Re: Pls help

The O.P. eventually clarified hos notation. '^'
means "and" and 'T' means XOR. So I've restated
some of my conclusions below.

In article <d91lu5$bh7@qualcomm.com>, Gregory G Rose <ggr@qualcomm.com> wrote:
>In article <1119098147.634323.20530@f14g2000cwb.googlegroups.com>,
> <manmohan2k@gmail.com> wrote:
>>dear friends and respected Seniors, I have designed one stream cipher
>>based on LSFR for the fullfilment of my master degree. As I am novice
>>in this area. So I need yours suggestions and support, will it be
>>secure against attack if not how I can make it secure.
>>While testing of randomness of keystream, it is clearing 14 tests
>>except random excursion and random excursion variants..
>>Hope to hear soon from yours side.
>
>If it consistently fails any tests at all, it's no
>good by today's standards.
>
>>Design and Implementation of LFSR based stream cipher
>>
>> Suppose in a system there are 4 shift register. Each shift register
>>will generate a PN sequence. The length of sequence will depend on the
>>size of shift register and the total period of the system will be the
>>LCM of the periods of the 4 shift registers. The
>>Keystream of the 4 shift registers are mixed with the input data
>>bits(plain text) using the XOR operation. This will be the output
>>sequence bit (ciphertext)
>
>This is equivalent to a single shift register,
>with a more complicated tap sequence. OK.
>
>>Mathematically if X1,X2,X3,X4 are the output sequence bit of the 4
>>shift registers R1, R2, R3 and R4 and P is the plain text(in ASCII)
>>form . Then we can say
>>
>> PTK = C
>>Where value of Keystream(K) is calculated by using the function
>>
>> (X1^X2)T X3TX4 = K

So this is a degree-2 multivariate polynomial
equation. What's more, the quadratic terms only
involve the state bits from two of the registers.
So linearization using the original 128 bits plus
29x31=899 new variables will work. That is, take
a few more than 1000 output bits and solve a
system of that many linear equations. Using simple
gaussian elimination, this is equivalent to about
2^24 simple operations. (Actually less in
practice, as you'll pack the bits into words, but
ignore that.)
 
>>Assuming the stages of 4 Linear Feed back shift registers are
>>31,29,27 and 41 . The primitive polynomials for each shift registers
>>will be:
>>1) x31+x3+1 = 0
>>2) x29+x2+1 = 0
>>3) x27+x5+x2+x+1 = 0
>>4) x41+x3+1 = 0
>
>You also need to avoid sparse polynomials. Both
>fast correlation and guess-and-determine attacks
>will apply.

A fast correlation attack work by treating the
quadratic term as an error, and recovering the
state of the 3rd and 4th registers. This would
probably require more bits of output but would be
even faster to run.

>What? You just XOR all of them together? This is
>silly... just solve 128 linear equations and
>you're done. There's no cipher here. I must be
>misunderstanding.

I was.

>
>>At the receiving end the system is again activated so that the 4 shift
>>registers in the system will again generate the sequence and the crypt
>>bit will be XOR to get back the initial input.
>
>
>Yeah, yeah, that's how stream ciphers work, you
>know.
>
>You should go look at the Ecrypt stream ciphers.

Greg.

-- 
Greg Rose
232B EC8F 44C6 C853 D68F  E107 E6BF CD2F 1081 A37C
Qualcomm Australia: http://www.qualcomm.com.au