Fletcher's checksum

The Fletcher checksum is an algorithm for computing a position-dependent checksum devised by John G. Fletcher at Lawrence Livermore Labs in the late 1970s. A description of the algorithm and an analysis of the performance characteristics of a particular implementation were published in the IEEE Transactions on Communications in January 1982. The objective of the Fletcher checksum was to provide error-detection properties approaching those of a cyclic redundancy check but with the lower computational effort associated with summation techniques.

[edit] The Algorithm

[edit] Review of Simple Checksums

As with simpler checksum algorithms, the Fletcher checksum involves dividing the binary data word to be protected from errors into short "blocks" of bits and computing the modular sum of those blocks. (Note that the terminology used in this domain can be confusing. The data to be protected, in its entirety, is referred to as a "word" and the pieces into which it is divided are referred to as "blocks". It is tempting to think of a block of data divided into words, which gets the terms the wrong way round.)

As an example, the data may be a message to be transmitted consisting of 136 characters, each stored as an 8-bit byte, making a data word of 1088 bits in total. A convenient block size would be 8 bits, although this is not required. Similarly, a convenient modulus would be 255, although, again, others could be chosen. So, the simple checksum is computed by adding together all the 8-bit bytes of the message, dividing by 255 and keeping only the remainder. (In practice, the modulo operation is performed during the summation to control the size of the result.) The checksum value is transmitted with the message, increasing its length to 137 bytes or 1096 bits. The receiver of the message can re-compute the checksum and compare it to the value received to determine whether the message has been altered by the transmission process.

[edit] Weaknesses of Simple Checksums

The first weakness of the simple checksum is that it is insensitive to the order of the blocks (bytes) in the data word (message). If the order is changed, the checksum value will be the same and the change will not be detected. The second weakness is that the universe of checksum values is small, being equal to the chosen modulus. In our example, there are only 255 possible checksum values, so it is easy to see that even random data has about a 0.4% probability of having the same checksum as our message.

[edit] The Fletcher Checksum

Fletcher addresses both of these weaknesses by computing a second value along with the simple checksum. This is the modular sum of the values taken by the simple checksum as each block of the data word is added to it. The modulus used is the same. So, for each block of the data word, taken in sequence, the block's value is added to the first sum and the new value of the first sum is then added to the second sum. Both sums start with the value zero (or some other known value). At the end of the data word, the modulus operator is applied and the two values are combined to form the Fletcher checksum value.

Sensitivity to the order of blocks is introduced because once a block is added to the first sum, it is then repeatedly added to the second sum along with every block after it. If, for example, two adjacent blocks become exchanged, the one that was originally first will be added to the second sum one fewer times and the one that was originally second will be added to the second sum one more time. The final value of the first sum will be the same but the second sum will be different, detecting the change to the message.

The universe of possible checksum values is now the square of the value for the simple checksum. In our example, the two sums each with 255 possible values result in 65025 possible values for the combined checksum.

[edit] Fletcher-16

When the data word is divided into 8 bit blocks, as in the example above, two 8-bit sums result and are combined into a 16-bit Fletcher checksum. Usually, the second sum will be multiplied by 256 and added to the simple checksum, effectively stacking the sums side-by-side in a 16-bit word with the simple checksum at the least significant end. This algorithm is then called the Fletcher-16 checksum. The use of the modulus 255 is also generally implied.

The choice of modulus must obviously be such that the results will fit in the block size. 256 is therefore the largest possible modulus for Fletcher-16. It is a poor choice, however, as bits that overflow past bit 7 of the sum are simply lost. A modulus that takes the overflow bits and mixes them into the lower bits provides better error detection. The modulus should, however, be large so as to obtain the largest universe of checksum values. The value 255 takes the second consideration over the first, but has been found to have excellent performance.

[edit] Fletcher-32

When the data word is divided into 16 bit blocks, two 16-bit sums result and are combined into a 32-bit Fletcher checksum. Usually, the second sum will be multiplied by 2^16 and added to the simple checksum, effectively stacking the sums side-by-side in a 32-bit word with the simple checksum at the least significant end. This algorithm is then called the Fletcher-32 checksum. The use of the modulus 65535 is also generally implied. The rationale for this choice is the same as for Fletcher-16.

[edit] Comparison with the Adler Checksum

The Adler-32 checksum is a specialization of the Fletcher-32 checksum devised by Mark Adler. The modulus selected (for both sums) is the prime number 65,521 (65,535 is divisible by 3, 5, 17 and 257). The first sum also begins with the value 1. The selection of a prime modulus results in improved "mixing" (error patterns are detected with more uniform probability, improving the probability that the least detectable patterns will be detected, which tends to dominate overall performance). However, the reduction in size of the universe of possible checksum values acts against this and reduces performance slightly. Studies show^[1] that the difference in performance of the Adler-32 and Fletcher-32 checksums is so small as to be of academic interest only. As modulo-65,535 addition is considerably simpler and faster to implement than modulo-65,521 addition, the Fletcher-32 checksum is generally to be preferred.

[edit] Use of the Fletcher Checksum

Fletcher's checksum is described in RFC 1146. You can also find information about generating (as well as verifying) such a checksum in Annex B of RFC 905.

[edit] Weaknesses

The Fletcher checksum cannot distinguish between blocks of all 0 bits and blocks of all 1 bits. For example, if a 16-bit block in the data word changes from 0x0000 to 0xFFFF, the Fletcher-32 checksum remains the same. This also means a sequence of all 00 bytes has the same checksum as a sequence (of the same size) of all FF bytes.

[edit] Implementation

[edit] Straightforward

A straightforward implementation of a C language function to compute the Fletcher-32 checksum of an array of 16-bit data elements follows:

 1  uint32_t Fletcher32( uint16_t * data, size_t length )
 2  {
 3     uint32_t sum1 = 0;
 4     uint32_t sum2 = 0;
 5     while ( length-- )
 6     {
 7        sum1 += *data++;
 8        if ( sum1 >= 0x0000FFFF )
 9           sum1 -= 0x0000FFFF;
10        sum2 += sum1;
11        if ( sum2 >= 0x0000FFFF )
12           sum2 -= 0x0000FFFF;
13     }
14     return ( (sum2 << 16) | sum1 );
15  }

On lines 3 and 4, the sums are 32-bit variables so that the 16-bit additions on lines 7 and 10 will not overflow. The modulo operation is applied to the first sum on lines 8 and 9 and to the second sum on lines 11 and 12. Here, this is done after each addition, so that at the end of the while loop the sums are always reduced to 16-bits. At the end of the input data, the two sums are combined into the 32-bit Fletcher checksum value and returned by the function on line 14.

This implementation will never produce the checksum results 0x0000FFFF, 0xFFFF0000 or 0xFFFFFFFF. This conforms to the algorithm description in which each separate sum is stated to be a modulo-65,535 result. The value 0xFFFF should therefore not appear in the output and should instead be reduced to 0x0000. This implementation can produce the checksum result 0x00000000, which may not be desirable in some circumstances (e.g when this value has been reserved to mean "no checksum has been computed").

[edit] Optimizations

An optimized implementation in the C programming language operates as follows:

 
uint32_t fletcher32( uint16_t *data, size_t len )
{
        uint32_t sum1 = 0xffff, sum2 = 0xffff;
 
        while (len) {
                unsigned tlen = len > 360 ? 360 : len;
                len -= tlen;
                do {
                        sum1 += *data++;
                        sum2 += sum1;
                } while (--tlen);
                sum1 = (sum1 & 0xffff) + (sum1 >> 16);
                sum2 = (sum2 & 0xffff) + (sum2 >> 16);
        }
        /* Second reduction step to reduce sums to 16 bits */
        sum1 = (sum1 & 0xffff) + (sum1 >> 16);
        sum2 = (sum2 & 0xffff) + (sum2 >> 16);
        return sum2 << 16 | sum1;
}

A few tricks, well-known to implementers of the IP checksum, are used here for efficiency:

• This reduces to the range 1..65535 rather than 0..65534. Modulo 65535, the values 65535 = 0xffff and 0 are equivalent, but it is easier to detect overflow if the former convention is used. This also provides the guarantee that the resultant checksum will never be zero, so that value is available for a special flag, such as "checksum not yet computed".
• 65536 ≡ 1 mod 65535, so the end-around carry expression (x & 0xffff) + (x >> 16) reduces x modulo 65535. Only doing it once is not guaranteed to be complete, but it will be in the range 1..0x1fffe. A second repetition guarantees a fully reduced sum in the range of 1..0xffff.
• This uses a 32-bit accumulator to perform a number of sums before doing any modular reduction. The magic value 360 is the largest number of sums that can be performed without numeric overflow. Any smaller value is also permissible; 256 may be convenient in many cases.
• For 8 bit checksums (with 16 bit accumulators) the maximum number of sums that can be performed before doing the modular reduction is 21.

An efficient 8 bit implementation in the C programming language is as follows:

 
void fletcher16( uint8_t *checkA, uint8_t *checkB, uint8_t *data, size_t len )
{
        uint16_t sum1 = 0xff, sum2 = 0xff;
 
        while (len) {
                size_t tlen = len > 21 ? 21 : len;
                len -= tlen;
                do {
                        sum1 += *data++;
                        sum2 += sum1;
                } while (--tlen);
                sum1 = (sum1 & 0xff) + (sum1 >> 8);
                sum2 = (sum2 & 0xff) + (sum2 >> 8);
        }
        /* Second reduction step to reduce sums to 8 bits */
        sum1 = (sum1 & 0xff) + (sum1 >> 8);
        sum2 = (sum2 & 0xff) + (sum2 >> 8);
        *checkA = (uint8_t)sum1;
        *checkB = (uint8_t)sum2;
        return;
}

[edit] Bit and Byte Ordering (Endianness / Network Order)

As with any calculation that divides a binary data word into short blocks and treats the blocks as numbers, any two systems expecting to get the same result should preserve the ordering of bits in the data word. In this respect, the Fletcher checksum is no different from other checksum and CRC algorithms and needs no special explanation.

An ordering problem that is easy to envision occurs when the data word is transferred byte-by-byte between a big-endian system and a little-endian system and the Fletcher-32 checksum is computed. If blocks are extracted from the data word in memory by a simple read of a 16-bit unsigned integer, then the values of the blocks will be different in the two systems, due to the reversal of the byte order of 16-bit data elements in memory, and the checksum result will be different as a consequence. The implementation examples, above, do not address ordering issues so as not to obscure the checksum algorithm. Because the Fletcher-16 checksum uses 8-bit blocks, it is not affected by byte endianness.

[edit] Notes

1. ^ Maxino, Theresa (2006). "Revisiting Fletcher and Adler Checksums" (PDF). DSN 2006 Student Forum. http://www.zlib.net/maxino06_fletcher-adler.pdf. Retrieved 2008-12-02. 

[edit] Further References

• Fletcher, J. G., “An Arithmetic Checksum for Serial Transmissions”, IEEE Trans. on Comm., Vol. COM-30, No. 1, January 1982, pp 247-252.

[edit] External links

• RFC 1146 - TCP Alternate Checksum Options describes the Fletcher checksum algorithm.
• Performance of Checksums and CRCs over Real Data
• Maxino & Koopman - compares Adler, Fletcher, and CRC checksums
• John Kodis - When it comes to high-speed data verification, Fletcher's checksum algorithm can do the job.

This computer science article is a stub. You can help Wikipedia by expanding it. v • d • e