SE466822B - DEVICE FOR MULTIPLICATION OF TWO ELEMENTS IN A GALOIC BODY - Google Patents

Description

15 20 25 30 466 822 e.g. BCH and RS codes. Through successive multiplications, one can also calculate the inverse of an element. The inverse of an element is required e.g. when decoding BCH and RS codes.

An earlier proposal to UGM resulted in a multiplier with too low performance for practical purposes. The low performance in this previous UGM is caused by a worst signal path at ~ Gm logic gate levels when used above GF (2 '”). A detailed description of this former UGM is found in B.A. Laws, C.K.

Rushforth, "A Cellular-Array Multiplier for GF (2m)", IEEE Trans. Comput., Vol. C- 20, pp. 1573-1578, December 1971.

The main object of the present invention is to provide a new apparatus for multiplying elements in GF (p '”), especially for p = 2. The new apparatus requires a lower number of components and has better performance than previous UGM.

A feature of the invention is that it can be programmed to operate over different galley bodies GF (pm), 2 S m S M where M is an arbitrary integer greater than one.

The invention and a preferred embodiment of the invention will be described in the following with reference to the accompanying drawings.

Description of the drawings FIG. 1 is a block diagram of a preferred embodiment of the invention.

FIG. 2 is a more detailed block diagram of a subsystem used to calculate a-A across different galaxy bodies with characteristic 2 (ie p = 2).

FIG. 3 is a more detailed block diagram of a subsystem used to calculate the scalar product of two binary vectors.

FIG. 4 shows a preferred embodiment of the galley bodies GF (2m), 2 S m S 4 for the invention.

THE PRESENTATION OF THE EXECUTIVE SUMMARY A brief summary of some basic facts from the galo-theory is necessary for a meaningful description of the invention. A galoic body is an algebraic structure consisting of a finite number, pm, of elements where p is a prime number and m is a positive integer.These elements always include the elements 0 and 1. On the elements in the body the operations addition, subtraction, multiplication and division are added.Addition, subtraction and multiplication are associative and commutative and multiplication is distributive with respect to addition and subtraction.Each operation on one or fl your elements always results in an element out of the body.10 15 2.0 25 30 3 466 s22 The present invention mainly relates to, but is not limited to, galley bodies with characteristic 2 which are designated GF (2 "'). The smallest galley body (m = 1) consists only of the elements 0 and 1 and is called the binary number body, GF (2). Addition and multiplication in GF (2) are performed modulo 2, ie 0 + 0 = 1 + 1 = 0, 0 + 1 = 1 + 0 = 1, 0-0 = O-1 = 1-0 = 0, 1-1 = 1 and -1 = 1. Addition is the same as EXCLUSIVE OR (XOR) while multiplication is the same as LOGICAL AND (AND).

In GF (2 "'), m> 1, each element is represented by a polynomial of degrees S ml with binary coefficients. Each element can be seen as the result of a reduction modulo an irreducible polynomial of degrees m over GF (2), and all coef fi cient operations are performed modulo 2. Alternatively, one can see the body GF (2m) as a linear vector space over GF (2) whose dimension is m.

For each integer m, there is only one gala body with 2m elements. In general, however, the elements of a galley body can be represented in different ways depending on which specific polynomial is chosen to generate the body.

Representing an element A as a polynomial ao + alx + + am_2xm'2 + amox m4 is the same as choosing the elements {1, a, ..., amâ, am'1} to the base of GF (2 '"). Each element can therefore be written as a linear combination of the base elements, the elements ai, i = 0, 1, ..., ml are represented in this base by the polynomial xi, i = 0, 1, ..., ml and, consequently, are the expression ao + alx + + am_2x m2 + a mox ”Equivalent to ao + ala + + am_2a '"' 2+ amoawlßvaimänne base is called polynomial base.

In the following, P (x) denotes the irreducible polynomial which generates the body and which has the element a as one of its roots, i.e. P (a) = 0. A (x) is the polynomial associated with the element A, B (x) the polynomial associated with the element B and C (x) the polynomial associated with the product of A and B. The product can be calculated as follows C (x) = A (x) -B (x) mod P (x) = = [boA (x) + blxAa) + + bmpumhaoo] mod P (x) = = [boA (x) mod P (x)] + [b1xA (x) mod P (x)] + ... + [bm_1xm'1A (x) mod P (x)]. (1) Vi de fi nierar nu polynomen Z¿, _ (x): ml Z¿, _ (x) = zziljxj = xiA (x) mod P (x) i = 0, 1,, m-1 (2) j = 0 where zl-IJ- e GF (2). Then C (x) = boZo, _ (x) + b1Z1, _ (x) + + bm_1Zm_1, _ (x). (3) 10 15 20 25 4 6 6 8 2 2 And in matrix notation co 20.0 21.0 zm-ro bo 01 20.1 21.1 Zm-1.1 bl C = _ _-_ _ _ = z B (4) Cm-i zo, m-1 Z1, m-1 zm-rm-i bm-i where Z is a binary mxm matrix in equation (4). We see that the product C can be obtained by calculating the m scalar products Zïj-B, j = 0,1 ..., m-1, where Zw- denotes the jth row in Z. However, Z must first be generated. We generate the m columns in Z by cascading m-1 identical cells where each cell implements the operation xA (x) mod P (x) (the first column Zor is element A itself, see equation (2)). We call said cell the a-cell and the cascade-linked structure the a-matrix.

The polynomial P (x) has the form x "+ xm'1pm_1 + + xpl + 1 (the first and last coefficient must necessarily be ones otherwise P (x) cannot be irreducible).

Now the expression xA (x) mod P (x) can be written as xA (x) = xmanbl + xm'1am_2 + + xzal + xao = 1 = am_1 (xm'1pm_1 + + xpl + 1) + xm 'am_2 + + xzal + xa0 = ml = and + 2 x '(am_1p¿ + au) i = 1 mod P (x). (5) In equation (5) we used of ”= am'1pm_1 + + apl + 1 (which is equivalent to xm = xm'1pm_1 + + xpl + 1). Equation (5) describes the function of an α-cell for fi x m: for each p¿: ß 0, i = 1, 2, ..., ml, a sum of am_1 + am shall be calculated while the coefficient of xo is given by A's most signi fi kanta koef fi cient am_1. We call the am_ feedback signal (FB). On the basis of the above mathematical principles, a preferred embodiment of the invention can be described.

Fig. 1 shows the general structure of the new UGM. The terms are consistent with the previous introduction. Unit 1 is the α-matrix that generates Z as defined in equation (4). Unit 2 calculates the m scalar products ej = Zïj-B, j = 0.1, ..., m-1 and is here called the IP network. The IP network in turn consists of identical cells, where each cell, here called the IP cell, calculates a scalar product. For proper operation, all unused coefficients must be zeroed, i.e. ai = bi = 0, i> m-l.

Fig. 2 shows a preferred embodiment of the α-cell 11, for calculating xA (x) mode P (x) (ie selection). the α-cell can operate over each galoid body GF (2m), 2 S ms M by programming the binary vectors P = (p1, p2, on., ..., pM_1) and S = (si, sz, S3,. .., sMi) as shown in Fig. 2.

Suppose we want to program the new UGM for operation over GF (2 '”) where m is in the usable range. Then the vector S must be set as follows: Si =: z (6) The vector S determines the feedback FB in Fig. 2. The first m-1 components in the vector P are given by the m-1 middle coefficients in the irreducible polynomial P (x) which generates the body. The remaining coefficients pm to pM_1 are set to zero.

We see in Fig. 2 that the α-cell has a regular "bit-slice" structure consisting of m-1 identical subcells (unit 111 in Fig. 2). Each subcell contains a binary adder (XOR), a switch SW and a multiplexer MX. The switch SW in subcell #i is controlled by the signal si as follows: SW is closed if si = 1, SW is opened if si = 0. The multiplexer MX is controlled by the signal pi as follows: if pi = 1, the MX selects the signal from the binary adder ( = am_1 + ai_1), if pi = 0, MX selects the second signal (= ai_1).

Fig. 3 shows a preferred embodiment of the IP cell 21 based on two-input gates. M AND gates and M -1 XOR gates are required; The multiplexer MX connected to the output of the IP cell is needed to reset the coefficient ci for i> m -1 as these are not used. In this case, the signal vi is given by the izte component of a vector V = (vo, vi, ..., vM_1) which is set as follows 0 iSm-1 ”i = {1 i> m-1. (7) The multiplexer MX then resets the output signal ci if vi = 1. If vi = 0, MX selects the output signal from the XOR tree.

Fig. 4 shows the complete UGM for the case M = 4 together with a table of S and V for 2. <. m S 4. Note that m 2 2 means that the first two components so and sl iS are always zero and do not need to be generated (the multiplexer in those IP cells is superfluous). The body generator P (x) is not specified but would be chosen as follows: P (x) = x4 + x + 1 shape = 4, P (x) = x3 + x + 1 shape = 3andP (x) = x2 + x + 1 form = 2.

The extension to a new value of M is obvious. 10 15 20 25 466 822 '6 When using the new UGM for m <M, only a part of the a-matrix is used. This is easily illustrated by equation (4). First we fi deny the vectors CL, CU, OCh CL = (00, cmpT CU = (cm, cMpT BL = (bo bmf BU = (bm, bMpT where T indicates transposition. Now we can write o .. zM_1, ow _ Zl B .. z _ _ b _ LM Lm 1 m 1 = Zs (8) - ZM-rm m 22 BU ZoM-i zm-LM-i zmM-i zM-rM-i bM-i where Z1, Z2 and Z3 are sub-matrices in Z as they are av niered by the division illustrated in equation (8.) The product of interest to us is CL = Z1 -B L. For the correct calculation of CL, the remaining product Z3-BU must always be zero, which is the case when BU = Finally, the term Zz-BL, which is normally non-zero, must be prevented from occurring in CU (the unused part of the product vector which we wish to be zero) .The zeroing of CU can be achieved by the multiplexer MX and the above-mentioned signal we as shown in Fig. 3.

The Kgmplgxitgt α matrix consists of m-1 α cells where each cell contains m-1 XOR gates, m-1 switches and m-1 multiplexers. Since a switch / multiplexer is considerably simpler than an XOR gate, we let a switch and a multiplexer together correspond to the complexity of an XOR gate. Then we can estimate the complexity of the a-matrix to 2 (m-1) 2 gates. The IP network consists of m IP cells where each cell contains 2m-1 gates, ie a total of 2m2-m gates. Finally, 3m registers are required for storing the control vectors P, S and V (these registers are loaded from some external device). The total complexity NUGM becomes NUGM = 2 (m-1) 2 + 2m2-m + 3m.

Compared to the previous UGM whose complexity is ~ 7m2 + 3m, the new UGM requires almost 50% fewer components. 10 15 20 ö 466 822 Bmstanda The performance of the new UGM is determined by the critical signal path (W SP) between input and output. We will determine an upper limit on the length LWSP (in gates) of the WSP. For this purpose, we let the delay of a switch-multiplexer pair correspond to the delay of an XOR gate.

The WSP through the multiplier must pass m-1a cells and an IP cell.

The length of the WSP through the IP cell is constantly equal to 1+ llogzMl gates.

The WSP through the a-matrix actually depends on the choice of P (x). However, it always goes through switches, XOR gates and multiplexers. The number of XOR gates along the WSP can be made much lower than m-1 by appropriate selection of P (x). The following table shows the number of XOR gates along the WSP through the a-matrix for some suitable P (x) of degrees m. <_ 16: E fi l-c-ä-cooo fl aacnßwwš Oh N FU 1 1 1 2 1 1 4 2 2 2 4 4 4 1 5 The table indicates only the x-powers in P (x) whose coefficients are equal to 1. We see that the number of XOR gates is between 1 and Lg- íör m S 8. A better upper limit for m> 8, however, seems to be We choose Lg- to an upper limit for all m.

Determining the number of switches / multiplexers along the WSP is not easy. We therefore assume that the WSP passes through m-l switches and m-l multiplexers. According to the above approximation, these m-1 correspond to XOR gates.

The total length LWSP for the WSP now becomes LWSP $ (m-1) + m / 2 + 1 + llogzMl = 1.5m + llog2Ml [Gates] which is significantly better than the ~ Gm gates at previous UGM. 10 15 20 25 30 466 822 Comments It is obvious that the invention must not be considered limited to the embodiment shown in the drawings and described above. On the other hand, within the framework of the idea, it can be varied in many ways. For example, instead of storing the vectors P, S and Vi registers, one can obtain both S and V from P through a simple logic circuit (in this case the coefficient p m in P (x) must also be used).

Programming of the UGM is simplified in this way into a single write operation.

The invention can also be easily modified to perform the operation A-B + D, by adding an extra XOR gate to each IP cell. Furthermore, the subcell 111 can be constructed using an AND gate instead of the multiplexer. The AND gate would then calculate the product am_1p¿, which is then passed to the XOR gate (instead of the feedback signal and) to produce the sum am_1p¿ + an there.

The same general structure as in Fig. 1 can be used for UGM operating over bodies with characteristics other than 2. Then all coefficient operations would be performed modulo prime p, p> 2, which is more complicated than for p = 2. For p> 2 applies that -1 # 1 mod p which means that we must take into account the sign of the elements.

Let P (x) be a monic (ie with the highest coefficient pM = 1) irreducible polynomial of degrees M over GF (p) which has a as root, P (oc) = 0. Then ad! = -OÉWJpMJ- - apl - po = dzw'lplí¿_l + + ap1 '+ pó (9) where pi' is the additive inverse of pi in GF (p). Equation (5) now becomes M1 M 2 xA (x) = x aMJ + x aM_2 + + x al + xa0 = = aM_1 ('xM-1pM_1' ... '' + u. + + M-1 g = p¿ aM_1 + 2 x '(pgajm + an) mod P (x). (io) i = 1 the design of the a-cell follows directly from equation (10) .a-cell consists of M -1 identical subcells where each subcell performs the operation pL -'aMJ + am plus a cell for calculating pó aMJ, where juxtaposition means modulo p-multiplication and "+" modulo p-addition. Since P is known in advance, plf, i = 0, 1, 2, ... , ml is calculated and fed into the UGM instead of the pi. a cell is made programmable for operation over different bodies GF (p "'), 2 S m SM in the same way as at p = 2 by using switch and vector S The new a-matrix is obtained by cascading M -1 a cells The a-matrix is connected to the IP network which calculates the necessary scalar products The IP cell is modified to calculate the scalar product of two p-466 822 near vectors of length M The control vector V is used as at p = 2. We finally note that the binary represents the elements of the elements in GF (p) require I-logzp-I bits.

For example. requires the elements in GF (3) two bits.

Claims (5)

466 822 w PATENTIÅEAV ' Device for multiplying two elements in a galley body GF (p ""), which generates a product vector consisting of m p-close components, where m is an integer in the range [2, M] with M an integer greater than 1, each of said elements in 5 GF (p '") is represented by a vector of m p-close coefficients according to a polynomial base representation, characterized by a) first logic circuits (1) comprising a cascade of at least an α-cell (11) which calculates, for the first of said two elements, the first m a-multiples, each α-multiple corresponding to the product of ai and said element for i = 0, 1, ..., ml, where a is an element in the body GF (pm) that satisfies the equation P (x) = O for x = a, where P (x) is a polynomial of degrees m that is irreducible over the body GF (p); and b) second logic circuits (2) comprising at least two IP cells (21), each IP cell simultaneously calculating the scalar product of the second element and each p- when vector whose components are given by the jth components of all said a the multiples of j = 0, 1, 2, ..., ml, where each of said scalar products corresponds to a component of the resulting product vector; wherein c) said a-cell (11) is arranged to be supplied with M input signals and arranged to generate M output signals, and consists of M -1 identical sub-cells (111), each sub-cell consisting - in the case p = 2 - of a modulo -p- adder, a switch (SW) and a multiplexer (MX), all interconnected and controlled by the required control signals so that the jth of said sub-cells calculates the modulo-p sum of the j-1st of said input signals and modulo -p the product of the m-1st of said input signals and the jth coefficient of said polynomial P (x), where j assumes the values 1 to ml, while the least significant, i.e. 0th, output signal is given by the m -1 of said input signals; and d) if one of said α-cells is cascaded, if necessary, by connecting the jth output of an α-cell to the j-th input of the following α-cell; and e) said IP cell is arranged to be supplied with two M -dimensional input signal vectors and arranged to generate an output signal, and consists, in the case of p = 2, of a set of logic AND gates followed by another / l 466 822 set of logic exclusive-OR gates, all interconnected so that the output signal represents the modulo-scalar product of said input signal vectors. Device according to claim 1, characterized in that a) said first logic circuits (1) comprise means for replacing said irreducible polynomial with a new irreducible polynomial, said first logic circuits being programmable for operation over each galley body GF (pm), 2 S m SM, including all possible representations for each such galley body, and b) means for selectively coupling the outputs of said second logic circuits (2) to logic zero. Device according to claim 1 or 2, characterized in that each of the pm elements in GF (pm) is represented by a vector consisting of m p-close components according to a polynomial-base representation A = ao + ala + + am_2o1 "'2 + 15 am_1a'" '1, where A is an element in GF (p' "), ao, a1, ..., am_2, am_learns the p-near components iA, and a is an element in GF (p '") which satisfies the equation P (x.) = 0 for x = a, where P (x) is a polynomial of degrees m irreducible over the body GF (p). Device according to claim 2 or 3, characterized in that: a) the unused inputs of said first logic circuits (1) are set to logic zero; and that b) the unused inputs and outputs of said second logic circuits (2) are set to logic zero. Device according to claim 1,2,3 or 4, characterized by, attp = 2.