@destevez@mastodon.social
@destevez@mastodon.social avatar

destevez

@destevez@mastodon.social

Everything space & RF. Amateur radio operator (EA4GPZ / M0HXM). PhD in Mathematics from. he/him

This profile is from a federated server and may be incomplete. Browse more on the original instance.

azonenberg, to math
@azonenberg@ioc.exchange avatar

Ok, this one is for the discrete gurus out there.

Let N = CRC32(X)

Given N, is it possible to efficiently calculate CRC32(concat(X, Y)) where Y is a known sized, but very long, sequence of 0xFF bytes?

Obviously you can just seed the CRC with N and iterate, feeding 0xFF in each cycle, but is there any kind of shortcut you can take if you know the input is always a 1 bit?

destevez,
@destevez@mastodon.social avatar

@azonenberg nice question! My intuition tells me that there are no major shortcuts. Thinking of the CRC hardware implementation, you initialize the register with N and keep pushing many 1's. This is very similar to an LFSR and also to multiplication on a cyclic group. The intuition is that the register states evolve in a random-like way and it is quite difficult to predict how the register will look like after many steps without doing the calculation for those many steps.

destevez,
@destevez@mastodon.social avatar

@azonenberg this is not a proof whatsoever, and maybe there's something I'm missing and there is a good shortcut. I'll try to think about this in more formal terms to see if there is something that can be proved.

destevez,
@destevez@mastodon.social avatar

@azonenberg I now see where my intuition failed. The problem is pretty much the same as the following: given an element g in a finite group and a positive integer n, compute g^n (see that answer about matrix multiplication). This can always be done if O(log n) multiplications, even without precomputing anything. Just compute g^2, g^4 = g^2*g^2, ..., g^2^(floor(log_2 n)), and then multiply those powers corresponding to the 1's in the binary expansion of n.

destevez,
@destevez@mastodon.social avatar

@azonenberg what is hard is solving the discrete logarithm problem (some cryptography is based on this). This is, given g and h, find n such that h = g^n. For this, the best algorithm known is brute force, which is computationally prohibitive. In your case, this would be asking how many 0xff bytes you need to get a particular given CRC at the end.

destevez, to random
@destevez@mastodon.social avatar

I have added a DDC to Maia SDR. This can be used to downsample a slice of the input spectrum and feed that to the waterfall and IQ recorder (and in the future stream IQ to an external host over UDP). Here is a short demo of how this looks like. 🧵

video/mp4

destevez,
@destevez@mastodon.social avatar

The DDC uses a cascade of 3 FIRs that are programmed on the fly with using the Parks-McClellan (Remez) algorithm. This is quite different from other FPGA DDCs, which use a CIC filter. The cascade of FIRs is an interesting approach because it uses DSPs instead of logic.

destevez,
@destevez@mastodon.social avatar

At the moment this functionality is still in "beta" in a pull request. I'm interested in getting feedback from the community (specially about the user interface changes) before this makes it to a release. Head over to https://github.com/maia-sdr/maia-sdr/pull/94 to get the firmware and give feedback.

destevez, to random
@destevez@mastodon.social avatar

New blog post: Decoding LTE MIMO with a single antenna. In my previous post I decoded LTE PDSCH transmissions, but I couldn't decode two-codeword transmissions, as they require 2x2 MIMO and my recording only has one antenna. Now I show some tricks to get around this limitation.

destevez, to random
@destevez@mastodon.social avatar

New blog post: LTE downlink: PDSCH. I show how to decode the PDSCH (downlink data) transmissions step by step in a Jupyter notebook written from scratch. I use the SIB1 as an example, but decode all the transmissions into a PCAP file for analysis with Wireshark.

destevez,
@destevez@mastodon.social avatar

First the PDSCH symbols are equalized using the appropriate transmission mode. We use the DCI information in the PDCCH to know whether transmit diversity (broadcast info) or close-loop spatial multiplexing (info for a single UE) was used.

destevez,
@destevez@mastodon.social avatar

Next we extract soft symbols and descramble them. We then undo the rate matching algorithm, performing soft-combining of repeated bits and puncturing of bits that were not sent.

A plot of the soft combining of the symbols from two SIB1 transmissions. The SNR is now excellent and there are no bit errors. We can already see some features of the data, such as a string of zeros used for padding at the end of the message.

destevez,
@destevez@mastodon.social avatar

Now we run the Turbo decoder. I show how the message LLRs evolve in each iteration. For the SIB1 the SNR is high, so the Turbo decoder doesn't have to correct any bit errors. After Turbo decoding, we check a CRC-24 and we're done. We can write the decoded packet to a PCAP file.

destevez,
@destevez@mastodon.social avatar

I look at the data in all the PDSCH transmissions. This includes the SIBs, which transmit system information about the cell, the paging channel, which transmits notifications to idle UEs, and data for individual UEs (C-RNTI). The SIBs and paging messages are parsed with ASN.1.

destevez,
@destevez@mastodon.social avatar

An interesting find is a 64QAM transmission for one of the UEs that are reporting good channel quality. We can decode this too. We cannot decode two-codeword spatial multiplexing, though, as this needs a receiver with 2 antennas.

destevez,
@destevez@mastodon.social avatar

I finish by looking at the decoded data in Wireshark and showing the different protocols that are used in LTE: MAC, RLC UM and AM, and PDCP. As always, all the code and data is included.

Read more: https://destevez.net/2024/04/lte-downlink-pdsch/

jwz, to random
@jwz@mastodon.social avatar

Global Warming Is Slowing the Earth's Rotation.

Negative leap second approaching; appalling shitshow to result.

"This is another one of those 'this has never happened before' things that we're seeing from global warming: the idea that this effect is...
https://jwz.org/b/ykOa

destevez,
@destevez@mastodon.social avatar

@jwz Don't you have a negative leap second if the Earth spins up? The usual positive leap seconds are due to the action of the Moon on the Earth, which tries to tidally lock it, slowing it down.

destevez, to random
@destevez@mastodon.social avatar

New blog post: LTE Transmission Mode 4 (closed-loop spatial multiplexing). I return to my series of posts about the LTE downlink by demodulating some TM4 transmissions. The post makes emphasis on the maths behind precoding and equalization of 2x2 and 2x1 MIMO signals.

destevez, to random
@destevez@mastodon.social avatar

New blog post: Decoding Queqiao-2. A short analysis of Queqiao-2's telemetry using a recording by @coastal8049. The frames are CCSDS AOS frames, but the payload seems custom. There are no Space Packets.
https://destevez.net/2024/03/decoding-queqiao-2/

A raster map of decoded AOS frames, where some patterns and structure can be see.

whitequark, to random
@whitequark@mastodon.social avatar

chat, what's your recommended way of learning the theory behind PID controllers and autotuning? i need one that doesn't involve a 150 page treatise on z-transforms and poles in complex plane. i just want to write a script that makes heating in this house tolerable

destevez,
@destevez@mastodon.social avatar

@danluu @whitequark I found that paper to be a very good read. Thanks for sharing!

destevez, to random
@destevez@mastodon.social avatar

New blog post: Decoding IM-1. A short analysis of some telemetry recordings of Odysseus done by AMSAT-DL, including GNU Radio decoders for the telemetry signal, which is convolutionally encoding 2.5 kbaud either PCM/PSK/PM or suppressed-carrier BPSK.
https://destevez.net/2024/03/decoding-im-1/

whitequark, to random
@whitequark@mastodon.social avatar

i shud learn how to use SPICE to build ASIC cells in klayout or something

embarrassed to admit I've never even built a CMOS inverter like that

destevez,
@destevez@mastodon.social avatar

@whitequark maybe try SilliWiz as a quick first approach to this. Behind the scenes it runs circuit extraction with Magic and then simulates with SPICE. You can even edit the SPICE simulation or download it to a local machine to play more with it.

destevez, to random
@destevez@mastodon.social avatar

New blog post: Lunar reflections during SLIM landing. I study the waterfall of the signal reflected on the Moon's surface during SLIM's landing using a recording by AMSAT-DL. The waterfall shows some distinct bands that resemble a '1' shape.

destevez, to random
@destevez@mastodon.social avatar

The recording of my talk about Maia SDR is now published. https://fosdem.org/2024/schedule/event/fosdem-2024-1841-maia-sdr-an-open-source-fpga-based-project-for-ad936x-zynq-radios/

destevez,
@destevez@mastodon.social avatar

@whitequark I see there's already an override for Xilinx (https://github.com/amaranth-lang/amaranth/blob/main/amaranth/vendor/_xilinx.py#L1191), so let me give it a shot at replacing that code by a netlist of primitive instances.

destevez,
@destevez@mastodon.social avatar

@whitequark silly question: how do I set the name of an Instance? (as in Signal(..., name="..."), which doesn't work with Instance())

destevez,
@destevez@mastodon.social avatar

@whitequark done https://github.com/amaranth-lang/amaranth/pull/1091

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • tacticalgear
  • DreamBathrooms
  • thenastyranch
  • magazineikmin
  • Durango
  • cubers
  • Youngstown
  • mdbf
  • slotface
  • rosin
  • ngwrru68w68
  • kavyap
  • GTA5RPClips
  • provamag3
  • ethstaker
  • InstantRegret
  • Leos
  • normalnudes
  • everett
  • khanakhh
  • osvaldo12
  • cisconetworking
  • modclub
  • anitta
  • tester
  • megavids
  • lostlight
  • All magazines
    •