Linear Feedback Shift Registers and Complexity A survey

106
Linear Feedback Shift Registers and Complexity A survey . . . Linear Feedback Shift Registers and Complexity A survey Michele Elia (Politecnico di Torino) Bunny TN 3 Trento, 12 marzo 2012

Transcript of Linear Feedback Shift Registers and Complexity A survey

Page 1: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

.

.

. ..

.

.

Linear Feedback Shift Registers and ComplexityA survey

Michele Elia (Politecnico di Torino)

Bunny TN 3

Trento, 12 marzo 2012

Page 2: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Outline

...1 Binary sequences and Complexity

...2 Finite State Machines and LFSR

...3 HW/SW Complexity

...4 LFSR structures

...5 LFSR ?

...6 Conclusions

Page 3: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Outline

...1 Binary sequences and Complexity

...2 Finite State Machines and LFSR

...3 HW/SW Complexity

...4 LFSR structures

...5 LFSR ?

...6 Conclusions

Page 4: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Outline

...1 Binary sequences and Complexity

...2 Finite State Machines and LFSR

...3 HW/SW Complexity

...4 LFSR structures

...5 LFSR ?

...6 Conclusions

Page 5: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Outline

...1 Binary sequences and Complexity

...2 Finite State Machines and LFSR

...3 HW/SW Complexity

...4 LFSR structures

...5 LFSR ?

...6 Conclusions

Page 6: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Outline

...1 Binary sequences and Complexity

...2 Finite State Machines and LFSR

...3 HW/SW Complexity

...4 LFSR structures

...5 LFSR ?

...6 Conclusions

Page 7: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Outline

...1 Binary sequences and Complexity

...2 Finite State Machines and LFSR

...3 HW/SW Complexity

...4 LFSR structures

...5 LFSR ?

...6 Conclusions

Page 8: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Outline

...1 Binary sequences and Complexity

...2 Finite State Machines and LFSR

...3 HW/SW Complexity

...4 LFSR structures

...5 LFSR ?

...6 Conclusions

Page 9: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Binary sequences

. . . , 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, . . .

. . . , 0, 1, 0, 1, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, . . .

. . . , 1, 1, 0, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, . . .

. . . , 0, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, . . .

Cryptography

Testing of digital devices

Spread spectrum techniques

Navigation and localization systems

Simulation

Page 10: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Binary sequences

. . . , 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, . . .

. . . , 0, 1, 0, 1, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, . . .

. . . , 1, 1, 0, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, . . .

. . . , 0, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, . . .

Cryptography

Testing of digital devices

Spread spectrum techniques

Navigation and localization systems

Simulation

Page 11: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Binary sequences

. . . , 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, . . .

. . . , 0, 1, 0, 1, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, . . .

. . . , 1, 1, 0, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, . . .

. . . , 0, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, . . .

Cryptography

Testing of digital devices

Spread spectrum techniques

Navigation and localization systems

Simulation

Page 12: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Binary sequences

. . . , 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, . . .

. . . , 0, 1, 0, 1, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, . . .

. . . , 1, 1, 0, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, . . .

. . . , 0, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, . . .

Cryptography

Testing of digital devices

Spread spectrum techniques

Navigation and localization systems

Simulation

Page 13: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Binary sequences

. . . , 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, . . .

. . . , 0, 1, 0, 1, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, . . .

. . . , 1, 1, 0, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, . . .

. . . , 0, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, . . .

Cryptography

Testing of digital devices

Spread spectrum techniques

Navigation and localization systems

Simulation

Page 14: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Binary sequences

. . . , 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, . . .

. . . , 0, 1, 0, 1, 1, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, . . .

. . . , 1, 1, 0, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, . . .

. . . , 0, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, . . .

Cryptography

Testing of digital devices

Spread spectrum techniques

Navigation and localization systems

Simulation

Page 15: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences (Knuth, The art of Computer Programming, vol.2)

.Definition (D.H. Lehmer (1951))..

.

. ..

.

.

A random sequence x1, x2, x3, x4, . . . is a sequence such that

...1 embodies the idea that each term is unpredictable to theuninitiated observer;

...2 its digits pass a certain number of tests traditional withstatisticians and depending somewhat on the uses to whichthe sequence is to be put.

Examples of Tests

Average, Mean-square error, χ-square test

Monte Carlo tests

Kolmogorov-Smirnov test

Runs’ test, Auto-correlation function test

Linear Complexity Profile

Page 16: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences (Knuth, The art of Computer Programming, vol.2)

.Definition (D.H. Lehmer (1951))..

.

. ..

.

.

A random sequence x1, x2, x3, x4, . . . is a sequence such that

...1 embodies the idea that each term is unpredictable to theuninitiated observer;

...2 its digits pass a certain number of tests traditional withstatisticians and depending somewhat on the uses to whichthe sequence is to be put.

Examples of Tests

Average, Mean-square error, χ-square test

Monte Carlo tests

Kolmogorov-Smirnov test

Runs’ test, Auto-correlation function test

Linear Complexity Profile

Page 17: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences (Knuth, The art of Computer Programming, vol.2)

.Definition (D.H. Lehmer (1951))..

.

. ..

.

.

A random sequence x1, x2, x3, x4, . . . is a sequence such that...1 embodies the idea that each term is unpredictable to theuninitiated observer;

...2 its digits pass a certain number of tests traditional withstatisticians and depending somewhat on the uses to whichthe sequence is to be put.

Examples of Tests

Average, Mean-square error, χ-square test

Monte Carlo tests

Kolmogorov-Smirnov test

Runs’ test, Auto-correlation function test

Linear Complexity Profile

Page 18: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences (Knuth, The art of Computer Programming, vol.2)

.Definition (D.H. Lehmer (1951))..

.

. ..

.

.

