribution of the code. In general, the problem of computing the probability of undetected error is NP-hard [7]. Some methods for calculating or estimating this probability are given in [7]. Because the minimum distance d is often considered the most important parameter, Fig. 1 ranks CRC as the best code, WSC the second best, and so on. Although the WSC, Fletcher checksum, and CXOR are defined only for an even number of check bits h, both even and odd h can be used for the other codes. The CRC, WSC, and Fletcher checksum can be extended to have infinite length, but their minimum distances all reduce to 2. Some discussions of burst-errordetecting capability b are given in Appendix C (which can be found on the Computer Society Digital Library at http:// computer.org/tc/archives.htm). In this paper, we focus on code implementation by means of software. Because computers can process information in blocks of bits (e.g., bytes or words), codes having efficient software implementation should also be processed in blocks of bits. Then, it is natural to express code lengths in terms of the number of blocks n and each block is s bits, i.e., the total number of bits is ns. Most modern processors can efficiently handle block
FFICIENT implementation of reliable error-protection algorithms plays a vital role in digital communication and storage because channel noise and system malfunction introduce errors in received and retrieved messages. Here, we focus on binary error-detection codes that have low overhead and minimum distance d 4. Popular error-detection codes used in practice include CRCs that are generated by binary polynomials such as X16 X15 X 2 1 (called CRC-16) and X16 X12 X5 1 (called CRC-CCITT). An h-bit CRC generated by GX X 1P X, where P X is a primitive polynomial of degree h 1, has the following desirable properties [1]. The CRC has maximum codeword length of 2h1 1 bits and minimum distance d 4, i.e., all double and odd errors are detected. This code also detects any error burst of length h bits or less, i.e., its burst-error-detecting capability is b h. The guaranteed error-detection capability of this h-bit CRC is nearly optimal because its maximum codeword length almost meets the upper bound 2h1 and its burst-error-detecting capability meets the upper bound h. The CRC is also efficiently implemented by special-purpose shift-register hardware. Although CRCs have nearly optimal properties and efficient hardware implementation, many binary non-CRC codes are proposed as alternatives to CRCs. These codes, developed over many years and often considered as unrelated to each other, do not have the CRCs desirable properties. Such non-CRC codes include weighted sum code (WSC), Fletcher checksum (used in ISO), onescomplement checksum (used in Internet), circular-shift and exclusive-OR checksum (CXOR), and block-parity code (Fig. 1). See [4], [5], [9], [14] for implementation and
. The author is with the Information Technology Division, Naval Research Laboratory, Washington, DC 20375. E-mail: [email protected]. Manuscript received 27 Mar. 2003; revised 26 Feb. 2004; accepted 30 July 2004; published online 16 Nov. 2004. For information on obtaining reprints of this article, please send e-mail to: [email protected], and reference IEEECS Log Number 118495.
VOL. 54,
NO. 1,
JANUARY 2005
denotes a systematic code with l code length, k information block length, and d minimum distance. Finally, if Y1 and Y2 are m1 -tuple and m2 -tuple, respectively, then Y Y1 ; Y2 denotes the concatenation of Y2 to Y1 , i.e., Y is an m1 m2 -tuple. Note that Y can also be written as Y Y1 Xm2 Y2 . For ease of cross-referencing, we usually label blocks of text as Remarks. These remarks are integral parts of our presentation and they should not be viewed as isolated observations or comments.
Fig. 1. Error-detection capabilities of binary codes (d minimum distance, b burst-error-detecting capability, h number of check bits, lmax maximum codeword length).
size s 8; 16; 32; 64 bits. General-purpose computers and compilers are increasingly faster and better. Thus, software algorithms become more relevant and desirable. Software algorithms are increasingly used in operations, modeling, simulations, and performance analysis of systems and networks. An important advantage of software implementation is its flexibility: It is much simpler to modify a software program than to modify a chip full of hardwired gates and buses. In this paper, we present a general algorithm and its systematic versions for constructing a large family of binary error-detection codes (Section 2). This family contains all the codes in Fig. 1 and other linear and nonlinear codes for error detection. We unify the treatment of these seemingly unrelated codes by showing that CRCs and the non-CRC codes all come from a single algorithm (Section 3). Further, the algorithm can produce some non-CRC codes that are not only reliable (i.e., having minimum distance 4 as CRCs), but also have fast software implementation (Section 4). We then summarize and conclude the paper (Section 5). The paper is supplemented with appendices (which can be found on the Computer Society Digital Library at http://computer.org/ tc/archives.htm) that include theorem proofs, code segments implemented in C programming language, as well as discussions of CRCs, WSCs, and CXORs. The preliminary version of this paper is presented in [10].
In this section, we define a binary code so that each of its codewords consists of n tuples Q0 ; Q1 ; . . . ; Qn1 , each tuple is s bits. This code is not necessarily systematic and is formulated abstractly to facilitate the development of its mathematical properties. For practical use, we then construct systematic versions of the code. Fast software versions of the code will be presented later in Section 4. It is important to note that Qi is an uppercase letter, so, by our conventions, Qi is a polynomial of the variable X, i.e., Qi Qi X. Further, being an s-tuple, Qi is also a polynomial of degree less than s. The polynomial notation facilitates the mathematical developments of codes. The tuple notation is more appropriate for software implementation of codes because an s-tuple is a group of s bits, which can be easily processed by computers. Note also that the ns-tuple Q0 ; Q1 ; . . . ; Qn2 ; Qn1 is equivalent to the polyP nomial n1 Qi X n1is of degree less than ns. i0 First, let C1 be a binary code with length s and minimum distance d1 . Let r and n be integers such that 1 n 2r . Let W0 ; W1 ; . . . ; Wn1 be distinct polynomials of degree less than r. Let M be a polynomial of degree r such that M and X are relatively prime, i.e., gcdM; X 1. Also, Qi is an s-tuple, i ! 0. Now, we are ready to introduce a new code that is simply called the code C and is the focus of this paper. Algorithm 1. Let C be the binary code such that each of its codewords Q0 ; Q1 ; . . . ; Qn2 ; Qn1 satisfies the following two conditions: ! n1 X Qi Wi mod M 0
i0 n1 X i0
1.1 Notations and Conventions We consider polynomials over only the binary field GF(2), i.e., the polynomial operations are performed in polynomial arithmetic modulo 2. Let A AX and B BX be two polynomials, then A mod B is the remainder polynomial that is obtained when A is divided by B with degA mod B < degB. To ease the presentation of many different codes (which can result in a large number of parameters), we adopt the following sweeping conventions. A j-tuple a0 ; . . . ; aj2 ; aj1 denotes the binary polynomial a0 X j1 . . . aj2 X aj1 of degree less than j. In this paper, lowercase letters (such as h and a0 ) denote nonnegative integers. The letters C and C1 denote codes, other uppercase letters (such as A and Qi ) denote polynomials (or tuples), and X denotes the variable (or indeterminate) of these polynomials. Further, the variable X will be omitted from all polynomials, i.e., AX will be denoted as A. We denote ui as the i-tuple whose components are all us, u 2 f0; 1g. The notation l; k; d
Qi 2 C1 :
Remark 1. 1. 2. 3. C is nonlinear if C1 is nonlinear. From (3), the codewords of C have even weights if the codewords of C1 have even weights. The code C1 in Algorithm 1 can be nonsystematic. However, we focus only on systematic codes, which are more often used in practice. Thus, we assume that C1 is an (s; s m; d1 systematic code
4.
