If the feedback coefficients are kept secret, the entire keystream can be recovered from any 2 Λ consecutive bits of the keystream by the Berlekamp–Massey algorithm. If the feedback coefficients of the LFSR are public, the entire keystream can obviously be recovered from the knowledge of any Λ consecutive bits of the keystream, where Λ is the linear complexity of the running-key (which does not exceed the LFSR length). It is clear that an LFSR should never be used by itself as a keystream generator. ![]() In other terms, the feedback polynomial of a LFSR should always be chosen to be a primitive polynomial. Moreover, they possess good statistical properties ( maximal-length linear sequences for further details). Because of the previous optimal properties, the linear recurring sequences used in cryptography are always chosen to be m-sequences. Such sequences are called maximal-length linear sequences ( m-sequences). ![]() $$\) generated by an LFSR of length L which has a primitive feedback polynomial has the highest possible linear complexity Λ( s) = L and the highest possible period q L − 1.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |