Proof of Cyclic Redundancy Check validity

Question

I'm looking to understand the use of a Cyclic Redundancy Check, in combination with the mathematics behind it.

So far I have

1) For any message $$M(x)\cdot x^n = Q(x)G(x) + R(x)$$ Where $Q(x)$ is the discarded quotient, $G(x)$ is a predetermined _generator and $R(x)$ is the remainder. Or more succinctly, we can divide our message by any arbitrary generator and generate a quotient and remainder.

2) By doing modulo-2 division, we can find $R(x)$ which is effectively the operation $$R(x) = M(x)\cdot x^n\mod G(x)$$ 3) Finally $R(x)$ is appended to $M(x)$ to create the transmitted message.

Everywhere I read, it stated that this appendation is equivalent to $M(x)\cdot x^n - R(x) = Q(x)G(x)$, which, at the receiving end when again divided by generator $G(x)$, will give a remainder zero.

However I can't anywhere find this equivalency shown anywhere! Could somebody please demonstrate/show why appending $R(x)$ to the end of $M(x)$ has this equivalence?

Thanks very much!

EDIT

In the link provided by in the comment - I see how this both overviews how CRC checking works, and how a receiver decodes using a CRC-16 code. However it doesn't enlighten me on how it can be guaranteed that adding the remainder to the message guarantees the transmission (if correct) is a factor of the generator, as I have described above.

The accepted answer here should be useful: http://math.stackexchange.com/questions/1415048/whether-the-code-produced-by-crc-is-a-cyclic-code — leonbloy, Jun 03 '16 at 20:08
Does it not just explains how CRC is implemented - not answering my question? Unless I'm overlooking/misunderstanding something? — davidhood2, Jun 04 '16 at 08:58
$G(x)$ is should be called the generator. All the polynomials $Q(x)G(x)$ are codewords, i.e. words of the cyclic code generated by $G(x)$. — Jyrki Lahtonen, Jun 04 '16 at 19:01
See this other accepted answer which even has a "graphic" display of how the bits in $M(x)x^n - R(x)$ don't overlap etc. — Dilip Sarwate, Jun 06 '16 at 13:22

score 2 · Accepted Answer · edited Apr 13 '17 at 12:20

I believe your doubt is not really related to CRC but with cyclic codes (on which CRC are based), more specifically with the construction of systematic cyclic codes. This is explained in any textboox. Here's a summary.

A binary $(n,k)$ cyclic code has $2^k$ codewords, they correspond to a binary polynomial $c(X)$ of degree less than $n$. A particular code is specified by a generator polynomial $g(X)$, which must be of degree $n-k$ and must be a factor of $X^n+1$.

The direct (non-systematic) coding is then $$c(X)=m(X)g(X) \tag{1}$$ where $m(X)$ represents the raw message (as a polynomial of degree less than $k$). The decoding is done by dividing the received message $r(X)=c(X)+e(X)$ by the generator $g(X)$ and looking at the remainder $s(X)$ ("syndrome", degree less than $n-k$) :

$$r(X)=g(X)q(X)+s(X) \tag{2}$$

If there were no errors ($e(X)=0)$ then the $s(X)=0$

An slightly different procedure produces a systematic coding. Here, to code, we compute the remainder of $X^{n-k}m(X)$ divided by $g(X)$:

$$ X^{n-k}m(X)=q(X)g(X)+p(X) \tag{3}$$

or, equivalently

$$ X^{n-k}m(X)+p(X)=q(X)g(X) \tag{4}$$

Because the left side is a multiple of $g(X)$, that must be one of the codewords of our cyclic code (equivalent to the previous one; but, mind you, it's not the same: it has the same codewords, but mapped to different input messsages). This code has the nice property of being the concatenation of the original raw message $m(X)$ shifted $n-k$ positions, and the "parity polynomial" $p(x)$ (degree less than $n-k$).

So, at the end you trasmit $c(X)= X^{n-k}m(X)+p(X)$, i.e. the sum (which here amounts to a concatenation) of the raw message shifted $n-k$ positions and the remainder $p(X)$.

The decoding is the same as before: just compute the remainder of the division by $g(x)$.

CRCs are essentially systematic cyclic codes, in which the parity length $n-k$ is relatively small (typically 16 or 32) and $n$ is large (say $n=2^{15}-1=32767$); however, one does not usually code the full length block, but a smaller message of arbitrary length, to which the computed parity bits will be appended. As explained here, this is mathematically equivalent to assuming that the unused bits of the total block are zero.

score 1 · Answer 2 · answered Jun 04 '16 at 13:56

It might be simpler than that, but without knowing exactly what pictures you have in your head, I can't be 100% sure. I think it is a question of remembering that concatenation is essentially multiplication by $x^n$.

You take

$$R(x) = M(x)\cdot x^n\mod G(x)$$

You say that you "append" $R(x)$ to $M(x)$, which is to say that you calculate

$$RM(x) = (M(x)\cdot x^n) + (M(x)\cdot x^n\mod G(x))$$

and this is what you transmit.

On the receiving end, you take all but the last $n$ bits as being the message: that is, you work out $RM(x)/x^n$, which equals $(M(x)\cdot x^n)/x^n$, (the checksum disappears because it has no multiples of $x^n$ in it). And that equals $M(x)$, which is what you want.

You then work out $$RM(x)\mod{g(x)}=(M(x)\cdot x^n\mod G(x)) + (M(x)\cdot x^n\mod G(x))$$

…which equals $$RM(x)\mod{g(x)}=2(M(x)\cdot x^n\mod G(x))$$

…which equals zero if the RM that was received is the same as the RM that was transmitted.

I hope this helps; but, as I said, it depends a bit on exactly where the problem lies.

Proof of Cyclic Redundancy Check validity

2 Answers2

Linked