On the Linear Complexity of Feedback Registers

Similar documents
4 The Sperner property.

Week 5-6: The Binomial Coefficients

The multiplicative structure of finite field and a construction of LRC

Commutativity in Permutation Groups

Math 155 (Lecture 3)

Math 61CM - Solutions to homework 3

Product measures, Tonelli s and Fubini s theorems For use in MAT3400/4400, autumn 2014 Nadia S. Larsen. Version of 13 October 2014.

Some remarks for codes and lattices over imaginary quadratic

Riesz-Fischer Sequences and Lower Frame Bounds

ALGEBRAIC GEOMETRY COURSE NOTES, LECTURE 5: SINGULARITIES.

M A T H F A L L CORRECTION. Algebra I 1 4 / 1 0 / U N I V E R S I T Y O F T O R O N T O

Infinite Sequences and Series

The Growth of Functions. Theoretical Supplement

Zeros of Polynomials

Discrete-Time Systems, LTI Systems, and Discrete-Time Convolution

MATH 205 HOMEWORK #2 OFFICIAL SOLUTION. (f + g)(x) = f(x) + g(x) = f( x) g( x) = (f + g)( x)

Definition 4.2. (a) A sequence {x n } in a Banach space X is a basis for X if. unique scalars a n (x) such that x = n. a n (x) x n. (4.

Recurrence Relations

The Borel hierarchy classifies subsets of the reals by their topological complexity. Another approach is to classify them by size.

In number theory we will generally be working with integers, though occasionally fractions and irrationals will come into play.

(for homogeneous primes P ) defining global complex algebraic geometry. Definition: (a) A subset V CP n is algebraic if there is a homogeneous

THE ASYMPTOTIC COMPLEXITY OF MATRIX REDUCTION OVER FINITE FIELDS

Polynomial identity testing and global minimum cut

An Introduction to Randomized Algorithms

1 Last time: similar and diagonalizable matrices

Lecture 3 The Lebesgue Integral

Recursive Algorithm for Generating Partitions of an Integer. 1 Preliminary

Measure and Measurable Functions

TEACHER CERTIFICATION STUDY GUIDE

Binary codes from graphs on triples and permutation decoding

Sequences of Definite Integrals, Factorials and Double Factorials

11. FINITE FIELDS. Example 1: The following tables define addition and multiplication for a field of order 4.

LECTURE NOTES, 11/10/04

Review Problems 1. ICME and MS&E Refresher Course September 19, 2011 B = C = AB = A = A 2 = A 3... C 2 = C 3 = =

arxiv: v1 [math.nt] 10 Dec 2014

MT5821 Advanced Combinatorics

Convergence of random variables. (telegram style notes) P.J.C. Spreij

Disjoint Systems. Abstract

Beurling Integers: Part 2

LONG SNAKES IN POWERS OF THE COMPLETE GRAPH WITH AN ODD NUMBER OF VERTICES

Chapter 0. Review of set theory. 0.1 Sets

A GENERALIZATION OF THE SYMMETRY BETWEEN COMPLETE AND ELEMENTARY SYMMETRIC FUNCTIONS. Mircea Merca

PAijpam.eu ON TENSOR PRODUCT DECOMPOSITION

CALCULATION OF FIBONACCI VECTORS

Math F215: Induction April 7, 2013

Bertrand s Postulate

MAT 271 Project: Partial Fractions for certain rational functions

NICK DUFRESNE. 1 1 p(x). To determine some formulas for the generating function of the Schröder numbers, r(x) = a(x) =

Sequences, Mathematical Induction, and Recursion. CSE 2353 Discrete Computational Structures Spring 2018

SOME TRIBONACCI IDENTITIES

If a subset E of R contains no open interval, is it of zero measure? For instance, is the set of irrationals in [0, 1] is of measure zero?

6.3 Testing Series With Positive Terms

REGULARIZATION OF CERTAIN DIVERGENT SERIES OF POLYNOMIALS

Large holes in quasi-random graphs

Definitions and Theorems. where x are the decision variables. c, b, and a are constant coefficients.

B Supplemental Notes 2 Hypergeometric, Binomial, Poisson and Multinomial Random Variables and Borel Sets

ROTATION-EQUIVALENCE CLASSES OF BINARY VECTORS. 1. Introduction

3.2 Properties of Division 3.3 Zeros of Polynomials 3.4 Complex and Rational Zeros of Polynomials

Mathematical Foundations -1- Sets and Sequences. Sets and Sequences

Lecture Overview. 2 Permutations and Combinations. n(n 1) (n (k 1)) = n(n 1) (n k + 1) =

, then cv V. Differential Equations Elements of Lineaer Algebra Name: Consider the differential equation. and y2 cos( kx)

62. Power series Definition 16. (Power series) Given a sequence {c n }, the series. c n x n = c 0 + c 1 x + c 2 x 2 + c 3 x 3 +

(A sequence also can be thought of as the list of function values attained for a function f :ℵ X, where f (n) = x n for n 1.) x 1 x N +k x N +4 x 3

CHAPTER 5. Theory and Solution Using Matrix Techniques

Algebraic Geometry I

Generalized Reed-Solomon Codes with Sparsest and Balanced Generator Matrices

Enumerative & Asymptotic Combinatorics

Linearly Independent Sets, Bases. Review. Remarks. A set of vectors,,, in a vector space is said to be linearly independent if the vector equation

CHAPTER 10 INFINITE SEQUENCES AND SERIES

P. Z. Chinn Department of Mathematics, Humboldt State University, Arcata, CA

Lecture Notes for Analysis Class

CHAPTER I: Vector Spaces

A Block Cipher Using Linear Congruences

The Choquet Integral with Respect to Fuzzy-Valued Set Functions

Math 475, Problem Set #12: Answers

Chimica Inorganica 3

DIVISIBILITY PROPERTIES OF GENERALIZED FIBONACCI POLYNOMIALS

Chapter 6. Advanced Counting Techniques

Lecture 1: Basic problems of coding theory

IP Reference guide for integer programming formulations.

Lecture 4: Grassmannians, Finite and Affine Morphisms

Sequences and Series of Functions

FUNDAMENTALS OF REAL ANALYSIS by. V.1. Product measures

CALCULATING FIBONACCI VECTORS

Relations Among Algebras

On Random Line Segments in the Unit Square

We are mainly going to be concerned with power series in x, such as. (x)} converges - that is, lims N n

CSI 2101 Discrete Structures Winter Homework Assignment #4 (100 points, weight 5%) Due: Thursday, April 5, at 1:00pm (in lecture)

Weakly Connected Closed Geodetic Numbers of Graphs

Physics 324, Fall Dirac Notation. These notes were produced by David Kaplan for Phys. 324 in Autumn 2001.

Chapter 2. Periodic points of toral. automorphisms. 2.1 General introduction

Stochastic Matrices in a Finite Field

NEW SELF-DUAL [54, 27, 10] CODES EXTENDED FROM [52, 26, 10] CODES 1. v (denoted by wt( v ) ) is the number

CSE 1400 Applied Discrete Mathematics Number Theory and Proofs

ANOTHER GENERALIZED FIBONACCI SEQUENCE 1. INTRODUCTION

6 Integers Modulo n. integer k can be written as k = qn + r, with q,r, 0 r b. So any integer.

De Bruijn Sequences for the Binary Strings with Maximum Specified Density

The Boolean Ring of Intervals

The Method of Least Squares. To understand least squares fitting of data.

A Note on the Symmetric Powers of the Standard Representation of S n

Transcription:

O the Liear Complexity of Feedback Registers A. H. Cha M. Goresky A. Klapper Northeaster Uiversity Abstract I this paper, we study sequeces geerated by arbitrary feedback registers (ot ecessarily feedback shift register) with arbitrary feedforward fuctios. We geeralize the defiitio of liear complexity of a sequece to the otios of strog ad weak liear complexity of feedback registers. A techique for fidig upper bouds for the strog liear complexities of such registers is developed. This techique is applied to several classes of registers. We prove that a feedback shift register whose feedback fuctio is of the form x 1 + h(x 2,..., x ) ca geerate log periodic sequeces with high liear complexities oly if its liear ad quadratic terms have certai forms. 1 Itroductio Periodic sequeces geerated by feedback shift registers have may applicatios i moder commuicatios systems because of their desirable properties, such as log period ad balaced statistics. Oe measure of the stregth (usefuless) of such a sequece is its liear complexity, as studied by various authors [1, 2, 4, 7, 8]. The liear complexity of a sequece is defied as the legth of the shortest liear feedback shift register that geerates it. If a sequece has small liear complexity, the the sythesis of a liear equivalet of the sequece geerator (such as by the Berlekemp-Massey algorithm [6]) becomes computatioally feasible. I this paper we cosider pseudoradom sequeces geerated by geeral feedback registers (ot ecessarily shift registers) with arbitrary feedforward fuctios, ad develop a ew techique for fidig upper bouds for the liear complexity of these sequeces. We apply this techique to several classes of feedback registers. We prove that if the feedback fuctio of a feedback shift register of legth ad maximal liear complexity has the form This work was preseted at the Eurocrypt 89 Coferece 1

1 INTRODUCTION 2 Figure 1: A feedback register with state trasitio fuctio F ad feedforward fuctio g. x 1 +h(x 2,..., x ), ad its feedforward fuctio is x 1 (recall [3] that biary feedback fuctios which are ot of this form caot geerate maximal period sequeces), the h(x 2,..., x ) must either have liear terms or at least ( 1)/2 quadratic terms. A more geeral result is stated i Theorem 2.4. We also geeralize a well-kow result of Key [4] boudig the liear complexity of liear feedback shift registers with oliear feedforward fuctios. I this sectio we exted the defiitio of liear complexity of a sequece to the otio of liear complexity of a feedback register. The techique of establishig upper bouds is developed i Sectio 2, ad Sectio 3 geeralizes the results to a arbitrary fiite field GF (q), where q is power of a prime. Let GF (2) deote the fiite field with 2 elemets. A feedback register (or simply register) of legth is a pair (F, g), where F = (F 1,..., F ) is a fuctio from GF (2) to GF (2) (the state trasitio fuctio), ad g is a fuctio from GF (2) to GF (2) (the output or feedforward fuctio.) See Figure 1. The fuctios F i ad g ca always be writte as polyomials i variables x 1,..., x over GF (2), such that each variable has degree at most oe. We will write F (i) for the compositio of F with itself i times. A iitial loadig of a register F = (F, g) is a elemet α GF (2). F, with iitial loadig α, geerates the sequece F(α) = (g(α), g F (α), g F (2) (α),...). Several special cases are of iterest. The stadard feedforward fuctio is g(x 1,..., x ) = x 1. A register (F, g) is a feedback shift register with feedforward fuctio g if F (x 1,..., x ) = (x 2, x 3,..., x, f(x 1,..., x )) for some fuctio f from GF (2) to GF (2), called the feedback fuctio. Such a register is simply called a feedback shift register if it has the stadard

1 INTRODUCTION 3 feedforward fuctio. I this case it is specified by givig F (or eve f). A register is liear (resp., affie) if g ad each F i is a liear polyomial (resp., a affie polyomial, i.e., a polyomial of degree at most oe). I case F is liear it may be more coveiet to thik of F as a matrix ad g as a vector, actig by matrix multiplicatio ad dot product, respectively. I this case F (i) correspods to the ith power of the matrix F. We eed to distiguish two otios of liear complexity. Oe, the traditioal otio of liear complexity, cocers bit sequeces, ad, by extesio, feedback registers with fixed iitial loadigs. The other, itroduced here, cocers feedback registers with o specific iitial loadigs. The latter otio thus bouds the liear complexities of all sequeces geerated by a register. Defiitio 1.1 The liear complexity of a ultimately periodic sequece β of elemets of GF (2) is the legth of the shortest liear feedback shift register F which has a iitial loadig α with F(α) = β. The weak liear complexity of a register F is the maximum over all iitial loadigs α of the liear complexities of the sequeces F(α). Defiitio 1.2 The strog liear complexity of a register F = (F, g) is the legth of the smallest liear feedback shift register F such that for every iitial loadig α of F there is a iitial loadig α of F with F(α) = F (α ). I order to study the strog liear complexity of a register F we will cosider the sequece of polyomials g, g F, g F F,... The output sequece geerated by F with a iitial loadig α is foud by evaluatig this sequece of polyomials at α. The strog liear complexity of a register is greater tha or equal to its weak liear complexity, ad equality holds for a. registers of legth whose output sequeces are of maximal period 2 (i.e., de Bruij sequeces [2]), b. registers of legth whose state chage ad feedforward fuctios do ot cotai costat terms ad whose output sequeces are of period 2 1 (i.e., modified de Bruij sequeces), c. liear feedback shift registers, ad d. liear feedback registers with liear feedforward fuctios (as will be see by the remarks followig Theorem 2.1 of Sectio 2).

2 UPPER BOUNDS 4 I geeral, however, these otios do ot coicide. For example, the oliear feedback shift register F of legth two with feedback fuctio f(x 1, x 2 ) = x 1 x 2 geerates the sequeces 1111..., 0000..., 1000..., ad 01000... These sequeces have liear complexities 1, 0, 2, ad 2, respectively, so the weak liear complexity of F is two. The strog liear complexity of F, however, is three sice each of these sequeces is geerated by the liear feedback shift register of legth three with feedback fuctio x 3 ad ot by ay shorter liear feedback shift register. We also ote that the strog liear complexity of a register F is equal to the degree of the least commo multiple of the coectio polyomials of the sequeces geerated by F. 2 Upper Bouds I this sectio we derive a techique for computig bouds o the strog liear complexity of (liear ad oliear) registers with arbitrary feedforward fuctios. The idea is to embed the give register ito a liear register (of expoetially greater legth, N). For such a register, the state trasitio fuctio is cosidered to be a liear trasformatio o a vector space of dimesio N. We the boud the strog liear complexity of this large liear register. Our first theorem gives a characterizatio of the strog liear complexity of a register. Theorem 2.1 Let F = (F, g) be a feedback register of legth. The strog liear complexity of F is the dimesio of the spa of {g F (i) : i 0}, that is, the largest k such that {g F (i) : i = 0,..., k 1} are liearly idepedet. Proof: If k is as i the statemet of the theorem, the g F (k) ca be writte as a liear combiatio of {g F (i) : i = 0,..., k 1}. Thus there are elemets {a i : i = 0,..., k 1} of GF (2) such that It follows that for ay j 0 g F (k) = g F (k+j) = k 1 i=0 k 1 i=0 a i g F (i). a i g F (i+j).

2 UPPER BOUNDS 5 Let f : GF (2) k GF (2) ad θ : GF (2) GF (2) k be defied as ad f (y 0,..., y k 1 ) = k 1 i=0 a i y i θ(x 1,..., x ) = (g(x 1,..., x ),..., g F (k 1) (x 1,..., x )), Cosider the liear feedback shift register F of legth k with feedback fuctio f ad stadard feedforward fuctio. For ay iitial loadig α GF (2) of F ad ay i 0, g F (i) (α) = g F (i) (θ(α)), that is, F(α) = F (θ(α)). Thus θ(α) is a iitial loadig of F givig the same output sequece as F with iitial loadig α. It follows that the strog liear complexity of F is at most k. To show equality, let F = (F, g ) be ay liear feedback shift register of legth r (so g is the stadard feedforward fuctio) that produces all output sequeces that F produces, ad suppose r is the strog liear complexity of F. The there is a fuctio θ : GF (2) GF (2) r such that, for every α GF (2), F(α) = F (θ(α)). F is a liear feedback shift register, so there exist elemets {a i : i = 0,..., r 1} of GF (2) such that g F (r) = r 1 i=0 a i g F (i) (1) (the coefficiets of the feedback fuctio defie a liear recurrece for the output sequece). For ay α GF (2), F(α) = F (θ(α)), hece, for every i, g F (i) (α) = g F (i) (θ(α)). Composig Equatio 1 with θ we see that r 1 g F (r) = a i g F (i). i=0 By hypothesis, {g F (i) : i = 0,..., k 1} are liearly idepedet, so k is at most r. It follows that k equals the strog liear complexity of F. It is a direct cosequece of Theorem 2.1 that the strog liear complexity of a liear register is at most its legth (the dimesio of the space of liear fuctios o variables is ), while the strog liear complexity of a affie register is at most oe greater tha its legth (the dimesio of the space of affie fuctios o variables is + 1). Next we show that for a arbitrary feedback register F = (F, g) of legth, a affie register F = (F, g ) of legth 2 1 ca be costructed such that F geerates every output sequece geerated

2 UPPER BOUNDS 6 GF (2) F GF (2) g θ θ g GF (2) GF (2) 2 1 F GF (2) 2 1 Figure 2: Liearizig a feedback register by F. The register F will be liear if both F ad g have o costat terms. We will the be able to use Theorem 2.1 to boud the liear complexity of F, ad hece of F. The Costructio Let S be the set of oempty subsets of {1,..., }. For every I i S, we costruct a ew variable x I ad idetify it with the moomial i I x i. Recall that every elemet a i GF (2) satisfies a 2 = a, so all high degree terms such as x k i, k 1 appear as x i. S has cardiality 2 1, ad is used as the idex set for the 2 1 variables i F. For each I i S, let F I (x 1,..., x ) = i I F i (x 1,..., x ), ad let F I(x {1},..., x {1,...,} ) be the affie fuctio derived from F I by replacig each moomial j J x j by the variable x J, where J is i S. The F = (F {1},..., F {1,...,} ) defies a affie fuctio from GF (2)2 1 to GF (2) 2 1. The feedforward fuctio g ca be defied similarly as a liear combiatio of the moomials x I ad the costat fuctio 1, givig a affie fuctio from GF (2) 2 1 to GF (2). F = (F, g ) defies a affie feedback register of legth 2 1. F is liear if either F or g has costat terms. To show that F geerates all the output sequeces of F, we cosider the embeddig θ : GF (2) GF (2) 2 1 where the I-th coordiate of θ(x 1,..., x ) is i I x i. We claim that θ F = F θ ad g = g θ. I other words, the diagram i Figure 2 commutes. To see this, ote first that (θ F ) I (x 1,..., x ) = i I F i (x 1,..., x ) = F I (x 1,..., x ). O the other had, (F θ) I (x 1,..., x ) = F I(..., j J x j,...), i.e., (F θ) I is derived from F I by replacig x J by j J x j. But F I was derived from F I by doig the opposite, so (F θ) I = F I = (θ F ) I, so F θ = θ F. The secod claim is proved similarly. It follows that for ay α GF (2) ad ay k, g F (k) (α) = g F (k) (α). Thus the iitial loadig θ(α) of F gives the same output sequece as the iitial loadig α of F.

2 UPPER BOUNDS 7 Example Let F = (F, g) be a feedback shift register of legth 4 with g(x 1, x 2, x 3, x 4 ) = x 1 ad feedback fuctio f(x 1, x 2, x 3, x 4 ) = x 1 + x 2 x 4 + x 2 x 3 x 4. The F (x 1, x 2, x 3, x 4, x 1,2, x 1,3, x 1,4, x 2,3, x 2,4, x 3,4, x 1,2,3, x 1,2,4, x 1,3,4, x 2,3,4, x 1,2,3,4 ) = (x 2, x 3, x 4, x 1 + x 2,4 + x 2,3,4, x 2,3, x 2,4, x 1,2 + x 2,4 + x 2,3,4, x 3,4, x 1,3, x 1,4 + x 2,4 + x 2,3,4, x 2,3,4, x 1,2,3, x 2,4 + x 1,2,4 + x 2,3,4, x 1,3,4, x 1,2,3,4 ). The output sequece obtaied from F with the iitial loadig (1, 1, 0, 1) is obtaied from F with the iitial loadig (1, 1, 0, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0). From the costructio above we observe that, if the set of polyomials {g F (i) : i 0} cotais oly terms i {x I I Q} for some Q S, the we eed oly those moomials i F idexed by elemets of Q. Hece a affie feedback register of legth Q (liear if either F or g has costat terms) ca be costructed that geerates the same sequeces as F. This shows that the strog liear complexity of F is bouded above by Q + 1 (by Q if either F or g has costat terms). The determiatio of such a Q is give by the followig corollary. Corollary 2.2 Let F (x 1,..., x ) be the state chage fuctio of a register of legth with feedforward fuctio g(x 1,..., x ). Let T = {I S : i I x i has a o-zero coefficiet i g} ad let Q be the smallest subset of S cotaiig T such that if I Q ad the coefficiet of x J i F I is ozero, the J Q. 1. If F or g has costat terms, the the strog liear complexity of (F, g) is bouded above by Q + 1. 2. If either F or g has costat terms, the the strog liear complexity of (F, g) is bouded above by Q. Proof: I the first case, the space spaed by {x I : I Q} {1} cotais the space W spaed by {g F (i) }. I the secod case, W is spaed by {x I : I Q}. The corollary follows from Theorem 2.1.

2 UPPER BOUNDS 8 I the case where F is a shift register, the determiatio of Q is give by shiftig the correspodig idices, as give by the ext corollary. Corollary 2.3 Let (F, g) be a feedback shift register with feedback fuctio f. Let T = {I S : i I x i has a o-zero coefficiet i g}, R = {I S : i I x i has a o-zero coefficiet i f}. Let Q be the smallest subset of S cotaiig T such that 1. If I Q ad I, the for each J R, J {i + 1 : i I} Q. 2. If I Q ad I, the {i + 1 : i I} Q. The the strog liear complexity of (F, g) is bouded by 1. Q + 1 if f or g has costat terms. 2. Q if either f or g has costat terms. We ow treat the special case of a feedback shift register F = (F, g) of legth with feedback fuctio f(x 1,..., x ) = x 1 +h(x 2,..., x ) ad stadard feedforward fuctio. Let T, R, ad Q be as i Corollary 2.3, so T = {{1}}, {1} R, ad o other elemet of R cotais 1. Sice {1} T Q, we may apply coditio 2 repeatedly to obtai {i} Q for all i. I particular {} Q. If J is the idex set of a moomial that has a o-zero coefficiet i h(x 2,..., x ), the we ca apply coditio 1 with I = {}, so J Q. Let I 1 be ay elemet of Q. The applyig either coditio 1 with J = {1} or coditio 2 (oly oe coditio is applicable to a give idex set) 1 times, we get a sequece of elemets of Q: I 1,..., I. Oe more such applicatio would give us I 1 back agai. Actually, we may retur to I 1 after a smaller umber of applicatios of the coditios, but this umber must divide. If r is the cardiality of I 1, the r is the cardiality of each I i ad we call the set {I 1,..., I } a r-cycle, or simply a cycle if the cardiality is clear. Thus a r-cycle is a set I 1 {1,..., } together with those sets obtaied from I 1 by cyclic permutatio of the idices (1,..., ). For example, with = 4, startig with I 1 = {2, 3} we get the 2-cycle {2, 3}, {3, 4}, {1, 4}, {1, 2}, whereas startig with I 1 = {2, 4}, we get the 2-cycle {2, 4}, {1, 3}. These cycles are idepedet of h(x 2,..., x ). The set S of all idex sets decomposes ito a disjoit uio of such cycles, each cycle havig cardiality dividig. If ay oe elemet of a cycle is i Q, the every elemet of that cycle must be i Q. Remark: There is a iterestig relatioship betwee this cycle decompositio ad the decompositio of the fiite field GF (2 ) ito cyclotomic cosets (the orbits uder the actio of

2 UPPER BOUNDS 9 the Galois group over GF (2) [5]). Let α be a primitive elemet of GF (2 ), I = {i 1,..., i k } be a idex set, ad r = k j=1 2 i j. The we ca idetify I with the elemet α r of GF (2 ). Uder this idetificatio the cycle cotaiig I correspods to the cyclotomic coset cotaiig α r. Recall agai that each moomial i x 1,..., x correspods to a idex set, so F ca have high liear complexity oly if Q cotais may idex sets. As see by the followig theorem, this meas that the feedback fuctio must have may o-zero coefficiets. Theorem 2.4 Let F = (F, g) be a feedback shift register of legth with feedback fuctio f(x 1,..., x ) = x 1 + h(x 2,..., x ) ad stadard feedforward fuctio. Let r be the smallest iteger such that h(x 2,..., x ) has a term of degree r with a o-zero coefficiet. For ay collectio of r-cycles C 1,..., C k, each of whose correspodig moomials has a zero coefficiet i h(x 1,..., x ), the strog liear complexity of F is at most ( ) r 1 2 k 1 C i i if h has a costat term, ad at most if h has o costat term. i=2 r 1 2 2 i=2 ( i i=1 ) k C i i=1 Proof: Let P = {I : I = 1} {I : i : I C i, I = r} {I : r + 1 I 1}. We will show that P satisfies the coditios of Corollary 2.3, ad thus cotais the set Q of that corollary. P cotais the set T ad satisfies coditio 2 by the observatios precedig this theorem. We claim that P satisfies coditio 1 as well. Let R be as i Corollary 2.3. The R {{1}} {I : i : I C i, I = r} {I : r + 1 I 1} P. We have two types of elemets of P to which coditio 1 applies. 1. {} P. Coditio 1 is satisfied because R P. 2. Let I P ad I r. The all other elemets of the cycle cotaiig I are i P. Let J R ad let K = J {i+1 : i I}. We must show that K P. If J = {1}, the K is i the cycle determied by I, so suppose J {1}. If K has cardiality r, the K = J P, sice J has cardiality at least r. If K has cardiality greater tha r, ad K {1,..., }, the K P by defiitio. Suppose K = {1,..., }. We caot have 1 {i + 1 : i I}, so 1 J. It follows that J = {1}, ad hece that {2,..., } = {i + 1 : i I}. Therefore K = I. But {1,..., } P, so this is impossible.

2 UPPER BOUNDS 10 P thus cotais the set Q of Corollary 2.3 ad has cardiality r 1 2 2 i=2 ( i ) k C i, i=1 provig the theorem. This theorem makes precise the folklore belief that shift registers with oly high degree terms are ot good. I the example followig the costructio, we have r = 2, so the corollary shows that the strog liear complexity of the give register ca be at most 10. If the output sequece (z 0, z 1,...) from a feedback shift register with stadard feedforward fuctio F of legth has maximal period 2, the ay set of 2 cosecutive bits cotais 2 1 oes ad 2 1 zeros. Therefore the sequece satisfies the relatio z i + z i+1 + + z i+2 1 = 0 for every i. The liear complexity is thus at most 2 1, ad there are registers of legth with liear complexity 2 1 [1]. For registers with o costat terms, the maximum possible liear complexity is 2 2. Note that i these cases the strog ad weak liear complexities of the register ad the liear complexity of the output sequece all coicide. I particular, if F ad r are as i the previous theorem, the F caot geerate a maximal period, maximal liear complexity sequece uless at least oe of the followig coditios holds: 1. h has quadratic terms ad for every 2-cycle C there is a I i C whose correspodig moomial i h(x 1,..., x ) has o-zero coefficiet. 2. h(x 1,..., x ) has liear terms. Corollary 2.5 Let F = (F, g) be a feedback shift register of legth, with feedback fuctio x 1 + h(x 2,..., x ), ad stadard feedforward fuctio. If F geerates a maximal period, maximal liear complexity sequece, the either h cotais some liear terms or it has at least ( 1)/2 quadratic terms. By a similar applicatio of Corollary 2.3, we ca prove a geeralizatio of a theorem of Key.

3 GENERALIZATION TO ARBITRARY FINITE FIELDS 11 Propositio 2.6 (Key [4]) If F is a feedback register with affie (resp. liear) state chage fuctio, every term of whose feedforward fuctio has degree at most k (resp. at most k ad at least 1), the its strog liear complexity is bouded above by ( ) k ( ) i=0 i (resp. ki=1 i ). Proof: Let P = {{i 1,..., i l } : 1 l k ad i 1 < < i l }. The P satisfies coditios 1 ad 2 of Corollary 2.3, hece cotais the set Q. The cardiality of P is k i=1 ( i). The remaiig propositios are proved similarly. Propositio 2.7 If every term of the feedback fuctio ad feedforward fuctio of a feedback shift register with feedforward fuctio has degree greater tha or equal to k, the the strog liear complexity of the register is bouded above by i=k ( i). Propositio 2.8 If every term of the feedback fuctio of a feedback shift register with feedforward fuctio has degree k, ad the feedforward fuctio has the form b m+1 x m+1 + + b x (resp. a + b m+1 x m+1 + + b x ) the the strog liear complexity of the register is bouded above by m + ( ) ( ) i=k i (resp. 1 + m + i=k i ). Propositio 2.8 says that if the feedback fuctio of a feedback register cotais oly high degree terms, the the liear complexity is low. 3 Geeralizatio to Arbitrary Fiite Fields The results of the previous sectio ca be geeralized to GF (q), the fiite field of q elemets, where q is a power of a arbitrary prime. The defiitios of feedback registers ad their various special cases are the same, with 2 replaced by q. The oly chage is that ow every elemet a of GF (q) satisfies a q = a, so that, whe we cosider fuctios as polyomials, we must iclude moomials i which each variable has degree up to q 1. The remaiig

3 GENERALIZATION TO ARBITRARY FINITE FIELDS 12 defiitios (output sequece, weak ad strog liear complexity, etc.) carry over verbatim, ad Theorem 2.1 still holds. Recall that a multiset is a set I such that every member a has associated with it a oegative iteger mult I (a), called the multiplicity of a i I. If I ad J are multisets ad k is a oegative iteger, the we defie the multisets I, I k, I J, ad red(i) by 1. mult I (1) = 0 ad mult I (i) = mult I (i 1) if 2 i. 2. mult I k(i) = k mult I (i). 3. mult I J (i) = mult I (i) + mult J (i). { 0, if multi (i) = 0, 4. mult red(i) (i) = mult I (i) 1 (mod q 1) + 1, otherwise. I other words, if mult I (i) is o zero, the mult red(i) (i) is its residue modulo q 1 i the set {1,..., q 1}. Let S be the set of multisets cotaied i {1,..., }, such that each elemet has multiplicity at most q 1 ad some elemet has positive multiplicity. For I S, we costruct a ew variable x I ad idetify it with the moomial i I x mult I(i) i. S has cardiality q 1. Every fuctio from GF (q) to GF (q) ca be writte as a liear combiatio of the x I ad the costat fuctio 1. For I S, we defie F I (x 1,..., x ) = i I F i (x) multi(i), reduced usig the idetities x q j = x j, j = 1,...,. Thus each variable appears with degree at most q 1. We the defie the affie fuctio F I by replacig each moomial Π i I x mult I(i) i i F I by the correspodig variable x I. We similarly defie the affie fuctio g from g ad combie these fuctios ito a affie feedback register of legth q 1 over GF (q) that geerates all the output sequeces of the origial register, as before. With these defiitios Corollary 2.2 holds verbatim. Corollary 2.3 holds with coditios 1 ad 2 replaced by: If I Q ad J R the red(j mult I() I ) Q. Theorem 2.4 holds with the upper boud r 1 q j=2 ( j ) k (q 1) j C i (q 1) r (q 1) i=1 i the first case, ad r 1 q 1 j=2 ( j ) k (q 1) j C i (q 1) r (q 1) i=1

REFERENCES 13 i the secod. Let #(, i) be the umber of moomials of degree i i variables i which each variable has degree at most q 1. Propositio 2.6 the holds with ( ) i replaced by #(, i). I Propositio 2.7, we must require that each term of the feedback ad feedforward fuctios cotai at least k variables, ad replace ( ) i by #(, i) i the coclusio. Similarly, i Propositio 2.8, we must require that each term of the feedback fuctio cotai at least k variables ad replace ( ) i by #(, i) i the coclusio. Ackowledgemets We would like to thak a aoymous referee for a umber of helpful suggestios which have resulted i substatial simplificatios of this paper. Refereces [1] A.H. Cha, R.A.Games ad E.L. Key, O the complexity of debruij sequeces, Joural of Combiatorial Theory, Series A 33-3, pp. 233-246, 1982. [2] H. Fredrickse, A Survey of Full Legth Noliear Shift Register Cycle Algorithms, SIAM Review, Vol. 24, pp. 195-221, 1982. [3] S. Golomb, Shift Register Sequeces. Lagia Hills, CA: Aegea Park Press, 1982. [4] E.L. Key, A Aalysis of the structure ad complexity of oliear biary sequece geerators, IEEE Tras. Iform. Theory, Vol. IT-22, o. 6, pp. 732-736, Nov. 1976. [5] S. Lag, Algebra. Readig, MA: Addiso Wesley, 1971. [6] J.L. Massey, Shift Register Sythesis ad BCH Decodig, IEEE Tras. Iform. Theory, Vol. IT-15, pp. 122-127, 1969. [7] R.A. Rueppel, New approaches to stream ciphers, Ph.D. dissertatio, Swiss Federal Istitiute of Techology, 1984. [8] R.A. Rueppel ad O.J. Staffelbach, Products of Liear Recurrig Sequeces with Maximum Complexity, IEEE Tras. Iform. Theory, Vol. IT-33, o. 1, pp.124-131, 1987.

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback