Herlestam T. (1986) `On the functions of linear shift register sequences', In Advances in Cryptology -- EUROCRYPT'85, Lecture Notes in Computer Science, volume 219, pages 119--129.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....is often used to define an LFSR. Using GF(2 ) instead of GF(2) in the shift register has very little effect on the properties of the register itself. The linear recursion over GF(2 ) can be shown to be equivalent to implementing 32 parallel bit wise LFSRs, each of length 17 32 = 544 (see [26]) These linear recurrences are all the same, represented by a polynomial p 2 (x) over GF(2) shown in binary, with the first bit being the constant term and increasing exponent) 1000000000000000010101010101011101110111011000110110001111100011 ....

T. Herlestam, "On functions of Linear Shift Register Sequences", in Franz Pichler, editor, Proc. EUROCRYPT 85, LNCS 219, Springer-Verlag 1986.

....2 (z) and the period is given by the smallest T such that C 1 (z) divides 1 z T . If C 1 (z) C 2 (z) are relatively prime and their individual periods are T 1 , T 2 , the period of the resulting sequence will be T = T 1 T 2 . For the linear complexity of a sequence it has been shown [18] that if C 1 (z) C 2 (z) are relatively prime the added sequence will have a complexity that equals the sum of the individual complexity of the two generators. If they are not relatively prime the resulting complexity will be lower than this. In for example references [7] and [18] the linear ....

....has been shown [18] that if C 1 (z) C 2 (z) are relatively prime the added sequence will have a complexity that equals the sum of the individual complexity of the two generators. If they are not relatively prime the resulting complexity will be lower than this. In for example references [7] and [18] the linear complexity of other combinations of shift register sequences has been analysed. Secret Sharing Secret sharing deals with situations when someone wants to store a secret, but does not trust any single place to keep it safe. The solution is to distribute the secret by giving pieces of ....

T. Herlestam. On functions of linear shift register sequences. In Notes in Computer Science, pages 119--129, 1985.

....## The information in this document is provided as is, and no warranty is given or implied that the information is fit for any particular purpose. The user thereof uses the information at its sole risk and liability. and q(#) 0. This linear recurrence over GF (2 ) can be shown [Her85] to be equivalent to implementing 32 parallel bit wise LFSR s, each of length 16 32 = 512. These linear recurrences are all the same, represented by a polynomial p(x) over GF (2) p(x) 1 x 70 82 88 105 111 114 117 118 126 130 132 135 136 138 ....

T. Herlestam, On functions of linear shift register sequences, Proceedings of EUROCRYPT '85, Lecture Notes in Computer Science, Springer Verlag, 1985, pp. 119--129.

....is provided as is, and no warranty is given or implied that the information is fit for any particular purpose. The user thereof uses the information at its sole risk and liability. 3. 2 Linear Feedback Shift Register The linear recurrence over GF (2 ) of the SOBER t16 LFSR can be shown, see [Her85], to be equivalent to implementing 16 parallel bit wise LFSR s, each of length 17 16 = 272. These linear recurrences are all the same, represented by the primitive polynomial p 16 (x) over GF (2) 15 18 20 24 28 43 48 72 73 ....

T. Herlestam, On functions of linear shift register sequences, Proceedings of EUROCRYPT '85, Lecture Notes in Computer Science, Springer Verlag, 1985, pp. 119--129.

....long carry chains provide enough di#usion to disturb the linear relationships occasionally. A lot of di#usion occurs by the clocking of the LFSR. However, this linear operation in GF (2 ) is also linear in GF (2) The linear recurrence over GF (2 ) of the SOBER t32 LFSR can be shown, see [Her85], to be equivalent to implementing 32 parallel bit wise LFSRs, each of length 17 32 = 544. These linear recurrences are identical, represented by the primitive polynomial p 32 (x) over GF (2) p 32 (x) 1 x 17 19 21 23 27 29 30 31 33 34 35 37 38 ....

T. Herlestam, On functions of linear shift register sequences, Proceedings of EUROCRYPT '85, Lecture Notes in Computer Science, Springer Verlag, 1985, pp. 119--129.

....so there is no significant risk of an unknown plaintext attack. This analysis concentrates on vulnerability of t class ciphers to known plaintext attacks. Using (2) w GF instead of (2) GF in the shift register has very little effect on the properties of the register itself. Herlestam [11] shows that the individual bits of this shift register go through the same sequence as if they were generated by a register over (2) GF with the same total state. The different bit positions in the words are merely offsets in the output sequence of that LFSR. Therefore, recovering any linearly ....

See T. Herlestam, "On functions of Linear Shift Register Sequences", in Franz Pichler, editor, Proc. EUROCRYPT 85, LNCS 219, Springer-Verlag 1986.

....over F p of c. 2. per(c i )jper(c) Moreover, if f i ; i = 1; 2 are irreducible, then 3. per(f i ) per(c i ) i = 1; 2. 4. per(f) lcmfper(f 1 ) per(f 2 )g. 5. per(f) per(c) Fact 2 can be generalized to the case that c is a sum of any s 1 sequences over F p . For a proof, see [18] [14] Fact 3 Let c be an non sequence over F p of period tjp n 1. Let g(x) g 1 (x) g s (x) be the minimal polynomial of c over F p where the g j are irreducible over F p . Then c can be decomposed into c = c 1 c s where c j 6= 0 is periodic sequence over F p and the minimal ....

....linear span of in terms of an upper bound of the linear span of the power function sequence r = f r j g j 0 of the m sequence of degree 2. Fortunately, the linear spans of function sequences of linear feedback shift sequences have already been discussed by Herlestam in the middle of 80 s [18]. From his work, we have the following result. Proposition 7. With the above notation. Let r = r 0 r 1 p r n 1 p n 1 ; 0 r i p. Then LS( r ) the linear span of r , is given by LS( r ) n 1 Y i=0 (r i 1) Lemma 12. With the same as above. Let 0 r p n 1 ....

Tor Herlestam, On functions of linear shift register sequences, Advances in Cryptology-EuroCrypt'85, Lecture Notes in Computer Science, No. 219, Springer-Verlag, 1985, pp. 119-129.

....the innermost trace factors of the cascaded GMW functions. Assume R:P: f(x) P 0i p n a i x i , we will say x i appears in f(x) if a i 6= 0. We recall that the Hamming weight of f(x) denoted by W (f(x) is defined as the total number of the non zero coefficients in R:P: f(x) Lemma 1. [13] Let (E; K) be a field chain with jEj = q = p w ; K : E] m. For any a; 1 a jEj, if a = P 0j m a j p j , 0 a j p 8j, define I a (jEj; K : E] ft j t = X 0i m;0j w t i;j q i p j ; 0 t i;j p; X 0i m t i;j = a j g: Then 1. x a ffi T r K E (x) X t2Ia ....

Tor Herlestam, On functions of linear shift register sequences, Advances in Cryptology-EuroCrypto'85, Lecture Notes in Computer Science, No. 219, SpringerVerlag, 1985, pp. 119-129.

....subsequent operations, so there is no significant risk of an unknown plaintext attack. This analysis concentrates on vulnerability of SOBER to known plaintext attacks. Using GF(2 n ) instead of GF(2) in the shift register has very little effect on the properties of the register itself. Herlestam [4] shows that the individual bits of this shift register go through the same sequence as if they were generated by a register over GF(2) with the same total state. The different bit positions in the words are merely offsets in the output sequence of that LFSR. Therefore, recovering any linearly ....

T. Herlestam, "On functions of Linear Shift Register Sequences", in Franz Pichler, editor, Proc. EUROCRYPT 85, LNCS 219, Springer-Verlag 1986.

.... expression will be called the weight of f , written W (f ) For an integer e, if e = P 0i e i p i ; 0 e i p, the p Gammaweight of e, denoted by W p (e) is defined as W p (e) X 0i e i : 10) We list the following lemma whose proofs for characteristic p = 2 and p 2 can be found in [8, 6], respectively. Lemma 1 Let q = p c , n 1, and e = P i0 e i p i ; 0 e i p, and (t; q n ) 1, and 0 6= 2 GF (p n ) Then W ( Tr GF (q n ) GF (q) x t ) e ) Y 0i c n Gamma 1 e i n Gamma 1 : In particular, when n 1, then W ( Tr GF (q n ) GF (q) ....

Tor Herlestam, On functions of linear shift register sequences, Advances in Cryptology-EuroCrypt'85, Lecture Notes in Computer Science, No. 219, Springer-Verlag, 1985, pp. 119-129.

....) i.e. W (f) jfi j f i 6= 0; 0 i q m gj: Let i = wm Gamma1 X j=0 u j;i p j ; u j;i 2 GF (p) I(j; i; n; m) p j n Gamma1 X l=0 r l q l j n Gamma1 X l=0 r l = u j;i and r l 0 ) I(i; n; m) wm Gamma1 j=0 I(j; i; nm;m) The following result is due to T. Herlestam [12] in 1985. Proposition 3 (Herlestam 1985) Let q = p w . Let f(x) GF (q m ) Gamma GF (q) with the polynomial form f(x) P f i x i , and let h(x) f(x) ffi Tr nm m (x d ) where (d; q nm Gamma 1) 1. Then W (h) X f i 6=0 wm Gamma1 Y j=0 n u j;i Gamma 1 u j;i ....

Tor Herlestam, On functions of linear shift register sequences, Advances in CryptologyEuroCrypt '85, Lecture Notes in Computer Science, No. 219, Springer-Verlag, 1985, pp. 119-129.

....of dimension L over IF, for example, see Chapter 8 of [15] Therefore, any T L 1 solutions are linear dependent. In particular, the sequences (s n j1 ) s n j T ) are linear dependent. ut We also need the following statements which are partial cases of much more general results of [5, 10, 12]. Lemma 3. Let a sequence (s n ) satisfy a linear recurrence relation of order k over a field IF. Then the sequence of squares (s 2 n ) satisfies a linear recurrence relation of order at most k(k 1) 2. Lemma 4. Let sequences (s n ) and (r n ) satisfy linear recurrence relations of order k 1 ....

T. Herlestam, ` On functions of linear shift register sequences', Lect. Notes in Comp. Sci., Springer-Verlag, Berlin, 291 (1987), 119--129.

....if g(x) x, then A is an m sequence of period 2 n Gamma 1. So, a lot of research has been looking for a clever way to choose the function g(x) such that the resulting sequence has a large linear span, a long period and good statistical properties. Examples include filter function generators [22, 26, 41, 24, 25, 3, 27, 44, 5, 47, 12, 46, 28, 19, 17, 18, 38, 32, 33], combinatorial function generators [22, 48, 43, 52, 8] and clock controlled generators and shrinking generators[1, 13, 30, 6] Unfortunately, the trace function destroys the structure of Reed Solomon code. It is difficult to get sequences satisfying cryptographic requirements from this approach. ....

T. Herlestam, On functions of linear shift register sequences, Advances in Cryptology-Eurocrypt'85, Lecture Notes in Computer Science, No. 219, Springer-Verlag, 1985, pp. 119-129.

....subsequent operations, so there is no significant risk of an unknown plaintext attack. This analysis concentrates on vulnerability of SOBER to known plaintext attacks. Using GF(2 8 ) instead of GF(2) in the shift register has very little effect on the properties of the register itself. Herlestam [4] shows that the individual bits of this shift register go through the same sequence as if they were generated by a register over GF(2) with the same total state of 136 bits. The different bit positions in the bytes are merely offsets in the output sequence of that LFSR. Therefore, recovering any ....

T. Herlestam, "On functions of Linear Shift Register Sequences", in Franz Pichler, editor, Proc. EUROCRYPT 85, LNCS 219, Springer-Verlag 1986.

No context found.

Herlestam T. (1986) `On the functions of linear shift register sequences', In Advances in Cryptology -- EUROCRYPT'85, Lecture Notes in Computer Science, volume 219, pages 119--129.

No context found.

T. Herlestam, On functions of linear shift register sequences, in Proceedings of Eurocrypt

No context found.

See T. Herlestam, "On functions of Linear Shift Register Sequences", in Franz Pichler, editor, Proc. EUROCRYPT 85, LNCS 219, Springer-Verlag 1986.

No context found.

T. Herlestam. On functions of Linear Shift Register Sequences. Advances in Cryptology, EUROCRYPT'85, Lecture Notes in Computer Science, vol. 219, F. Pichler ed., Springer-Verlag, 1986.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC