Efficient Algorithm for the Linear Complexity of Sequences and Some - - PowerPoint PPT Presentation

Introduction A General Method for Binary Sequence Implementation

Efficient Algorithm for the Linear Complexity of Sequences and Some Related Consequences

Johan Chrisnata

ISIT 2020 Joint work with: Yeow Meng Chee Tuvi Etzion Han Mao Kiah

Johan Chrisnata Linear Complexity of Sequences 1 / 29

Introduction A General Method for Binary Sequence Implementation

Outline

1 Introduction

Motivation Problem Notations

2 A General Method for Binary Sequence

Powers of Primitive Polynomial General Idea

3 Implementation

For period p · 2n, where 2 is a generator in Fp

Johan Chrisnata Linear Complexity of Sequences 2 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Outline

1 Introduction

Motivation Problem Notations

2 A General Method for Binary Sequence

Powers of Primitive Polynomial General Idea

3 Implementation

For period p · 2n, where 2 is a generator in Fp

Johan Chrisnata Linear Complexity of Sequences 3 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Motivation

Binary sequences with good pseudorandomness and complexity properties are widely used as keystreams in cryptographic applications. Linear complexity c(s) is one of the measure. Sequences of low linear complexity are fully determined via a solution of c(s) linear equations if 2c(s) consecutive terms of the sequence are known.

Johan Chrisnata Linear Complexity of Sequences 4 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Motivation

Binary sequences with good pseudorandomness and complexity properties are widely used as keystreams in cryptographic applications. Linear complexity c(s) is one of the measure. Sequences of low linear complexity are fully determined via a solution of c(s) linear equations if 2c(s) consecutive terms of the sequence are known.

Johan Chrisnata Linear Complexity of Sequences 4 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Motivation

Binary sequences with good pseudorandomness and complexity properties are widely used as keystreams in cryptographic applications. Linear complexity c(s) is one of the measure. Sequences of low linear complexity are fully determined via a solution of c(s) linear equations if 2c(s) consecutive terms of the sequence are known.

Johan Chrisnata Linear Complexity of Sequences 4 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Berlekamp-Massey Algorithm

The linear complexity of a sequence s of length N over a finite field Fq can be determined with the well-known Berlekamp-Massey algorithm (1968,1969) in O(N2) symbol field operations. Improved to O(N(log N)2 log log N) by R. E. Blahut(1985) and also S. R. Blackburn(1997). However, in many applications, only periodic sequences are

• considered. For example, when the period is a power of two.

Specific algorithm to find the linear complexity of such sequences, can be done in linear time.

Johan Chrisnata Linear Complexity of Sequences 5 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Berlekamp-Massey Algorithm

The linear complexity of a sequence s of length N over a finite field Fq can be determined with the well-known Berlekamp-Massey algorithm (1968,1969) in O(N2) symbol field operations. Improved to O(N(log N)2 log log N) by R. E. Blahut(1985) and also S. R. Blackburn(1997). However, in many applications, only periodic sequences are

• considered. For example, when the period is a power of two.

Specific algorithm to find the linear complexity of such sequences, can be done in linear time.

Johan Chrisnata Linear Complexity of Sequences 5 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Berlekamp-Massey Algorithm

The linear complexity of a sequence s of length N over a finite field Fq can be determined with the well-known Berlekamp-Massey algorithm (1968,1969) in O(N2) symbol field operations. Improved to O(N(log N)2 log log N) by R. E. Blahut(1985) and also S. R. Blackburn(1997). However, in many applications, only periodic sequences are

• considered. For example, when the period is a power of two.

Specific algorithm to find the linear complexity of such sequences, can be done in linear time.

Johan Chrisnata Linear Complexity of Sequences 5 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Berlekamp-Massey Algorithm

The linear complexity of a sequence s of length N over a finite field Fq can be determined with the well-known Berlekamp-Massey algorithm (1968,1969) in O(N2) symbol field operations. Improved to O(N(log N)2 log log N) by R. E. Blahut(1985) and also S. R. Blackburn(1997). However, in many applications, only periodic sequences are

• considered. For example, when the period is a power of two.

Specific algorithm to find the linear complexity of such sequences, can be done in linear time.

Johan Chrisnata Linear Complexity of Sequences 5 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Past Result

Length/Period Field Author 2n F2 Games and Chan (1983) pn Fpt

• C. Ding (1991) and K.

Imamura and T. Mo- riuchi (1993) pt, 2pt where p is odd Fq, where q is a primitive root modulo p2 Xiao et al. (2000,2002) ℓ · 2n Fpt,where 2n|pt − 1 and g.c.d.(ℓ, pt − 1) = 1 Chen(2005) ℓ · n Fpt, where ℓ|pt − 1 and g.c.d.(n, pt − 1) = 1 Chen(2006) ℓ · 2n F2

• W. Meidl (2008)

Johan Chrisnata Linear Complexity of Sequences 6 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Past Result

Meidl(2008) proposed the most efficient algorithm for computing the linear complexities of binary sequences of period N = ℓ · 2n, which is of interest for large N, a small odd integer ℓ such that the smallest k for which ℓ divides 2k − 1 is not large.

Johan Chrisnata Linear Complexity of Sequences 7 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Contribution

Direct generalization of Games and Chan’s algorithm, namely the Powers of Primitive Polynomial (PPP) algorithm for an important class of sequences. Using PPP algorithm, we present a general idea to find linear complexity of binary sequence of any length N. The algorithm can handle efficiently sequences of even period as in Meidl’s paper(2008) and also binary sequences of some

• dd period.

The minimal polynomial which generates the sequence is also computed in the algorithm, a feature that does not exist in the algorithm of Meidl.

Johan Chrisnata Linear Complexity of Sequences 8 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Contribution

Direct generalization of Games and Chan’s algorithm, namely the Powers of Primitive Polynomial (PPP) algorithm for an important class of sequences. Using PPP algorithm, we present a general idea to find linear complexity of binary sequence of any length N. The algorithm can handle efficiently sequences of even period as in Meidl’s paper(2008) and also binary sequences of some

• dd period.

The minimal polynomial which generates the sequence is also computed in the algorithm, a feature that does not exist in the algorithm of Meidl.

Johan Chrisnata Linear Complexity of Sequences 8 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Contribution

Direct generalization of Games and Chan’s algorithm, namely the Powers of Primitive Polynomial (PPP) algorithm for an important class of sequences. Using PPP algorithm, we present a general idea to find linear complexity of binary sequence of any length N. The algorithm can handle efficiently sequences of even period as in Meidl’s paper(2008) and also binary sequences of some

• dd period.

The minimal polynomial which generates the sequence is also computed in the algorithm, a feature that does not exist in the algorithm of Meidl.

Johan Chrisnata Linear Complexity of Sequences 8 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Contribution

Direct generalization of Games and Chan’s algorithm, namely the Powers of Primitive Polynomial (PPP) algorithm for an important class of sequences. Using PPP algorithm, we present a general idea to find linear complexity of binary sequence of any length N. The algorithm can handle efficiently sequences of even period as in Meidl’s paper(2008) and also binary sequences of some

• dd period.

The minimal polynomial which generates the sequence is also computed in the algorithm, a feature that does not exist in the algorithm of Meidl.

Johan Chrisnata Linear Complexity of Sequences 8 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Contribution

For the cases mentioned, the algorithm requires βN bit

• perations to compute the linear complexity of a binary

sequence s of length N, where the constant β is relatively small.

Johan Chrisnata Linear Complexity of Sequences 9 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Notations

An infinite binary sequence s = {si}i≥0 has a period N, if N is the least positive integer such that si = si+N for each i ≥ 0. s can be considered as a cyclic sequence, denoted by [s0, s1, . . . , sN−1]. Any periodic binary sequence satisfies a linear recursion si+m = a1si+m−1 + · · · + am−1si+1 + amsi , i ≥ 0, (1)

• f order m ≤ N, where aj ∈ {0, 1}.

The linear complexity c(s) of s is defined as the least m for which (1) holds. Clearly c(s) ≤ N, for any sequence with period N, since si+N = si by definition.

Johan Chrisnata Linear Complexity of Sequences 10 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Notations

An infinite binary sequence s = {si}i≥0 has a period N, if N is the least positive integer such that si = si+N for each i ≥ 0. s can be considered as a cyclic sequence, denoted by [s0, s1, . . . , sN−1]. Any periodic binary sequence satisfies a linear recursion si+m = a1si+m−1 + · · · + am−1si+1 + amsi , i ≥ 0, (1)

• f order m ≤ N, where aj ∈ {0, 1}.

The linear complexity c(s) of s is defined as the least m for which (1) holds. Clearly c(s) ≤ N, for any sequence with period N, since si+N = si by definition.

Johan Chrisnata Linear Complexity of Sequences 10 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Notations

An infinite binary sequence s = {si}i≥0 has a period N, if N is the least positive integer such that si = si+N for each i ≥ 0. s can be considered as a cyclic sequence, denoted by [s0, s1, . . . , sN−1]. Any periodic binary sequence satisfies a linear recursion si+m = a1si+m−1 + · · · + am−1si+1 + amsi , i ≥ 0, (1)

• f order m ≤ N, where aj ∈ {0, 1}.

The linear complexity c(s) of s is defined as the least m for which (1) holds. Clearly c(s) ≤ N, for any sequence with period N, since si+N = si by definition.

Johan Chrisnata Linear Complexity of Sequences 10 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Notations

An infinite binary sequence s = {si}i≥0 has a period N, if N is the least positive integer such that si = si+N for each i ≥ 0. s can be considered as a cyclic sequence, denoted by [s0, s1, . . . , sN−1]. Any periodic binary sequence satisfies a linear recursion si+m = a1si+m−1 + · · · + am−1si+1 + amsi , i ≥ 0, (1)

• f order m ≤ N, where aj ∈ {0, 1}.

The linear complexity c(s) of s is defined as the least m for which (1) holds. Clearly c(s) ≤ N, for any sequence with period N, since si+N = si by definition.

Johan Chrisnata Linear Complexity of Sequences 10 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Notations

An infinite binary sequence s = {si}i≥0 has a period N, if N is the least positive integer such that si = si+N for each i ≥ 0. s can be considered as a cyclic sequence, denoted by [s0, s1, . . . , sN−1]. Any periodic binary sequence satisfies a linear recursion si+m = a1si+m−1 + · · · + am−1si+1 + amsi , i ≥ 0, (1)

• f order m ≤ N, where aj ∈ {0, 1}.

The linear complexity c(s) of s is defined as the least m for which (1) holds. Clearly c(s) ≤ N, for any sequence with period N, since si+N = si by definition.

Johan Chrisnata Linear Complexity of Sequences 10 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Notations

In terms of the shift operator E, defined as Esi = si+1 or E[s0, s1, . . . , sN−1] = [s1, . . . , sN−1, s0], the linear recursion si+m = a1si+m−1 + · · · + am−1si+1 + amsi , i ≥ 0, takes the form  E m +

m

• j=1

ajE m−j   si = 0 , i ≥ 0. (2) Since m is the smallest such integer, it implies that am = 0.

Johan Chrisnata Linear Complexity of Sequences 11 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Notations

In terms of the shift operator E, defined as Esi = si+1 or E[s0, s1, . . . , sN−1] = [s1, . . . , sN−1, s0], the linear recursion si+m = a1si+m−1 + · · · + am−1si+1 + amsi , i ≥ 0, takes the form  E m +

m

• j=1

ajE m−j   si = 0 , i ≥ 0. (2) Since m is the smallest such integer, it implies that am = 0.

Johan Chrisnata Linear Complexity of Sequences 11 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Notations

Let 0 (1, respectively) denote any sequence of any length which contains only zeroes (ones, respectively). If we define f (E) E m +

m

• j=1

ajE m−j , then we have f (E)si = 0 for each i ≥ 0. We say that the polynomial f (x) = xm + m

j=1 ajxm−j

generates the sequence s (or s is generated by f (x)) if f (E)s = 0. The polynomial f (E) is a minimal zero polynomial for s if f (x) is a polynomial of the least degree that generates s.

Johan Chrisnata Linear Complexity of Sequences 12 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Notations

Let 0 (1, respectively) denote any sequence of any length which contains only zeroes (ones, respectively). If we define f (E) E m +

m

• j=1

ajE m−j , then we have f (E)si = 0 for each i ≥ 0. We say that the polynomial f (x) = xm + m

j=1 ajxm−j

generates the sequence s (or s is generated by f (x)) if f (E)s = 0. The polynomial f (E) is a minimal zero polynomial for s if f (x) is a polynomial of the least degree that generates s.

Johan Chrisnata Linear Complexity of Sequences 12 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Notations

Let 0 (1, respectively) denote any sequence of any length which contains only zeroes (ones, respectively). If we define f (E) E m +

m

• j=1

ajE m−j , then we have f (E)si = 0 for each i ≥ 0. We say that the polynomial f (x) = xm + m

j=1 ajxm−j

generates the sequence s (or s is generated by f (x)) if f (E)s = 0. The polynomial f (E) is a minimal zero polynomial for s if f (x) is a polynomial of the least degree that generates s.

Johan Chrisnata Linear Complexity of Sequences 12 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Notations

Let 0 (1, respectively) denote any sequence of any length which contains only zeroes (ones, respectively). If we define f (E) E m +

m

• j=1

ajE m−j , then we have f (E)si = 0 for each i ≥ 0. We say that the polynomial f (x) = xm + m

j=1 ajxm−j

generates the sequence s (or s is generated by f (x)) if f (E)s = 0. The polynomial f (E) is a minimal zero polynomial for s if f (x) is a polynomial of the least degree that generates s.

Johan Chrisnata Linear Complexity of Sequences 12 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Example

Example : Let s = 1001011 1001011 · · · . Note that si+3 = si+1 + si. In other words, f (x) = x3 + x + 1 generates s or (E 3 + E + 1)(s) = 0. Therefore, E 3 + E + 1 is its minimal zero polynomial, and c(s) = 3 .

Johan Chrisnata Linear Complexity of Sequences 13 / 29

Introduction A General Method for Binary Sequence Implementation Motivation Problem Notations

Exponent of a polynomial

The exponent of a polynomial f (x) is the smallest integer e such that f (x) divides xe − 1. Theorem If f (x) is an irreducible polynomial, then the nonzero sequences which it generates have period which is equal to the exponent of f (x).

Johan Chrisnata Linear Complexity of Sequences 14 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

Outline

1 Introduction

Motivation Problem Notations

2 A General Method for Binary Sequence

Powers of Primitive Polynomial General Idea

3 Implementation

For period p · 2n, where 2 is a generator in Fp

Johan Chrisnata Linear Complexity of Sequences 15 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Input:

1

a primitive polynomial f (x) of degree k,

2

a nonzero binary sequence s whose minimal zero polynomial is a power of f (E).

Output: m, such that f (E)m is the minimal zero polynomial

• f s.

Suppose that the non-zero sequence generated by f (x) is r, then it implies that f (E)m−1s = r. The period of s must be (2k − 1)2n, for some n ≥ 0 by the previous theorem. Games-Chan : f (x) = 1 + x.

Johan Chrisnata Linear Complexity of Sequences 16 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Input:

1

a primitive polynomial f (x) of degree k,

2

a nonzero binary sequence s whose minimal zero polynomial is a power of f (E).

Output: m, such that f (E)m is the minimal zero polynomial

• f s.

Suppose that the non-zero sequence generated by f (x) is r, then it implies that f (E)m−1s = r. The period of s must be (2k − 1)2n, for some n ≥ 0 by the previous theorem. Games-Chan : f (x) = 1 + x.

Johan Chrisnata Linear Complexity of Sequences 16 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Input:

1

a primitive polynomial f (x) of degree k,

2

a nonzero binary sequence s whose minimal zero polynomial is a power of f (E).

Output: m, such that f (E)m is the minimal zero polynomial

• f s.

Suppose that the non-zero sequence generated by f (x) is r, then it implies that f (E)m−1s = r. The period of s must be (2k − 1)2n, for some n ≥ 0 by the previous theorem. Games-Chan : f (x) = 1 + x.

Johan Chrisnata Linear Complexity of Sequences 16 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Input:

1

a primitive polynomial f (x) of degree k,

2

a nonzero binary sequence s whose minimal zero polynomial is a power of f (E).

Output: m, such that f (E)m is the minimal zero polynomial

• f s.

Suppose that the non-zero sequence generated by f (x) is r, then it implies that f (E)m−1s = r. The period of s must be (2k − 1)2n, for some n ≥ 0 by the previous theorem. Games-Chan : f (x) = 1 + x.

Johan Chrisnata Linear Complexity of Sequences 16 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Input:

1

a primitive polynomial f (x) of degree k,

2

a nonzero binary sequence s whose minimal zero polynomial is a power of f (E).

Output: m, such that f (E)m is the minimal zero polynomial

• f s.

Suppose that the non-zero sequence generated by f (x) is r, then it implies that f (E)m−1s = r. The period of s must be (2k − 1)2n, for some n ≥ 0 by the previous theorem. Games-Chan : f (x) = 1 + x.

Johan Chrisnata Linear Complexity of Sequences 16 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Input:

1

a primitive polynomial f (x) of degree k,

2

a nonzero binary sequence s whose minimal zero polynomial is a power of f (E).

Output: m, such that f (E)m is the minimal zero polynomial

• f s.

Suppose that the non-zero sequence generated by f (x) is r, then it implies that f (E)m−1s = r. The period of s must be (2k − 1)2n, for some n ≥ 0 by the previous theorem. Games-Chan : f (x) = 1 + x.

Johan Chrisnata Linear Complexity of Sequences 16 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Input:

1

a primitive polynomial f (x) of degree k,

2

a nonzero binary sequence s whose minimal zero polynomial is a power of f (E).

Output: m, such that f (E)m is the minimal zero polynomial

• f s.

Suppose that the non-zero sequence generated by f (x) is r, then it implies that f (E)m−1s = r. The period of s must be (2k − 1)2n, for some n ≥ 0 by the previous theorem. Games-Chan : f (x) = 1 + x.

Johan Chrisnata Linear Complexity of Sequences 16 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Theorem Suppose s is a binary sequence whose minimal zero polynomial is a power of f (E), where f (x) is a primitive polynomial of degree k ≥ 2. Then s is of period at most (2k − 1)2n if and only if f (E)2ns = 0. Proof. Let E 2k−1 + 1 = f (E)Q(E). ⇐ If f (E)2ns = 0, then (E (2k−1)2n + 1)s = (E 2k−1 + 1)2ns = Q(E)2nf (E)2ns = Q(E)2n0 = 0. ⇒ If s is of period at most (2k − 1)2n, then 0 = (E (2k−1)2n − 1)s = (E 2k−1 − 1)2ns = f (E)2nQ(E)2ns, and hence f (E)2ns = 0, because f (x) and Q(x) are coprime.

Johan Chrisnata Linear Complexity of Sequences 17 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Initialize sn = s and mn = 0, where |s| = (2k − 1)2n. If n = 0 and s = 0, then m = 1, otherwise, For each iteration j, 1 ≤ j ≤ n, do:

1

Let sn−j+1 = [Ln−j+1 Rn−j+1], where |Ln−j+1| = |Rn−j+1| = (2k − 1) · 2n−j.

2

Let s′ = f (E)2n−jsn−j+1, where |s′| = (2k − 1) · 2n−j,

3

Case 1: If s′ = 0, then m − 1 < mn−j+1 + 2n−j. Hence, set mn−j = mn−j+1 and sn−j = Ln−j+1, Case 2: If s′ = 0, then set mn−j = mn−j+1 + 2n−j, sn−j = s′.

After the last iteration s0 = r, we set m = m0 + 1, and the algorithm comes to its end. Output: m.

Johan Chrisnata Linear Complexity of Sequences 18 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Initialize sn = s and mn = 0, where |s| = (2k − 1)2n. If n = 0 and s = 0, then m = 1, otherwise, For each iteration j, 1 ≤ j ≤ n, do:

1

Let sn−j+1 = [Ln−j+1 Rn−j+1], where |Ln−j+1| = |Rn−j+1| = (2k − 1) · 2n−j.

2

Let s′ = f (E)2n−jsn−j+1, where |s′| = (2k − 1) · 2n−j,

3

Case 1: If s′ = 0, then m − 1 < mn−j+1 + 2n−j. Hence, set mn−j = mn−j+1 and sn−j = Ln−j+1, Case 2: If s′ = 0, then set mn−j = mn−j+1 + 2n−j, sn−j = s′.

After the last iteration s0 = r, we set m = m0 + 1, and the algorithm comes to its end. Output: m.

Johan Chrisnata Linear Complexity of Sequences 18 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Initialize sn = s and mn = 0, where |s| = (2k − 1)2n. If n = 0 and s = 0, then m = 1, otherwise, For each iteration j, 1 ≤ j ≤ n, do:

1

Let sn−j+1 = [Ln−j+1 Rn−j+1], where |Ln−j+1| = |Rn−j+1| = (2k − 1) · 2n−j.

2

Let s′ = f (E)2n−jsn−j+1, where |s′| = (2k − 1) · 2n−j,

3

Case 1: If s′ = 0, then m − 1 < mn−j+1 + 2n−j. Hence, set mn−j = mn−j+1 and sn−j = Ln−j+1, Case 2: If s′ = 0, then set mn−j = mn−j+1 + 2n−j, sn−j = s′.

After the last iteration s0 = r, we set m = m0 + 1, and the algorithm comes to its end. Output: m.

Johan Chrisnata Linear Complexity of Sequences 18 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Initialize sn = s and mn = 0, where |s| = (2k − 1)2n. If n = 0 and s = 0, then m = 1, otherwise, For each iteration j, 1 ≤ j ≤ n, do:

1

Let sn−j+1 = [Ln−j+1 Rn−j+1], where |Ln−j+1| = |Rn−j+1| = (2k − 1) · 2n−j.

2

Let s′ = f (E)2n−jsn−j+1, where |s′| = (2k − 1) · 2n−j,

3

Case 1: If s′ = 0, then m − 1 < mn−j+1 + 2n−j. Hence, set mn−j = mn−j+1 and sn−j = Ln−j+1, Case 2: If s′ = 0, then set mn−j = mn−j+1 + 2n−j, sn−j = s′.

After the last iteration s0 = r, we set m = m0 + 1, and the algorithm comes to its end. Output: m.

Johan Chrisnata Linear Complexity of Sequences 18 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Initialize sn = s and mn = 0, where |s| = (2k − 1)2n. If n = 0 and s = 0, then m = 1, otherwise, For each iteration j, 1 ≤ j ≤ n, do:

1

Let sn−j+1 = [Ln−j+1 Rn−j+1], where |Ln−j+1| = |Rn−j+1| = (2k − 1) · 2n−j.

2

Let s′ = f (E)2n−jsn−j+1, where |s′| = (2k − 1) · 2n−j,

3

Case 1: If s′ = 0, then m − 1 < mn−j+1 + 2n−j. Hence, set mn−j = mn−j+1 and sn−j = Ln−j+1, Case 2: If s′ = 0, then set mn−j = mn−j+1 + 2n−j, sn−j = s′.

After the last iteration s0 = r, we set m = m0 + 1, and the algorithm comes to its end. Output: m.

Johan Chrisnata Linear Complexity of Sequences 18 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Initialize sn = s and mn = 0, where |s| = (2k − 1)2n. If n = 0 and s = 0, then m = 1, otherwise, For each iteration j, 1 ≤ j ≤ n, do:

1

Let sn−j+1 = [Ln−j+1 Rn−j+1], where |Ln−j+1| = |Rn−j+1| = (2k − 1) · 2n−j.

2

Let s′ = f (E)2n−jsn−j+1, where |s′| = (2k − 1) · 2n−j,

3

Case 1: If s′ = 0, then m − 1 < mn−j+1 + 2n−j. Hence, set mn−j = mn−j+1 and sn−j = Ln−j+1, Case 2: If s′ = 0, then set mn−j = mn−j+1 + 2n−j, sn−j = s′.

After the last iteration s0 = r, we set m = m0 + 1, and the algorithm comes to its end. Output: m.

Johan Chrisnata Linear Complexity of Sequences 18 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Initialize sn = s and mn = 0, where |s| = (2k − 1)2n. If n = 0 and s = 0, then m = 1, otherwise, For each iteration j, 1 ≤ j ≤ n, do:

1

Let sn−j+1 = [Ln−j+1 Rn−j+1], where |Ln−j+1| = |Rn−j+1| = (2k − 1) · 2n−j.

2

Let s′ = f (E)2n−jsn−j+1, where |s′| = (2k − 1) · 2n−j,

3

Case 1: If s′ = 0, then m − 1 < mn−j+1 + 2n−j. Hence, set mn−j = mn−j+1 and sn−j = Ln−j+1, Case 2: If s′ = 0, then set mn−j = mn−j+1 + 2n−j, sn−j = s′.

After the last iteration s0 = r, we set m = m0 + 1, and the algorithm comes to its end. Output: m.

Johan Chrisnata Linear Complexity of Sequences 18 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

Initialize sn = s and mn = 0, where |s| = (2k − 1)2n. If n = 0 and s = 0, then m = 1, otherwise, For each iteration j, 1 ≤ j ≤ n, do:

1

Let sn−j+1 = [Ln−j+1 Rn−j+1], where |Ln−j+1| = |Rn−j+1| = (2k − 1) · 2n−j.

2

Let s′ = f (E)2n−jsn−j+1, where |s′| = (2k − 1) · 2n−j,

3

Case 1: If s′ = 0, then m − 1 < mn−j+1 + 2n−j. Hence, set mn−j = mn−j+1 and sn−j = Ln−j+1, Case 2: If s′ = 0, then set mn−j = mn−j+1 + 2n−j, sn−j = s′.

After the last iteration s0 = r, we set m = m0 + 1, and the algorithm comes to its end. Output: m.

Johan Chrisnata Linear Complexity of Sequences 18 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

The minimal zero polynomial of the input sequence s is f (E)m, and its linear complexity is km, where k is the degree

• f f (x).

The PPP Algorithm can be generalized for any irreducible

• polynomial. In fact, there is no need to make any modification

in the algorithm. The time complexity of the PPP Algorithm depends on the primitive polynomial.

Johan Chrisnata Linear Complexity of Sequences 19 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

The minimal zero polynomial of the input sequence s is f (E)m, and its linear complexity is km, where k is the degree

• f f (x).

The PPP Algorithm can be generalized for any irreducible

• polynomial. In fact, there is no need to make any modification

in the algorithm. The time complexity of the PPP Algorithm depends on the primitive polynomial.

Johan Chrisnata Linear Complexity of Sequences 19 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

PPP Algorithm

The minimal zero polynomial of the input sequence s is f (E)m, and its linear complexity is km, where k is the degree

• f f (x).

The PPP Algorithm can be generalized for any irreducible

• polynomial. In fact, there is no need to make any modification

in the algorithm. The time complexity of the PPP Algorithm depends on the primitive polynomial.

Johan Chrisnata Linear Complexity of Sequences 19 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

General Idea

Let s be a binary sequence of period N, which implies that (E N − 1)s = 0. Factorize xN − 1 (or equivalently E N − 1) into irreducible

• factors. We want to find the minimal zero polynomial g(E) of

s, i.e. the smallest factor of E N − 1 for which g(E)s = 0 The overall complexity of a general algorithm depends on the complexity of this factorization.

Johan Chrisnata Linear Complexity of Sequences 20 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

General Idea

Let s be a binary sequence of period N, which implies that (E N − 1)s = 0. Factorize xN − 1 (or equivalently E N − 1) into irreducible

• factors. We want to find the minimal zero polynomial g(E) of

s, i.e. the smallest factor of E N − 1 for which g(E)s = 0 The overall complexity of a general algorithm depends on the complexity of this factorization.

Johan Chrisnata Linear Complexity of Sequences 20 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

General Idea

Let s be a binary sequence of period N, which implies that (E N − 1)s = 0. Factorize xN − 1 (or equivalently E N − 1) into irreducible

• factors. We want to find the minimal zero polynomial g(E) of

s, i.e. the smallest factor of E N − 1 for which g(E)s = 0 The overall complexity of a general algorithm depends on the complexity of this factorization.

Johan Chrisnata Linear Complexity of Sequences 20 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

General Idea

Let xN − 1 = q1(x)α1q2(x)α2 . . . qt(x)αt, where the qi(x)’s are distinct irreducible polynomials and 1 ≤ αi ≤ 2γi for some nonnegative integer γi, 1 ≤ i ≤ t. We want to find the polynomial of the smallest degree g(x) = q1(x)δ1q2(x)δ2 . . . qt(x)δt, such that g(E)s = 0, where 0 ≤ δi ≤ 2γi, 1 ≤ i ≤ t. For each i, to find δi, we apply the PPP Algorithm on s′ =

• j=i qj(E)2γi

s, with the input qi(x) as the irreducible polynomial, which outputs δi

Johan Chrisnata Linear Complexity of Sequences 21 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

General Idea

Let xN − 1 = q1(x)α1q2(x)α2 . . . qt(x)αt, where the qi(x)’s are distinct irreducible polynomials and 1 ≤ αi ≤ 2γi for some nonnegative integer γi, 1 ≤ i ≤ t. We want to find the polynomial of the smallest degree g(x) = q1(x)δ1q2(x)δ2 . . . qt(x)δt, such that g(E)s = 0, where 0 ≤ δi ≤ 2γi, 1 ≤ i ≤ t. For each i, to find δi, we apply the PPP Algorithm on s′ =

• j=i qj(E)2γi

s, with the input qi(x) as the irreducible polynomial, which outputs δi

Johan Chrisnata Linear Complexity of Sequences 21 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

General Idea

Let xN − 1 = q1(x)α1q2(x)α2 . . . qt(x)αt, where the qi(x)’s are distinct irreducible polynomials and 1 ≤ αi ≤ 2γi for some nonnegative integer γi, 1 ≤ i ≤ t. We want to find the polynomial of the smallest degree g(x) = q1(x)δ1q2(x)δ2 . . . qt(x)δt, such that g(E)s = 0, where 0 ≤ δi ≤ 2γi, 1 ≤ i ≤ t. For each i, to find δi, we apply the PPP Algorithm on s′ =

• j=i qj(E)2γi

s, with the input qi(x) as the irreducible polynomial, which outputs δi

Johan Chrisnata Linear Complexity of Sequences 21 / 29

Introduction A General Method for Binary Sequence Implementation Powers of Primitive Polynomial General Idea

Theorem

Theorem Let s be a binary sequence, whose minimal zero polynomial is g(E) = q1(E)δ1 . . . qt(E)δt, where qi’s are distinct irreducible polynomials and δi ≥ 1, 1 ≤ i ≤ t. For every 1 ≤ i ≤ t − 1, let di be an integer such that di ≥ δi. Then, the minimal zero polynomial of q1(E)d1q2(E)d2 . . . qt−1(E)dt−1s is qt(E)δt.

Johan Chrisnata Linear Complexity of Sequences 22 / 29

Introduction A General Method for Binary Sequence Implementation For period p · 2n, where 2 is a generator in Fp

Implementation

Theorem Let s be a binary sequence of length N on which the algorithm is applied.

1 If N = 3 · 2n then 7 · 2n + 2n bit operations are required to

implement the algorithm.

2 If N = 5 · 2n then 16 3

4 · 2n + 2n bit operations are required to

implement the algorithm.

3 If N = p · 2n, where p ≡ 1(mod 4) and 2 is a generator

modulo p, then p2+7p+7

4

· 2n + 2n bit operations are required to implement the algorithm. This generalizes the previous result for N = 5 · 2n.

Johan Chrisnata Linear Complexity of Sequences 23 / 29

Introduction A General Method for Binary Sequence Implementation For period p · 2n, where 2 is a generator in Fp

Comparison

Length/N Meidl This paper 3 · 2n 8 · 2n + 4n 7 · 2n + 2n 5 · 2n 20 · 2n + 10n 16 3

4 · 2n + 2n

7 · 2n 28 · 2n + 9n 49 · 2n + 3n p ·2n, p ≡ 1(mod 4), and 2 is a generator mod p

• p2+7p+7

4

· 2n + 2n pn, p is prime and 2 is a generator mod p

• 2 · pn + O(n) =

2N + O(n) For general length ℓ · 2n, it is difficult to compare since it is difficult to compute the exact number of bit operations required in the algorithm of Meidl(2008).

Johan Chrisnata Linear Complexity of Sequences 24 / 29

Introduction A General Method for Binary Sequence Implementation For period p · 2n, where 2 is a generator in Fp

THANK YOU

Johan Chrisnata Linear Complexity of Sequences 25 / 29

Introduction A General Method for Binary Sequence Implementation For period p · 2n, where 2 is a generator in Fp

References I

• H. Aly, R. Marzouk, and W. Meidl, On the calculation of the linear complexity of periodic sequences,

Finite Fields: Theory and Applications. Contemp. Math., 518 (2010), 11–22.

• E. R. Berlekamp, Algebraic Coding Theory, New York: McGraw-Hill, 1968.
• S. R. Blackburn, A generalization of the discrete Fourier transform: Determining the minimal polynomial
• f a periodic sequnce, IEEE Trans. on Information Theory, 40 (1994), 1702–1704.
• S. R. Blackburn, Fast rational interpolation,Reed-Solomon decoding and the linear complexity profiles of

sequences, IEEE Trans. on Information Theory, 43 (1997), 537–548.

• R. E. Blahut, Theory and Practice of Error Control Codes, Reading, MA: Addison-Wesley, 1983.
• R. E. Blahut, Fast Algorithms for Digital Signal Processing, Reading, MA: Addison-Wesley, 1985.
• N. G. de Bruijn, A combinatorial problem, in Proc. Nederl. Akad. Wetensch., 49 (1946) 158–164.
• A. H. Chan, R. A. Games, E. L. Key, On the complexities of de Bruijn sequences, Journal of

Combinatorial Theory, Ser. A, 33 (1982) 233–246.

• Y. M. Chee, J. Chrisnata, T. Etzion, and H. M.Kiah, Efficient algorithm for the linear complexity of

sequences and some related consequences, arxiv.org/abs/1912.11617, December 2019.

• H. Chen, Fast algorithms for determining the linear complexity of sequences over GF(pm) with period 2tn,

IEEE Trans. on Information Theory, 51 (2005), 1854–1856. Johan Chrisnata Linear Complexity of Sequences 26 / 29

Introduction A General Method for Binary Sequence Implementation For period p · 2n, where 2 is a generator in Fp

References II

• H. Chen, Reducing the computation of linear complexities of periodic sequences over GF(pm), IEEE Trans.
• n Information Theory, 52 (2006), 5537–5539.
• C. Ding, A fast algorithm for the determination of linear complexity of sequences over GF(pm) with period

pn, in The Stability Theory of Stream Ciphers by Ding, G. Xiao, and W. Shan, Lecture Notes in Computer Science, 56 (1991), 141–144, Springer-Verlag: Berlin-Heidelberg, New York.

• T. Etzion, N. Kalouptsidisy, N. Kolokotronisy, K. Limniotis, and K. G. Paterson, Properties of

the Error Linear Complexity Spectrum, IEEE Trans. on Information Theory, 55 (2009) 4681–4686.

• T. Etzion and A. Lempel, Algorithms for the generation of full-length shift-register sequences, IEEE
• Trans. on Information Theory, 30 (1984) 480–484.
• T. Etzion and A. Lempel, Construction of de Bruijn sequences of minimal complexity, IEEE Trans. on
• Infor. Theory, 30 (1984) 705–709.
• P. Fitzpatrick, On the key equation, IEEE Trans. on Information Theory, 41 (1995) 1–13.
• H. Fredricksen, A survey of full length nonlinear shift register cycle algorithms, SIAM Review, 24 (1982)

195–221.

• R. A. Games and A. H. Chan, A fast algorithm for determining the complexity of a binary sequence with

period 2n, IEEE Trans. on Information Theory, 29 (1983), 144–146.

• S. W. Golomb, Shift Register Sequences, San Francisco, CA: Holden Day, 1967; 2nd revised edition,

Laguna Hills, CA: Aegean Park, 1980; 3rd revised edition, World Scientific, Singapore 2017. Johan Chrisnata Linear Complexity of Sequences 27 / 29

Introduction A General Method for Binary Sequence Implementation For period p · 2n, where 2 is a generator in Fp

References III

• K. Imamura and T. Moriuchi, A fast algorithm for determining the linear complexity of p-ary sequences

with period pn, p prime, IEICE Tech. Rep., IT 93-75 (1993), 73–78.

• R. Lidl and H. Niederreiter, Introduction to Finite Fields and Their Applications, Cambridge University

Press, 1997.

• F. E. B. Martinez, C. R. G. Vergara, and L. B. de Oliveira, Explicit factorization of

xn − 1 ∈ Fq[x], Designs, Codes, Cryptography, 77 (2015) 277–286.

• J. L. Massey, Shift-register synthesis and BCH decoding, IEEE Trans. on Information Theory, 15 (1969),

122–127.

• W. Meidl, Reducing the calculation of the linear complexity of u2v -periodic binary sequences to

Games–Chan algorithm, Designs, Codes, Cryptography, 46 (2008) 57–65.

• A. J. Menezes, P. C. Van Oorschot, and S. A. Vanstone, Handbook of Applies Cryptography, Boca

Raton, FL: CRC Press, 1996.

• R. A. Rueppel, Analysis and Design of Stream Ciphers, Berlin, Germany: Springer-Verlang, 1986.
• M. Schwartz and T. Etzion, The Structure of single-track Gray codes, IEEE Trans. on Information

Theory, 45 (1999), 2383–2396.

• M. Stamp and F. Y. Martin, An algorithm for the k-error linear complexity of binary sequences with

period 2n, IEEE Trans. on Information Theory, 39 (1993), 1398–1401. Johan Chrisnata Linear Complexity of Sequences 28 / 29

Introduction A General Method for Binary Sequence Implementation For period p · 2n, where 2 is a generator in Fp

References IV

• Y. Sugiyama, M. Kasahara, S. Hirasawa, and T. N. Namekawa, A method for solving key equation

for solving Goppa codes, Inform. Contr., 21 (1975) 87–99.

• S. Wei, G. Xiao, and Z. Chen A fast algorithm for determining the minimal polynomial of a sequence

with period 2pn over GF(q), IEEE Trans. on Information Theory, 48 (2002), 2754–2758.

• G. Xiao, S. Wei, K. Y. Lam, K. Imamura, A fast algorithm for determining the linear complexity of a

sequence with period pn over GF(q), IEEE Trans. on Information Theory, 46 (2000), 2203–2206. Johan Chrisnata Linear Complexity of Sequences 29 / 29