Block vs. Stream cipher

Similar documents
Pseudo-Random Number Generators

Lecture 10-11: General attacks on LFSR based stream ciphers

Private-key Systems. Block ciphers. Stream ciphers

Introduction to Modern Cryptography Lecture 4

Cryptography Lecture 3. Pseudorandom generators LFSRs

CSc 466/566. Computer Security. 5 : Cryptography Basics

Lemma 1.2. (1) If p is prime, then ϕ(p) = p 1. (2) If p q are two primes, then ϕ(pq) = (p 1)(q 1).

CRC Press has granted the following specific permissions for the electronic version of this book:

L9: Galois Fields. Reading material

4.3 General attacks on LFSR based stream ciphers

Chapter 4 Mathematics of Cryptography

CODING AND CRYPTOLOGY III CRYPTOLOGY EXERCISES. The questions with a * are extension questions, and will not be included in the assignment.

Solutions to the Midterm Test (March 5, 2011)

Combinatorics of p-ary Bent Functions

3.8 MEASURE OF RUNDOMNESS:

Public-key Cryptography: Theory and Practice

Cryptography and Security Protocols. Previously on CSP. Today. El Gamal (and DSS) signature scheme. Paulo Mateus MMA MEIC

STREAM CIPHER. Chapter - 3

CONVEX OPTIMIZATION OVER POSITIVE POLYNOMIALS AND FILTER DESIGN. Y. Genin, Y. Hachez, Yu. Nesterov, P. Van Dooren

Applications of Discrete Mathematics to the Analysis of Algorithms

Univ.-Prof. Dr. rer. nat. Rudolf Mathar. Written Examination. Cryptography. Tuesday, August 29, 2017, 01:30 p.m.

CIS 551 / TCOM 401 Computer and Network Security

Linear Feedback Shift Registers

Finding small factors of integers. Speed of the number-field sieve. D. J. Bernstein University of Illinois at Chicago

Classical Cryptography

Secret Key: stream ciphers & block ciphers

A Language for Task Orchestration and its Semantic Properties

Basic elements of number theory

Basic elements of number theory

Thesis Research Notes

Lecture Notes. Advanced Discrete Structures COT S

Distinguishing Stream Ciphers with Convolutional Filters

Fields in Cryptography. Çetin Kaya Koç Winter / 30

Chapter 4 Finite Fields

B. Cyclic Codes. Primitive polynomials are the generator polynomials of cyclic codes.

Congruence Classes. Number Theory Essentials. Modular Arithmetic Systems

New Methods for Cryptanalysis of Stream Ciphers. The Selmer Centre Department of Informatics University of Bergen Norway

Lecture Notes, Week 6

Mathematical Foundations of Cryptography

CIS 6930/4930 Computer and Network Security. Topic 5.1 Basic Number Theory -- Foundation of Public Key Cryptography

Lecture 12: Block ciphers

EECS Components and Design Techniques for Digital Systems. Lec 26 CRCs, LFSRs (and a little power)

Cryptanalysis of the Light-Weight Cipher A2U2 First Draft version

A Low Data Complexity Attack on the GMR-2 Cipher Used in the Satellite Phones

A block cipher enciphers each block with the same key.

Soft-decision Decoding of Chinese Remainder Codes

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

CPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems

CTR mode of operation

ECEN 5022 Cryptography

Randomized Simultaneous Messages: Solution of a Problem of Yao in Communication Complexity

The RSA cryptosystem and primality tests

Mathematics of Cryptography

NOTES ON FINITE FIELDS

Code-based post-quantum cryptography. D. J. Bernstein University of Illinois at Chicago

Algebra for error control codes

10 Concrete candidates for public key crypto

F O R SOCI AL WORK RESE ARCH

An Improved Quantum Fourier Transform Algorithm and Applications

New Implementations of the WG Stream Cipher

Algebraic attack on stream ciphers Master s Thesis

Mathematical Foundations of Public-Key Cryptography

An algorithm for computing minimal bidirectional linear recurrence relations

EECS150 - Digital Design Lecture 21 - Design Blocks

1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2

Design of Pseudo-Random Spreading Sequences for CDMA Systems

Lecture 6: Introducing Complexity

A CRYPTANALYTIC ATTACK-ON THE LU-LEE PUBLIC-KEY CRYPTOSYSTEM

a fast correlation attack implementation

Clock-Controlled Shift Registers for Key-Stream Generation

Real scripts backgrounder 3 - Polyalphabetic encipherment - XOR as a cipher - RSA algorithm. David Morgan

Correlation Analysis of the Shrinking Generator

CPSC 467b: Cryptography and Computer Security

Speeding up characteristic 2: I. Linear maps II. The Å(Ò) game III. Batching IV. Normal bases. D. J. Bernstein University of Illinois at Chicago

Cryptography and Shift Registers

Cryptography. P. Danziger. Transmit...Bob...

IEOR SEMINAR SERIES Cryptanalysis: Fast Correlation Attacks on LFSR-based Stream Ciphers

COMPUTER ARITHMETIC. 13/05/2010 cryptography - math background pp. 1 / 162

MODEL ANSWERS TO HWK #10

Question 2.1. Show that. is non-negligible. 2. Since. is non-negligible so is μ n +

Block ciphers And modes of operation. Table of contents

Block-tridiagonal matrices

Margin Maximizing Loss Functions

Design of Filter Functions for Key Stream Generators using Boolean Power Functions Jong-Min Baek

Linear Feedback Shift Registers (LFSRs) 4-bit LFSR

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

The LILI-128 Keystream Generator

Know the meaning of the basic concepts: ring, field, characteristic of a ring, the ring of polynomials R[x].

Detection and Exploitation of Small Correlations in Stream Ciphers

2. Cryptography 2.5. ElGamal cryptosystems and Discrete logarithms

MacLane s coherence theorem expressed as a word problem

Linear Cellular Automata as Discrete Models for Generating Cryptographic Sequences

How does the computer generate observations from various distributions specified after input analysis?

Stream ciphers I. Thomas Johansson. May 16, Dept. of EIT, Lund University, P.O. Box 118, Lund, Sweden

1/30: Polynomials over Z/n.

The Vigenère cipher is a stronger version of the Caesar cipher The encryption key is a word/sentence/random text ( and )

Math 312/ AMS 351 (Fall 17) Sample Questions for Final

Modern Cryptography Lecture 4

Lecture Notes. Advanced Discrete Structures COT S

Section X.55. Cyclotomic Extensions

Transcription:

Block vs. Stream cipher Idea of a block cipher: partition the text into relatively large (e.g. 128 bits) blocks and encode each block separately. The encoding of each block generally depends on at most one of the previous blocks. the same key is used at each block. Idea of a stream cipher: partition the text into small (e.g. 1 bit) blocks and let the encoding of each block depend on many previous blocks. for each block, a different key is generated.

Ý ¼ Ü ½ Ý ½ Ü ¾ Ý ¾ Ü Ý Ü Ý Examples of stream ciphers One-time pad. Block cipher in OFB or CTR mode. ÁÎ ½ ÁÎ ¾ ÁÎ ÁÎ ÁÎ

Synchronous stream ciphers Definition 1. A stream cipher is synchronous if its key sequence does not depend on the plain- and ciphertexts but only on the previous elements of the key sequence and the initial key. Þ Þ ½ Þ ¾ Þ Ø µ Ý Ü Þ µ Þ ½ Þ¼ Þ½ Þ¾ Þ Ý½ ݾ Ý Ü½ ܾ Ü

Properties of the synchronous stream cipher 1. The encoder and decoder must be synchronized, i.e. the decoder must always make sure that it applies the right element of the key sequence to the given element of the ciphertext sequence. 2. If an element of the ciphertext sequence has been changed (but not deleted) then only the corresponding plaintext element is affected. One-time pad is a synchronous stream cipher. Other synchronous stream ciphers could be called pseudo one-time pads. They are as secure as hard it is to distinguish Þ µ from a truly random sequence.

ݼ ݽ ݾ Ý Self-synchronizing stream ciphers Definition 2. A stream cipher is self-synchronizing if its keystream depends on the plain- or ciphertext. Þ Ý ½ Ý ¾ Ý Ø µ Ý Ü Þ µ Þ½ Þ¾ Þ Ý ½ ܽ ܾ Ü

Properties of a self-synchronizing stream cipher 1. If a ciphertext block is changed somehow (either randomly or adverently) then only the decryptions of the next Ø blocks are affected. Hence the decoding process synchronizes itself. 2. The rather quick reappearance of the correct decoding means that the tampering of some ciphertext blocks may remain unnoticed. 3. As the cryptotext blocks depend on all preceeding plaintext blocks, the statistical analysis of the cryptotext is hopefully more difficult.

Linear keystream generator Let ½ Ø ¾ ¼ ½ certain fixed bits and Þ ¼ Þ Ø ½ the initial keystream bits. The subsequent bits Þ of the keystream Þ Ò µ, where Ø, are generated using the rule Þ Þ ½ Þ ¾ Þ Ø µ ½ Þ ½ ¾ Þ ¾ Ø Þ Ø µ ÑÓ ¾ Example: Ø let, ¾ ¼ ½ ja ½ Þ and Þ ½ Þ ¾ Þ µ ¼ ½ ¼ ¼µ. The output of the generator is then ¼ ¼ ½ ¼ ¼ ½ ½ ¼ ½ ¼ ½ ½ ½ ½ ¼ ¼ ¼

Linear feedback shift register (Lineaarse tagasisidega nihkeregister)... is an electronic gadget for generating a linear keystream. The LFSR corresponding to the previous example is Ê Ê Ê ¾ Ê ½ output

LFSR works like this... Ê step Ê Ê ¾ Ê ½ 0 0 0 1 0 1 1 0 0 1 2 1 1 0 0 3 0 1 1 0 4 1 0 1 1 5 0 1 0 1 6 1 0 1 0 7 1 1 0 1 Ê step Ê Ê ¾ Ê ½ 8 1 1 1 0 9 1 1 1 1 10 0 1 1 1 11 0 0 1 1 12 0 0 0 1 13 1 0 0 0 14 0 1 0 0 15 0 0 1 0 Ê Ê Ê ¾ Ê ½ output

Periodic sequences Definition 3. A sequence Þ ¼ Þ ½ Þ ¾ is periodic if there exists a ½, such that Þ Þ for all ¼. The smallest such is called the period of that sequence. If Þ Þ holds only for all sufficiently large -s, then Þ is called eventually periodic. Exercise. Show that the sequence of bits generated by any LFSR is eventually periodic. Show that the period of a sequence generated by a Ø-register LFSR is at most ¾ Ø ½. Show that if this bound is reached then each period contains ¾ Ø ½ bits ½ and ¾ Ø ½ ½ bits ¼. Exercise. Show that any (eventually) periodic sequence can be generated by an LFSR. The linear complexity Ä Þµ of a sequence Þ is the minimal number of registers that a LFSR needs to output this sequence.

LFSR as a stream cipher P C ¼ ½. A key ¾ K consists of Ø ¾ Æ ; ½ Ø ¾ ¼ ½; Þ ¼ Þ Ø ½ ¾ ¼ ½. To encode or Ü ¾ ¼ ½ decode : compute Þ Ò ½ Þ ½ Ø Þ Ø ÑÓ Ø Ò ½ for and Ü output Þ. ¾ A synchronous stream cipher...how difficult it is to distinguish Þ µ from a truly random sequence of bits? I.e. if we know a part of the sequence Þ µ, how difficult it is to predict the next element(s)?

Þ Ö Ø ½ ½ Þ Ö Ø ¾ ¾ Þ Ö Ø Þ Ö Ø Þ Ö Ø ½ Þ Ö Ø ½ ¾ Þ Ö ½ Ø Þ Ö Ø ½ If we know the linear complexity Ä Þµ Let Ø. We need to find ¾Ø out consequtive keystream Þ bits Þ Ö ¾Ø ½ Ö. Known-plaintext attack can provide them. The following equations hold: Ö ¾Ø ¾ ½ Þ Ö ¾Ø ¾ Þ Ö Ø ½ Ø Þ Ö ¾Ø ½ Þ Solve this system over ¾ for Ø ½ µ. It has a solution the coefficients of the LFSR generating this sequence.

If we do not know the linear complexity Then we must (over)estimate it. Let us know Ø Ä Þµ Ø ¼. We need ¾Ø consequtive keystream bits; solve the same system of equations. It has a solution: if ¼ ½ ¼ Ø ¼ µ are the coefficients of a minimal LFSR generating Þ then ¼ if ½ ؼ ; ¼ if Ø ¼ ½ Ø is a solution to the system of equations. There are other solutions as well. We can even determine the linear compexity.

Polynomials over a ring Ê Formally, a polynomial Ô is a mapping Æ Ê (here Æ ¼ ½ ¾ ) with only finitely many non-zero entries. Denote Ô µ by Ô. The values of Ô are called its coefficients. is usually written Ô as Ô ½ Ü Ô ¾ Ü ¾ Ô Ñ Ü ¼ where Ô Ñ Ô Ñ ½ Ñ ¾ ¼. Ô Polynomials can be added, multiplied, divided (with remainder), ÔÕ division is possible if the leading coefficient Õ of is invertible. multiplied with a scalar used as arguments to Euclid s algorithm, giving their gcd. The set of all polynomials over Ê, denoted ÊÜ, is a ring.

¼ ½ µ ¼ ½ µ Formal series over a ring Ê A formal series is Æ a mapping Ê. The values of are called its ½ coefficients. is usually written as ¼ Ü. Formal series can be added, multiplied, multiplied with a scalar: È µ µ If ¼ is invertible then ½ exists and is given by ½ µ ¼ ½ ¼ ½ µ ½ ¼ The set of all formal series over Ê, denoted ÊÜ, is a ring. A sequence Þ µ can also be seen as a formal series (over ¾ ).

Õ ½ ½ ½ Õ µ Õ Ô ½ ½ Õ ½ Rational formal series A formal series is rational if it can be expressed ÔÕ as, where Ô and ½ are polynomials. Then ¼ Ô ¼ Õ ½ ¼ and Õ ½ Õ µ Õ ½ ¼ Ô Ô ¼ Õ ½ ¼ Ô Õ ½ Õ µ Õ ½ ¼ Ô Ô Ô Õ ½ µ ¼ ½ ¼ Ô Õ I.e. the coefficients of a rational formal series satisfy a linear recurrence. If Ê is finite then the coefficients of are eventually periodic.

½ Ö ½ Ø Ö Ü Ô ¼µ ½ Ü Ø µ ½ Ô Ü Ö Ô ¼µ ½ Ü Ø µ Ô Ü Ö Theorem 1. Let the coefficients of ¾ ÊÜ be eventually periodic. Then is rational. Proof. Let ¼ Ö ½ be the non-periodic part of s coefficients and let Ø for all Ö. Let Ü and Ô Ô ¼µ ¼ ¼ Then Ô ¼µ Ô Ü Ö Ô Ü Ö Ø Ô Ü Ö ¾Ø Ô ¼µ ½ Ü Ø Ü ¾Ø µ Ô Ü Ö ½ Ü Ø Corollary. If s coefficients are periodic (i.e. Ö ¼) then Ô Õ where Ô Õ.

Õ and Þ ½ Ø Þ ½ Rational formal series over ¾ vs. LFSRs Let ½ Ø and Þ ½ Þ Ø be given. Compare: Take Ô Õ ¼ ½, Õ Ø and Õ for ½ Ø. Ô Þ Þ for ½ Ø. ½ È Then Þ. Õ is the characteristic polynomial of the LFSR generating Þ. If Ä Þµ Ø then Õ is the characteristic polynomial of Þ.

Finding the characteristic polynomial Given: Þ Ö Þ Ö ¾Ø ½, such that Ø Ä Þµ. Assume Ö ½. Compute ½ Ø by solving a system of linear equations. Find Õ and Ô as in the previous slide. Return Õ Ô Õµ. Berlekamp-Massey algorithm is faster...ç Ø ¾ µ. Exercise: if we know Ä Þµ and solve the system of equations containing exactly Ä Þµ unknowns, then is it possible to get more than one solution?

Berlekamp-Massey algorithm B-M algorithm reads the coefficients ¼ ½ ¾ one by one. At the -th stage of the algorithm (having read ¼ ½ ) it has computed polynomials Ô µ, Õ µ, such that Õ µ Ô µ ÑÓ Ü µ The size Ô µ Õ µ µ ÑÜ Õ µ Ô µ µ ½ of the LFSR is minimal. Step of the algorithm: read. If Õ µ Ô µ ÑÓ Ü ½ µ then Õ ½µ Õ µ, Ô ½µ Ô µ. Otherwise we have a discrepancy.

µ µ Recomputing Ô and Õ We have Õ µ Ô µ µ Ü ÑÓ Ü ½ µ for some µ ¼. Let be some earlier discrepancy: Õ µ Ô µ µ Ü ÑÓ Ü ½ µ. µ Ü Ô µ and Õ ½µ Õ µ Õ µ Ü µ Take Ô ½µ Ô µ Exercise. Show that Õ ½µ Ô ½µ ÑÓ Ü ½ µ In the B-M algorithm, the last such is used where Ô µ Õ µ µ Ô ½µ Õ ½µ µ

B-M algorithm: initialization If ¼ ½ ¾ ¼ then return Ô ¼ Õ ½µ. Let be such, that Ñ ½ ¼ ¼, Ñ ¼. Ñ Let ¼, ½, Ô Ñ ½µ Ô Ñµ Ü Õ Ñµ Ñ, Ñ Ü, if Ñ Ñ ¼ and Õ Ñ ½µ ½ if Ñ ¼. Õ Ñ ½µ ½ At step Ñ, the linear complexity changed.

LFSR-s with long periods We know that an LFSR with Ø registers can output a sequence with a period at most ¾ Ø ½. How to achieve this upper bound? Definition 4. A polynomial Ô ¾ ÊÜ is reducible if there exists a polynomial Õ ¾ ÊÜ, such that ½ Õ Ô and Õ Ô. Otherwise we call Ô irreducible.

Residue classes modulo polynomials Given Ô ¾ ÊÜ with invertible leading coefficient we can consider the set ÊÜ Ô of all residue classes of ÊÜ modulo Ô. We can define addition and multiplication on this set. ÊÜ Ô Õ Õ ¾ ÊÜ Õ Ô; Õ ½ Õ ¾ Õ ½ Õ ¾ ; Õ ½ Õ ¾ Õ ½ Õ ¾ ÑÓ Ô. The structure ÊÜ Ô µ is a ring. If Ê is a field and Ô is irreducible then ÊÜ Ô is a field. Finding inverses in ÊÜ Ô just like in Õ, where Õ ¾ È. Main tool Euclid s algorithm.

Finite fields Let Ô be an irreducible polynomial of degree Ñ over a finite field Ã. ÃÜ Ô Then is a field Ô with elements. Ñ Up to isomorphism, there exists only one field with Ô Ñ elements. If is a finite field à then is cyclic, i.e. it can be generated by à a single element of Ã. Definition 5. A polynomial Ô ¾ ÃÜ is primitive if Ü is a generator of ÃÜ Ôµ. Theorem 2. If a LFSR s characteristic polynomial Õ is primitive then the period of the sequence produced by this LFSR is ¾ Õ ½ for any non-zero initialization vector. Proof follows...

LFSRs in Galois configuration ½ Ê ¾ Ê Ê Ê Ê Ê Normal; characteristic ½ Ü polynomial: Ü Ü ¼ Ê ½ Ê ¾ Ê Ê Ê Ê Galois configuration; char. ½ Ü Ü polynomial: Ü Char. poly. of Galois conf: contains Ü if there is extra input to Ê. Also contains Ü Ø where Ø is the number of registers.

Evolution of state of a LFSR in Galois conf. A state of a Ø-register LFSR can be represented by a polynomial Ë µü where Ë Ê µ is the contents of Ê in Ë. Ë Ê ¼ The next state of LFSR in Galois conf. is then Ü Ô Ëµ µ ÑÓ Õ where Õ is the characteristic polynomial. Ô Ëµ È Ø ½ If Õ is primitive then the state of that LFSR in Galois conf. passes through all ¾ Ø ½ possible values. We can define an isomorphism between the states of a normal LFSR and its corresponding LFSR in Galois conf. Hence the states of a LFSR pass through ¾ all ½ possible values if the corresponding LFSR in Galois conf. has a primitive characteristic Ø polynomial. The period of the output sequence is ¾ then ½ as well. Ø

Mirror images of polynomials For Õ a ¼ polynomial Ü with Õ ¼ Õ È r Õµ image ¼ by Ü. Õ È ¼ Õ define its mirror If a (normal) LFSR has the characteristic polynomial Õ then the corresponding LFSR in Galois conf. has the characteristic polynomial r Õµ. r Õµ r Õ ¼ µ r Õ Õ ¼ µ. Just compare the coefficients. Hence Õ is irreducible iff r Õµ is. Õ (of degree ) is primitive iff r Õµ is. Indeed, suppose an irreducible Õ is not primitive, then Ü ½ ÑÓ Õµ for some Ô ½. I.e. there exists a polynomial Õ ¼, such that Ü ½ ÕÕ ¼. Then also r Ü ½µ r Õµr Õ ¼ µ. But r Ü ½µ Ü ½µ. Hence r Õµ r Õ ¼ µµ Ü ½ and r Õµ is not primitive.

Testing irreducibility Theorem 3. An irreducible Ñ polynomial of -th degree divides Ô Ü in ÔÜ. Ü Proof. ÔÜ Ñ is a field with Ô elements. Hence «Ô «¼ in ÔÜ Ñ for all «¾ ÔÜ Ñ (Fermat s little theorem). The polynomial Ü is also a member ÔÜ Ñ, hence Ü Ô Ü ¼ ÑÓ Ñµ in ÔÜ. Theorem 4. If an irreducible polynomial Ñ of -th degree divides ¼ then Ô. Ü Ü Proof. Let be ¼ the field with elements; it contains exactly the roots ¼ Ã Ô ¼ of Ü. is a vector space over with dimension. It contains ¼ Ô Ü Ô Ã ½ also «the roots of Ñ, let be Ë a root of Ñ. Let È ¼ «¾ Ô. Then is a field. Ã Ë We have Ô, Ñ hence Ã Ë ¼ Ô Ñ Ë Ãµ Ñ Ë Ãµ ˵ Ô and. ¼ Ñ

Testing irreducibility Õ ¾ ÔÜ is irreducible if Õ Ü Ô Üµ ½ for all Õµ¾. Here Ü Ô may be computed modulo Õ.

Testing primitiveness For Õ ¾ ÔÜ to be primitive, it must first be irreducible. Let Ñ We Ü ÑÓ must have Ô for all ½. It is sufficient to test ½ Õµ this only Ñ Ô for ½µÔ the values Ô where is a prime factor of ½. ¼ ¼ Ñ Ñ Ô Õ.

Polynomials: exercise Which of those polynomials are reducible, which are irreducible and which are primitive over ¾? 1. Ü ½, 2. Ü ¾, 3. Ü ¾ ½, 4. Ü ¾ Ü ½ 5. Ü ½ 6. Ü Ü ½, 7. Ü Ü ½, 8. Ü Ü ¾ ½.

Linear complexity: exercises Exercise. Determine the linear complexities of the following sequences. 1. ½ ¼ ½ ¼ ½ ¼ 2. ½ ¼ ¼ ½ ¼ ½ ½ ½ ¼ ¼ ½ ¼ ½ ½ 3. ½ ¼ ¼ ¼ ½ ¼ ½ ¼ ¼ ¼ ½ ¼ Exercise. 1. Construct a sequence with infinite linear complexity (i.e. a sequence that is generated by no LFSR).

LFSR-s in real cryptosystems Use one or more LFSR-s and apply some non-linear function to their outputs.

Shrinking generator... is constructed from two LFSRs working synchronously. The shrinking generator produces up to one bit for each bit-pair generated by these two LFSRs. It is defined as follows: 1. If the first LFSR outputs ½ then return the output of the second LFSR. 2. If the first LFSR outputs ¼ then return nothing (discard the output of the second LFSR). If the linear complexities of these two LFSR-s are Ä ½ and Ä ¾ and their periods are maximal, then the linear complexity Ä of the shrinking generator satisfies Ä ¾ ¾ Ä ½ ¾ Ä Ä ¾ ¾ Ä ½ ½

Other non-linear combiners Self-shrinking generator: Generate two bits, ¾ ½. If ½ ½ then output ¾. If ½ ¼ then output nothing. Majority: use three LFSR-s clocked synchronously, output the majority of their bits. Irregular clocking: use several LFSR-s, do not clock each of them at each clock cycle, decide the clocked LFSR-s in a non-linear way.

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback