This preview shows page 1. Sign up to view the full content.
Unformatted text preview: along these lines [1534,1574,1477]. Figure 16.7 Generalized Geffe generator. Figure 16.8 Jennings generator. Bilateral StopandGo Generator
This generator uses two LFSRs, both of length n (see Figure 16.11) [1638]. The output of the generator is the XOR of the outputs of each LFSR. If the output of LFSR2 at time t – 1 is 0 and the output at time t – 2 is 1, then LFSR2 does not clock at time t. Conversely, if the output of LFSR1 at time t – 1 is 0 and the output at t – 2 is 1, and if LFSR1 clocked at time t, then LFSR2 does not clock at time t. The linear complexity of this system is roughly equal to the period. According to [1638], “no evident key redundancy has been observed in this system.” Threshold Generator
This generator tries to get around the security problems of the previous generators by using a variable number of LFSRs [277]. The theory is that if you use a lot of LFSRs, it’s harder to break the cipher. This generator is illustrated in Figure 16.12. Take the output of a large number of LFSRs (use an odd number of them). Make sure the lengths of all the LFSRs are relatively prime and all the feedback polynomials are primitive: maximize the period. If more than half the output bits are 1, then the output of the generator is 1. If more than half the output bits are 0, then the output of the generator is 0. Figure 16.9 BethPiper stopandgo generator. Figure 16.10 Alternating stopandgo generator. With three LFSRs, the output generator can be written as: b = (a1 ^ a2) • (a1 ^ a3) • (a2 ^ a3) This is very similar to the Geffe generator, except that it has a larger linear complexity of n1n2 + n1n3 + n2n3 where n1, n2, and n3 are the lengths of the first, second, and third LFSRs. This generator isn’t great. Each output bit of the generator yields some information about the state of the LFSRs—0.189 bit to be exact—and the whole thing falls to a correlation attack. I don’t recommend using it. SelfDecimated Generators
Selfdecimated generators are generators that control their own clock. Two have...
View
Full
Document
This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.
 Fall '10
 ALIULGER
 Cryptography

Click to edit the document details