Paper 2023/1847

Cycle Structure and Observability of Two Types of Galois NFSRs

Xianghan Wang, Institute of Information Engineering,Chinese Academy of Sciences, Beijing 100085, China
Jianghua Zhong, Institute of Information Engineering,Chinese Academy of Sciences, Beijing 100085, China
Dongdai Lin, Institute of Information Engineering,Chinese Academy of Sciences, Beijing 100085, China
Abstract

Nonlinear feedback shift registers (NFSRs) are used in many stream ciphers as their main building blocks. One security criterion for the design of a stream cipher is to assure its keystream has a long period. To meet this criterion, the NFSR used in a stream cipher must have a long state cycle. Further, to simultaneously avoid equivalent keys, the keystream's period is not compressed compared to the NFSR's state cycle length, which can be guaranteed if the NFSR is observable in the sense that any two distinct initial states are distinguishable from their resulting output sequences. The cycle structure of a general NFSR remains an open hard problem. Constructing Fibonacci NFSRs with maximum state cycles has therefore attracted much attention, but so far such Fibonacci NFSRs with known feedback functions have been found only for their stage numbers no greater than 33. Considering that Galois NFSRs may decrease the area and increase the throughput compared to Fibonacci NFSRs, this paper studies two types of $n$-stage Galois NFSRs, whose state transition matrices are circulant matrices with only one nonzero element of 1 in each column. The cycle structure and observability of both types are disclosed using the semi-tensor product based Boolean network approach. In the first type, each Galois NFSR has the state transition matrix, in which the position of the element 1 in the first column is even. It has the maximum state cycle with an arbitrary stage number and an explicit feedback functions. It is observable if and only if its output function is dependent on the first state bit. In the second type, each Galois NFSR has the state transition matrix, in which the position of the element 1 in the first column is $2^m+1$ with positive integer $m\leq n-1$ for the NFSR's stage number $n$. It has $2^m$ cycles of length $2^{n-m}$, and it is observable if its output function is dependent on all the state bits whose indices are no smaller than $n-m+1$.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint.
Keywords
shift registerstream ciphercycle structureobservablilitysemi-tensor productBoolean network
Contact author(s)
wangxianghan @ iie ac cn
zhongjianghua @ iie ac cn
ddlin @ iie ac cn
History
2023-12-01: approved
2023-11-30: received
See all versions
Short URL
https://ia.cr/2023/1847
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/1847,
      author = {Xianghan Wang and Jianghua Zhong and Dongdai Lin},
      title = {Cycle Structure and Observability of Two Types of Galois NFSRs},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1847},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/1847}},
      url = {https://eprint.iacr.org/2023/1847}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.