5.
with m check bits, 0 m s. Let F be the encoder of C1 . Then, each codeword of C1 is UXm F U U; F U, where U is an information s m-tuple and F U is the corresponding check m-tuple. In Algorithm 1, the weights W0 ; W1 ; . . . ; Wn1 can be chosen to be distinct polynomials of degree less than r because 1 n 2r . However, Algorithm 1 can be extended to allow n > 2r , then W0 ; W1 ; . . . ; Wn1 will not always be distinct (see Section 3 later). All the codes considered in this paper are binary codes, i.e., their codewords consist of digits 0 or 1. In particular, the code C is a binary code whose codewords are ns bits. Computers can efficiently process groups of bits. Thus, as seen in (1), each ns-bit codeword is grouped into n tuples, s bits each. Note that this binary code C can also be viewed as a code in GF2s , i.e., as a code whose codewords consist of n symbols, each symbol belongs to GF2s . More generally, suppose that ns xy for some positive integers x and y, then this same binary code C can also be viewed as a code whose codewords consist of x symbols, each symbol belongs to GF2y . In the extreme case (x 1, y ns), the code C is also a code whose codewords consist of only one symbol that belongs to GF2ns . Note that, when the same code is viewed in different alphabets, their respective minimum distances can be very different. For example, consider the binary repetition code f0k ; 1k g of length k > 1. When viewed as the binary code over GF(2), this code has minimum distance d k. But, when viewed in GF2k , this same code has minimum distance d 1.
Y Q0 Q1 U1 X2 P1 U2 X3 Q0 Q1 Q2 U2 X3 ; which is a 4-tuple. Thus, Y can be written as Y Y1 X3 Y2 Y1 ; Y2 , where Y1 is a 1-tuple and Y2 is a 3-tuple. Finally, we compute P2 Y2 Y1 ; Y1 ; Y1 , which is a 3-tuple. Now, we will show that the codeword Q0 ; Q1 ; Q2 ; Q3 Q0 ; Q1 ; U1 ; P1 ; U2 ; P2 satisfies (2) and ( 3 ) i n A l g o r i t h m 1 . S i n c e P1 Q0 W0 Q1 W1 U1 X 2 mod M, we have 0 Q0 W0 Q1 W1 U1 X2 P1 mod M: Then, 0 Q0 W0 Q1 W1 Q2 W2 Q3 W3 mod M bec a u s e Q2 W2 U1 X 2 P1 a n d Q3 W3 0. T h u s , Q0 ; Q1 ; Q2 ; Q3 satisfies (2). Next, Q0 Q1 Q2 Q3 Y U2 X3 Q3 because Y Q0 Q1 Q2 U2 X3 Y U2 X3 U2 ; P2 Y P2 because U2 ; P2 U2 X3 P2 Y1 ; Y2 Y2 Y1 ; Y1 ; Y1 Y1 ; Y1 ; Y1 ; Y1 2 C1 : Thus, Q0 ; Q1 ; Q2 ; Q3 Q0 ; Q1 ; U1 ; P1 ; U2 ; P2 also satisfies (3). By exchanging P1 and U2 , the codeword becomes Q0 ; Q1 ; U1 ; U2 ; P1 ; P2 , which is a codeword of a systematic code because Q0 ; Q1 ; U1 ; U2 are the 11 information bits and P1 ; P2 are the 5 corresponding check bits. Because d1 4, dC 4 by Theorem 1.2. Thus, C is identical to the 16; 11; 4 extended Hamming code.
Let d1 and dC be the minimum distances of the binary codes C1 and C, respectively, in Algorithm 1. We then have the following theorem that is proven in Appendix A (which can be found on the Computer Society Digital Library at http://computer.org/tc/archives.htm). Theorem 1. 1. 2. dC ! 3 if d1 ! 3. dC 4 if d1 ! 4.
2.1 Systematic Encoding In general, the binary code C in Algorithm 1 is not systematic. Now, we construct its systematic versions. Recall that r is the degree of the modulating polynomial M and s is the number of bits contained in each tuple Qi . Let r s and suppose that information tuples
Q0 ; Q1 ; . . . ; Qn3 ; U1 ; U2 4
are given, where U1 is an s r-tuple and U2 is an s m-tuple. We wish to append a check r-tuple P1 and a check m-tuple P2 to (4) so that the resulting codeword is Q0 ; Q1 ; . . . ; Qn3 ; U1 ; U2 ; P1 ; P2 : 5
Example 1. Now, we illustrate Algorithm 1 by constructing a simple binary code C. Let s 4, m 3, r 2, and n 2r 4. Thus, each codeword of the code C is a 16-tuple Q0 ; Q1 ; Q2 ; Q3 , where each Qi is a 4-tuple. Let M X2 X 1 be the modulating (primitive) polynomial. Let the weighting polynomials in (2) be W0 X 1, W1 X, W2 1, and W3 0. Let C1 f0; 0; 0; 0; 1; 1; 1; 1g, i.e., C1 is the 4; 1; 4 repetition code. Now, we wish to specify the desired codeword Q0 ; Q1 ; Q2 ; Q3 . Let Q0 and Q1 be two arbitrary 4-tuples. Then, Q2 and Q3 are determined as follows: Let U1 and U2 be arbitrary 2-tuple and 1-tuple, respectively. Then, we define Q2 U1 ; P1 and Q3 U2 ; P2 , where P1 and P2 are determined as follows: First, compute the check 2-tuple P1 Q0 W0 Q1 W1 U1 X2 mod M. Next, define
Thus, the code C is ns bits long and has h r m check bits. Denote dC as its minimum distance, then C is an ns; ns r m; dC code. Then, we have the following algorithm that is proven in Appendix A (which can be found on the Computer Society Digital Library at http:// computer.org/tc/archives.htm). Algorithm 1a. When r s, the two check tuples of a systematic version of the binary code C can be computed by ! n3 X r 6 Qi Wi U1 X mod M P1
i0
P2 Y2 F Y1 ;
VOL. 54,
NO. 1,
JANUARY 2005
where Wi 6 0; 1 and F is the encoder of C1 as defined in Remark 1.3. The tuples Y1 and Y2 are determined as follows: Let Y
n3 X i0
Qi U1 Xr P1 U2 Xm ;
which is an s-tuple that can be written as Y Y1 Xm Y2 Y1 ; Y2 , where Y1 and Y2 are an s m-tuple and an m-tuple, respectively. Remark 2. After P1 is computed, P2 is easily computed when C1 is one of the following four types of codes: The first two types of codes, given in 1 and 2 below, are very trivial, but they are used later in Section 3 to construct all the codes in Fig. 1. The next two types of codes, given in 3 and 4 below, are commonly used in practice for error control. 1. If m s, then C1 f0s g, which is an s; 0; d1 code, where the minimum distance d1 is undefined. This very trivial code is called a useless code because it carries no useful information. However, it can detect any number of errors, i.e., we can assign d1 1 for this particular code. Further, it can be shown that Theorem 1.2 remains valid when m s, i.e., dC 4 if C1 f0s g. Then, from Algorithm 1a, we have U2 0, F 0s , Y1 0, and P2 Y2 Y
n3 X i0 s
For example, let s 8, then a 1 and b 4 if r 12, whereas a 1 and b 8 if r 16. Thus, P1 can be stored in a 1 tuples: The first tuple is b bits and each of the next a tuples is s bits. Now, assume that information tuples Q0 ; Q1 ; . . . ; Qna3 ; U1 ; U2 are given, where each Qi is s bits, U1 is s b bits, and U2 is s m bits. We assume here that n a 3 ! 0 or n ! a 3, to avoid triviality. We wish to append two checks tuples P1 and P2 to Q0 ; Q1 ; . . . ; Qna3 ; U1 ; U2 so that Q0 ; Q1 ; . . . ; Qna3 ; U1 ; U2 ; P1 ; P2 becomes a codeword of a systematic ns; ns r m; dC code. Then, we have the following algorithm that is proven in Appendix A (which can be found on the Computer Society Digital Library at http://computer.org/tc/archives.htm). Algorithm 1b. When r > s, the two check tuples of a systematic version of the binary code C can be computed by ! na3 X r Qi Wi U1 X mod M and P2 Y2 F Y1 ; P1
i0
Qi U1 Xr P1 :
2.
If m 0, then C1 f0; 1g , which is an s; s; 1 code. This very trivial code is called a powerless code because it protects no information. From Algorithm 1a, we have Y2 0, F 0, Y1 Y
n3 X i0
where F is the encoder of C1 and Qi U1 Xr P1 U2 ; Wi 6 Xas ; Xa1s ; . . . ; Xs ; 1; 0: The tuples Y1 and Y2 are determined as follows: Define ! ! na3 a X X b Qi U1 X P10 P1i U2 Xm ; Y
i0 i1
3.
4.
and P2 0. If C1 is a systematic linear code with parity check matrix H1 AI, where A is an m s m matrix and I is the m m identity matrix, then F U UAtr , where tr denotes matrix transpose. Thus, P2 Y2 F Y1 Y2 Y1 Atr Y Htr . 1 If C1 is a CRC generated by a polynomial M1 of degree m, then F U UXm mod M1 (see Appendix B, which can be found on the Computer Society Digital Library at http://computer.org/ tc/archives.htm). Thus, P2 Y2 Y1 X m mod M1 Y1 Xm Y2 mod M1 Y mod M1 :
where P10 is a b-tuple and P11 ; . . . ; P1a are s-tuples that satisfy P1 P10 ; P11 ; . . . ; P1a . Then, Y is an s-tuple that can be written as Y Y1 X m Y2 Y1 ; Y2 , where Y1 and Y2 are an s m-tuple and an m-tuple, respectively. Example 2. Recall that C is an ns; ns r m; dC code that is constructed by either Algorithm 1a (if r s) or Algorithm 1b (if r > s). This code has h r m check bits. In this example, we assume that h 16 bits and we present different ways to construct the codes C. The results are shown in Fig. 2. For example, using Algorithm 1b, we can construct the code C with the following parameters: s 8, r 12, m 4, C1 8; 4; 4 code, a 1, and b 4 (a and b are not needed in Algorithm 1a). Assume that the number of s-tuples satisfies n 2r , i.e., the number of bits in each codeword
Algorithm 1a is for the case r s, where the check r-tuple P1 can be stored in a single s-tuple. Now, we consider the case r > s. Then, several s-tuples are needed to store the check r-tuple P1 . Because r > s, we can write r as b, where a ! 1 and 0 < b s.
5
n3 X i0 n3 X i0
is ns 2r s 215 . Then, the weighting polynomials Wi can be chosen to be distinct. From Remark 2.1, we have d1 ! 4. Then, from Theorem 1.2, all the codes C in Fig. 2 have minimum distance dC 4.
P1
Qi Wi mod M and P2
Qi P1 :
Thus, this special code C is the WSC presented in [4], [9]. It is shown in [3] that the WSC, when viewed as a code in GF2s , is equivalent to a lengthened single-error correcting Reed Solomon code (see also [8, p. 323]).
This section shows that the binary code C of Algorithm 1 is general in the sense that it includes all the codes in Fig. 1 and other codes as special cases. Recall that Algorithm 1s systematic version is either Algorithm 1a (if r s) or Algorithm 1b (if r > s), where r is the degree of the modulating polynomial M and s is the number of bits contained in each tuple Qi . The code C depends on the components such as the parameters r; m; s; n, the weights W0 ; W1 ; . . . ; Wn1 , and the code C1 . Thus, different components will produce different codes C. We now show that Algorithm 1 produces the codes in Fig. 1 by letting C1 be trivial codes such as s; s; 1) and f0s g defined in Remark 2. The algorithm also produces other linear and nonlinear codes (Sections 3.1, 3.6, and 3.8). Generally, codes of dC 4 require that n 2r and the weights W0 ; W1 ; . . . ; Wn1 in Algorithm 1 be distinct. Codes of dC 3 require that n 2r 1 and allow some of the weights to be repeated. Codes of dC 2 also allow some of the weights to be repeated, but do not restrict on the value of n, i.e., the code lengths can be arbitrary. The following codes are briefly presented because their detailed discussions can be found elsewhere [4], [5], [9], [14].
3.3 Block-Parity Code Suppose that r 0 and m s. Thus, by Remark 2.1, C1 f0s g, Qn2 U1 , P1 0 (because r 0), Y1 0, and U2 0 (because m s). Then,
Y2 Y
n3 X i0
Qi U1
n2 X i0
Qi :
Pn2 From (7) of Algorithm 1a, we have P2 Y i0 Qi . Thus, the resulting code C is the block-parity code presented in [4].
3.1 Binary Extended Perfect Code We now show that Algorithm 1 produces an extended perfect code if the code C1 is an extended perfect code. Suppose that C1 is a 2m1 ; 2m1 m; 4 extended perfect code (see [8, Chapter 6]), i.e., s 2m1 and d1 4. Let n 2r and h r m, then the code C has ns 2rm1 2h1 bits. Then, dC 4 by Theorem 1.2 and C is a 2h1 ; 2h1 h; 4 extended perfect code. Note that deleting a check bit from an extended perfect code will yield a perfect code, while adding an overall even parity bit to a perfect code will yield an extended perfect code. Algorithms 1a and 1b can be further generalized to include the extended perfect code of [15] as follows: Recall that P1 , P2 , and Y1 are the check r-tuple, check m-tuple, and s m-tuple, respectively, which are computed from Algorithms 1a or 1b. Let E: be any function from the set of s m-tuples to the set of r-tuples. Now, define the new check r-tuple and check m-tuple by
P1 P1 EY1 and P2 P2 even parity of EY1 :
3.4 Cyclic Redundancy Code (CRC) Consider an h-bit CRC that is q bits long and is generated by a polynomial M. Suppose that q and h can be written as q x n 1s and h as b, where n ! 1, 0 x s, a ! 0, and 0 < b s (see Appendix B, which can be found on the Computer Society Digital Library at http://computer.org/ tc/archives.htm). Then, it is shown in Remark B1 that the CRC check tuple is ! na2 X r P Qi Wi U1 X mod M;
i0
where Wi X mod M, i 0; 1; . . . ; n a 2. Further, we show in Remark B1 that the weighting polynomials Wi are distinct and Wi 6 0; 1; Xs ; . . . ; X as , provided that q 2h1 1 and M is the product of X 1 and a primitive polynomial of degree h 1. Now, consider the code C that has the same length and the same weighting polynomials as the above CRC. Let r h and m 0. Then, P2 0 by Remark 2.2 and P1 P by Algorithm 1a (if r s) or by Algorithm 1b (if r > s). Thus, this particular code C is identical to the above CRC. So, any CRC can be generated by either Algorithm 1a or Algorithm 1b, i.e., by Algorithm 1. Remark 3. To construct other codes (such as CXOR checksum and nonbinary Hamming codes), we need to modify (3) by deleting Qn2 from the summation, but (2) remains unchanged. That is, (3) is replaced by ! n3 X Qi Qn1 2 C1 : 9
i0
n1is
Then, it can be shown that, if C1 is an extended perfect code and n 2r , then the resulting code C whose check tuples are P1 and P2 is also an extended perfect code. Further, when r 1, this extended perfect code becomes the extended perfect code that is obtained from the systematic perfect code of [15].
Then, Algorithm 1a remains valid if we define Y Pn3 m because the term Qn2 U1 Xr P1 is i0 Qi U2 X absent from (9).
3.2 Weighted Sum Code (WSC) Consider the code C for the special case s r m. By Remark 2.1, we have C1 f0s g, U1 0, U2 0, Y1 0, and P Y2 Y n3 Qi P1 . From (6) and (7) of Algorithm 1a, i0 we have
3.5 CXOR Checksum Suppose now that we allow some of the polynomials W0 ; W1 ; . . . ; Wn1 in (2) to be repeated and we use Algorithm 1a along with variation (9). Let r s m, M X s 1, and Wi X i mod M. It can be shown that Wis Wi for all i ! 1, i.e., some of the weighting
VOL. 54,
NO. 1,
JANUARY 2005
polynomials may repeat. Then, C1 f0s g (because m s), U1 0 (because r s), and U2 Y1 0 (because m s). P From (6) and (7), we have P1 n3 Qi Xi mod Xs 1 i0 Pn3 a nd P2 Y2 Y i0 Qi ( s e e R e m a r k 2 .1 a n d Remark 3). Thus, the resulting code C is the CXOR checksum presented in [4].
4;096; 4;080; 4 nonlinear code that is twice as long as the linear code in 1.
OF
ERROR-DETECTION
3.6 Nonbinary Perfect Code Suppose that Algorithm 1a along with variation (9) is applied with r s m and n 2m 1. Let M be a primitive polynomial of degree m and let
W0 ; W1 ; . . . ; Wn3 be distinct and nonzero polynomials. Then, C1 f0s g, P2m 2 Pm P1 i0 Qi Wi mod M, and P2 2 2 Qi . It then can i0 be shown that P1 and P2 are two check tuples of the nonbinary Hamming perfect code over GF2m (see [8, Chapter 6]), i.e., the tuples Q0 ; Q1 ; . . . ; Q2m 2 ; P1 ; P2 form the codewords of the Hamming perfect code over GF2m .
3.7
Ones-Complement Checksum and Fletcher Checksum The above codes are constructed using polynomial arithmetic because each tuple is considered as a polynomial over the binary field f0; 1g. An alternative is to consider each tuple as an integer and to use the rules of (onescomplement) integer arithmetic to manipulate the code construction. If we apply the integer arithmetic to the construction of the block-parity code and to the nonbinary perfect code, we will get the ones-complement checksum and Fletcher checksum, respectively. However, these integer-based codes are often weaker than their binary polynomial counterparts (see Fig. 1). See [4], [5], [9] for definitions and performance comparisons of error-detection codes, including the ones-complement and Fletcher checksums. Thus, the integer-arithmetic version of Algorithm 1a, along with variation (9), also produces the ones-complement and Fletcher checksums. We will not discuss these checksums and integer-based codes any further because they are often weaker than their polynomial counterparts and their analyses can be found elsewhere (e.g., [5], [14]). 3.8 Other Error-Detection Codes Recall from Algorithms 1a and 1b that the ns; ns r m; dC code C is constructed from an s; s m; d1 code C1 . Thus, by varying C1 , different codes C are produced. Further, C is nonlinear if C1 is nonlinear. Thus far, the codes C are constructed from the codes C1 that are either extended perfect codes or trivial codes f0s g and s; s; 1. Now, we construct the codes C from the codes C1 that are neither perfect nor trivial. In both instances below, we assume that s r m 16, n 2r with r 7 or 8, and d1 6, so that dC 4 by Theorem 1.2.
