Publications (41)41.23 Total impact

Article: Further results on the distinctness of modulo 2 reductions of primitive sequences over Z/(2(32)1)
[Show abstract] [Hide abstract]
ABSTRACT: Recently, primitive sequences over \(\mathbf{Z}/(2^{32}1)\) are shown to have many desirable properties, which makes them of potential interest for cryptographic applications. To further support the applications of this kind of sequences, in this paper, we consider the problem whether primitive sequences generated by two distinct primitive polynomials over \(\mathbf{Z} /(2^{32}1)\) are pairwise distinct modulo 2. A sufficient condition is given for ensuring that the answer to this problem is positive.  [Show abstract] [Hide abstract]
ABSTRACT: Recently nonlinear feedback shift registers (NFSRs) have frequently been used as building blocks for designing stream ciphers. Let NFSR (g) be an mstage NFSR with characteristic function ${g=x_{0}\oplus g_{1}(x_{1},\cdots ,x_{m1})\oplus x_{m}}$ . Up to now there has been no known method to determine whether the family of output sequences of the NFSR (g), denoted by S(g), contains a subfamily of sequences that are exactly the output sequences of an NFSR(f) of stage n < m. This paper studies affine cases, that is, finding an affine function f such that S(f) is a subset of S(g). If S(g) contains an affine subfamily S(f) whose order n is close to m, then a large number of sequences generated by the NFSR (g) have low linear complexities. First, we give two methods to bound the maximal order of affine subfamilies included in S(g). Experimental data indicate that if S(g) contains an affine subfamily of order not smaller than m/2, then the upper bound given in the paper is tight. Second, we propose two algorithms to solve affine subfamilies of a given order n included in S(g), both of which aim at affine subfamilies with the maximal order. Algorithm 1 is applicable when n is close to m, while the feasibility of Algorithm 2 relies on the distribution of nonlinear terms of g. In particular, if Algorithm 2 works, then its computation complexity is less than that of Algorithm 1 and it is quite efficient for a number of cases.  [Show abstract] [Hide abstract]
ABSTRACT: This paper studies the distinctness of modular reductions of primitive sequences over ${\mathbf{Z}/(2^{32}1)}$ . Let f(x) be a primitive polynomial of degree n over ${\mathbf{Z}/(2^{32}1)}$ and H a positive integer with a prime factor coprime with 232−1. Under the assumption that every element in ${\mathbf{Z}/(2^{32}1)}$ occurs in a primitive sequence of order n over ${\mathbf{Z}/(2^{32}1)}$ , it is proved that for two primitive sequences ${\underline{a}=(a(t))_{t\geq 0}}$ and ${\underline{b}=(b(t))_{t\geq 0}}$ generated by f(x) over ${\mathbf{Z}/(2^{32}1), \underline{a}=\underline{b}}$ if and only if ${a\left( t\right) \equiv b\left( t\right) \bmod{H}}$ for all t ≥ 0. Furthermore, the assumption is known to be valid for n between 7 and 100, 000, the range of which is sufficient for practical applications. 
Article: On the density of irreducible NFSRs
[Show abstract] [Hide abstract]
ABSTRACT: Let n be a positive integer. An NFSR of n stages is called irreducible if the family of output sequences of any NFSR of stages less than n is not included in that of the NFSR. In this paper, we prove that the density of the irreducible NFSRs of n stages is larger than 0.39. This implies that it is expected to find an irreducible NFSR of n stages among three randomly chosen NFSRs of n stages.  [Show abstract] [Hide abstract]
ABSTRACT: Grain is one of eSTREAM hardwareoriented finalists. It uses a 160bit NFSR as a primitive which is a cascade connection of an 80bit LFSR into an 80bit NFSR. In this paper, we study affine subfamilies of the family of output sequences of this 160bit NFSR and prove that it includes no affine subfamilies of order greater than 31 or less than 28 except for an affine subfamily of order 2.  [Show abstract] [Hide abstract]
ABSTRACT: Nonlinear feedback shift registers (NFSRs) are widely used in stream cipher design as building blocks. In this paper, we study the problem of decomposing an NFSR into the cascade connection of an NFSR into a linear feedback shift register (LFSR), which is a kind of concatenation of an NFSR and LFSR. A necessary and sufficient condition for such decomposition is provided and other algebraic properties about such decomposition are also studied. Based on these theoretical results, a binary decision diagram (BDD)based algorithm for such decomposition is proposed. Compared with the previous algorithm proposed by Ma et al., our algorithm can find more accurate candidate LFSR and the algebraic properties presented in this paper guarantee that the memory requirement during our verification is linear in the size of the BDD of the NFSRs characteristic function.  [Show abstract] [Hide abstract]
ABSTRACT: This paper presents some nonrandom distribution properties of two generalized cyclotomic binary sequences of length $2p^{m}$ constructed by Zhang et al. (Appl Algebra Eng Commun Comput 21:93–108, 2010). Using these properties we further study the $k$ error linear complexity and autocorrelation of these sequences. For some small values of $k$ , the upper bounds on the $k$ error linear complexity are derived, which are far less than their linear complexity. Finally the bounds on the autocorrelation of these sequences are also presented. Our results show that there exist some drawbacks in application of these two sequences.  [Show abstract] [Hide abstract]
ABSTRACT: Based on single cycle Tfunctions over Z/(2n)Z/(2n), two classes of pseudorandom sequences are proposed in this paper. The periods of all their coordinate sequences can reach the maximal value 2n2n, and the distribution properties and linear complexities of the sequences are also studied. For the first class of sequences, it is shown that the less significant half of the coordinate sequences are uniformly distributed over F2F2 and the exact linear complexities are also derived. For the second class of sequences, lower bounds on the linear complexities of their coordinate sequences are given.  [Show abstract] [Hide abstract]
ABSTRACT: Linear complexity and kerror linear complexity are the important measures for sequences in stream ciphers. This paper discusses the asymptotic behavior of the normalized kerror linear complexity $${L_{n,k}(\underline{s})/n}$$ of random binary sequences $${\underline{s}}$$ , which is based on one of Niederreiter’s open problems. For k = n θ, where 0 ≤ θ ≤ 1/2 is a fixed ratio, the lower and upper bounds on accumulation points of $${L_{n,k}(\underline{s})/n}$$ are derived, which holds with probability 1. On the other hand, for any fixed k it is shown that $${\lim_{n\rightarrow\infty} L_{n,k}(\underline{s})/n = 1/2}$$ holds with probability 1. The asymptotic bounds on the expected value of normalized kerror linear complexity of binary sequences are also presented.  [Show abstract] [Hide abstract]
ABSTRACT: Let M be a squarefree odd integer and Z/(M) the integer residue ring modulo M . This paper studies the distinctness of primitive sequences over Z/(M) modulo 2. Recently, for the case of M=pq, a product of two distinct prime numbers p and q, the problem has been almost completely solved. As for the case that M is a product of more prime numbers, the problem has been quite resistant to proof. In this paper, a partial proof is given by showing that a class of primitive sequences of order 2n'+1 over Z/(M) is distinct modulo 2, where n' is a positive integer. Besides as an independent interest, this paper also involves two distribution properties of primitive sequences over Z/(M), which are related closely to our main results. 
 [Show abstract] [Hide abstract]
ABSTRACT: Let N be an integer greater than 1 and Z/(N) the integer residue ring modulo N. Extensive experiments seem to imply that primitive sequences of order n≥2 over Z/(N) are pairwise distinct modulo 2. However, efforts to obtain a formal proof have not been successful except for the case when N is an odd prime power integer. Recent research has mainly focussed on the case of squarefree odd integers with several special conditions. In this paper we study the problem over Z/(p e q), where p and q are two distinct odd primes, e is an integer greater than 1. We provide a sufficient condition to ensure that primitive sequences generated by a primitive polynomial over Z/(p e q) are pairwise distinct modulo 2.  [Show abstract] [Hide abstract]
ABSTRACT: This paper studies the stability of the linear complexity of lsequences. Let s̲ be an lsequence with linear complexity attaining the maximum per(s̲)/2+1. A tight lower bound and an upper bound on minerror(s̲), i.e., the minimal value k for which the kerror linear complexity of s̲ is strictly less than its linear complexity, are given. In particular, for an lsequence s̲ based on a prime number of the form 2r+1, where r is an odd prime number with primitive root 2, it is shown that minerror(s̲) is very close to r, which implies that this kind of lsequences have very stable linear complexity.  [Show abstract] [Hide abstract]
ABSTRACT: 2Adic complexity plays an important role in cryptology. It measures the difficulty of outputting a binary sequence using a feedback with carry shift register. This paper studies the 2adic complexity of finite sequences by investigating the corresponding rational complexity whose logarithm to the base 2 is just equal to the 2adic complexity. Experiments show that the logarithm to the base 2 of the expected values for rational complexity is a good approximation to the expected values for the 2adic complexity. Both a nontrivial lower bound and a nontrivial upper bound on the expected values for the rational complexity of finite sequences are given in the paper. In particular, the lower bound is much better than the upper bound.  [Show abstract] [Hide abstract]
ABSTRACT: Let Z/(p<sup>e</sup>) be the integer residue ring with odd prime p and integer e Â¿ 2. Any sequence a over Z/(p<sup>e</sup>) has a unique padic expansion a = a<sub>0</sub> + a<sub>1</sub> Â· p + Â·Â·Â· + a<sub>e1</sub> Â· p<sup>e1</sup>, where a<sub>i</sub> can be regarded as a sequence over Z/(p) for 0 Â¿ i Â¿ e  1. Let f(x) be a strongly primitive polynomial over Z/(p<sup>e</sup>) and a, b be two primitive sequences generated by f(x) over Z/(p<sup>e</sup>). Assume Â¿(x<sub>0</sub>,..., x<sub>e1</sub>) = x<sub>e1</sub> + Â¿(x<sub>0</sub>,..., x<sub>e2</sub>) is an evariable function over Z/(p) with the monomial (p+1)/2 x<sub>e2</sub> <sup>p1</sup> ...x<sub>1</sub> <sup>p1</sup> not pearing in the expression of Â¿(x<sub>0</sub>,x<sub>1</sub>,..., x<sub>e2</sub>). It is shown that if there exists an s Â¿ Z/(p) such that Â¿(a<sub>0</sub>(t),..., a<sub>e1</sub> (t)) = s if and only if Â¿(b<sub>0</sub> (t),..., b<sub>e1</sub> (t)) = s for all nonnegative t with Â¿(i) Â¿ 0, where Â¿ is an msequence determined by f(x) and a<sub>0</sub>, then a = b. This implies that for compressing sequences derived from primitive sequences generated by f(x) over Z/(p<sup>e</sup>), single element distribution is unique on all positions t with Â¿(t) Â¿ 0. In particular, when Â¿(x<sub>0</sub>,x<sub>1</sub>,..., x<sub>e2</sub>) = 0, it is a completion of the former result on the uniqueness of distribution of element 0 in highest level sequences.  [Show abstract] [Hide abstract]
ABSTRACT: Although 2 adic complexity was proposed more than ten years ago, even for m sequences which are thought of as the most important linear recurring sequences, no theoretical results about their 2adic complexity has been presented. In this paper, it is shown that for a binary msequence, its 2adic complexity attains the maximum, which implies that no feedback with carry shift registers (FCSRs) with connection integer less than 2 2 n 1  1 can generate msequences of order n .  [Show abstract] [Hide abstract]
ABSTRACT: Let N be a product of distinct prime numbers and Z/(N)Z/(N) be the integer residue ring modulo N. In this paper, a primitive polynomial f(x)f(x) over Z/(N)Z/(N) such that f(x)f(x) divides xs−cxs−c for some positive integer s and some primitive element c in Z/(N)Z/(N) is called a typical primitive polynomial. Recently typical primitive polynomials over Z/(N)Z/(N) were shown to be very useful, but the existence of typical primitive polynomials has not been fully studied. In this paper, for any integer m⩾1m⩾1, a necessary and sufficient condition for the existence of typical primitive polynomials of degree m over Z/(N)Z/(N) is proved.  [Show abstract] [Hide abstract]
ABSTRACT: In this paper, the autocorrelations of lsequences with prime connection integer are discussed. Let a\underline{a} be an lsequence with connection integer p and period T = p − 1, we show that the autocorrelation Ca(t)C_{\underline{a}}(\tau ) of a\underline{a} with shift τ satisfies:  Ca(t)\fracp1p2\undersetc=1\oversetp1åtan( \fracpc2tp) tan( \fracpcp)  = O(ln2p). \left\vert C_{\underline{a}}(\tau )\frac{p1}{p^{2}}\cdot \underset{c=1}{ \overset{p1}{\sum }}\tan \left( \frac{\pi c2^{\tau }}{p}\right) \tan \left( \frac{\pi c}{p}\right) \right\vert =O(\ln ^{2}p). Thus by calculating this triangular sum, an estimate of Ca (t)C_{\underline{a} }(\tau ) can be obtained. Particularly, for any shift τ with 2t(modp)=(p3)/2 2^{\tau }(\mbox{mod}\ p)=(p3)/2 or (p+3)/2 (p+3)/2, the autocorrelation C a(t)C_{ \underline{a}}(\tau ) of a\underline{a} with shift τ satisfies C a(t)=O(ln2p)C_{ \underline{a}}(\tau )=O(\ln ^{2}p), thus when p is sufficiently large, the autocorrelation is low. Such result also holds for the decimations of lsequences.  [Show abstract] [Hide abstract]
ABSTRACT: Maximal length FCSR sequences, or lsequences, are an important type of nonlinear sequences used for building stream ciphers. This paper studies the linearity properties of lsequences. Although it is widely accepted that lsequences have high linear complexities close to their half periods, it is shown that for most of the lsequences, linear relations with large statistical advantage exist.  [Show abstract] [Hide abstract]
ABSTRACT: A maximal length feedback with carry shift register sequence is also called an lsequence. Although termwise exclusive ors of lsequences are long thought to be a type of good pseudorandom sequences, few of their statistical properties have been proved yet. This paper completely determines the period of a termwise exclusive or of several lsequences generated by FCSRs with distinct nonprime connection integers. The main result shows that either it attains the maximum or half of it and the associated sufficient conditions are also presented. Moreover, this periodicity property also holds for generalized lsequences of the form {Aξtmodpemod2}t=0∞ where ξ is a primitive root modulo odd prime number power pe and A is an integer relatively prime to p.
Publication Stats
275  Citations  
41.23  Total Impact Points  
Top Journals
Institutions

20092014

Zhengzhou Information Science and Technology Institute
Cheng, Henan Sheng, China


2010

Chinese Academy of Sciences
 Institute of Software
Peping, Beijing, China


2006

Zhengzhou University
 Division of Mathematics and Applied Mathematics
Cheng, Henan Sheng, China
