## Linear Feedback Shift Registers for the Uninitiated

In 2017 and 2018 I wrote an eighteen-part series of articles about linear feedback shift registers, or LFSRs:

div.jms-article-content ol > li { list-style-type: upper-roman } Ex-Pralite Monks and Finite Fields, in which we describe what an LFSR is as a digital circuit; its cyclic behavior over time; the definition of groups, rings, and fields; the isomorphism between N-bit LFSRs and the field \( GF(2^N) \); and the reason why I wrote this series## Ten Little Algorithms, Part 7: Continued Fraction Approximation

In this article we explore the use of continued fractions to approximate any particular real number, with practical applications.

## Elliptic Curve Cryptography - Multiple Signatures

The use of point pairing becomes very useful when many people are required to sign one document. This is typical in a contract situation when several people are agreeing to a set of requirements. If we used the method described in the blog on signatures, each person would sign the document, and then the verification process would require checking every single signature. By using pairings, only one check needs to be performed. The only requirement is the ability to verify the...

## Elliptic Curve Cryptography - Extension Fields

An introduction to the pairing of points on elliptic curves. Point pairing normally requires curves over an extension field because the structure of an elliptic curve has two independent sets of points if it is large enough. The rules of pairings are described in a general way to show they can be useful for verification purposes.

## Elliptic Curve Cryptography - Key Exchange and Signatures

Elliptic curve mathematics over finite fields helps solve the problem of exchanging secret keys for encrypted messages as well as proving a specific person signed a particular document. This article goes over simple algorithms for key exchange and digital signature using elliptic curve mathematics. These methods are the essence of elliptic curve cryptography (ECC) used in applications such as SSH, TLS and HTTPS.

## What does it mean to be 'Turing complete'?

The term "Turing complete" describes all computers and even some things we don't expect to be as powerful as a typical computer. In this article, I describe what it means and discuss the implications of Turing completeness on projects that need just a little more power, on alternative processor designs, and even security.

## Elliptic Curve Cryptography - Security Considerations

The security of elliptic curve cryptography is determined by the elliptic curve discrete log problem. This article explains what that means. A comparison with real number logarithm and modular arithmetic gives context for why it is called a log problem.

## Elliptic Curve Cryptography - Basic Math

An introduction to the math of elliptic curves for cryptography. Covers the basic equations of points on an elliptic curve and the concept of point addition as well as multiplication.

## New book on Elliptic Curve Cryptography

New book on Elliptic Curve Cryptography now online. Deep discount for early purchase. Will really appreciate comments on how to improve the book because physical printing won't happen for a few more months. Check it out here: http://mng.bz/D9NA

## Quaternions and the spatial rotations in motion enabled wearable devices. Exploiting the potential of smart IMUs attitude estimation.

Have you always wondered what a quaternion is? this is your post. Attitude or spatial orientation analysis is a powerful element in wearable devices (and many other systems). Commercially available sensors can provide this information out-of-the-box without requiring complex additional implementation of sensor fusion algorithms. Since these are already on-chip solutions devices can serve as a way to explore and analyze motion in several use cases. Mathematical analysis for processing quaternion is presented along with a brief introduction to them, Although they are not really easy to visualise, a couple fairly simple examples are provided which may allow you to gain some intuition on what's the logic behind them.

## Chebyshev Approximation and How It Can Help You Save Money, Win Friends, and Influence People

Well... maybe that's a stretch. I don't think I can recommend anything to help you win friends. Not my forte.

But I am going to try to convince you why you should know about Chebyshev approximation, which is a technique for figuring out how you can come as close as possible to computing the result of a mathematical function, with a minimal amount of design effort and CPU power. Let's explore two use cases:

- Amy has a low-power 8-bit microcontroller and needs to compute \( \sqrt{x} \)...

## Return of the Delta-Sigma Modulators, Part 1: Modulation

About a decade ago, I wrote two articles:

- Modulation Alternatives for the Software Engineer (November 2011)
- Isolated Sigma-Delta Modulators, Rah Rah Rah! (April 2013)

Each of these are about delta-sigma modulation, but they’re short and sweet, and not very in-depth. And the 2013 article was really more about analog-to-digital converters. So we’re going to revisit the subject, this time with a lot more technical depth — in fact, I’ve had to split this...

## Elliptic Curve Cryptography - Basic Math

An introduction to the math of elliptic curves for cryptography. Covers the basic equations of points on an elliptic curve and the concept of point addition as well as multiplication.

## Linear Feedback Shift Registers for the Uninitiated, Part I: Ex-Pralite Monks and Finite Fields

Later there will be, I hope, some people who will find it to their advantage to decipher all this mess.

— Évariste Galois, May 29, 1832

I was going to call this short series of articles “LFSRs for Dummies”, but thought better of it. What is a linear feedback shift register? If you want the short answer, the Wikipedia article is a decent introduction. But these articles are aimed at those of you who want a little bit deeper mathematical...

## Linear Feedback Shift Registers for the Uninitiated

In 2017 and 2018 I wrote an eighteen-part series of articles about linear feedback shift registers, or LFSRs:

div.jms-article-content ol > li { list-style-type: upper-roman } Ex-Pralite Monks and Finite Fields, in which we describe what an LFSR is as a digital circuit; its cyclic behavior over time; the definition of groups, rings, and fields; the isomorphism between N-bit LFSRs and the field \( GF(2^N) \); and the reason why I wrote this series## How to Estimate Encoder Velocity Without Making Stupid Mistakes: Part II (Tracking Loops and PLLs)

Yeeehah! Finally we're ready to tackle some more clever ways to figure out the velocity of a position encoder. In part I, we looked at the basics of velocity estimation. Then in my last article, I talked a little about what's necessary to evaluate different kinds of algorithms. Now it's time to start describing them. We'll cover tracking loops and phase-locked loops in this article, and Luenberger observers in part III.

But first we need a moderately simple, but interesting, example...

## Round Round Get Around: Why Fixed-Point Right-Shifts Are Just Fine

Today’s topic is rounding in embedded systems, or more specifically, why you don’t need to worry about it in many cases.

One of the issues faced in computer arithmetic is that exact arithmetic requires an ever-increasing bit length to avoid overflow. Adding or subtracting two 16-bit integers produces a 17-bit result; multiplying two 16-bit integers produces a 32-bit result. In fixed-point arithmetic we typically multiply and shift right; for example, if we wanted to multiply some...

## Linear Feedback Shift Registers for the Uninitiated, Part XVI: Reed-Solomon Error Correction

Last time, we talked about error correction and detection, covering some basics like Hamming distance, CRCs, and Hamming codes. If you are new to this topic, I would strongly suggest going back to read that article before this one.

This time we are going to cover Reed-Solomon codes. (I had meant to cover this topic in Part XV, but the article was getting to be too long, so I’ve split it roughly in half.) These are one of the workhorses of error-correction, and they are used in...

## Linear Feedback Shift Registers for the Uninitiated, Part XVIII: Primitive Polynomial Generation

Last time we figured out how to reverse-engineer parameters of an unknown CRC computation by providing sample inputs and analyzing the corresponding outputs. One of the things we discovered was that the polynomial \( x^{16} + x^{12} + x^5 + 1 \) used in the 16-bit X.25 CRC is not primitive — which just means that all the nonzero elements in the corresponding quotient ring can’t be generated by powers of \( x \), and therefore the corresponding 16-bit LFSR with taps in bits 0, 5,...

## Slew Rate Limiters: Nonlinear and Proud of It!

I first learned about slew rate limits when I was in college. Usually the subject comes up when talking about the nonideal behavior of op-amps. In order for the op-amp output to swing up and down quickly, it has to charge up an internal capacitor with a transistor circuit that’s limited in its current capability. So the slew rate limit \( \frac{dV}{dt} = \frac{I_{\rm max}}{C} \). And as long as the amplitude and frequency aren’t too high, you won’t notice it. But try to...

## Chebyshev Approximation and How It Can Help You Save Money, Win Friends, and Influence People

Well... maybe that's a stretch. I don't think I can recommend anything to help you win friends. Not my forte.

But I am going to try to convince you why you should know about Chebyshev approximation, which is a technique for figuring out how you can come as close as possible to computing the result of a mathematical function, with a minimal amount of design effort and CPU power. Let's explore two use cases:

- Amy has a low-power 8-bit microcontroller and needs to compute \( \sqrt{x} \)...

## Ten Little Algorithms, Part 1: Russian Peasant Multiplication

This blog needs some short posts to balance out the long ones, so I thought I’d cover some of the algorithms I’ve used over the years. Like the Euclidean algorithm and Extended Euclidean algorithm and Newton’s method — except those you should know already, and if not, you should be locked in a room until you do. Someday one of them may save your life. Well, you never know.

Other articles in this series:

- Part 1:

## How to Estimate Encoder Velocity Without Making Stupid Mistakes: Part II (Tracking Loops and PLLs)

Yeeehah! Finally we're ready to tackle some more clever ways to figure out the velocity of a position encoder. In part I, we looked at the basics of velocity estimation. Then in my last article, I talked a little about what's necessary to evaluate different kinds of algorithms. Now it's time to start describing them. We'll cover tracking loops and phase-locked loops in this article, and Luenberger observers in part III.

But first we need a moderately simple, but interesting, example...

## Round Round Get Around: Why Fixed-Point Right-Shifts Are Just Fine

Today’s topic is rounding in embedded systems, or more specifically, why you don’t need to worry about it in many cases.

One of the issues faced in computer arithmetic is that exact arithmetic requires an ever-increasing bit length to avoid overflow. Adding or subtracting two 16-bit integers produces a 17-bit result; multiplying two 16-bit integers produces a 32-bit result. In fixed-point arithmetic we typically multiply and shift right; for example, if we wanted to multiply some...

## Linear Feedback Shift Registers for the Uninitiated, Part I: Ex-Pralite Monks and Finite Fields

Later there will be, I hope, some people who will find it to their advantage to decipher all this mess.

— Évariste Galois, May 29, 1832

I was going to call this short series of articles “LFSRs for Dummies”, but thought better of it. What is a linear feedback shift register? If you want the short answer, the Wikipedia article is a decent introduction. But these articles are aimed at those of you who want a little bit deeper mathematical...

## Slew Rate Limiters: Nonlinear and Proud of It!

I first learned about slew rate limits when I was in college. Usually the subject comes up when talking about the nonideal behavior of op-amps. In order for the op-amp output to swing up and down quickly, it has to charge up an internal capacitor with a transistor circuit that’s limited in its current capability. So the slew rate limit \( \frac{dV}{dt} = \frac{I_{\rm max}}{C} \). And as long as the amplitude and frequency aren’t too high, you won’t notice it. But try to...

## Ten Little Algorithms, Part 5: Quadratic Extremum Interpolation and Chandrupatla's Method

Today we will be drifting back into the topic of numerical methods, and look at an algorithm that takes in a series of discretely-sampled data points, and estimates the maximum value of the waveform they were sampled from.

## Linear Feedback Shift Registers for the Uninitiated, Part XVI: Reed-Solomon Error Correction

Last time, we talked about error correction and detection, covering some basics like Hamming distance, CRCs, and Hamming codes. If you are new to this topic, I would strongly suggest going back to read that article before this one.

This time we are going to cover Reed-Solomon codes. (I had meant to cover this topic in Part XV, but the article was getting to be too long, so I’ve split it roughly in half.) These are one of the workhorses of error-correction, and they are used in...

## Second-Order Systems, Part I: Boing!!

I’ve already written about the unexciting (but useful) 1st-order system, and about slew-rate limiting. So now it’s time to cover second-order systems.

The most common second-order systems are RLC circuits and spring-mass-damper systems.

Spring-mass-damper systems are fairly common; you’ve seen these before, whether you realize it or not. One household example of these is the spring doorstop (BOING!!):

(For what it’s worth: the spring...

## Bad Hash Functions and Other Stories: Trapped in a Cage of Irresponsibility and Garden Rakes

I was recently using the publish() function in MATLAB to develop some documentation, and I ran into a problem caused by a bad hash function.

In a resource-limited embedded system, you aren't likely to run into hash functions. They have three major applications: cryptography, data integrity, and data structures. In all these cases, hash functions are used to take some type of data, and deterministically boil it down to a fixed-size "fingerprint" or "hash" of the original data, such that...