1. Suppose that C1 is the extended 16; 7; 6 linear BCH code (see [8], Chapter 3) and r 7. Then, ns 2r s 2;048 and the resulting code C is a 2;048; 2;032; 4 linear code. Suppose that C1 is the extended 16; 8; 6 nonlinear Nordstrom-Robinson code (see [8, p. 73]) and r 8. T h e n , ns 2r s 4;096, a n d C i s a
Recall from Algorithm 1 that r is the degree of the modulating polynomial M and s is the number of bits contained in each tuple Qi . Algorithm 1 produces a large family of error-detection codes because its systematic versions (either Algorithm 1a when r s or Algorithm 1b when r > s) generate all the codes presented in Section 3. So far, the discussion is abstract and general to facilitate the development of mathematical properties of our algorithms. In this section, we focus on the practical aspect of these algorithms, i.e., we now discuss how some codes generated by these algorithms can be efficiently implemented in software. Then, we compare the complexity of our algorithms with that of the CRC algorithm (the strongest code in Fig. 1). In theory, the fundamental unit for digital data is bit. In practice, however, communication protocols and computers often process data as blocks of bits or tuples (e.g., bytes or words) and not as individual bits at a time. For example, on familiar 32-bit computers, the modulo-2 addition of two 32-bit numbers can be accomplished by a single XOR operation (using C programming language). Thus, efficient error-detection codes should also be processed in terms of tuples at a time, i.e., each ns-bit codeword is expressed in terms of n tuples, s bits each. In parallel to Algorithm 1a and Algorithm 1b, now we develop two fast algorithms: Algorithm 2a for r s and Algorithm 2b for r > s. Although Algorithms 1a and 1b can produce CRCs and many other codes (see Section 3), the two fast algorithms produce only non-CRC codes that are shown later in Section 4.1 to be faster than CRCs by the factor Os. Now, suppose that information tuples Q0 ; Q1 ; . . . ; Qn3 ; U1 ; U2 are given. Let r, s, and m be such that r s and n 2r . Assume that each Qi is s bits, U1 is s r bits, and U2 is s m bits. From the following algorithm, we can compute the two check tuples P1 and P2 that are appended to the information tuples such that the resulting code C has minimum distance dC 4. Algorithm 2a. Let r s and n 2r . Let M be a primitive polynomial of degree r and let F be the encoder of an s; s m; d1 code with d1 ! 4. Then, the resulting code C is an ns; ns r m; 4 code and each of its codewords is Q0 ; Q1 ; . . . ; Qn3 ; U1 ; U2 ; P1 ; P2 . The two check tuples are computed by P1 Z U1 Xr mod M and P2 Y2 F Y1 ; P where Z n3 Qi Xn2i mod MXsr . The tuples Y1 and i0 Y2 are defined as in Algorithm 1a, i.e., they satisfy P Y1 ; Y2 Y1 Xm Y2 Y n3 Qi U1 Xr P1 U2 Xm . i0 Proof. Define Wi X n2i mod M, i 0; 1; . . . ; n 3. Then, Wi 6 0; 1 and W0 ; W1 ; . . . ; Wn3 are distinct because M is a primitive polynomial of degree r and n 2r . Let C1 be the s; s m; d1 code with the encoder F . Now, using
2.
these Wi and C1 in Algorithm 1a, we can construct the code C whose two check tuples are given by ! n3 X r Qi Wi U1 X mod M and P2 Y2 F Y1 : P1
i0
Because d1 ! 4, dC 4 by Theorem 1.2. Next, the new form of P1 is derived as follows: First, note that Xsr Wi Xsr Xn2i mod MXsr : Multiplying P1 by X sr , we have ! n3 X sr r Qi Wi U1 X Xsr mod MXsr : P1 X
i0
10
11
From (10), (11), the definition of Z, and some modular algebra manipulation, it can be shown that P1 X sr Xsr Z U1 X r Xsr mod MXsr . Thus, P1 Xsr Z U1 X r mod MXsr : From (12), we have P1 Z U1 X mod M.
r
12 u t
Fig. 3. Pseudocode for Algorithm 2a. Here, Qi , U1 , and U2 are input information tuples, P is the output check tuple.
Remark 4. Let I and J be two binary polynomials of degrees i and j, respectively. In general, it is rather tedious to compute I mod J. However, when i j, the computation becomes easy and is accomplished in constant time because & I if i < j I mod J I J if i j: This simple fact is used to efficiently compute Z Pn3 n2i mod MXsr in Algorithm 2a, as follows: i0 Qi X Using Horners rule, we have Z . . . Q0 X mod N Q1 X mod N . . . Qn3 mod N; where N MXsr . Then, Z can be recursively computed from the polynomials Ti defined by T0 Q0 a n d Ti Ti1 X mod N Qi , i 1; . . . ; n 3. Because s deg N ! degTi1 X, each Ti is computed in constant time, i.e., with O1 complexity. Finally, we have Z Tn3 X mod N. Thus, Z has computational complexity On. Horners rule is also used to efficiently encode the WSC [4], [9]. Fig. 3 shows a simple software implementation of Algorithm 2a. The input data are Q0 ; Q1 ; . . . ; Qn3 ; U1 ; U2 . The output is the check tuple P P1 ; P2 . The for loop is used to compute both Y and T . Computation of Y requires only one XOR operation, while T can be efficiently computed via Remark 4 because deg N ! degT X. Then, the final value of T is used to compute Z, i.e., Z T X mod N. Now, we consider a fast version of Algorithm 1b for constructing the code C. In this case, r > s, i.e., r as b, where a ! 1 and 0 < b s. Assume that information tuples Q0 ; Q1 ; . . . ; Qna3 ; U1 ; U2 are given, where each Qi is s bits, U1 is s b bits, and U2 is s m bits. We wish to append two checks tuples P1 and P2 to the information tuples so that Q0 ; Q1 ; . . . ; Qna3 ; U1 ; U2 ; P1 ; P2 is a codeword of the code C. Before stating the algorithm, we need some preliminary results.
Remark 5. Algorithm 2b, which will be discussed shortly, requires operations on new tuples Q ; Q ; . . . ; Q 0 1 n3 that are defined from the original tuples Q0 ; Q1 ; . . . ; Qna3 as follows: First, let U f0; 1; . . . ; n 4; n 3g, then we partition the set U into four sets P, Q, X, and Y: P fi : 0 i n 3 a; i n 2 js for some j; 1 j ag; Q fi : 0 i n 3 a; i 6 n 2 js for all j; 1 j ag; X fi : n 3 a < i n 3; i n 2 js for some j; 1 j ag; Y fi : n 3 a < i n 3; i 6 n 2 js for all j; 1 j ag: Because jPj jXj a and a jXj jYj, we have jPj jYj. Let p jPj, then Y has at least p elements. So, let Y be the set of p smallest elements of Y, i.e., Y ff1 ; f2 ; . . . ; fp g. S i m i l a r l y , w e c a n w r i t e P fe1 ; e2 ; . . . ; ep g. Finally, we can define the new tuples Q ; Q ; . . . ; Q from Q0 ; Q1 ; . . . ; Qna3 as follows: 0 1 n3 8 if i 2 P [ X <0 Q Qi if i 2 Q i : 0 if p < i n 3; and Qi Qei if 1 f i p.
Remark 6. Now, assume that s ! a 1 and n ! 2 as, we will show that these conditions will simplify the definition of Q (given in Remark 5). It can be i shown from these conditions that 0 n 2 js n 3 a for all 1 j a. Then, from Remark 5, we have p jPj a, jXj 0, jYj a, and Y Y. We also have Y fn 2 j; j a; a 1; . . . ; 1g and P fn 2 js; j a; a 1; . . . ; 1g. Note that fi n 2 a 1 i and ei n 2 a 1 is, 1 i a. T h u s , Qi Qei i f f Q f n2a1i Qn2a1is i f f Qn2js . Finally, from Remark 5, we have Q n2js
VOL. 54,
NO. 1,
JANUARY 2005
a; 0
n 3 a;
Basically, Q ; Q ; . . . ; Q 0 1 n3 are obtained by moving some a tuples of Q0 ; Q1 ; . . . ; Qna3 to the right and then by filling the a removed tuples by zeros. Now, P define Z n3 Q Xn2i mod M, which is a key i i0 quantity in the following algorithm. This simplified definition of Q makes it possible to calculate Z directly i from Qi (i.e., without using Q ). That is, we first modify i Qi using the following pseudocode: for1 for1 j j aQn2j Qn2js ; aQn2js 0;
then we can compute Z directly from the modified Qi as P Z n3 Qi Xn2i mod M. i0 Now, we have the following algorithm that is proven in Appendix A (which can be found on the Computer Society Digital Library at http://computer.org/tc/archives.htm). Algorithm 2b. Suppose that r > s and n 2r . Let M be a primitive polynomial of degree r and let F be the encoder of an s; s m; d1 code with d1 ! 4. Then, the two check tuples of the code C are computed by P1 Z U1 Xr mod M and P2 Y2 F Y1 ; P where Z n3 Q X n2i mod M and Q are defined in i i i0 Remark 5 (or in Remark 6 if applicable). The tuples Y1 and Y2 are defined as in Algorithm 1b, i.e., they satisfy Y1 ; Y2 Y1 X m Y2 Y ! na3 X Qi U1 X b P10
i0
Fig. 4. Pseudocode for Algorithm 2b. Here, Qi , U1 , and U2 are input information tuples, P is the output check tuple.
In this example, a 1, s 8, and n is the total number of bytes in a codeword of the code C. If we assume further that n ! 10, then the hypotheses of Remark 6 are satisfied, i.e., s ! a 1 and n ! 2 as. Thus, by Remark 6, we can modify the Qi by first setting Qn3 Qn10 and then setting Qn10 0. Then, the modified information tuples are Q0 ; Q1 ; . . . ; Qn11 ; Qn10 ; Qn9 ; . . . ; Qn4 ; Qn3 ; U1 ; U2 : Then, as in Algorithm 2a, we can efficiently compute P the quantity Z n3 Qi X n2i mod M, which is i0 shown in Fig. 4. Remark 7. 1. Given r and s, either Algorithm 2a or Algorithm 2b can be used to construct the code C that is ns bits long, where 1 n 2r . The values of r and s can be as small as 0 and 1, respectively. However, the resulting code C can be trivial, e.g., if r 0, then n 1 and C C1 . If r 0, s 1, and C1 f0g, then C C1 f0g. If s 1, C1 f0g, r 1, and n 2r 2, then C f0; 0g. However, when s 1, C1 f0g, r ! 2, and n ! 4, the resulting code C can be nontrivial and each codeword of C now has ns n bits. In particular, from Algorithm 2b, it can be shown that the two check tuples of an n-bit codeword are P1 Z and P2
na3 X i0
a X i1
! P1i U2 Xm ;
where P10 is a b-tuple, and P11 ; . . . ; P1a are s-tuples that satisfy P1 P10 ; P11 ; . . . ; P1a . Further, C is an ns; ns r m; 4 code. Fig. 4 shows a software implementation of Algorithm 2b under the assumption that s ! a 1 and n ! 2 as as required in Remark 6. The input data are Q0 ; Q1 ; . . . ; Qna3 ; U1 ; U2 . The output is the check tuple P P1 ; P2 . Note that, as in Algorithm 2a (see Remark 4), the tuple Z in Algorithm 2b can also be computed in time On. Example 3. Here, we construct the code C for the case r > s, with s 8 and r 12. Let m 4, then the total number of check bits is h r m 16. Because r > s, we can w r i t e r as b w i t h a 1 a n d b 4. L e t Q0 ; Q1 ; . . . ; Qn4 ; U1 ; U2 be information tuples, where each Qi is an 8-tuple, U1 and U2 are 4-tuples, which can be combined into a single 8-tuple U1 ; U2 . We wish to append a check 16-tuple P1 ; P2 to the information tuples so that Q0 ; Q1 ; . . . ; Qn4 ; U1 ; U2 ; P1 ; P2 forms a codeword of the code C, which is an 8n; 8n 16; 4 code. Here, we let F be the encoder of the 8; 4; 4) extended Hamming code. The resulting code C can have length up to 2h1 215 bits (see Section 3.1).
Qi
a X i0
P1i ;
i.e., P2 is the even parity bit computed from the first n 1 bits of the codeword of C. For example, if r 2 and n 2r 4, then C is the 4; 1; 4 repetition code. This 4; 1; 4 code is also constructed from Algorithm 2a with r 1, n 2r 2, s 2, and C1 f0; 0g.
2.
3.
Let r 1, then M X 1. Thus, the code C is 2s b i t s l o n g ( b y A l g o r i t h m 2 a ) a n d P1 U1 X mod X 1, which is the even parity of U1 . For example, let C1 be the 4; 1; 4 code, then we can construct the code C of length 8, which is the 8; 4; 4 extended Hamming code. If we set C1 8; 4; 4 code, then we can construct the code C of length 16, i.e., C 16; 11; 4 code. Repeating this process, we can construct 32; 26; 4 and 64; 57; 4 codes. This method is related to the scheme of [15] and is effective to construct codes that are small enough to fit into the computer words. Let r ! 0, s ! 1, C1 s; s m; d1 with d1 ! 4, and h r m. Then, using either Algorithm 2a (if r s) or Algorithm 2b (if r > s), we can construct the code C that is an ns; ns h; 4 code. In particular, if n 2r , then C is a 2r s; 2r s h; 4 code. That is, starting from a code C1 of length s, we can construct the code C of length 2r s. Further, if C1 is a 2m1 ; 2m1 m; 4 extended perfect code, then C is a 2h1 ; 2h1 h; 4 extended perfect code. If C1 is a linear perfect code, then C is also a linear perfect code. This linear perfect code C and the extended Hamming perfect code of length 2h1 are equivalent, i.e., one code can be obtained from the other code by reordering the bit positions and adding a constant vector (see [8, p. 39]). Equivalent codes have the same minimum distance and length, but their implementation complexity can be very different. However, our algorithms can also generate fast codes that are different from the perfect codes. For example, in Algorithm 2a, let s 16 and let F be the encoder of the extended 16; 8; 6 nonlinear Nordstrom-Robinson code (see also Section 3.8). Then, the resulting code C is a nonlinear code with dC 4, which is not equivalent to any extended perfect codes.
polynomials. Then, it is shown in Remark B3(a) that the generic CRC algorithm has time complexity Ons. For some specific generating polynomials whose nonzero terms satisfy certain desirable properties, alternative algorithms (such as shift and add [4] and on-the-fly [11]) may have lower complexity. When s is considered as a constant, we have Ons On. Thus, from a purely theoretical viewpoint, both the CRC and the code C have the same level of complexity. However, the extra factor s does not appear in the time complexity of the code C, i.e., the code C is approximately faster than the CRC by the factor Os. We will show later, in Remark 8.1, that Os % 0:73s when these error-detection codes are implemented in C programming language. Example 4. Here, we study codes of h 16 check bits (other values of h are discussed later in Remark 8.1). Assume that C1 is the s; s m; 4 extended Hamming code and the resulting code C is constructed by Algorithm 2a or Algorithm 2b. Thus, both the CRC and the code C have minimum distance d 4 and the maximum code lengths of the code C and of the CRC are 215 and 215 1 % 215 bits, respectively (see also Remark 7.3). Thus, in terms of the minimum distance and maximum code length, the code C and the CRC perform almost identically. Our goal here is to compare the software complexity of these two codes. Software complexity refers to the number of software operations to process one byte of a codeword. Here, a code is called faster if it has lower operation count. Simply stated, we write software programs (in C programming language) for the code C and the CRC. Then, we count the number of software operations needed by each code to encode one byte of a codeword. Computer programs for these codes and the rules for counting the operations are given in Appendix D (which can be found on the Computer Society Digital Library at http://computer.org/tc/archives.htm). Recall that a typical codeword consists of n tuples, each tuple has s bits. Let tC s; n and tCRC s; n be the software operation count required to compute the h 16 check bits for a codeword of the code C and of the CRC, respectively. Then, from (29) of Appendix D (which can be found on the Computer Society Digital Library at http://computer.org/tc/archives.htm), we have tC s; n 7:5n fs; where f8 33:5, f16 51, f32 165:5, and f64 372. From Algorithms 2a and 2b, the two check tuples are given by P1 Z U1 X r mod M and P2 Y2 F Y1 . The first component of tC s; n is 7:5n and represents the cost of computing Z and Y Y1 ; Y2 , while the second component fs is the cost of computing Z U1 Xr mod M and Y2 F Y1 . The first component varies as a linear function of the tuple count n, while the second component fs depends only on the tuple size s and not on n. Thus, fs is a transient component whose contribution becomes negligible for large n. For the CRC, from (30) of Appendix D (which can be found on the Computer Society Digital Library at http:// computer.org/tc/archives.htm), we have
4.1 Software Complexity Now, we compare software complexity between the code C and the CRC (the strongest code in Fig. 1). Here, we focus on implementations that require no table lookup. Tablelookup methods are discussed later in Remark 8.2 Suppose that s ! r. Then, the binary code C of length ns bits can be constructed using Algorithm 2a whose complexity is dominated by the computation of Z and Y , which can be computed by the for-loop in Fig. 3. Within this for-loop, the expression T T X mod N Qi is computed in constant time (by Remark 4), while the expression Y Y Qi is computed by one XOR operation. Thus, this forloop has complexity On. Hence, the time complexity of the code C is also On. Similarly, when s < r, the code C under Algorithm 2b also has time complexity On (see Fig. 4). In summary, regardless of s ! r or s < r, the code C of length ns can be encoded with time complexity On. Now, consider the CRC that also has length ns bits. Here, we limit our discussions to a generic CRC algorithm, i.e., a general algorithm that is applicable to all generating
10
VOL. 54,
NO. 1,
JANUARY 2005
Fig. 5. Operation count per byte of the CRC, operation count per byte of the code C, and the ratio of the above two numbers.
tCRC s; n 5:5ns 3n gs; where g8 52, g16 93, g32 g64 90. For example, let s 8 and n 64, i.e., ns 29 512 bits. Then, tC 8; 64 7:564 33:5 513:5, i.e., the code C needs 513.5 operations to process 512 bits. Thus, the o pe r a t io n c ou n t p e r b y t e o f t h e c od e C is 8513:5=512 8:02. Similarly, it can be shown that the operation count per byte of the CRC is 46.2. Then, the ratio of the byte operation counts of the CRC and the code C is 46:2=8:02 5:76, i.e., the code C is 5.76 times faster than the CRC. The triplet 46:2; 8:02; 5:76 for the pair s; ns 8; 29 is recorded in the left top part of Fig. 5. Triplets for other pairs s; ns are similarly obtained. The results for software complexity of these two codes are summarized in Fig. 5, where n is the total number of s-tuples in a codeword, i.e., the total codeword length is ns bits. Here, we consider a wide range of codeword lengths: from 29 to 215 bits (i.e., from 64 to 4,096 bytes). Each cell has three numbers: The first number is the operation count per byte of the CRC, the second number is the operation count per byte of the code C, the third number is the ratio of the above two numbers and represents the speed improvement of the code C compared to the CRC. From Fig. 5, as expected, the byte operation count of the CRC slightly decreases when s increases because processing of larger tuples reduces loop overhead. The CRCs operation count also slightly decreases with decreasing n due to the negative term gs) in tCRC s; n. Note that the operation count of the CRC varies only slightly over a wide range of the tuple size s and of the codeword length ns. In contrast, the operation count of the code C varies much more as a function of s and ns. Further, for each tuple size s, the code C is faster for longer codeword length ns. This is desirable because speed is more important for longer messages. The reason for the speed variation of the code C is the contribution from the transient term fs to the code overall speed. This contribution is noticeable (negligible) if the codewords are short (long). For smaller tuple size s (such as s 8 and 16), the transient term is smaller. Thus, the
overall speed variation (as a function of ns) of the code C is also smaller. For larger s (such as s 32 and 64), the transient term is greater, resulting in more speed variation (as a function of ns) for the code C. From Fig. 5, the code C is substantially faster than the CRC, especially for the tuple size s 32 or 64 bits and the code length ns ! 213 bits 1;024 bytes. In particular, if the code length is ns 215 bits 4;096 bytes, then the code C is 23.4 and 43.1 times faster than the CRC when s is 32 and 64 bits, respectively. Remark 8. 1. In Example 4, we derive the operation count expressions tC s; n and tCRC s; n for the special case h 16 check bits (when the codes are implemented in C programming language). There, we also assume that the code C1 used in the construction of the code C is the extended Hamming code of length s. No such C1 code is needed for the CRC. However, from Figs. 3 and 4, the same expressions also hold true for other values of h and for other codes C1 , but with different transient terms that are now denoted as fs; h; C1 and gs; h to reflect the their dependency on s, h, and C1 . Thus, in general, the software operation counts required to compute the h check bits for a codeword (which consists of n tuples, each tuple is s bits) of these two codes are: tC s; n; h; C1 7:5n fs; h; C1 tCRC s; n; h 5:5ns 3n gs; h; where the transient terms fs; h; C1 and gs; h are independent of n and their contributions become negligible when n is large enough. Thus, for large n, we have tCRC s; n; h 5:5ns 3n 5:5ns % 0:73s; % tC s; n; h; C1 7:5n 7:5n which is an estimate of the speed improvement of the code C compared to the CRC. Again, for large n, the code C needs approximately 7.5 operations to process one s-tuple or 60=s operations per byte. Recall that, in general, the code C is faster than the CRC by the factor Os. Thus, we have Os % 0:73s when these error-detection codes are implemented in C programming language. In Fig. 5, we show, without using table lookup, the speed performance of the code C and the CRC, with h 16 check bits. Now, we discuss table-lookup implementations for the same codes. For concreteness, here we assume that each tuple
2.
11
Qi has size s 8 bits, as is often used in tablelookup implementations of common CRCs. Larger values of s can be similarly handled, but they result in much larger table sizes. The results are shown in Fig. 6 (whose detailed derivation is given in Appendix D.1, which can be found on the Computer Society Digital Library at http:// computer.org/tc/archives.htm). Note that, because s 8 is a small value, the transient terms fs; h; C1 and gs; h are also small compared to the code overall operation counts. Thus, we estimate the overall operation counts by omitting these transient terms. In particular, the second column shows that, without using table lookup, the code C and the CRC use 7.5 and 47 operations per byte, respectively. The exact values, which vary from 7.51 to 8.02 (for the code C) and from 46.2 to 47 (for the CRC), are recorded in Fig. 5. The estimated operation counts and table sizes are shown in Fig. 6. As expected, the operation counts become smaller at the cost of larger tables.
fast versions of perfect codes). We compare the computational complexity of these CRCs and non-CRC codes using methods that require no table lookup. For long messages, the non-CRC codes can be faster than the CRCs by the factor Os. Further, Os % 0:73s when these codes are implemented in C programming language. Finally, with the use of table lookup, the operation counts are reduced at the cost of precomputed tables.
ACKNOWLEDGMENTS
This work was supported in part by the US Office of Naval Research.
REFERENCES
[1] [2] [3] [4] D. Bertsekas and R. Gallager, Data Networks, second ed. Englewood Cliffs, N.J.: Prentice Hall, 1992. A. Binstock and J. Rex, Practical Algorithms for Programmers. Reading, Mass.: Addison-Wesley, 1995. P. Farkas, Comments on Weighted Sum Codes for Error Detection and Their Comparison with Existing Codes, IEEE/ ACM Trans. Networking, vol. 3, no. 2, pp. 222-223, Apr. 1995. D.C. Feldmeier, Fast Software Implementation of Error Detection Codes, IEEE/ACM Trans. Networking, vol. 3, no. 6, pp. 640-651, Dec. 1995. J.G. Fletcher, An Arithmetic Checksum for Serial Transmissions, IEEE Trans. Comm., vol. 30, pp. 247-252, Jan. 1982. J.G. Fletcher, ACM Computing Rev., vol. 36, no. 1, p. 66, Jan. 1995. T. Klove and V. Korzhik, Error Detecting Codes: General Theory and Their Application in Feedback Communication Systems. Kluwer Academic, 1995. F.J. MacWilliams and N.J. A. Sloan, The Theory of Error-Correcting Codes. New York: North-Holland, 1977. A.J. McAuley, Weighted Sum Codes for Error Detection and Their Comparison with Existing Codes, IEEE/ ACM Trans. Networking, vol. 2, no. 1, pp. 16-22, Feb. 1994. G.D. Nguyen, A General Class of Error-Detection Codes, Proc. 32nd Conf. Information Sciences and Systems, pp. 451-453, Mar. 1998. A. Perez, Byte-Wise CRC Calculations, IEEE Micro, vol. 3, pp. 4050, June 1983. T.V. Ramabadran and S.S. Gaitonde, A Tutorial on CRC Computations, IEEE Micro, vol. 8, pp. 62-75, Aug. 1988. D.V. Sarwate, Computation of Cyclic Redundancy Checks via Table-Lookup, Comm. ACM, vol. 31, no. 8, pp. 1008-1013, Aug. 1988. J. Stone, M. Greenwald, C. Partridge, and J. Hughes, Performance of Checksums and CRCs over Real Data, IEEE/ACM Trans. Networking, vol. 6, no. 5, pp. 529-543, Oct. 1998. J.L. Vasilev, On Nongroup Close-Packed Codes (in Russian), Problemi Cybernetica, vol. 8, pp. 337-339, 1962. Gam D. Nguyen received the PhD in electrical engineering from the University of Maryland, College Park, in 1990. He has been at the US Naval Research Laboratory, Washington, DC, since 1991. His research interests include communication systems and networks.
SUMMARY
AND
CONCLUSIONS
[5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15]
We develop Algorithm 1 for generating a large and general family of binary error-detection codes. This algorithm has two key parameters, s and r, where s is the size of each tuple and r is the degree of the modulating polynomial M. Algorithm 1 is expressed in general and abstract form to facilitate the mathematical development of the resulting code C. Error-detection codes used in practice are often systematic. Thus, Algorithm 1 is transformed into systematic versions to yield Algorithm 1a (if r s) and Algorithm 1b (if r > s). A variety of error-detection codes (such as CRCs, checksums, and other codes listed in Fig. 1) are developed over the years for applications that require reliable communication or storage. These codes are traditionally considered as unrelated and independent of each other. They also differ considerably in performance and complexity. More complex codes such as CRCs are stronger codes (with minimum distance d 4), whereas simple checksums such as block-parity codes are weaker codes (with d 2). In Section 3, we show that all these diverse codes (from CRCs to checksums), as well as other linear and nonlinear codes, are special cases of Algorithm 1. Thus, these seemingly unrelated codes, which are independently developed over many years, come from a single algorithm. From Fig. 1, CRCs have the best error-detection capability, but introduce the longest encoding delay. In this paper, we then introduce some non-CRC codes that have good error-detection capabilities as well as fast encoding. In Section 4, we present Algorithm 2a (for r s) and Algorithm 2b (for r > s), which are fast versions of Algorithm 1a and Algorithm 1b, respectively. These two fast algorithms produce only non-CRC codes. Further, some of these non-CRC codes are not only fast but also reliable. To achieve the minimum distance 4 using h check bits, CRC length can be up to 2h1 1 bits, while the length of some non-CRC codes can be up to 2h1 bits (i.e., they are
. For more information on this or any other computing topic, please visit our Digital Library at www.computer.org/publications/dlib.