68 research outputs found
Periodic representations and rational approximations of square roots
In this paper the properties of R\'edei rational functions are used to derive
rational approximations for square roots and both Newton and Pad\'e
approximations are given as particular cases. As a consequence, such
approximations can be derived directly by power matrices. Moreover, R\'edei
rational functions are introduced as convergents of particular periodic
continued fractions and are applied for approximating square roots in the field
of p-adic numbers and to study periodic representations. Using the results over
the real numbers, we show how to construct periodic continued fractions and
approximations of square roots which are simultaneously valid in the real and
in the p-adic field
Topics on Register Synthesis Problems
Pseudo-random sequences are ubiquitous in modern electronics and information technology. High speed generators of such sequences play essential roles in various engineering applications, such as stream ciphers, radar systems, multiple access systems, and quasi-Monte-Carlo simulation. Given a short prefix of a sequence, it is undesirable to have an efficient algorithm that can synthesize a generator which can predict the whole sequence. Otherwise, a cryptanalytic attack can be launched against the system based on that given sequence.
Linear feedback shift registers (LFSRs) are the most widely studied pseudorandom sequence generators. The LFSR synthesis problem can be solved by the Berlekamp-Massey algorithm, by constructing a system of linear equations, by the extended Euclidean algorithm, or by the continued fraction algorithm. It is shown that the linear complexity is an important security measure for pseudorandom sequences design. So we investigate lower bounds of the linear complexity of different kinds of pseudorandom sequences.
Feedback with carry shift registers (FCSRs) were first described by Goresky and Klapper. They have many good algebraic properties similar to those of LFSRs. FCSRs are good candidates as building blocks of stream ciphers. The FCSR synthesis problem has been studied in many literatures but there are no FCSR synthesis algorithms for multi-sequences. Thus one of the main contributions of this dissertation is to adapt an interleaving technique to develop two algorithms to solve the FCSR synthesis problem for multi-sequences.
Algebraic feedback shift registers (AFSRs) are generalizations of LFSRs and FCSRs. Based on a choice of an integral domain R and Ļ ā R, an AFSR can produce sequences whose elements can be thought of elements of the quotient ring R/(Ļ). A modification of the Berlekamp-Massey algorithm, Xu\u27s algorithm solves the synthesis problem for AFSRs over a pair (R, Ļ) with certain algebraic properties. We propose two register synthesis algorithms for AFSR synthesis problem. One is an extension of lattice approximation approach but based on lattice basis reduction and the other one is based on the extended Euclidean algorithm
Counting Value Sets: Algorithm and Complexity
Let be a prime. Given a polynomial in \F_{p^m}[x] of degree over
the finite field \F_{p^m}, one can view it as a map from \F_{p^m} to
\F_{p^m}, and examine the image of this map, also known as the value set. In
this paper, we present the first non-trivial algorithm and the first complexity
result on computing the cardinality of this value set. We show an elementary
connection between this cardinality and the number of points on a family of
varieties in affine space. We then apply Lauder and Wan's -adic
point-counting algorithm to count these points, resulting in a non-trivial
algorithm for calculating the cardinality of the value set. The running time of
our algorithm is . In particular, this is a polynomial time
algorithm for fixed if is reasonably small. We also show that the
problem is #P-hard when the polynomial is given in a sparse representation,
, and is allowed to vary, or when the polynomial is given as a
straight-line program, and is allowed to vary. Additionally, we prove
that it is NP-hard to decide whether a polynomial represented by a
straight-line program has a root in a prime-order finite field, thus resolving
an open problem proposed by Kaltofen and Koiran in
\cite{Kaltofen03,KaltofenKo05}
Cryptanalysis of the Stream cipher BEAN
BEAN is a recent stream cipher proposal that uses Feedback with Carry Shift Registers (FCSRs) and an output function. There is a sound motivation behind the use of FCSRs in BEAN as they provide several cryptographically interesting properties. In this paper, we show that the output function is not optimal. We give an eļ¬cient distinguisher and a key recovery attack that is slightly better than brute force, requiring no signiļ¬cant memory. We then show how this attack can be made better with access to more keystream. Already with access to 6 KiB, the 80-bit key is recovered in time 2^73
ANALYSIS OF SECURITY MEASURES FOR SEQUENCES
Stream ciphers are private key cryptosystems used for security in communication and data transmission systems. Because they are used to encrypt streams of data, it is necessary for stream ciphers to use primitives that are easy to implement and fast to operate. LFSRs and the recently invented FCSRs are two such primitives, which give rise to certain security measures for the cryptographic strength of sequences, which we refer to as complexity measures henceforth following the convention. The linear (resp. N-adic) complexity of a sequence is the length of the shortest LFSR (resp. FCSR) that can generate the sequence. Due to the availability of shift register synthesis algorithms, sequences used for cryptographic purposes should have high values for these complexity measures. It is also essential that the complexity of these sequences does not decrease when a few symbols are changed. The k-error complexity of a sequence is the smallest value of the complexity of a sequence obtained by altering k or fewer symbols in the given sequence. For a sequence to be considered cryptographically āstrongā it should have both high complexity and high error complexity values.
An important problem regarding sequence complexity measures is to determine good bounds on a specific complexity measure for a given sequence. In this thesis we derive new nontrivial lower bounds on the k-operation complexity of periodic sequences in both the linear and N-adic cases. Here the operations considered are combinations of insertions, deletions, and substitutions. We show that our bounds are tight and also derive several auxiliary results based on them.
A second problem on sequence complexity measures useful in the design and analysis of stream ciphers is to determine the number of sequences with a given fixed (error) complexity value. In this thesis we address this problem for the k-error linear complexity of 2n-periodic binary sequences. More specifically:
1. We characterize 2n-periodic binary sequences with fixed 2- or 3-error linear complexity and obtain the counting function for the number of such sequences with fixed k-error linear complexity for k = 2 or 3.
2. We obtain partial results on the number of 2n-periodic binary sequences with fixed k-error linear complexity when k is the minimum number of changes required to lower the linear complexity
- ā¦