A random sequence x1, x2, x3, x4, . . . is a sequence such that...1 embodies the idea that each term is unpredictable to theuninitiated observer;

...2 its digits pass a certain number of tests traditional withstatisticians and depending somewhat on the uses to whichthe sequence is to be put.

Examples of Tests

Average, Mean-square error, χ-square test

Monte Carlo tests

Kolmogorov-Smirnov test

Runs’ test, Auto-correlation function test

Linear Complexity Profile

Page 19: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences (Knuth, The art of Computer Programming, vol.2)

.Definition (D.H. Lehmer (1951))..

.

. ..

.

.

A random sequence x1, x2, x3, x4, . . . is a sequence such that...1 embodies the idea that each term is unpredictable to theuninitiated observer;

...2 its digits pass a certain number of tests traditional withstatisticians and depending somewhat on the uses to whichthe sequence is to be put.

Examples of Tests

Average, Mean-square error, χ-square test

Monte Carlo tests

Kolmogorov-Smirnov test

Runs’ test, Auto-correlation function test

Linear Complexity Profile

Page 20: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences (Knuth, The art of Computer Programming, vol.2)

.Definition (D.H. Lehmer (1951))..

.

. ..

.

.

A random sequence x1, x2, x3, x4, . . . is a sequence such that...1 embodies the idea that each term is unpredictable to theuninitiated observer;

...2 its digits pass a certain number of tests traditional withstatisticians and depending somewhat on the uses to whichthe sequence is to be put.

Examples of Tests

Average, Mean-square error, χ-square test

Monte Carlo tests

Kolmogorov-Smirnov test

Runs’ test, Auto-correlation function test

Linear Complexity Profile

Page 21: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences (Knuth, The art of Computer Programming, vol.2)

.Definition (D.H. Lehmer (1951))..

.

. ..

.

.

A random sequence x1, x2, x3, x4, . . . is a sequence such that...1 embodies the idea that each term is unpredictable to theuninitiated observer;

...2 its digits pass a certain number of tests traditional withstatisticians and depending somewhat on the uses to whichthe sequence is to be put.

Examples of Tests

Average, Mean-square error, χ-square test

Monte Carlo tests

Kolmogorov-Smirnov test

Runs’ test, Auto-correlation function test

Linear Complexity Profile

Page 22: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences (Knuth, The art of Computer Programming, vol.2)

.Definition (D.H. Lehmer (1951))..

.

. ..

.

.

A random sequence x1, x2, x3, x4, . . . is a sequence such that...1 embodies the idea that each term is unpredictable to theuninitiated observer;

...2 its digits pass a certain number of tests traditional withstatisticians and depending somewhat on the uses to whichthe sequence is to be put.

Examples of Tests

Average, Mean-square error, χ-square test

Monte Carlo tests

Kolmogorov-Smirnov test

Runs’ test, Auto-correlation function test

Linear Complexity Profile

Page 23: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences (Knuth, The art of Computer Programming, vol.2)

.Definition (D.H. Lehmer (1951))..

.

. ..

.

.

A random sequence x1, x2, x3, x4, . . . is a sequence such that...1 embodies the idea that each term is unpredictable to theuninitiated observer;

...2 its digits pass a certain number of tests traditional withstatisticians and depending somewhat on the uses to whichthe sequence is to be put.

Examples of Tests

Average, Mean-square error, χ-square test

Monte Carlo tests

Kolmogorov-Smirnov test

Runs’ test, Auto-correlation function test

Linear Complexity Profile

Page 24: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences (Knuth, The art of Computer Programming, vol.2)

.Definition (D.H. Lehmer (1951))..

.

. ..

.

.

A random sequence x1, x2, x3, x4, . . . is a sequence such that...1 embodies the idea that each term is unpredictable to theuninitiated observer;

...2 its digits pass a certain number of tests traditional withstatisticians and depending somewhat on the uses to whichthe sequence is to be put.

Examples of Tests

Average, Mean-square error, χ-square test

Monte Carlo tests

Kolmogorov-Smirnov test

Runs’ test, Auto-correlation function test

Linear Complexity Profile

Page 25: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences and Information measures

The maximum amount of information carried by a binarysequence is equal to its length.

A genuine random binary sequence of statisticallyindependent and equiprobable symbols cannot be describedusing an amount of information smaller than its length.

The measure of information carried by a sequence can betaken as a measure of its complexity: it follows thatgenuine random binary sequences are sequences ofmaximum complexity.

Kolmogorov: the algorithmic complexity description of anobject is the length of the shortest binary computer programthat describe the object

Page 26: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences and Information measures

The maximum amount of information carried by a binarysequence is equal to its length.

A genuine random binary sequence of statisticallyindependent and equiprobable symbols cannot be describedusing an amount of information smaller than its length.

The measure of information carried by a sequence can betaken as a measure of its complexity: it follows thatgenuine random binary sequences are sequences ofmaximum complexity.

Kolmogorov: the algorithmic complexity description of anobject is the length of the shortest binary computer programthat describe the object

Page 27: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences and Information measures

The maximum amount of information carried by a binarysequence is equal to its length.

A genuine random binary sequence of statisticallyindependent and equiprobable symbols cannot be describedusing an amount of information smaller than its length.

The measure of information carried by a sequence can betaken as a measure of its complexity: it follows thatgenuine random binary sequences are sequences ofmaximum complexity.

Kolmogorov: the algorithmic complexity description of anobject is the length of the shortest binary computer programthat describe the object

Page 28: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences and Information measures

The maximum amount of information carried by a binarysequence is equal to its length.

A genuine random binary sequence of statisticallyindependent and equiprobable symbols cannot be describedusing an amount of information smaller than its length.

The measure of information carried by a sequence can betaken as a measure of its complexity: it follows thatgenuine random binary sequences are sequences ofmaximum complexity.

Kolmogorov: the algorithmic complexity description of anobject is the length of the shortest binary computer programthat describe the object

Page 29: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences and Information measures

The maximum amount of information carried by a binarysequence is equal to its length.

A genuine random binary sequence of statisticallyindependent and equiprobable symbols cannot be describedusing an amount of information smaller than its length.

The measure of information carried by a sequence can betaken as a measure of its complexity: it follows thatgenuine random binary sequences are sequences ofmaximum complexity.

Kolmogorov: the algorithmic complexity description of anobject is the length of the shortest binary computer programthat describe the object

Page 30: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Random sequences and Information measures

The maximum amount of information carried by a binarysequence is equal to its length.

A genuine random binary sequence of statisticallyindependent and equiprobable symbols cannot be describedusing an amount of information smaller than its length.

The measure of information carried by a sequence can betaken as a measure of its complexity: it follows thatgenuine random binary sequences are sequences ofmaximum complexity.

Kolmogorov: the algorithmic complexity description of anobject is the length of the shortest binary computer programthat describe the object

Page 31: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear registers

0 1 1 0 0

?

?

�����m

-

g(Z) = 1 + Z−2 + Z−5

Page 32: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear registers

0 1 1 0 0

?

?

�����m

-

g(Z) = 1 + Z−2 + Z−5

Page 33: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear registers

0 1 1 0 0

?

?

�����m

-

g(Z) = 1 + Z−2 + Z−5

Page 34: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear registers

0 1 1 0 0

?

?

�����m

-

g(Z) = 1 + Z−2 + Z−5

Page 35: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear registers

0 1 1 0 0

?

?

�����m

-

g(Z) = 1 + Z−2 + Z−5

Page 36: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear registers

0 1 1 0 0

?

?

�����m

-

g(Z) = 1 + Z−2 + Z−5

Page 37: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear FINITE STATE MACHINE (FSM)

A FSM is a five-tuple {A,S, stat, out, so} where

A is the output finite set of symbols (e.g. F2) .

S = {s} is the finite set of states (e.g. s ∈ Fm2 )

stat is the transition function, that is a mapping from Sinto S

stat : S → S

(e.g. stat(s) = Ms where M is an m×m binary matrix).

out is the output function, that is a mapping from S into A

stat : S → A

(e.g. out(s) = sm ∈ F2, s is an m-dimensional binaryvector)

so is the initial state, i.e. a fixed element from S

Page 38: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear FINITE STATE MACHINE (FSM)

A FSM is a five-tuple {A,S, stat, out, so} where

A is the output finite set of symbols (e.g. F2) .

S = {s} is the finite set of states (e.g. s ∈ Fm2 )

stat is the transition function, that is a mapping from Sinto S

stat : S → S

(e.g. stat(s) = Ms where M is an m×m binary matrix).

out is the output function, that is a mapping from S into A

stat : S → A

(e.g. out(s) = sm ∈ F2, s is an m-dimensional binaryvector)

so is the initial state, i.e. a fixed element from S

Page 39: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear FINITE STATE MACHINE (FSM)

A FSM is a five-tuple {A,S, stat, out, so} where

A is the output finite set of symbols (e.g. F2) .

S = {s} is the finite set of states (e.g. s ∈ Fm2 )

stat is the transition function, that is a mapping from Sinto S

stat : S → S

(e.g. stat(s) = Ms where M is an m×m binary matrix).

out is the output function, that is a mapping from S into A

stat : S → A

(e.g. out(s) = sm ∈ F2, s is an m-dimensional binaryvector)

so is the initial state, i.e. a fixed element from S

Page 40: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear FINITE STATE MACHINE (FSM)

A FSM is a five-tuple {A,S, stat, out, so} where

A is the output finite set of symbols (e.g. F2) .

S = {s} is the finite set of states (e.g. s ∈ Fm2 )

stat is the transition function, that is a mapping from Sinto S

stat : S → S

(e.g. stat(s) = Ms where M is an m×m binary matrix).

out is the output function, that is a mapping from S into A

stat : S → A

(e.g. out(s) = sm ∈ F2, s is an m-dimensional binaryvector)

so is the initial state, i.e. a fixed element from S

Page 41: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear FINITE STATE MACHINE (FSM)

A FSM is a five-tuple {A,S, stat, out, so} where

A is the output finite set of symbols (e.g. F2) .

S = {s} is the finite set of states (e.g. s ∈ Fm2 )

stat is the transition function, that is a mapping from Sinto S

stat : S → S

(e.g. stat(s) = Ms where M is an m×m binary matrix).

out is the output function, that is a mapping from S into A

stat : S → A

(e.g. out(s) = sm ∈ F2, s is an m-dimensional binaryvector)

so is the initial state, i.e. a fixed element from S

Page 42: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear FINITE STATE MACHINE (FSM)

A FSM is a five-tuple {A,S, stat, out, so} where

A is the output finite set of symbols (e.g. F2) .

S = {s} is the finite set of states (e.g. s ∈ Fm2 )

stat is the transition function, that is a mapping from Sinto S

stat : S → S

(e.g. stat(s) = Ms where M is an m×m binary matrix).

out is the output function, that is a mapping from S into A

stat : S → A

(e.g. out(s) = sm ∈ F2, s is an m-dimensional binaryvector)

so is the initial state, i.e. a fixed element from S

Page 43: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear FINITE STATE MACHINE (FSM)

A FSM is a five-tuple {A,S, stat, out, so} where

A is the output finite set of symbols (e.g. F2) .

S = {s} is the finite set of states (e.g. s ∈ Fm2 )

stat is the transition function, that is a mapping from Sinto S

stat : S → S

(e.g. stat(s) = Ms where M is an m×m binary matrix).

out is the output function, that is a mapping from S into A

stat : S → A

(e.g. out(s) = sm ∈ F2, s is an m-dimensional binaryvector)

so is the initial state, i.e. a fixed element from S

Page 44: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear Sequences x(0), x(1), . . . , x(n), . . .

A linear sequence generated by a FSM may be specified in twoways

Using the matrix description

s(n+ 1) = Ms(n) , x(n+ 1) = sm(n+ 1)

Using linear recurrences, i.e. recurrent equations of order m

x(n) = a1x(n− 1) + a2x(n− 2) + · · ·+ amx(n−m)

Page 45: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear Sequences x(0), x(1), . . . , x(n), . . .

A linear sequence generated by a FSM may be specified in twoways

Using the matrix description

s(n+ 1) = Ms(n) , x(n+ 1) = sm(n+ 1)

Using linear recurrences, i.e. recurrent equations of order m

x(n) = a1x(n− 1) + a2x(n− 2) + · · ·+ amx(n−m)

Page 46: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear Sequences x(0), x(1), . . . , x(n), . . .

A linear sequence generated by a FSM may be specified in twoways

Using the matrix description

s(n+ 1) = Ms(n) , x(n+ 1) = sm(n+ 1)

Using linear recurrences, i.e. recurrent equations of order m

x(n) = a1x(n− 1) + a2x(n− 2) + · · ·+ amx(n−m)

Page 47: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear Sequences x(0), x(1), . . . , x(n), . . .

A linear sequence generated by a FSM may be specified in twoways

Using the matrix description

s(n+ 1) = Ms(n) , x(n+ 1) = sm(n+ 1)

Using linear recurrences, i.e. recurrent equations of order m

x(n) = a1x(n− 1) + a2x(n− 2) + · · ·+ amx(n−m)

Page 48: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Generating function

The generating function of an infinite sequence is

X(Z) =

∞∑n=0

x(n)Z−n

The generating function of a linear sequence is a rationalfunction, i.e.

X(Z) =b(Z)

g(Z)=

b0 + b1Z−1 + · · ·+ bm−1Z

−m+1

am + am−1Z−1 + · · ·+ Z−m

where bi’s depend on the initial state (initial conditions).

g(Z) is the LFSR polynomial generator, and is also thecharacteristic polynomial of the transition matrix M.

Page 49: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Generating function

The generating function of an infinite sequence is

X(Z) =

∞∑n=0

x(n)Z−n

The generating function of a linear sequence is a rationalfunction, i.e.

X(Z) =b(Z)

g(Z)=

b0 + b1Z−1 + · · ·+ bm−1Z

−m+1

am + am−1Z−1 + · · ·+ Z−m

where bi’s depend on the initial state (initial conditions).

g(Z) is the LFSR polynomial generator, and is also thecharacteristic polynomial of the transition matrix M.

Page 50: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Generating function

The generating function of an infinite sequence is

X(Z) =

∞∑n=0

x(n)Z−n

The generating function of a linear sequence is a rationalfunction, i.e.

X(Z) =b(Z)

g(Z)=

b0 + b1Z−1 + · · ·+ bm−1Z

−m+1

am + am−1Z−1 + · · ·+ Z−m

where bi’s depend on the initial state (initial conditions).

g(Z) is the LFSR polynomial generator, and is also thecharacteristic polynomial of the transition matrix M.

Page 51: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Generating function

The generating function of an infinite sequence is

X(Z) =

∞∑n=0

x(n)Z−n

The generating function of a linear sequence is a rationalfunction, i.e.

X(Z) =b(Z)

g(Z)=

b0 + b1Z−1 + · · ·+ bm−1Z

−m+1

am + am−1Z−1 + · · ·+ Z−m

where bi’s depend on the initial state (initial conditions).

g(Z) is the LFSR polynomial generator, and is also thecharacteristic polynomial of the transition matrix M.

Page 52: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Period

The generating function of a periodic sequence of period τ , canbe written as

X(Z) =x(0) + x(1)Z−1 + · · ·x(τ − 1)Z−τ+1

1− Z−τ

There is a minimum τ such that Mτ = I therefore thegenerated sequences are periodic of period not greater thanτ .

- In general the period depends on the initial state.- τ is the minimum integer such that g(Z) divides 1− Z−τ .The maximum value of τ is 2m − 1, and is attained byprimitive polynomial generators.The generated sequences are called m-sequences, in thiscase the period is independent of the initial state (theall-zeros state is excluded).

Page 53: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Period

The generating function of a periodic sequence of period τ , canbe written as

X(Z) =x(0) + x(1)Z−1 + · · ·x(τ − 1)Z−τ+1

1− Z−τ

There is a minimum τ such that Mτ = I therefore thegenerated sequences are periodic of period not greater thanτ .

- In general the period depends on the initial state.- τ is the minimum integer such that g(Z) divides 1− Z−τ .The maximum value of τ is 2m − 1, and is attained byprimitive polynomial generators.The generated sequences are called m-sequences, in thiscase the period is independent of the initial state (theall-zeros state is excluded).

Page 54: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Period

The generating function of a periodic sequence of period τ , canbe written as

X(Z) =x(0) + x(1)Z−1 + · · ·x(τ − 1)Z−τ+1

1− Z−τ

There is a minimum τ such that Mτ = I therefore thegenerated sequences are periodic of period not greater thanτ .

- In general the period depends on the initial state.- τ is the minimum integer such that g(Z) divides 1− Z−τ .

The maximum value of τ is 2m − 1, and is attained byprimitive polynomial generators.The generated sequences are called m-sequences, in thiscase the period is independent of the initial state (theall-zeros state is excluded).

Page 55: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Period

The generating function of a periodic sequence of period τ , canbe written as

X(Z) =x(0) + x(1)Z−1 + · · ·x(τ − 1)Z−τ+1

1− Z−τ

There is a minimum τ such that Mτ = I therefore thegenerated sequences are periodic of period not greater thanτ .

- In general the period depends on the initial state.- τ is the minimum integer such that g(Z) divides 1− Z−τ .The maximum value of τ is 2m − 1, and is attained byprimitive polynomial generators.The generated sequences are called m-sequences, in thiscase the period is independent of the initial state (theall-zeros state is excluded).

Page 56: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR and Cyclic codes

The block of symbols forming a period of an m-sequencegenerated by a given LFSR can be considered (are) ascodewords of a cyclic code which is the dual code

(2m − 1,m, 2m−1)

of an Hamming code (2m − 1, 2m − 1−m, 3).

Every non-zero code word of a dual Hamming code hasconstant weight 2m−1 (number of 1s), and the number of zerosis 2m−1 − 1.This interpretation is useful for computing the run distributionwithin a codeword.

Page 57: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR and Cyclic codes

The block of symbols forming a period of an m-sequencegenerated by a given LFSR can be considered (are) ascodewords of a cyclic code which is the dual code

(2m − 1,m, 2m−1)

of an Hamming code (2m − 1, 2m − 1−m, 3).Every non-zero code word of a dual Hamming code hasconstant weight 2m−1 (number of 1s), and the number of zerosis 2m−1 − 1.

This interpretation is useful for computing the run distributionwithin a codeword.

Page 58: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR and Cyclic codes

The block of symbols forming a period of an m-sequencegenerated by a given LFSR can be considered (are) ascodewords of a cyclic code which is the dual code

(2m − 1,m, 2m−1)

of an Hamming code (2m − 1, 2m − 1−m, 3).Every non-zero code word of a dual Hamming code hasconstant weight 2m−1 (number of 1s), and the number of zerosis 2m−1 − 1.This interpretation is useful for computing the run distributionwithin a codeword.

Page 59: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR and Cyclic codes

It also explains why their cyclic (or periodic) autocorrelationfunctions are ideal..Definition..

.

. ..

.

.

The periodic autocorrelation function of a binary sequence x(n)of length τ is defined as

c(δ) =1

τ

τ∑i=1

(−1)x(i+δ)(−1)x(i)

The aucocorrelation function of a binary m-sequence is

c(δ) =1

τ

τ∑i=1

(−1)x(i+δ)+x(i) =

{1 if δ = 0− 1

τ if δ ̸= 0 mod τ

Page 60: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR and Cyclic codes

It also explains why their cyclic (or periodic) autocorrelationfunctions are ideal.

.Definition..

.

. ..

.

.

The periodic autocorrelation function of a binary sequence x(n)of length τ is defined as

c(δ) =1

τ

τ∑i=1

(−1)x(i+δ)(−1)x(i)

The aucocorrelation function of a binary m-sequence is

c(δ) =1

τ

τ∑i=1

(−1)x(i+δ)+x(i) =

{1 if δ = 0− 1

τ if δ ̸= 0 mod τ

Page 61: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR and Cyclic codes

It also explains why their cyclic (or periodic) autocorrelationfunctions are ideal..Definition..

.

. ..

.

.

The periodic autocorrelation function of a binary sequence x(n)of length τ is defined as

c(δ) =1

τ

τ∑i=1

(−1)x(i+δ)(−1)x(i)

The aucocorrelation function of a binary m-sequence is

c(δ) =1

τ

τ∑i=1

(−1)x(i+δ)+x(i) =

{1 if δ = 0− 1

τ if δ ̸= 0 mod τ

Page 62: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR and Cyclic codes

It also explains why their cyclic (or periodic) autocorrelationfunctions are ideal..Definition..

.

. ..

.

.

The periodic autocorrelation function of a binary sequence x(n)of length τ is defined as

c(δ) =1

τ

τ∑i=1

(−1)x(i+δ)(−1)x(i)

The aucocorrelation function of a binary m-sequence is

c(δ) =1

τ

τ∑i=1

(−1)x(i+δ)+x(i) =

{1 if δ = 0− 1

τ if δ ̸= 0 mod τ

Page 63: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Run distribution

A run of 1s of length k in a binary sequence consists of kconsecutive 1s between two 0s

. . . 01111110 . . . . . . 0110 . . . 010 . . . 011111111110

and a run of 0s is similarly defined with the role of 0 and 1exchanged.Golomb derived the 0-1 run distributions, which are the same inany code word of a dual Hamming code:

− 1run of length m of ’1s’, and 0 runs of length m of ’0s’

− 0 run of length m− 1 of ’1s’, and 1 runs of length m− 1 of ’0s’

− 2m−k−2 runs of length k, of either ’0s’ or ’1s’,

for 1 ≤ k ≤ m− 2.(1)

Page 64: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR: HW/SW complexity and classical structures

The complexity of circuits or software programs realizing aLFSR can be defined as the number of additions in F2 requiredto produce an output bit.The complexity is essentially equal to the number of 1s in thematrix defining the LFSR.Three structures are relevant

- Fibonacci LFSR obtained from the companion matrix ofg(Z)

- Galois LFSR obtained from the transpose of thecompanion matrix of g(Z)

- Tridiagonal LFSR obtained from a tridiagonal matrix with1s in the upper and lower sub-diagonals.

Page 65: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR: HW/SW complexity and classical structures

The complexity of circuits or software programs realizing aLFSR can be defined as the number of additions in F2 requiredto produce an output bit.

The complexity is essentially equal to the number of 1s in thematrix defining the LFSR.Three structures are relevant

- Fibonacci LFSR obtained from the companion matrix ofg(Z)

- Galois LFSR obtained from the transpose of thecompanion matrix of g(Z)

- Tridiagonal LFSR obtained from a tridiagonal matrix with1s in the upper and lower sub-diagonals.

Page 66: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR: HW/SW complexity and classical structures

The complexity of circuits or software programs realizing aLFSR can be defined as the number of additions in F2 requiredto produce an output bit.The complexity is essentially equal to the number of 1s in thematrix defining the LFSR.

Three structures are relevant

- Fibonacci LFSR obtained from the companion matrix ofg(Z)

- Galois LFSR obtained from the transpose of thecompanion matrix of g(Z)

- Tridiagonal LFSR obtained from a tridiagonal matrix with1s in the upper and lower sub-diagonals.

Page 67: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR: HW/SW complexity and classical structures

The complexity of circuits or software programs realizing aLFSR can be defined as the number of additions in F2 requiredto produce an output bit.The complexity is essentially equal to the number of 1s in thematrix defining the LFSR.Three structures are relevant

- Fibonacci LFSR obtained from the companion matrix ofg(Z)

- Galois LFSR obtained from the transpose of thecompanion matrix of g(Z)

- Tridiagonal LFSR obtained from a tridiagonal matrix with1s in the upper and lower sub-diagonals.

Page 68: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR: HW/SW complexity and classical structures

The complexity of circuits or software programs realizing aLFSR can be defined as the number of additions in F2 requiredto produce an output bit.The complexity is essentially equal to the number of 1s in thematrix defining the LFSR.Three structures are relevant

- Fibonacci LFSR obtained from the companion matrix ofg(Z)

- Galois LFSR obtained from the transpose of thecompanion matrix of g(Z)

- Tridiagonal LFSR obtained from a tridiagonal matrix with1s in the upper and lower sub-diagonals.

Page 69: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR: HW/SW complexity and classical structures

The complexity of circuits or software programs realizing aLFSR can be defined as the number of additions in F2 requiredto produce an output bit.The complexity is essentially equal to the number of 1s in thematrix defining the LFSR.Three structures are relevant

- Fibonacci LFSR obtained from the companion matrix ofg(Z)

- Galois LFSR obtained from the transpose of thecompanion matrix of g(Z)

- Tridiagonal LFSR obtained from a tridiagonal matrix with1s in the upper and lower sub-diagonals.

Page 70: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

LFSR: HW/SW complexity and classical structures

The complexity of circuits or software programs realizing aLFSR can be defined as the number of additions in F2 requiredto produce an output bit.The complexity is essentially equal to the number of 1s in thematrix defining the LFSR.Three structures are relevant

- Fibonacci LFSR obtained from the companion matrix ofg(Z)

- Galois LFSR obtained from the transpose of thecompanion matrix of g(Z)

- Tridiagonal LFSR obtained from a tridiagonal matrix with1s in the upper and lower sub-diagonals.

Page 71: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Fibonacci LFSR of order m = 5

MF =

0 1 0 0 00 0 1 0 00 0 0 1 00 0 0 0 11 0 1 0 0

-

?

?

�����m

Page 72: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Galois LFSR of order L = 5

MG =

0 0 0 0 11 0 0 0 00 1 0 0 10 0 1 0 00 0 0 1 0

- m? -

Page 73: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Tridiagonal LFSR of order L = 5

MT =

1 1 0 0 01 1 1 0 00 1 1 1 00 0 1 1 10 0 0 1 0

?-m m

?

66

m?6

? m?

66

6

? m

Page 74: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

HW/SW complexity

Fibonacci and Galois LFSRs have the same complexity,which is upper bounded by the length L.Note that, interesting generator polynomials have a smallnumber of coefficients equal to 1s, possibly 3 coefficients .Unfortunately binary irreducible trinomials does not existfor every L.

Tridiagonal LFSR have a slightly larger complexity, whichis upper bounded by 3L− 2, nevertheless, in somecircumstances may be preferred.

Note that not every binary polynomial of degree L is thecharacteristic polynomial of a tridiagonal matrix, however, ithas been proved that every binary irreducible polynomial is thecharacteristic polynomial of a tridiagonal matrix.

Page 75: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

HW/SW complexity

Fibonacci and Galois LFSRs have the same complexity,which is upper bounded by the length L.Note that, interesting generator polynomials have a smallnumber of coefficients equal to 1s, possibly 3 coefficients .Unfortunately binary irreducible trinomials does not existfor every L.

Tridiagonal LFSR have a slightly larger complexity, whichis upper bounded by 3L− 2, nevertheless, in somecircumstances may be preferred.

Note that not every binary polynomial of degree L is thecharacteristic polynomial of a tridiagonal matrix, however, ithas been proved that every binary irreducible polynomial is thecharacteristic polynomial of a tridiagonal matrix.

Page 76: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

HW/SW complexity

Fibonacci and Galois LFSRs have the same complexity,which is upper bounded by the length L.Note that, interesting generator polynomials have a smallnumber of coefficients equal to 1s, possibly 3 coefficients .Unfortunately binary irreducible trinomials does not existfor every L.

Tridiagonal LFSR have a slightly larger complexity, whichis upper bounded by 3L− 2, nevertheless, in somecircumstances may be preferred.

Note that not every binary polynomial of degree L is thecharacteristic polynomial of a tridiagonal matrix, however, ithas been proved that every binary irreducible polynomial is thecharacteristic polynomial of a tridiagonal matrix.

Page 77: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

HW/SW complexity

Fibonacci and Galois LFSRs have the same complexity,which is upper bounded by the length L.Note that, interesting generator polynomials have a smallnumber of coefficients equal to 1s, possibly 3 coefficients .Unfortunately binary irreducible trinomials does not existfor every L.

Tridiagonal LFSR have a slightly larger complexity, whichis upper bounded by 3L− 2, nevertheless, in somecircumstances may be preferred.

Note that not every binary polynomial of degree L is thecharacteristic polynomial of a tridiagonal matrix, however, ithas been proved that every binary irreducible polynomial is thecharacteristic polynomial of a tridiagonal matrix.

Page 78: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear complexity profile

A linear sequence generated by a LFSR of length m has aperiod of length not greater than 2m − 1: that is ”The linearcomplexity of the sequence is small with respect to its length”.

.Definition..

.

. ..

.

.

The linear complexity ℓ(M) of a sequence X of length M is theminimum length of a LFSR that generates X .

If X is an m-sequence, then ℓ(M) = ⌈log2M⌉

If X is a genuine random sequence, then ℓ(M) = ⌈M2 ⌉

Page 79: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear complexity profile

A linear sequence generated by a LFSR of length m has aperiod of length not greater than 2m − 1: that is ”The linearcomplexity of the sequence is small with respect to its length”..Definition..

.

. ..

.

.

The linear complexity ℓ(M) of a sequence X of length M is theminimum length of a LFSR that generates X .

If X is an m-sequence, then ℓ(M) = ⌈log2M⌉

If X is a genuine random sequence, then ℓ(M) = ⌈M2 ⌉

Page 80: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear complexity profile

A linear sequence generated by a LFSR of length m has aperiod of length not greater than 2m − 1: that is ”The linearcomplexity of the sequence is small with respect to its length”..Definition..

.

. ..

.

.

The linear complexity ℓ(M) of a sequence X of length M is theminimum length of a LFSR that generates X .

If X is an m-sequence, then ℓ(M) = ⌈log2M⌉

If X is a genuine random sequence, then ℓ(M) = ⌈M2 ⌉

Page 81: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear complexity profile

A linear sequence generated by a LFSR of length m has aperiod of length not greater than 2m − 1: that is ”The linearcomplexity of the sequence is small with respect to its length”..Definition..

.

. ..

.

.

The linear complexity ℓ(M) of a sequence X of length M is theminimum length of a LFSR that generates X .

If X is an m-sequence, then ℓ(M) = ⌈log2M⌉

If X is a genuine random sequence, then ℓ(M) = ⌈M2 ⌉

Page 82: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Berlekamp-Massey’s algorithm

Given a sequence X of length N , the Berlekamp-Massey’salgorithm yields the length of the shortest LFSR generating X .

Question

Which is the linear complexity of a genuine random sequence?The approach is to compute for each subsequence of length n,for any n, its linear complexity, a task that yields the linearcomplexity profile.

ℓ(n)

n

Page 83: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Berlekamp-Massey’s algorithm

Given a sequence X of length N , the Berlekamp-Massey’salgorithm yields the length of the shortest LFSR generating X .

Question

Which is the linear complexity of a genuine random sequence?The approach is to compute for each subsequence of length n,for any n, its linear complexity, a task that yields the linearcomplexity profile.

ℓ(n)

n

Page 84: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Berlekamp-Massey’s algorithm

Given a sequence X of length N , the Berlekamp-Massey’salgorithm yields the length of the shortest LFSR generating X .

Question

Which is the linear complexity of a genuine random sequence?

The approach is to compute for each subsequence of length n,for any n, its linear complexity, a task that yields the linearcomplexity profile.

ℓ(n)

n

Page 85: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Berlekamp-Massey’s algorithm

Given a sequence X of length N , the Berlekamp-Massey’salgorithm yields the length of the shortest LFSR generating X .

Question

Which is the linear complexity of a genuine random sequence?The approach is to compute for each subsequence of length n,for any n, its linear complexity, a task that yields the linearcomplexity profile.

ℓ(n)

n

Page 86: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Berlekamp-Massey’s algorithm

Given a sequence X of length N , the Berlekamp-Massey’salgorithm yields the length of the shortest LFSR generating X .

Question

Which is the linear complexity of a genuine random sequence?The approach is to compute for each subsequence of length n,for any n, its linear complexity, a task that yields the linearcomplexity profile.

ℓ(n)

n

Page 87: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Self-Clock Controlled LFSR

A self-clock controlled LFSR is a linear feedback shift registersuch that some states are skipped depending on the statesthemselves .

Practically some states are shadowed (hidden) for the externalobserver. The result is that it is difficult to predict from thegenerated sequence which are the skipped states

- . . . J

6

. . . . . .I

-

. . . . . .@

@@@R

��

��

���������������)� ��Figure: Clock-controlled LFSR Fibonacci-type: I output cell, J clockcontrol cell

Page 88: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Self-Clock Controlled LFSR

A self-clock controlled LFSR is a linear feedback shift registersuch that some states are skipped depending on the statesthemselves .

Practically some states are shadowed (hidden) for the externalobserver. The result is that it is difficult to predict from thegenerated sequence which are the skipped states

- . . . J

6

. . . . . .I

-

. . . . . .@

@@@R

��

��

���������������)� ��Figure: Clock-controlled LFSR Fibonacci-type: I output cell, J clockcontrol cell

Page 89: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Self-Clock Controlled Fibonacci LFSR

An example is a Fibonacci LFSR in which a cell J is marked:any time that, in the transition to a new state, in cell J occursa 1, the new state is skipped and a second transition is operated(no further transition is done).Example

000011000001000 skipped state001001001001001 skipped state1010001010 skipped state0010100010

Page 90: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Period of a Clock-controlled LFSR sequence

The period is approximately 2/3 of τ :

τ =2

3(2m − 1)− 2

3δ =

2

3

(2m − 3− (−1)m

2

).

The generated sequences belong to a linear code: eachsequence can be seen as a code word of a punctured code(the punctured symbols correspond to the skipped states).

Different sequences produced by the same LFSR belong todifferent linear codes.

Page 91: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Period of a Clock-controlled LFSR sequence

The period is approximately 2/3 of τ :

τ =2

3(2m − 1)− 2

3δ =

2

3

(2m − 3− (−1)m

2

).

The generated sequences belong to a linear code: eachsequence can be seen as a code word of a punctured code(the punctured symbols correspond to the skipped states).

Different sequences produced by the same LFSR belong todifferent linear codes.

Page 92: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Period of a Clock-controlled LFSR sequence

The period is approximately 2/3 of τ :

τ =2

3(2m − 1)− 2

3δ =

2

3

(2m − 3− (−1)m

2

).

The generated sequences belong to a linear code: eachsequence can be seen as a code word of a punctured code(the punctured symbols correspond to the skipped states).

Different sequences produced by the same LFSR belong todifferent linear codes.

Page 93: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Period of a Clock-controlled LFSR sequence

The period is approximately 2/3 of τ :

τ =2

3(2m − 1)− 2

3δ =

2

3

(2m − 3− (−1)m

2

).

The generated sequences belong to a linear code: eachsequence can be seen as a code word of a punctured code(the punctured symbols correspond to the skipped states).

Different sequences produced by the same LFSR belong todifferent linear codes.

Page 94: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

0-1 Distributions in clock-controlled LFSR sequences

The numbers N0I and N1I of ’0s’ and ’1s’, in a sequencegenerated by a self-clock controlled LFSR, depend on both therelative position of control and output cells, and theimplementation LFSR-type, namely Fibonacci, Galois, orTridiagonal. For the Fibonacci LFSR N0I and N1I can becomputed in closed form.

Using the closed form of N0I and N1I , it is immediately seenthat the clocked sequence is perfectly balanced, i.e. N0I = N1I ,if and only if I = 1 if m is odd, and I = 2 if m is even.

Page 95: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Linear complexity profile

The Linear complexity profile of a clock controlled LFSRsequence is practically optimal as it can be theoretically shown

����������������������

slope 12

Figure: LCP for a clock controlled Fibonacci LFSR of length 22

Page 96: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Conclusions

1) LFSR are good generators of random sequences, which areeasy to implement and may work fast.However, in cryptography, the use of these linear sequencesneeds further artifices to counteract the weaknesses implicitin the linearity.

2) Self-clock controlled LFSR have optimal linear complexityprofile, indistinguishable from that of genuine randomsequences, thus may be (more) directly used incryptographic applications.

Page 97: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Conclusions

1) LFSR are good generators of random sequences, which areeasy to implement and may work fast.

However, in cryptography, the use of these linear sequencesneeds further artifices to counteract the weaknesses implicitin the linearity.

2) Self-clock controlled LFSR have optimal linear complexityprofile, indistinguishable from that of genuine randomsequences, thus may be (more) directly used incryptographic applications.

Page 98: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Conclusions

1) LFSR are good generators of random sequences, which areeasy to implement and may work fast.

However, in cryptography, the use of these linear sequencesneeds further artifices to counteract the weaknesses implicitin the linearity.

2) Self-clock controlled LFSR have optimal linear complexityprofile, indistinguishable from that of genuine randomsequences, thus may be (more) directly used incryptographic applications.

Page 99: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Conclusions

1) LFSR are good generators of random sequences, which areeasy to implement and may work fast.However, in cryptography, the use of these linear sequencesneeds further artifices to counteract the weaknesses implicitin the linearity.

2) Self-clock controlled LFSR have optimal linear complexityprofile, indistinguishable from that of genuine randomsequences, thus may be (more) directly used incryptographic applications.

Page 100: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Conclusions

1) LFSR are good generators of random sequences, which areeasy to implement and may work fast.However, in cryptography, the use of these linear sequencesneeds further artifices to counteract the weaknesses implicitin the linearity.

2) Self-clock controlled LFSR have optimal linear complexityprofile, indistinguishable from that of genuine randomsequences, thus may be (more) directly used incryptographic applications.

Page 101: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Conclusions

3) The observations collected in this talk have the modest aimof giving a quick view of the context in which is set thesearch for inexpensive mechanisms generating (binary)sequences that are good for cryptographic applications.

An endeavor that was and remains a source of challengingproblems for engineers and mathematicians.

Page 102: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Conclusions

3) The observations collected in this talk have the modest aimof giving a quick view of the context in which is set thesearch for inexpensive mechanisms generating (binary)sequences that are good for cryptographic applications.

An endeavor that was and remains a source of challengingproblems for engineers and mathematicians.

Page 103: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Conclusions

3) The observations collected in this talk have the modest aimof giving a quick view of the context in which is set thesearch for inexpensive mechanisms generating (binary)sequences that are good for cryptographic applications.

An endeavor that was and remains a source of challengingproblems for engineers and mathematicians.

Page 104: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

Conclusions

3) The observations collected in this talk have the modest aimof giving a quick view of the context in which is set thesearch for inexpensive mechanisms generating (binary)sequences that are good for cryptographic applications.

An endeavor that was and remains a source of challengingproblems for engineers and mathematicians.

Page 105: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

References

...1 S.W. Golomb, Shift Register Sequences, Aegean Park Press,Laguna Hills, 1982.

...2 D.E. Knuth, The Art of Computer Programming,Seminumerical algorithms, vol. II, Addison-Wesley,Reading Massachussetts, 1981.

...3 R. Lidl, and H. Niederreiter, Finite Fields, Addison-Wesley,Reading, Mass., 1983.

...4 J. Hoffstein, J. Pipher, J.H. Silverman, An introduction tomathematical cryptography, Springer, New York, 2008.

Page 106: Linear Feedback Shift Registers and Complexity A survey

Linear Feedback Shift Registers and Complexity A survey

References

...1 M. Elia, G. Morgari, M. Spicciola, On Binary SequencesGenerated by Self-clock Controlled LFSR, MTNS 2010,Budapest, Hungary.

...2 M. Elia, On Tridiagonal Binary Matrices and LFSRs,Contemporary Eng. Sciences, Vol. 3, no. 4, p167-182.

...3 R.A. Rueppel, Analysis and Design of Stream Cipher,Springer, New York, 1986.

...4 J.L. Massey, Shift-Register Synthesis and BCH decoding,IEEE Trans. on Inform. Th., IT-15, 1969, pp.122-127.