RMT V. Roca Internet-Draft INRIA Intended status:~~Experimental~~Standards TrackC. Neumann Expires:~~November 8, 2007~~May 19, 2008Thomson~~Research~~D. Furodet STMicroelectronics~~May 7,~~November 16,2007 Low Density Parity Check (LDPC) Staircase and Triangle Forward Error Correction (FEC) Schemes~~draft-ietf-rmt-bb-fec-ldpc-06.txt~~draft-ietf-rmt-bb-fec-ldpc-07.txtStatus of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on~~November 8, 2007.~~May 19, 2008.Copyright Notice Copyright (C) The IETF Trust (2007). Abstract This document describes two Fully-Specified FEC Schemes, LDPC- Staircase and LDPC-Triangle, and their application to the reliable delivery ofdataobjects onthepacket erasure~~channels.~~channel (i.e., a communication path where packets are either received without any corruption or discarded during transmission).These systematic FEC codes belong to the well known class of ``Low Density Parity Check'' (LDPC) codes, and are large block FEC codes in the sense of RFC3453. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Requirements notation . . . . . . . . . . . . . . . . . . . . 5 3. Definitions, Notations and Abbreviations . . . . . . . . . . . 6 3.1. Definitions . . . . . . . . . . . . . . . . . . . . . . . 6 3.2. Notations . . . . . . . . . . . . . . . . . . . . . . . . 6 3.3. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 7 4. Formats and Codes . . . . . . . . . . . . . . . . . . . . . . 8 4.1. FEC Payload IDs . . . . . . . . . . . . . . . . . . . . . 8 4.2. FEC Object Transmission Information . . . . . . . . . . . 8 4.2.1. Mandatory Element . . . . . . . . . . . . . . . . . . 8 4.2.2. Common Elements . . . . . . . . . . . . . . . . . . . 8 4.2.3. Scheme-Specific Elements . . . . . . . . . . . . . . . 9 4.2.4. Encoding Format . . . . . . . . . . . . . . . . . . . 9 5. Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . 12 5.1. General . . . . . . . . . . . . . . . . . . . . . . . . . 12 5.2. Determining the Maximum Source Block Length (B) . . . . . 13 5.3. Determining the Encoding Symbol Length (E) and Number of Encoding Symbols per Group (G) . . . . . . . . . . . .~~13~~145.4. Determining theMaximumNumber of Encoding Symbols~~of a~~Generated for Any SourceBlock(max_n) . . . . . . . .. . 15 5.5.Determining the Number of Encoding Symbols of a Block (n) . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 5.6.Identifying theGSymbols of an Encoding Symbol Group . .~~.~~16~~5.6.~~5.7.Pseudo Random Number Generator . . . . . . . . . . . . . .~~19~~206. Full Specification of the LDPC-Staircase Scheme . . . . . . .~~21~~226.1. General . . . . . . . . . . . . . . . . . . . . . . . . .~~21~~226.2. Parity Check Matrix Creation . . . . . . . . . . . . . . .~~21~~226.3. Encoding . . . . . . . . . . . . . . . . . . . . . . . . .~~22~~246.4. Decoding . . . . . . . . . . . . . . . . . . . . . . . . .~~23~~247. Full Specification of the LDPC-Triangle Scheme . . . . . . . .~~24~~267.1. General . . . . . . . . . . . . . . . . . . . . . . . . .~~24~~267.2. Parity Check Matrix Creation . . . . . . . . . . . . . . .~~24~~267.3. Encoding . . . . . . . . . . . . . . . . . . . . . . . . .~~24~~267.4. Decoding . . . . . . . . . . . . . . . . . . . . . . . . .~~25~~278. Security Considerations . . . . . . . . . . . . . . . . . . .~~26~~28 8.1. Problem Statement . . . . . . . . . . . . . . . . . . . . 28 8.2. Attacks Against the Data Flow . . . . . . . . . . . . . . 28 8.2.1. Access to Confidential Objects . . . . . . . . . . . . 28 8.2.2. Content Corruption . . . . . . . . . . . . . . . . . . 29 8.3. Attacks Against the FEC Parameters . . . . . . . . . . . . 309. IANA Considerations . . . . . . . . . . . . . . . . . . . . .~~27~~3110. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .~~28~~3211. References . . . . . . . . . . . . . . . . . . . . . . . . . .~~29~~3311.1. Normative References . . . . . . . . . . . . . . . . . . .~~29~~3311.2. Informative References . . . . . . . . . . . . . . . . . .~~29~~33Appendix A.Pseudo Random Number Generator Example Implementation (Informative Only) . . . . . . . . . . 35 Appendix B.Trivial Decoding Algorithm (Informative Only) . . . .~~31~~37Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . .~~33~~39Intellectual Property and Copyright Statements . . . . . . . . . .~~34~~401. Introduction~~RFC 3453 [3]~~[RFC3453]introduces large block FEC codes as an alternative to small block FEC codes like Reed-Solomon. The main advantage of such large block codes is the possibility to operate efficiently on source blocks of size several tens of thousands (or more) source symbols. The present document introduces the Fully-Specified FEC Encoding ID 3 that is intended to be used with the LDPC-Staircase FEC codes, and the Fully-Specified FEC Encoding ID 4 that is intended to be used with the LDPC-Triangle FEC codes~~[6][9].~~[RN04][MK03].Both schemes belong to the broad class of large block codes.For a definition of the term Fully-Specified Scheme, see [RFC5052], section 4.LDPC codes rely on a dedicated matrix, called a "Parity Check Matrix", at the encoding and decoding ends. The parity check matrix defines relationships (or constraints) between the various encoding symbols~~(i.e.~~(i.e.,source symbols and repair symbols), that are later used by the decoder to reconstruct the original k source symbols if some of them are missing. These codes are systematic, in the sense that the encoding symbols include the source symbols in addition to the repair symbols. Since the encoder and decoder must operate on the same parity check matrix, information must be communicated between them as part of the FEC Object Transmission Information. A publicly available reference implementation of these codes is available and distributed under a GNU/LGPL license~~[8].~~[LDPC-codec]. Besides, the code extracts included in this document (except Appendix A that is only provided as an example) are directly contributed to the IETF process by the authors of this document and by Radford M. Neal.2. Requirements notation The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in~~[1].~~[RFC2119].3. Definitions, Notations and Abbreviations 3.1. Definitions This document uses the same terms and definitions as those specified in~~[2].~~[RFC5052].Additionally, it uses the following definitions:~~Encoding Symbol Group: a group~~Source symbol: unit of data used during the encoding process Encoding symbol: unit of data generated by the encoding process Repair symbol: encoding symbol that is not a source symbol Code rate: the k/n ratio, i.e., the ratio between the number of source symbols and the number of encoding symbols. The code rate belongs to a ]0; 1] interval. A code rate close to 1 indicates that a small number of repair symbols have been produced during the encoding process Systematic code: FEC code in which the source symbols are part of the encoding symbols Source block: a block of k source symbols that are considered together for the encoding Encoding Symbol Group: a groupof encoding symbols that are sent together, within the same packet, and whose relationships to the source object can be derived from a single Encoding Symbol~~ID.~~IDSource Packet: a data packet containing only source~~symbols.~~symbolsRepair Packet: a data packet containing only repair~~symbols.