Algebraic Attack on the Alternating Step(r,s)Generator

The Alternating Step(r,s) Generator, ASG(r,s), is a clock-controlled sequence generator which is recently proposed by A. Kanso. It consists of three registers of length l, m and n bits. The first register controls the clocking of the two others. The two other registers are clocked r times (or not clocked) (resp. s times or not clocked) depending on the clock-control bit in the first register. The special case r=s=1 is the original and well known Alternating Step Generator. Kanso claims there is no efficient attack against the ASG(r,s) since r and s are kept secret. In this paper, we present an Alternating Step Generator, ASG, model for the ASG(r,s) and also we present a new and efficient algebraic attack on ASG(r,s) using 3(m+n) bits of the output sequence to find the secret key with O((m^2+n^2)*2^{l+1}+ (2^{m-1})*m^3 + (2^{n-1})*n^3) computational complexity. We show that this system is no more secure than the original ASG, in contrast to the claim of the ASG(r,s)'s constructor.Comment: 5 pages, 2 figures, 2 tables, 2010 IEEE International Symposium on Information Theory (ISIT2010),June 13-18, 2010, Austin, Texa

A Characterization of Some Minihypers in a Finite Projective Geometry PG(t, 4)

Recently, Hamada and Deza [8] gave a complete characterization of all {vα + 1 + vβ + 1 + vγ + 1, vα + vβ + vγ; t, q}-minihypers for any integers α, β, γ, t and any prime power q such that q ⩾ 5 and either 0 ⩽ α = β < γ < t or 0 ⩽ α < β = γ < t where vl = (ql− 1)/(q − 1) for any integer l ⩾ 0. The purpose of this paper is to characterize all {vα + 1 + vβ + 1 + vγ + 1, vα + vβ + vγ; t, q}-minihypers for any integers t, q, α, β and γ such that q = 4 and either (a) 0 ⩽ α < β = γ < t or (b) 0 ⩽ α = β < γ < t and γ ≠ α + 1. Using those results, all (n, k, d ; 4)-codes meeting the Griesmer bound are characterized for the case k ⩾ 3 and d = 4k−1 − 4α − 4β − 4γ

On the weight distributions of several classes of cyclic codes from APN monomials

Let $m\geq 3$ be an odd integer and $p$ be an odd prime. % with $p-1=2^rh$, where $h$ is an odd integer. In this paper, many classes of three-weight cyclic codes over $\mathbb{F}_{p}$ are presented via an examination of the condition for the cyclic codes $\mathcal{C}_{(1,d)}$ and $\mathcal{C}_{(1,e)}$, which have parity-check polynomials $m_1(x)m_d(x)$ and $m_1(x)m_e(x)$ respectively, to have the same weight distribution, where $m_i(x)$ is the minimal polynomial of $\pi^{-i}$ over $\mathbb{F}_{p}$ for a primitive element $\pi$ of $\mathbb{F}_{p^m}$. %For $p=3$, the duals of five classes of the proposed cyclic codes are optimal in the sense that they meet certain bounds on linear codes. Furthermore, for $p\equiv 3 \pmod{4}$ and positive integers $e$ such that there exist integers $k$ with $\gcd(m,k)=1$ and $\tau\in\{0,1,\cdots, m-1\}$ satisfying $(p^k+1)\cdot e\equiv 2 p^{\tau}\pmod{p^m-1}$, the value distributions of the two exponential sums T(a,b)=\sum\limits_{x\in \mathbb{F}_{p^m}}\omega^{\Tr(ax+bx^e)} and S(a,b,c)=\sum\limits_{x\in \mathbb{F}_{p^m}}\omega^{\Tr(ax+bx^e+cx^s)}, where $s=(p^m-1)/2$, are settled. As an application, the value distribution of $S(a,b,c)$ is utilized to investigate the weight distribution of the cyclic codes $\mathcal{C}_{(1,e,s)}$ with parity-check polynomial $m_1(x)m_e(x)m_s(x)$. In the case of $p=3$ and even $e$ satisfying the above condition, the duals of the cyclic codes $\mathcal{C}_{(1,e,s)}$ have the optimal minimum distance