Unformatted text preview: been proposed, one by Rainer Rueppel (see Figure 16.13)  and another by Bill Chambers and Dieter Gollmann  (see Figure 16.14). In Rueppel’s generator, when the output of the LFSR is 0, the LFSR is clocked d times. When the output of the LFSR is 1, the LFSR is clocked k times. Chambers’s and Gollmann’s generator is more complicated, but the idea is the same. Unfortunately, both generators are insecure , although some modifications have been proposed that may correct the problems . Figure 16.11 Bilateral stop-and-go generator. Figure 16.12 Threshold generator. Multispeed Inner-Product Generator
This generator, by Massey and Rueppel , uses two LFSRs clocked at two different speeds (see Figure 16.15). LFSR-2 is clocked d times as fast as LFSR-1. The individual bits of the two LFSRs are ANDed together and then XORed with each other to produce the final output bit of the generator. Although this generator has high linear complexity and it possesses excellent statistical properties, it still falls to a linear consistency attack . If n1 is the length of LFSR-1, n2 is the length of the LFSR-2, and d is the speed multiple between the two, then the internal state of the generator can be recovered from an output sequence of length n1 + n2 + log2d Summation Generator
More work by Rainer Rueppel, this generator adds the output of two LFSRs (with carry) [1358,1357]. This operation is highly nonlinear. Through the late 1980s, this generator was the security front-runner, but it fell to a correlation attack [1053,1054,1091]. And it has been shown that this is an example of a feedback with carry shift register (see Section 17.4), and can be broken . Figure 16.13 Rueppel’s self-decimated generator. Figure 16.14 Chambers’s and Gollmann’s self-decimated generator. DNRSG
That stands for “dynamic random-sequence generator” . The idea is to have two different filter generators—threshold, summation, or whatever—fed by a single set of LFSRs and controlled by another LFSR. First clock all the LFSRs. If the output of LFSR-0 is 1,...
View Full Document
- Fall '10
- Cryptography, Bruce Schneier, Applied Cryptography, EarthWeb, Search Search Tips