Nonlinear-feedback shift register

Last updated

A nonlinear-feedback shift register (NLFSR) is a shift register whose input bit is a non-linear function of its previous state.

Contents

For an n-bit shift register r its next state is defined as:

,

where f is the non-linear feedback function. [1]

Applications

Nonlinear-feedback shift registers are components in modern stream ciphers, especially in RFID and smartcard applications. NLFSRs are known to be more resistant to cryptanalytic attacks than Linear Feedback Shift Registers (LFSRs).

Generating

It is known how to generate an n-bit NLFSR of maximal length 2n, generating a De Bruijn sequence, by extending a maximal-length LFSR with n stages; [2] but the construction of other large NLFSRs with guaranteed long periods remains an open problem. [3] Using bruteforce methods, a list of maximum-period n-bit NLFSRs for n ≤ 25 has been made as well as for n=27. [4] [1]

New methods suggest usage of evolutionary algorithms in order to introduce non-linearity. [5] In these works, an evolutionary algorithm learns how to apply different operations on strings from LFSR to enhance their quality to meet the criteria of a fitness function, here the NIST protocol, [6] effectively.

NLFSR-based ciphers

Related Research Articles

A pseudorandom number generator (PRNG), also known as a deterministic random bit generator (DRBG), is an algorithm for generating a sequence of numbers whose properties approximate the properties of sequences of random numbers. The PRNG-generated sequence is not truly random, because it is completely determined by an initial value, called the PRNG's seed. Although sequences that are closer to truly random can be generated using hardware random number generators, pseudorandom number generators are important in practice for their speed in number generation and their reproducibility.

<span class="mw-page-title-main">Linear congruential generator</span> Algorithm for generating pseudo-randomized numbers

A linear congruential generator (LCG) is an algorithm that yields a sequence of pseudo-randomized numbers calculated with a discontinuous piecewise linear equation. The method represents one of the oldest and best-known pseudorandom number generator algorithms. The theory behind them is relatively easy to understand, and they are easily implemented and fast, especially on computer hardware which can provide modular arithmetic by storage-bit truncation.

The Mersenne Twister is a general-purpose pseudorandom number generator (PRNG) developed in 1997 by Makoto Matsumoto and Takuji Nishimura. Its name derives from the fact that its period length is chosen to be a Mersenne prime.

<span class="mw-page-title-main">Stream cipher</span> Type of symmetric key cipher

A stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (keystream). In a stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystream, to give a digit of the ciphertext stream. Since encryption of each digit is dependent on the current state of the cipher, it is also known as state cipher. In practice, a digit is typically a bit and the combining operation is an exclusive-or (XOR).

In computing, a linear-feedback shift register (LFSR) is a shift register whose input bit is a linear function of its previous state.

In cryptography, the shrinking generator is a form of pseudorandom number generator intended to be used in a stream cipher. It was published in Crypto 1993 by Don Coppersmith, Hugo Krawczyk, and Yishay Mansour.

A key generator is a protocol or algorithm that is used in many cryptographic protocols to generate a sequence with many pseudo-random characteristics. This sequence is used as an encryption key at one end of communication, and as a decryption key at the other. One can implement a key generator in a system that aims to generate, distribute, and authenticate keys in a way that without the private key, one cannot access the information in the public end.

A maximum length sequence (MLS) is a type of pseudorandom binary sequence.

A pseudorandom binary sequence (PRBS), pseudorandom binary code or pseudorandom bitstream is a binary sequence that, while generated with a deterministic algorithm, is difficult to predict and exhibits statistical behavior similar to a truly random sequence. PRBS generators are used in telecommunication, such as in analog-to-information conversion, but also in encryption, simulation, correlation technique and time-of-flight spectroscopy. The most common example is the maximum length sequence generated by a (maximal) linear feedback shift register (LFSR). Other examples are Gold sequences, Kasami sequences and JPL sequences, all based on LFSRs.

A self-shrinking generator is a pseudorandom generator that is based on the shrinking generator concept. Variants of the self-shrinking generator based on a linear-feedback shift register (LFSR) are studied for use in cryptography.

Grain is a stream cipher submitted to eSTREAM in 2004 by Martin Hell, Thomas Johansson and Willi Meier. It has been selected for the final eSTREAM portfolio for Profile 2 by the eSTREAM project. Grain is designed primarily for restricted hardware environments. It accepts an 80-bit key and a 64-bit IV. The specifications do not recommend a maximum length of output per pair. A number of potential weaknesses in the cipher have been identified and corrected in Grain 128a which is now the recommended cipher to use for hardware environments providing both 128bit security and authentication.

In mathematical optimization, constrained optimization is the process of optimizing an objective function with respect to some variables in the presence of constraints on those variables. The objective function is either a cost function or energy function, which is to be minimized, or a reward function or utility function, which is to be maximized. Constraints can be either hard constraints, which set conditions for the variables that are required to be satisfied, or soft constraints, which have some variable values that are penalized in the objective function if, and based on the extent that, the conditions on the variables are not satisfied.

In cryptography, SOBER is a family of stream ciphers initially designed by Greg Rose of QUALCOMM Australia starting in 1997. The name is a contrived acronym for Seventeen Octet Byte Enabled Register. Initially the cipher was intended as a replacement for broken ciphers in cellular telephony. The ciphers evolved, and other developers joined the project.

ORYX is an encryption algorithm used in cellular communications in order to protect data traffic. It is a stream cipher designed to have a very strong 96-bit key strength with a way to reduce the strength to 32-bits for export. However, due to mistakes the actual strength is a trivial 16-bits and any signal can be cracked after the first 25–27 bytes.

In cryptography, an alternating step generator (ASG) is a cryptographic pseudorandom number generator used in stream ciphers, based on three linear-feedback shift registers. Its output is a combination of two LFSRs which are stepped (clocked) in an alternating fashion, depending on the output of a third LFSR.

<span class="mw-page-title-main">Crypto-1</span> Stream cipher

Crypto1 is a proprietary encryption algorithm and authentication protocol created by NXP Semiconductors for its MIFARE Classic RFID contactless smart cards launched in 1994. Such cards have been used in many notable systems, including Oyster card, CharlieCard and OV-chipkaart.

<span class="mw-page-title-main">Xorshift</span> Class of pseudorandom number generators

Xorshift random number generators, also called shift-register generators, are a class of pseudorandom number generators that were invented by George Marsaglia. They are a subset of linear-feedback shift registers (LFSRs) which allow a particularly efficient implementation in software without the excessive use of sparse polynomials. They generate the next number in their sequence by repeatedly taking the exclusive or of a number with a bit-shifted version of itself. This makes execution extremely efficient on modern computer architectures, but it does not benefit efficiency in a hardware implementation. Like all LFSRs, the parameters have to be chosen very carefully in order to achieve a long period.

Correlation attacks are a class of cryptographic known-plaintext attacks for breaking stream ciphers whose keystream is generated by combining the output of several linear-feedback shift registers (LFSRs) using a Boolean function. Correlation attacks exploit a statistical weakness arising from certain choices of the Boolean function. The cipher is not inherently insecure if there is a choice of the Boolean function that avoids this weakness.

In sequence design, a Feedback with Carry Shift Register is the arithmetic or with carry analog of a linear-feedback shift register (LFSR). If is an integer, then an N-ary FCSR of length is a finite state device with a state consisting of a vector of elements in and an integer . The state change operation is determined by a set of coefficients and is defined as follows: compute . Express s as with in . Then the new state is . By iterating the state change an FCSR generates an infinite, eventually periodic sequence of numbers in .

References

  1. 1 2 Rachwalik, Tomasz; Szmidt, Janusz; Wicik, Robert; Zabłocki, Janusz (3 June 2012). Generation of Nonlinear Feedback Shift Registers with special-purpose hardware (PDF). Military Communication Institute (Warsaw). p. 1. Retrieved 3 May 2017.
  2. C.G. Günther, "Alternating Step Generator Controlled by de Bruijn Sequence", Advances in Cryptology — EUROCRYPT '87, doi : 10.1007/3-540-39118-5_2
  3. On analysis and synthesis of (n, k)-non-linear feedback shift registers, 2008.
  4. E. Dubrova, "A List of Maximum Period NLFSRs", Cryptology ePrint Archive, Report 2012/166, March 2012, http://eprint.iacr.org/2012/166.
  5. A. Poorghanad, A. Sadr, A. Kashanipour" Generating High Quality Pseudo Random Number Using Evolutionary Methods", IEEE Congress on Computational Intelligence and Security, vol. 9, pp. 331–335, May 2008
  6. NIST." A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications". NIST, Special Publication April 2010