applied cryptography - protocols, algorithms, and source code in c

22 0 177 88 0 225 97 0 225 109 0 231 26 0

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: on the mathematical theory. Ernst Selmer, the Norwegian government’s chief cryptographer, worked out the theory of shift register sequences in 1965 [1411]. Solomon Golomb, an NSA mathematician, wrote a book with Selmer’s results and some of his own [643]. See also [970,971,1647]. The simplest kind of feedback shift register is a linear feedback shift register, or LFSR (see Figure 16.2). The feedback function is simply the XOR of certain bits in the register; the list of these bits is called a tap sequence. Sometimes this is called a Fibonacci configuration. Because of the simple feedback sequence, a large body of mathematical theory can be applied to analyzing LFSRs. Cryptographers like to analyze sequences to convince themselves that they are random enough to be secure. LFSRs are the most common type of shift registers used in cryptography. Figure 16.3 is a 4-bit LFSR tapped at the first and fourth bit. If it is initialized with the value 1111, it produces the following sequence of internal states before repeating: 1111 0111 1011 0101 1010 1101 0110 0011 1001 0100 0010 0001 1000 1100 1110 Figure 16.1 Feedback shift register. Figure 16.2 Linear feedback shift register. The output sequence is the string of least significant bits: 1 1 1 1 0 1 0 1 1 0 0 1 0 0 0.... An n-bit LFSR can be in one of 2n - 1 internal states. This means that it can, in theory, generate a 2n - 1-bit-long pseudo-random sequence before repeating. (It’s 2n - 1 and not 2n because a shift register filled with zeros will cause the LFSR to output a neverending stream of zeros—this is not particularly useful.) Only LFSRs with certain tap sequences will cycle through all 2n - 1 internal states; these are the maximal-period LFSRs. The resulting output sequence is called an m-sequence. Previous Table of Contents Next Products | Contact Us | About Us | Privacy | Ad Info | Home Use of this site is subject to certain Terms & Conditions, Copyright © 1996-2000 EarthWeb Inc. All rights reserved. Reproduction whole or in part in any form...
View Full Document

Ask a homework question - tutors are online