Authors: Tian Tian WenFeng Qi
Publish Date: 2012/07/15
Volume: 71, Issue: 1, Pages: 163-181
Abstract
Recently nonlinear feedback shift registers NFSRs have frequently been used as building blocks for designing stream ciphers Let NFSR g be an mstage NFSR with characteristic function g=x 0oplus g 1x 1cdots x m1oplus x m Up to now there has been no known method to determine whether the family of output sequences of the NFSR g denoted by Sg contains a subfamily of sequences that are exactly the output sequences of an NFSRf of stage n m This paper studies affine cases that is finding an affine function f such that Sf is a subset of Sg If Sg contains an affine subfamily Sf whose order n is close to m then a large number of sequences generated by the NFSR g have low linear complexities First we give two methods to bound the maximal order of affine subfamilies included in Sg Experimental data indicate that if Sg contains an affine subfamily of order not smaller than m/2 then the upper bound given in the paper is tight Second we propose two algorithms to solve affine subfamilies of a given order n included in Sg both of which aim at affine subfamilies with the maximal order Algorithm 1 is applicable when n is close to m while the feasibility of Algorithm 2 relies on the distribution of nonlinear terms of g In particular if Algorithm 2 works then its computation complexity is less than that of Algorithm 1 and it is quite efficient for a number of cases
Keywords: