I followed this thread with great interest. I'm amazed by the skills you all have. I liked the way you draw conclusions and had a small epiphany at ataradov's reply #76. You can clearly see the pattern. Unbelievable!
Can you guys give us some insight on what tools are you using when dealing with such problems?
I've been doing a few projects that are loosely aligned to CRCs lately. They turn up quite a bit in hardware. LFSRs, CRCs, BCH codes are all somewhat related. CRC16 is used in the physical layer of SD cards for verifying block data transfers, and it is also used in SDI video where the checksum of each raster is sent following the active video data. So I had a C implementation handy, for verifying against my VHDL code. (I mistakenly said a monitor's EDID ROM. but I just checked and that is a simple checksum....).
E.g. hamster_nz was half way there in reply #51 which facilitated the search of valid entries. Did you use a "plain" CRC calculation? How did you (almost) figured which polynome and seed is used?
beyondhelp did an awesome job of collecting the data, and included quite a few pairs of messages that differed by one bit, especially the status message with the counters that increment by one.
The checksums for the pairs differed by a consistent amount when bits when the same bits changed, regardless of the rest of the message. On top of that when the neighboring bits changed the difference was the same pattern rotated one bit. That is expected for a CRC, where it is a rotate and then XOR by a constant amount. So I just ran some patterns through the CRC16 code, and rather than just getting unrelated numbers (which would be expected if the polynomial was different) the errors looked somehow related.
With a bit of fiddling I could get most of the changes to sort of agree, and with a bit of hacking I managed to get it close enough that I would take a guesses at what each bit's effect on the checksum would be. My 'mystery transform' was propagating the then-unknown change made to the polynomial through the input data. My bad
How did you guys derived the second solution using equations?
I had decided to move on to other things, but when I saw
ataradov's tables it nagged at me . I just printed it out, turned it on it's side and highlighted the differences.
FEDCBA9876543210
44 other lines
x......O....x...
.x......x....x..
..x......x....x.
...x......x....x
Then undid the rotation step:
FEDCBA9876543210
44 other lines
...x...........x 0x1001
...x......x....x 0x1021
...x......x....x 0x1021
...x......x....x 0x1021
So I plugged 0x1001 as the polynomial constant used on the third-to-last bit, and everything worked out back to the 11th to last bit. I plugged 0x1001 in for the 12th-to-last bit, and that worked too.
Then I just tried the two most common initial values (all zeros or all ones), half expecting to do an exhaustive search, and 0xFFFF just worked.
I really wish there were more threads like this. Thank you!
A big thanks should go to
beyondhelp giving us such a fun problem. Much more fun than doing Sudoku in the wife's Women's Day
I pinged him a message this afternoon and helped him with his Arduino/C testing code, but I still forgot to ask him/her what the end device actually does!