~~symbols Packet Erasure Channel: a communication path where packets are either dropped (e.g., by a congested router, or because the number of transmission errors exceeds the correction capabilities of the physical layer codes) or received. When a packet is received, it is assumed that this packet is not corrupted3.2. Notations This document uses the following notations: L denotes the object transfer length in bytes k denotes the source block length in symbols,~~i.e.~~i.e.,the number of source symbols of a source block n denotes the encoding block length,~~i.e.~~i.e.,the number of encoding symbols generated for a source block E denotes the encoding symbol length in bytes B denotes the maximum source block length in symbols,~~i.e.~~i.e.,the maximum number of source symbols per source block N denotes the number of source blocks into which the object shall be partitioned G denotes the number of encoding symbols per group, i.e. the number of symbols sent in the same packet~~rate~~CRdenotes the "code rate",~~i.e.~~i.e.,the k/n ratio max_n denotes the maximum number of encoding symbols generated for any sourceblock. This is in particular the number of encoding symbols generated for a sourceblockof size BH denotes the parity check matrix srand(s) denotes the initialization function of the pseudo-random number generator, where s is the seed (s > 0) rand(m) denotes a pseudo-random number generator that returns a new random integer in [0; m-1] each time it is called 3.3. Abbreviations This document uses the following abbreviations: ESI: Encoding Symbol ID FEC OTI: FEC Object Transmission Information FPI: FEC Payload ID LDPC: Low Density Parity Check PRNG: Pseudo Random Number Generator 4. Formats and Codes 4.1. FEC Payload IDs The FEC Payload ID is composed of the Source Block Number and the Encoding Symbol ID: The Source Block Number (12 bit field) identifies from which source block of the object the encoding symbol(s) in the packet payload is(are) generated. There are a maximum of 2^^12 blocks per object. Source block numbering starts at 0. The Encoding Symbol ID (20 bit field) identifies which encoding symbol(s) generated from the source block is(are) carried in the packet payload. There are a maximum of 2^^20 encoding symbols per block. The first k values (0 to k-1) identify source symbols, the remaining n-k values (k to n-k-1) identify repair symbols. There MUST be exactly one FEC Payload ID per packet. In case of an Encoding Symbol Group, when multiple encoding symbols are sent in the same packet, the FEC Payload ID refers to the first symbol of the packet. The other symbols can be deduced from the ESI of the first symbol thanks to a dedicated function, as explained in Section~~5.5~~5.60 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Block Number | Encoding Symbol ID (20 bits) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1: FEC Payload ID encoding format for FEC Encoding ID 3 and 4 4.2. FEC Object Transmission Information 4.2.1. Mandatory Element o FEC Encoding ID: the LDPC-Staircase and LDPC-Triangle Fully- Specified FEC Schemes use respectively the FEC Encoding ID 3 (Staircase) and 4 (Triangle). 4.2.2. Common Elements The following elements MUST be defined with the present FEC~~Scheme:~~Schemes:o Transfer-Length (L): a non-negative integer indicating the length of the object in bytes. There are some restrictions on the maximum Transfer-Length that can be supported: maximum transfer length = 2^^12 * B * E For instance, if B=2^^19 (because of a code rate of 1/2, Section 5.2), and if E=1024 bytes, then the maximum transfer length is 2^^41 bytes (or 2 TB). The upper limit, with symbols of size 2^^16-1 bytes and a code rate larger or equal to 1/2, amounts to 2^^47 bytes (or 128 TB). o Encoding-Symbol-Length (E): a non-negative integer indicating the length of each encoding symbol in bytes. o Maximum-Source-Block-Length (B): a non-negative integer indicating the maximum number of source symbols in a source block. There are some restrictions on the maximum B value, as explained in Section 5.2. o Max-Number-of-Encoding-Symbols (max_n): a non-negative integer indicating the maximum number of encoding symbols generated for any source block. There are some restrictions on the maximum max_n value. In particular max_n is at most equal to 2^^20. Section 5 explains how to define the values of each of these elements. 4.2.3. Scheme-Specific Elements The following elements MUST be defined with the present FEC Scheme: o G: a non-negative integer indicating the number of encoding symbols per group~~(i.e.~~(i.e.,per packet). The default value is 1, meaning that each packet contains exactly one symbol. Values greater than 1 can also be defined, as explained in Section 5.3. o PRNG seed: the seed is a 32 bit unsigned integer between 1 and 0x7FFFFFFE~~(i.e.~~(i.e.,2^^31-2) inclusive. This value is used to initialize the Pseudo Random Number Generator (Section~~5.6). This element is optional. Whether or not it is present in the FEC OTI is signaled in the associated encoding format through an appropriate mechanism (Section 4.2.4). When the PRNG seed is not carried within the FEC OTI, it is assumed that encoder and decoders use another way to communicate the information, or use a fixed, predefined value.~~5.7).4.2.4. Encoding Format This section shows two possible encoding formats of the above FEC OTI. The present document does not specify when or how these encoding formats should be used. 4.2.4.1. Using the General EXT_FTI Format The FEC OTI binary format is the following, when the EXT_FTI mechanism is used~~(e.g.~~(e.g.,within the ALC~~[13]~~[draft-ietf-rmt-pi-alc-revised]or NORM~~[15]~~[draft-ietf-rmt-pi-norm-revised]protocols). 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | HET = 64 | HEL~~(=4 or 5)~~= 5| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | Transfer-Length (L) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Encoding Symbol Length (E) | G | B (MSB) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | B (LSB) | Max Nb of Enc. Symbols (max_n) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+~~. Optional~~|PRNG seed~~.~~|+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2: EXT_FTI Header for FEC Encoding ID 3 and 4. In particular: o The~~HEL (Header Extension Length) indicates whether the optional PRNG seed is present (HEL=5) or not (HEL=4). o The~~Transfer-Length (L) field size (48 bits) is larger than the size required to store the maximum transfer length (Section 4.2.2) for field alignment purposes. o The Maximum-Source-Block-Length (B) field (20 bits) is split into two parts: the 8 most significant bits (MSB) are in the third 32- bit word of the EXT_FTI, and the remaining 12 least significant bits (LSB) are in the fourth 32-bit word. 4.2.4.2. Using the FDT Instance (FLUTE specific) When it is desired that the FEC OTI be carried in the FDT Instance of a FLUTE session~~[14],~~[draft-ietf-rmt-flute-revised],the following XML attributes must be described for the associated object: o FEC-OTI-FEC-Encoding-ID o FEC-OTI-Transfer-length o FEC-OTI-Encoding-Symbol-Length o FEC-OTI-Maximum-Source-Block-Length o FEC-OTI-Max-Number-of-Encoding-Symbols o FEC-OTI-Scheme-Specific-Info The FEC-OTI-Scheme-Specific-Info contains the string resulting from the Base64 encoding (in the XML Schema xs:base64Binary sense) of the following value: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | PRNG seed | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | G | +-+-+-+-+-+-+-+-+ Figure 3: FEC OTI Scheme Specific Information to be Included in the FDT Instance for FEC Encoding ID 3 and 4.~~When no PRNG seed is to be carried in~~During Base64 encoding, the 5 bytes ofthe FEC~~OTI, the seed field MUST be set to 0 (which is not a valid seed value). Otherwise the seed field contains a valid value as explained in Section 4.2.3. After Base64 encoding, the 5 bytes of the FEC OTI Scheme Specific Information are transformed into a string of 8 printable characters (in~~OTI Scheme Specific Information are transformed into a string of 8 printable characters (inthe 64-character alphabet)~~and~~that isadded to the FEC-OTI-Scheme- Specific-Info attribute. 5. Procedures This section defines procedures that are common to FEC Encoding IDs 3 and 4. 5.1. General The B (maximum source block length in~~symbols) and~~symbols),E (encoding symbol length in bytes)and G (number of encoding symbols per group)parameters are first~~determined, as explained in the following sections.~~determined.Thealgorithms of Section 5.2 and Section 5.3 MAY be used to that purpose. Using other algorithms is possible without compromising interoperability since the B, E and G parameters are communicated to the receiver by means of the FEC OTI. Then, thesource object~~is then~~MUST bepartitioned using the block partitioning algorithm specified in~~[2].~~[RFC5052].To that purpose, the B, L (object transfer length in bytes), and E arguments are provided. As a result, the object is partitioned into N source blocks. These blocks are numbered consecutively from 0 to N-1. The first I source blocks consist of A_large source symbols, the remaining N-I source blocks consist of A_small source symbols. Each source symbol is E bytes in length, except perhaps the last symbol which may be shorter.Then, the max_n (maximum number of encoding symbols generated for any source block) parameter is determined. The algorithm of Section 5.4 MAY be used to that purpose. Using another algorithm is possible without compromising interoperability since the max_n parameter is communicated to the receiver by means of the FEC OTI.For each~~block~~block,the actual number of encoding~~symbols is determined, as explained in~~symbols, n, MUST then be determined usingthe~~following section.~~"n-algorithm" detailed in Section 5.5.Then, FEC encoding and decoding can be done block per block, independently. To that purpose, a parity check matrix is created, that forms a system of linear equations between the source and repair symbols of a given block, where the basic operator is XOR. This parity check matrix is logically divided into two parts: the left side (from column 0 to k-1)~~which~~describes the~~occurrence~~occurrencesof each source symbol in the~~equation system; and~~system of linear equations;the right side (from column k to n-1)~~which~~describes the~~occurrence~~occurrencesof each repair symbol in the~~equation system.~~system of linear equations. The only difference between the LDPC-Staircase and LDPC-Triangle schemes is the construction of this right sub-matrix.An entry (a "1") in the matrix at position (i,j)~~(i.e.~~(i.e.,at row i and column j) means that the symbol with ESI~~i~~jappears in equation~~j~~iof the system.~~The only difference between the LDPC-Staircase and LDPC-Triangle schemes is the construction of the right sub-matrix.~~When the parity symbols have been created, the sender~~will transmit~~transmitssource and parity symbols. The way this transmission occurs can largely impact the erasure recovery capabilities of the LDPC-* FEC. In particular, sending parity symbols in sequence is suboptimal. Instead it is usually recommended the shuffle these symbols. The interested reader will find more details in~~[7].~~[NRFF05].The following sections detail how the B, E,~~and~~G, max_nandn parameters are determined (respectively in Section 5.2, Section~~5.3~~5.3, Section 5.4and Section~~5.4),~~5.5),how encoding symbol groups are created (Section~~5.5),~~5.6),and finally~~specify~~Section 5.7 detailsthe~~PRNG (Section 5.6).~~PRNG.5.2. Determining the Maximum Source Block Length (B) The B parameter (maximum source block length in symbols) depends on several parameters: the code rate~~(rate),~~(CR),the Encoding Symbol ID field length of the FEC Payload ID (20 bits), as well as possible internal codec limitations. The B parameter cannot be larger than the following values, derived from the FEC Payload ID limitations, for a given code rate: max1_B = 2^^(20 -~~ceil(Log2(1/rate)))~~ceil(Log2(1/CR)))Some common max1_B values are: o~~rate~~CR== 1 (no repair symbol): max1_B = 2^^20 = 1,048,576 o 1/2 <=~~rate~~CR< 1: max1_B = 2^^19 = 524,288 symbols o 1/4 <=~~rate~~CR< 1/2: max1_B = 2^^18 = 262,144 symbols o 1/8 <=~~rate~~CR< 1/4: max1_B = 2^^17 = 131,072 symbols Additionally, a codec MAY impose other limitations on the maximum block size.~~This~~For instance, thisis the case~~for instance~~when the codec uses internally 16 bit unsigned integers to store the Encoding Symbol ID, since it does not enable to store all the possible values of a 20 bit field. In that case, if for instance 1/2 <=~~rate~~CR< 1, then the maximum source block length is 2^^15. Other limitations may also apply, for instance because of a limited working memory size. This decision MUST be clarified at implementation time, when the target use case is known. This results in a max2_B limitation. Then, B is given by: B = min(max1_B, max2_B) Note that this calculation is only required at the coder, since the B parameter is communicated to the decoder through the FEC OTI. 5.3. Determining the Encoding Symbol Length (E) and Number of Encoding Symbols per Group (G) The E parameter usually depends on the maximum transmission unit on the path (PMTU) from the source to~~the receivers.~~each receiver.In order to minimize the protocol header overhead~~(e.g.~~(e.g.,the LCT/UDP/IPv4 or IPv6 headers in case of ALC), E is chosen as large as possible. In that case, E is chosen so that the size of a packet composed of a single symbol (G=1) remains below but close to the PMTU. However other considerations can exist. For instance, the E parameter can be made a function of the object transfer length. Indeed, LDPC codes are known to offer better protection for large blocks. In case of small objects, it can be advantageous to reduce the encoding symbol length (E) in order to artificially increase the number of symbols, and therefore the block size. In order to minimize the protocol header overhead, several symbols can be grouped in the same Encoding Symbol Group~~(i.e.~~(i.e.,G > 1). Depending on how many symbols are grouped (G) and on the packet loss rate (G symbols are lost for each packet erasure), this strategy might or might not be appropriate. A balance must therefore be found. The current specification does not mandate any value for either E or G. The current specification only provides an example of possible choices for E and G. Note that this choice is done by the~~sender. Then~~sender, andthe E and G parameters arethencommunicated to the~~receivers~~receiverthanks to the FEC OTI.~~Example: First define the target~~Note also that the decoding algorithm used influences the choice of the E and G parameters. Indeed, increasing the number of symbols will negatively impact the processing load when decoding is based (in part or totally) on Gaussian elimination, whereas the impacts will be rather low when decoding is based on the trivial algorithm sketched in Section 6.4. Example: Let us assume that the trivial decoding algorithm sketched in Section 6.4 is used. First define the targetpacket payload size, pkt_sz (at most equal to the PMTU minus the size of the various protocol headers). The pkt_sz must be chosen in such a way that the symbol size is an integer. This can require that pkt_sz be a multiple of 4, 8 or 16 (see the table below). Then calculate the number of packets in the object: nb_pkts = ceil(L / pkt_sz). Finally, thanks to nb_pkts, use the following table to find a possible G value. +------------------------+----+-------------+-------------------+ | Number of packets | G | Symbol size | k | +------------------------+----+-------------+-------------------+ | 4000 <= nb_pkts | 1 | pkt_sz | 4000 <= k | | | | | | | 1000 <= nb_pkts < 4000 | 4 | pkt_sz / 4 | 4000 <= k < 16000 | | | | | | | 500 <= nb_pkts < 1000 | 8 | pkt_sz / 8 | 4000 <= k < 8000 | | | | | | | 1 <= nb_pkts < 500 | 16 | pkt_sz / 16 | 16 <= k < 8000 | +------------------------+----+-------------+-------------------+ 5.4. Determining theMaximumNumber of Encoding Symbols~~of a~~Generated for Any SourceBlock(max_n)The following~~algorithm, also called "n-algorithm", explains how~~algorithm MAY be used by a senderto determine the~~actual~~maximumnumber of encoding symbolsgeneratedforany source block (max_n) asa~~given block. AT A SENDER:~~function of B and the target code rate. Since the max_n parameter is communicated to the decoder by means of the FEC OTI, another method MAY be used to determine max_n.Input: B: Maximum source block length, for any source block. Section 5.2~~explains how~~MAY be usedto determine its value.~~k: Current source block length. This parameter is given by the source blocking algorithm. rate:~~CR:FEC code~~rate. It~~rate, whichis provided by the~~user, for instance~~user (e.g.,when starting a FLUTE sending~~application.~~application).It is expressed as a floating point value. The~~rate~~CRvalue must be such that the resulting number of encoding symbols per block is at most equal to 2^^20 (Section 4.1). Output: max_n: Maximum number of encoding symbols generated for any source~~block n: Number of encoding symbols generated for this source block~~block.Algorithm: max_n =~~floor(B~~ceil(B/~~rate);~~CR);if (max_n > 2^^20) then return an error ("invalid code rate"); (NB: if B has been defined as explained in Section 5.2, this error should never happen)~~n = floor(k * max_n / B); AT A RECEIVER: Input: B: Extracted from the received FEC OTI max_n: Extracted from the received FEC OTI k: Given by~~5.5. Determiningthe~~source blocking algorithm Output: n:~~Number of~~encoding symbols generated for this source block Algorithm: n = floor(k * max_n / B); 5.5. Identifying the~~EncodingSymbols of~~an Encoding Symbol Group When multiple encoding symbols are sent in the same packet,~~a Block (n) The following algorithm, also called "n-algorithm", MUST be used bythe~~FEC Payload ID information of~~sender andthe~~packet MUST refer~~receivertodeterminethe~~first~~number ofencoding~~symbol. It MUST then be possible to identify each symbol~~symbols for a given block (n) as a function of B, k, and max_n. Input: B: Maximum source block length, for any source block. At a sender, Section 5.2 MAY be used to determine its value. At a receiver, this value MUST be extracted from the received FEC OTI. k: Current source block length. At a sender or receiver, the block partitioning algorithm MUST be used to determine its value. max_n: Maximum number of encoding symbols generated for any source block. At a sender, Section 5.4 MAY be used to determine its value. At a receiver, this value MUST be extracted from the received FEC OTI. Output: n: Number of encoding symbols generated for this source block. Algorithm: n = floor(k * max_n / B); 5.6. Identifying the G Symbols of an Encoding Symbol Group When multiple encoding symbols are sent in the same packet, the FEC Payload ID information of the packet MUST refer to the first encoding symbol. It MUST then be possible to identify each symbolfrom this single FEC Payload ID. To that purpose, the symbols of an Encoding Symbol Group (i.e. packet): o MUST all be either source symbols, or repair symbols. Therefore only source packets and repair packets are permitted, not mixed ones. o are identified by a function, sender(resp. receiver)_find_ESIs_of_group(), that takes as argument: * for a sender, the index of the Encoding Symbol Group~~(i.e.~~(i.e.,packet) that the application wants to create, * for a receiver, the ESI information contained in the FEC Payload ID. and returns a list of G Encoding Symbol IDs. In case of a source packet, the G Encoding Symbol IDs are chosen consecutively, by incrementing the ESI. In case of a repair packet, the G repair symbols are chosen randomly, as explained below. o are stored in sequence in the packet, without any padding. In other words, the last byte of the i-th symbol is immediately followed by the first byte of (i+1)-th symbol. The system must first be initialized by creating a random permutation of the n-k indexes. This initialization function MUST be called immediately after creating the parity check matrix. More precisely, since the PRNG seed is not re-initialized, no call to the PRNG function must have happened between the time the parity check matrix has been initialized and the time the following initialization function is called. This is true both at a sender and at a receiver. int *txseqToID; int *IDtoTxseq; /* * Initialization function. * Warning: use only when G > 1. */ void initialize_tables () { int i; int randInd; int backup; txseqToID = malloc((n-k) * sizeof(int)); IDtoTxseq = malloc((n-k) * sizeof(int)); /* initialize the two tables that map ID *~~(i.e.~~(i.e.,ESI-k) to/from TxSequence. */ for (i = 0; i < n - k; i++) { IDtoTxseq[i] = i; txseqToID[i] = i; } /* now randomize everything */ for (i = 0; i < n - k; i++) { randInd = rand(n - k); backup = IDtoTxseq[i]; IDtoTxseq[i] = IDtoTxseq[randInd]; IDtoTxseq[randInd] = backup; txseqToID[IDtoTxseq[i]] = i; txseqToID[IDtoTxseq[randInd]] = randInd; } return; } It is then possible, at the sender, to determine the sequence of G Encoding Symbol IDs that will be part of the group. /* * Determine the sequence of ESIs for the packet under construction * at a sender. * Warning: use only when G > 1. * PktIdx (IN): index of the packet, in * {0..ceil(k/G)+ceil((n-k)/G)} range * ESIs[] (OUT): list of ESIs for the packet */ void sender_find_ESIs_of_group (int PktIdx, ESI_t ESIs[]) { int i; if (PktIdx < nbSourcePkts) { /* this is a source packet */ ESIs[0] = PktIdx * G; for (i = 1; i < G; i++) { ESIs[i] = (ESIs[0] + i) % k; } } else { /* this is a repair packet */ for (i = 0; i < G; i++) { ESIs[i] = k + txseqToID[(i + (PktIdx - nbSourcePkts) * G) % (n - k)]; } } return; } Similarly, upon receiving an Encoding Symbol Group~~(i.e.~~(i.e.,packet), a receiver can determine the sequence of G Encoding Symbol IDs from the first ESI, esi0, that is contained in the FEC Payload ID. /* * Determine the sequence of ESIs for the packet received. * Warning: use only when G > 1. * esi0 (IN): : ESI contained in the FEC Payload ID * ESIs[] (OUT): list of ESIs for the packet */ void receiver_find_ESIs_of_group (ESI_t esi0, ESI_t ESIs[]) { int i; if (esi0 < k) { /* this is a source packet */ ESIs[0] = esi0; for (i = 1; i < G; i++) { ESIs[i] = (esi0 + i) % k; } } else { /* this is a repair packet */ for (i = 0; i < G; i++) { ESIs[i] = k + txseqToID[(i + IDtoTxseq[esi0 - k]) % (n - k)]; } } }~~5.6.~~5.7.Pseudo Random Number Generator The~~present~~FEC Encoding~~ID relies~~IDs 3 and 4 relyon a pseudo-random number generator (PRNG) that must be fully specified, in particular in order to enable the receivers and the senders to build the same parity check matrix. The minimal standard generator~~[10] is~~[PM88] MUST beused. It defines a simple multiplicative congruential algorithm: Ij+1 = A * Ij (modulo M), with the following choices: A = 7^^5 = 16807 and M = 2^^31 - 1 = 2147483647. Several implementations of this PRNG are known and discussed in the literature. All of them provide the same sequence of pseudo random numbers. A validation criteria of such a PRNG is the following: if seed = 1, then the 10,000th value returned MUST be equal to 1043618065.~~The following~~An optimizedimplementation~~uses~~of this algorithm, using only 32 bit mathematics which does not require any division, is provided, as an example, in Appendix A. Yet any other implementation ofthe~~Park and Miller~~PRNGalgorithm~~with the optimization suggested by D. Carta in [11]. unsigned long seed; /* * Initialize~~that matchestheabove validation criteria is appropriate. ThisPRNG~~with~~producesa~~seed~~31 bit valuebetween~~*~~1 and 0x7FFFFFFE~~(i.e. 2^^31-2)~~(2^^31-2)inclusive.~~*/ void srand (unsigned long s) { if ((s > 0) && (s < 0x7FFFFFFF)) seed = s; else exit(-1); } /* * Returns a~~When it is desired to scale the pseudorandom~~integer in [0; maxv-1] * Derived from rand31pmc, Robin Whittle, * September 20th, 2005. * http://www.firstpr.com.au/dsp/rand31/ * 16807 multiplier constant (7^^5) * 0x7FFFFFFF~~number between 0 and maxv-1 inclusive, one must keep the most significant bits of the value returned by the PRNG (the least significant bits are known to be less random andmodulo~~constant (2^^31-1) *~~based solutions should be avoided [PTVF92]).Thefollowing algorithm MUST be used: Input: raw_value: random integer generated by theinner PRNG~~produces a value~~algorithm,between 1 and~~*~~0x7FFFFFFE (2^^31-2) inclusive.~~* This value is then scaled~~maxv: upper bound used during the scaling operation. Output: scaled_value: random integerbetween 0 and maxv-1~~*~~inclusive.~~*/ unsigned long rand (unsigned long maxv) { unsigned long hi, lo; lo = 16807 * (seed & 0xFFFF); hi = 16807 * (seed >> 16); /* binary shift to right */ lo += (hi & 0x7FFF) < < 16; /* binary shift to left */ lo += hi >> 15; if (lo > 0x7FFFFFFF) lo -= 0x7FFFFFFF; seed~~Algorithm: scaled_value=~~(long)lo; /* don't use modulo, least significant bits are less random * than most significant bits [Numerical Recipes in C] */ return ((unsigned~~(unsignedlong)~~((double)seed~~((double)maxv*~~(double)maxv~~(double)raw_value/~~(double)0x7FFFFFFF)); }~~(double)0x7FFFFFFF); (NB: the above C type casting to unsigned long is equivalent to using floor() with positive floating point values)6. Full Specification of the LDPC-Staircase Scheme 6.1. General The LDPC-Staircase scheme is identified by the Fully-Specified FEC Encoding ID 3. The PRNG used by the LDPC-Staircase scheme must be initialized by a seed. This PRNG seed is an~~optional~~instance-specific FEC OTI attribute (Section 4.2.3).~~When this PRNG seed is not carried within the FEC OTI, it is assumed that encoder and decoders either use another way to communicate the seed value or use a fixed, predefined value.~~6.2. Parity Check Matrix Creation The LDPC-Staircase matrix can be divided into two parts: the left side of the matrix defines in which equations the source symbols are involved; the right side of the matrix defines in which equations the repair symbols are involved. The left side is generated with the following algorithm: /*~~* Derived from: "Software for Low Density Parity Check Codes" * Version of 2001-11-18, Radford M. Neal, Univ. of Toronto. * Copyright (c) 1995, 1996, 2000, 2001 by Radford M. Neal * http://www.cs.toronto.edu/~radford/ldpc.software.html */ /*~~initialize a list of all possible choices in order to * guarantee a homogeneous "1" distribution */ for (h = 3*k-1; h >= 0; h--) { u[h] = h % (n-k); } /* left limit within the list of possible choices, u[] */ t = 0; for (j = 0; j < k; j++) { /* for each source symbol column */ for (h = 0; h < 3; h++) { /* add 3 "1s" */ /* check that valid available choices remain */ for (i = t; i < 3*k && matrix_has_entry(u[i], j); i++); if (i < 3*k) { /* choose one index within the list of possible * choices */ do { i = t + rand(3*k-t); } while (matrix_has_entry(u[i], j)); matrix_insert_entry(u[i], j); /* replace with u[t] which has never been chosen */ u[i] = u[t]; t++; } else { /* no choice left, choose one randomly */ do { i = rand(n-k); } while (matrix_has_entry(i, j)); matrix_insert_entry(i, j); } } } /* Add extra bits to avoid rows with less than two "1s". * This is needed when the code rate is smaller than 2/5. */ for (i = 0; i < n-k; i++) { /* for each row */ if (degree_of_row(i) == 0) { j = rand(k);~~e =~~matrix_insert_entry(i, j); } if (degree_of_row(i) == 1) { do { j = rand(k); } while (matrix_has_entry(i, j)); matrix_insert_entry(i, j); } } The right side (the staircase) is generated by the following algorithm: matrix_insert_entry(0, k); /* first row */ for (i = 1; i < n-k; i++) { /* for the following rows */ matrix_insert_entry(i, k+i); /* identity */ matrix_insert_entry(i, k+i-1); /* staircase */ } Note that just after creating this parity check matrix, when encoding symbol groups are used~~(i.e.~~(i.e.,G > 1), the function initializing the two random permutation tables (Section~~5.5)~~5.6)MUST be called. This is true both at a sender and at a receiver. 6.3. Encoding Thanks to the staircase matrix, repair symbol creation is straightforward: each repair symbol is equal to the sum of all source symbols in the associated equation, plus the previous repair symbol (except for the first repair symbol). Therefore encoding MUST follow the natural repair symbol order: start with the first repair symbol, and generate repair symbol with ESI i before symbolwithESI i+1. 6.4. Decoding Decoding basically consists in solving a system of n-k linear equations whose variables are the n source and repair symbols. Of course, the final goal is to recover the value of the k source symbols only. To that purpose, many techniques are possible. One of them is the following trivial algorithm~~[12]:~~[ZP74]:given a set of linear equations, if one of them has only one remaining unknown variable, then the value of this variable is that of the constant term. So, replace this variable by its value in all the remaining linear equations and reiterate. The value of several variables can therefore be found recursively. Applied to LDPC FEC codes working over an erasure channel, the parity check matrix defines a set of linear equations whose variables are the source symbols and repair symbols. Receiving or decoding a symbol is equivalent to having the value of a variable. Appendix~~A~~Bsketches a possible implementation of this algorithm. A Gaussian elimination (or any optimized derivative) is another possible decoding technique. Hybrid solutions that start by using the trivial algorithm above and finish with a Gaussian elimination are also possible. Because interoperability does not depend on the decoding algorithm used, the current document does not recommend any particular technique. This choice is left to the codec developer. However choosing a decoding technique will have great practical impacts. It will impact the erasure capabilities: a Gaussian elimination enables to solve the system with a smaller number of known symbols compared to the trivial technique. It will also impact the CPU load: a Gaussian elimination requires more processing than the above trivial algorithm. Depending on the target use case, the codec developer will favor one feature or the other. 7. Full Specification of the LDPC-Triangle Scheme 7.1. General LDPC-Triangle is identified by the Fully-Specified FEC Encoding ID 4. The PRNG used by the LDPC-Triangle scheme must be initialized by a seed. This PRNG seed is an~~optional~~instance-specific FEC OTI attribute (Section 4.2.3).~~When this PRNG seed is not carried within the FEC OTI, it is assumed that encoder and decoders either use another way to communicate the seed value or use a fixed, predefined value.~~7.2. Parity Check Matrix Creation The LDPC-Triangle matrix can be divided into two parts: the left side of the matrix defines in which equations the source symbols are involved; the right side of the matrix defines in which equations the repair symbols are involved. The left side is generated with the same algorithm as that of LDPC- Staircase (Section 6.2). The right side (the triangle) is generated with the following algorithm: matrix_insert_entry(0, k); /* first row */ for (i = 1; i < n-k; i++) { /* for the following rows */ matrix_insert_entry(i, k+i); /* identity */ matrix_insert_entry(i, k+i-1); /* staircase */ /* now fill the triangle */ j = i-1; for (l = 0; l < j; l++) { /* limit the # of "1s" added */ j = rand(j); matrix_insert_entry(i, k+j); } } Note that just after creating this parity check matrix, when encoding symbol groups are used~~(i.e.~~(i.e.,G > 1), the function initializing the two random permutation tables (Section~~5.5)~~5.6)MUST be called. This is true both at a sender and at a receiver. 7.3. Encoding Here also repair symbol creation is straightforward: each repair symbolof ESI iis equal to the sum of all source~~symbols in the associated equation, plus the~~andrepair symbols(with ESI lower than i)in the~~triangle.~~associated equation.Therefore encoding MUST follow the natural repair symbol order: start with the first repair symbol, and generate repair symbol with ESI i before symbolwithESI i+1. 7.4. Decoding Decoding basically consists in solving a system of n-k linear equations, whose variables are the n source and repair symbols. Of course, the final goal is to recover the value of the k source symbols only. To that purpose, many techniques are possible, as explained in Section 6.4. Because interoperability does not depend on the decoding algorithm used, the current document does not recommend any particular technique. This choice is left to the codec implementer. 8. Security Considerations~~Data~~8.1. Problem Statement A contentdelivery~~can be~~system is potentiallysubject to~~denial-of-service attacks by attackers which send corrupted packets that are accepted as legitimate by receivers. This is particularly a concern for multicast delivery because a corrupted packet may be injected into~~many attacks: some of them targetthe~~session close~~network (e.g.,tocompromisethe~~root of~~routing infrastructure, by compromisingthe~~multicast tree, in which case~~congestion control component), others targetthe~~corrupted packet will arrive at many receivers. This is particularly a concern for~~Content Delivery Protocol (CDP) (e.g., to compromise its normal behavior), and finally some attacks targetthecontent itself. Since this document focuses on aFEC building block~~because the use~~independentlyof~~even one corrupted packet containing encoding data may result in~~any particular CDP (even if ALC and NORM are two natural candidates), this section only discussesthe~~decoding of an object~~additional threatsthat~~is completely corrupted and unusable. It is thus RECOMMENDED~~an arbitrary CDP may be exposed to when using this building block. More specifically, several kinds of attacks exist: o thosethat~~source authentication and integrity checking~~are~~applied~~meantto~~decoded objects before delivering objects~~give accessto~~an application. For example,~~a~~SHA-1 hash [4]~~confidential content (e.g., in caseof~~an object may be appended before transmission, and the SHA-1 hash is computed and checked after~~a non-free content), o those that try to corruptthe object~~is decoded but before it is delivered~~being transmitted (e.g.,toinject malicious code withinan~~application. Source authentication SHOULD be provided, for example by including~~object, or to preventa~~digital signature verifiable~~receiver from using an object), o and those that try to compromise the receiver's behavior (e.g.,bymakingthe~~receiver computed on top~~decodingofan object computationally expensive). These attacks can be launched either againstthe~~hash value. It is also RECOMMENDED~~data flow itself (e.g., by sending forged symbols) or against the FEC parametersthat~~a packet authentication protocol such~~are sent either in-band (e.g., in an EXT_FTI or FDT Instance) or out- of-band (e.g., in a session description). 8.2. Attacks Against the Data Flow First of all, let us consider the attacks against the data flow. 8.2.1. Access to Confidential Objects Access control to the object being transmitted is typically provided by means of encryption. This encryption can be done over the whole object (e.g., by the content provider, before the FEC encoding process), or be done on a packet per packet basis (e.g., when IPSec/ ESP is used [RFC4303]). If access control is a concern, it is RECOMMENDED that one of these solutions be used. Even if we mention these attacks here, they are not related nor facilitated by the use of FEC. 8.2.2. Content Corruption Protection against corruptions (e.g., after sending forged packets) is achieved by means of a content integrity verification/sender authentication scheme. This service can be provided at the object level, but in that case a receiver has no way to identify which symbol(s) is(are) corrupted if the object is detectedascorrupted. This service can also be provided at the packet level. In this case, after removing all forged packets, the object may be in some case recovered. Several techniques can provide this source authentication/content integrity service: o at the object level, the object MAY be digitally signed (with public key cryptography), for instance by using RSASSA-PKCS1-v1_5 [RFC3447]. This signature enables a receiver to check the object integrity, once this latter has been fully decoded. Even if digital signatures are computationally expensive, this calculation occurs only once per object, which is usually acceptable; o at the packet level, each packet can be digitally signed. A major limitation is the high computational and transmission overheads that this solution requires (unless Elliptic Curve Cryptography (ECC) is used). To avoid this problem, the signature may span a set of symbols (instead of a single one) in order to amortize the signature calculation. But if a single symbol is missing, the integrity of the whole set cannot be checked; o at the packet level, a Group Message Authentication Code (MAC) [RFC2104] scheme can be used, for instance by using HMAC-SHA-1 with a secret key shared by all the group members, senders and receivers. This technique creates a cryptographically secured (thanks to the secret key) digest of a packet that is sent along with the packet. The Group MAC scheme does not create prohibitive processing load nor transmission overhead, but it has a major limitation: it only provides a group authentication/integrity service since all group members share the same secret group key, which means that each member can send a forged packet. It is therefore restricted to situations where group members are fully trusted (or in association with another technique as a pre-check); o at the packet level, TESLA [RFC4082] is a very attractive and efficient solution that is robust to losses, provides a true authentication/integrity service, and does not create any prohibitive processing load or transmission overhead. Yet checking a packet requires a small delay (a second or more) after its reception; Techniques relying on public key cryptography (digital signatures andTESLA~~[5]~~during the bootstrap process, when used) require that public keysbe~~used~~securely associatedto~~detect and discard corrupted packets upon arrival. Furthermore, it is RECOMMENDED~~the entities. This can be achieved by a Public Key Infrastructure (PKI), or by a PGP Web of Trust, or by pre-distributing the public keys of each group member. Techniques relying on symmetric key cryptography (group MAC) requirethat~~Reverse Path Forwarding checks~~a secret keybe~~enabled in~~shared byall~~network routers~~group members. This can be achieved by means of a group key management protocol, or simply by pre-distributing the secret key (but this manual solution has many limitations). It is up to the developerand~~switches along~~deployer, who knowthe~~path from~~security requirements and features ofthe~~sender to receivers~~target application area,to~~limit~~define which solution isthe~~possibility~~most appropriate. Nonetheless, in case there is any concernof~~a bad agent successfully injecting a corrupted packet into~~the~~multicast tree data path. Another security concern~~threat of object corruption, itisRECOMMENDEDthat~~some~~at least one of these techniques be used. 8.3. Attacks Against theFEC~~information may~~Parameters Let us now consider attacks against the FEC parameters (or FEC OTI). The FEC OTI can eitherbe~~obtained by receivers~~sent in-band (i.e., in an EXT_FTI or in an FDT Instance containing FEC OTI for the object) orout-of-band(e.g.,in a session~~description, and if the session description is forged or corrupted then~~description). Attacks on these FEC parameters can preventthe~~receivers will not use~~decoding ofthe~~correct protocol~~associated object:for~~decoding content from received packets. To avoid these problems, it~~instance modifying the B parameter will lead to a different block partitioning. ItisthereforeRECOMMENDED thatsecuritymeasures be taken to~~prevent receivers from accepting incorrect session descriptions, e.g., by using source authentication to ensure~~guarantee the FEC OTI integrity. Tothat~~receivers only accept legitimate~~purpose, the packets carrying the FEC parameters sent in-band in an EXT_FTI header extension SHOULD be protected by one of the per-packet techniques described above: digital signature, group MAC, or TESLA. When FEC OTI is contained in an FDT Instance, this object SHOULD be protected, for instance by digitally signing it with XML digital signatures [RFC3275]. Finally, when FEC OTI is sent out-of-band (e.g., in asession~~descriptions from authorized senders.~~description) this latter SHOULD be protected, for instance by digitally signing it. The same considerations concerning the key management aspects apply here also.9. IANA Considerations Values of FEC Encoding IDs and FEC Instance IDs are subject to IANA registration. For general guidelines on IANA considerations as they apply to this document, see~~[2].~~[RFC5052].This document assigns the Fully-Specified FEC Encoding ID 3 under the "ietf:rmt:fec:encoding" name-space to "LDPC Staircase Codes". This document assigns the Fully-Specified FEC Encoding ID 4 under the "ietf:rmt:fec:encoding" name-space to "LDPC Triangle Codes". 10. Acknowledgments Section~~5.4~~5.5is derived from a previous Internet-Draft, and we would like to thank S. Peltotalo and J. Peltotalo for their contribution. We would also like to thank Pascal Moniot, Laurent Fazio, Aurelien~~Francillon and~~Francillon,Shao~~Wenjian~~Wenjian, Brian Carpenter, Magnus Westerlund, and Alfred Hoenesfor their comments.Last but not least, the authors are grateful to Radford M. Neal (University of Toronto) whose LDPC software (http://www.cs.toronto.edu/~radford/ldpc.software.html) inspired this work.11. References 11.1. Normative References~~[1]~~[RFC2119]Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", RFC 2119, BCP 14, March 1997.~~[2]~~[RFC5052]Watson, M., Luby, M., and L. Vicisano, "Forward Error Correction (FEC) Building Block",~~draft-ietf-rmt-fec-bb-revised-07.txt (work in progress), April~~RFC 5052, August2007.~~[3]~~[RFC3453]Luby, M., Vicisano, L., Gemmell, J., Rizzo, L., Handley, M., and J. Crowcroft, "The Use of Forward Error Correction (FEC) in Reliable Multicast", RFC 3453, December 2002.~~[4] "HMAC: Keyed-Hashing for Message Authentication", RFC 2104, February 1997. [5] "Timed Efficient Stream Loss-Tolerant Authentication (TESLA): Multicast Source Authentication Transform Introduction", RFC 4082, June 2005.~~11.2. Informative References~~[6]~~[ZP74] Zyablov, V. and M. Pinsker, "Decoding Complexity of Low- Density Codes for Transmission in a Channel with Erasures", Translated from Problemy Peredachi Informatsii, Vol.10, No. 1, pp.15-28, January-March 1974. [RN04]Roca, V. and C. Neumann, "Design, Evaluation and Comparison of Four Large Block FEC Codecs: LDPC, LDGM, LDGM-Staircase and LDGM-Triangle, Plus a Reed-Solomon Small Block FEC Codec", INRIA Research Report RR-5225, June 2004.~~[7]~~[NRFF05]Neumann, C., Roca, V., Francillon, A., and D. Furodet, "Impacts of Packet Scheduling and Packet Loss Distribution on FEC Performances: Observations and Recommendations", ACM CoNEXT'05 Conference, Toulouse, France (an extended version is available as INRIA Research Report RR-5578), October 2005.~~[8]~~[LDPC-codec]Roca, V., Neumann, C.,Cunche, M.,and J. Laboure,~~"LDPC-Staircase/ LDPC-Triangle~~"LDPC- Staircase/LDPC-TriangleCodec Reference Implementation", INRIA~~Rhone- Alpes~~Rhone-Alpesand STMicroelectronics, http://planete-bcast.inrialpes.fr/.~~[9]~~[MK03]MacKay, D., "Information Theory, Inference and Learning Algorithms", Cambridge University Press, ISBN:~~0521642981,~~0-521- 64298-1,2003.~~[10]~~[PM88]Park, S. and K. Miller, "Random Number Generators: Good Ones are Hard to Find", Communications of the ACM, Vol. 31, No. 10, pp.1192-1201, 1988.~~[11]~~[CA90]Carta, D., "Two Fast Implementations of the Minimal Standard Random Number Generator", Communications of the ACM, Vol. 33, No. 1, pp.87-88, January 1990.~~[12] Zyablov, V.~~[PTVF92] Press, W., Teukolsky, S., Vetterling, W.,and~~M. Pinsker, "Decoding Complexity of Low-Density Codes for Transmission in a Channel with Erasures", Translated from Problemy Peredachi Informatsii, Vol.10, No. 1, pp.15-28, January-March 1974. [13]~~B. Flannery, "Numerical Recipies in C; Second Edition", Cambridge University Press, ISBN: 0-521-43108-5, 1992. [draft-ietf-rmt-pi-alc-revised]Luby, M., Watson, M., and~~L. Vicisano, "Asynchronous Layered Coding (ALC) Protocol Instantiation", draft-ietf-rmt-pi-alc-revised-04.txt (work~~L. Vicisano, "Asynchronous Layered Coding (ALC) Protocol Instantiation", draft-ietf-rmt-pi-alc-revised-04.txt (work in progress), February 2007. [draft-ietf-rmt-pi-norm-revised] Adamson, B., Bormann, C., Handley, M., and J. Macker, "Negative-acknowledgment (NACK)-Oriented Reliable Multicast (NORM) Protocol", draft-ietf-rmt-pi-norm-revised-05.txt (work in progress), March 2007. [draft-ietf-rmt-flute-revised] Paila, T., Walsh, R., Luby, M., Lehtonen, R., and V. Roca, "FLUTE - File Delivery over Unidirectional Transport", draft-ietf-rmt-flute-revised-05.txt (work in progress), October 2007. [RFC3447] Jonsson, J. and B. Kaliski, "Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1", RFC 3447, February 2003. [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC 4303, December 2005. [RFC2104] "HMAC: Keyed-Hashing for Message Authentication", RFC 2104, February 1997. [RFC4082] "Timed Efficient Stream Loss-Tolerant Authentication (TESLA): Multicast Source Authentication Transform Introduction", RFC 4082, June 2005. [RFC3275] Eastlake, D., Reagle, J., and D. Solo, "(Extensible Markup Language) XML-Signature Syntax and Processing", RFC 3275, March 2002. Appendix A. Pseudo Random Number Generator Example Implementation (Informative Only) The following is an implementation of the minimal standard generator defined in Section 5.7 that scales the result between 0 and maxv-1 inclusive. It uses the Park and Miller algorithm [PM88] with the optimization suggested by D. Cartain~~progress), February 2007. [14] Paila, T., Walsh, R., Luby, M., Lehtonen, R.,~~[CA90]. The inner algorithm relies on 32 bit mathematics onlyand~~V. Roca, "FLUTE - File Delivery over Unidirectional Transport", draft-ietf-rmt-flute-revised-03.txt (work in progress), January 2007. [15] Adamson, B., Bormann, C., Handley, M.,~~does not require any division. unsigned long seed; /* * Initialize the PRNG with a seed between * 1and~~J. Macker, "Negative-acknowledgment (NACK)-Oriented Reliable Multicast (NORM) Protocol", draft-ietf-rmt-pi-norm-revised-04.txt (work~~0x7FFFFFFE (i.e., 2^^31-2) inclusive. */ void srand (unsigned long s) { if ((s > 0) && (s < 0x7FFFFFFF)) seed = s; else exit(-1); } /* * Returns a random integerin~~progress), March 2007.~~[0; maxv-1] * Derived from rand31pmc, Robin Whittle, * September 20th, 2005. * http://www.firstpr.com.au/dsp/rand31/ * 16807 multiplier constant (7^^5) * 0x7FFFFFFF modulo constant (2^^31-1) * The inner PRNG produces a value between 1 and * 0x7FFFFFFE (2^^31-2) inclusive. * This value is then scaled between 0 and maxv-1 * inclusive. */ unsigned long rand (unsigned long maxv) { unsigned long hi, lo; lo = 16807 * (seed & 0xFFFF); hi = 16807 * (seed >> 16); /* binary shift to right */ lo += (hi & 0x7FFF) << 16; /* binary shift to left */ lo += hi >> 15; if (lo > 0x7FFFFFFF) lo -= 0x7FFFFFFF; seed = lo; /* don't use modulo, least significant bits are less random * than most significant bits [PTVF92] */ return ((unsigned long) ((double)maxv * (double)seed / (double)0x7FFFFFFF)); }Appendix~~A.~~B.Trivial Decoding Algorithm (Informative Only) A trivial decoding algorithm is sketched below (please see~~[8]~~[LDPC-codec]for the details omitted here): Initialization: allocate a table partial_sum[n-k] of buffers, each buffer being of size the symbol size. There's one entry per equation since the buffers are meant to store the partial sum of each equation; Reset all the buffers to zero; /* * For each newly received or decoded symbol, try to make progress * in the decoding of the associated source block. * NB: in case of a symbol group (G>1), this function is called for * each symbol of the received packet. * NB: a callback function indicates to the caller that new symbol(s) * has(have) been decoded. * new_esi (IN): ESI of the new symbol received or decoded * new_symb (IN): Buffer of the new symbol received or decoded */ void decoding_step(ESI_t new_esi, symbol_t *new_symb) { If (new_symb is an already decoded or received symbol) { Return; /* don't waste time with this symbol */ } If (new_symb is the last missing source symbol) { Remember that decoding is finished; Return; /* work is over now... */ } Create an empty list of equations having symbols decoded during this decoding step; /* * First add this new symbol to the partial sum of all the * equations where the symbol appears. */ For (each equation eq in which new_symb is a variable and having more than one unknown variable) { Add new_symb to partial_sum[eq]; Remove entry(eq, new_esi) from the H matrix; If (the new degree of equation eq == 1) { /* a new symbol can be decoded, remember the * equation */ Append eq to the list of equations having symbols decoded during this decoding step; } } /* * Then finish with recursive calls to decoding_step() for each * newly decoded symbol. */ For (each equation eq in the list of equations having symbols decoded during this decoding step) { /* * Because of the recursion below, we need to check that * decoding is not finished, and that the equation is * __still__ of degree 1 */ If (decoding is finished) { break; /* exit from the loop */ } If ((degree of equation eq == 1) { Let dec_esi be the ESI of the newly decoded symbol in equation eq; Remove entry(eq, dec_esi); Allocate a buffer, dec_symb, for this symbol and copy partial_sum[eq] to dec_symb; Inform the caller that a new symbol has been decoded via a callback function; /* finally, call this function recursively */ decoding_step(dec_esi, dec_symb); } } Free the list of equations having symbols decoded; Return; } Authors' Addresses Vincent Roca INRIA 655, av. de l'Europe Inovallee; Montbonnot ST ISMIER cedex 38334 France Email:~~vincent.roca@inrialpes.fr~~vincent.roca@inria.frURI:~~http://planete.inrialpes.fr/~roca/~~http://planete.inrialpes.fr/people/roca/Christoph Neumann Thomson~~Research 46, Quai A. Le Gallo Boulogne Cedex 92648~~12, bd de Metz Rennes 35700France Email: christoph.neumann@thomson.net URI:~~http://planete.inrialpes.fr/~chneuman/~~http://planete.inrialpes.fr/people/chneuman/David Furodet STMicroelectronics 12, Rue Jules Horowitz BP217 Grenoble Cedex 38019 France Email: david.furodet@st.com URI: http://www.st.com/ Full Copyright Statement Copyright (C) The IETF Trust (2007). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA).