Feedback shift registers with carry operation (FCSR’s) are described, implemented, and analyzed with respect to memory requirements, initial loading, period, and distributional properties of their output sequences. Many parallels with the theory of linear feedback shift registers (LFSR’s) are presented, including a synthesis algorithm (analogous to the Berlekamp-Massey algorithm for LFSR’s) which, for any pseudorandom sequence, constructs the smallest FCSR which will generate the sequence. These techniques are used to attack the summation cipher. This analysis gives a unified approach to the study of pseudorandom sequences, arithmetic codes, combiners with memory, and the Marsaglia-Zaman random number generator. Possible variations on the FCSR architecture are indicated at the end. Index Terms – Binary sequence, shift register, stream cipher, combiner with memory, cryptanalysis, 2-adic numbers, arithmetic code, 1/q sequence, linear span. 1

A feedback-with-carry shift register (FCSR) with "Fibonacci" architecture is a shift register provided with a small amount of memory which is used in the feedback algorithm. Like the linear feedback shift register (LFSR), the FCSR provides a simple and predictable method for the fast generation of pseudorandom sequences with good statistical properties and large periods. In this paper, we describe and analyze an alternative architecture for the FCSR which is similar to the "Galois" architecture for the LFSR. The Galois architecture is more efficient than the Fibonacci architecture because the feedback computations are performed in parallel. We also describe the output sequences generated by the-FCSR, a slight modification of the (Fibonacci) FCSR architecture in which the feedback bit is delayed for clock cycles before being returned to the first cell of the shift register. We explain how these devices may be configured so as to generate sequences with large periods. We show that the -FCSR also admits a more efficient "Galois" architecture.

Abstract. Consider the pseudorandom number generator un ≡ u e n−1 (mod m), 0 ≤ un ≤ m − 1, n =1, 2,..., where we are given the modulus m, the initial value u0 = ϑ and the exponent e. One case of particular interest is when the modulus m is of the form pl, where p, l are different primes of the same magnitude. It is known from work of the first and third authors that for moduli m = pl, if the period of the sequence (un) exceeds m3/4+ε, then the sequence is uniformly distributed. We show rigorously that for almost all choices of p, l it is the case that for almost all choices of ϑ, e, the period of the power generator exceeds (pl) 1−ε. And so, in this case, the power generator is uniformly distributed. We also give some other cryptographic applications, namely, to rulingout the cycling attack on the RSA cryptosystem and to so-called time-release crypto. The principal tool is an estimate related to the Carmichael function λ(m), the size of the largest cyclic subgroup of the multiplicative group of residues modulo m. In particular, we show that for any ∆ ≥ (log log N) 3,wehave λ(m) ≥ N exp(−∆) for all integers m with 1 ≤ m ≤ N, apartfromatmost N exp −0.69 ( ∆ log ∆) 1/3) exceptions. 1.

this paper we assume that this sequence is

Abstract—Almost difference sets have interesting applications in cryptography and coding theory. In this paper, we give a wellrounded treatment of known families of almost difference sets, establish relations between some difference sets and some almost difference sets, and determine the numerical multiplier group of some families of almost difference sets. We also construct six new classes of almost difference sets, and four classes of binary sequences of period H @�� � RA with optimal autocorrelation. We have also obtained two classes of relative difference sets and four classes of divisible difference sets (DDSs). We also point out that a result due to Jungnickel can be used to construct almost difference sets and sequences of period R with optimal autocorrelation. Index Terms—Almost difference sets, correlation, cyclotomy, difference sets, divisible difference sets (DDSs), relative difference sets, sequence. I.

Une mesure du premier type est la complexite lineaire d'une sequence. C' est la profondeur de la plus courte recurrence lineaire a coe#cients constants qui engendre une suite supposee periodique. Un algorithme fondamental de calcul de cette quantite est l'algorithme de Berlekamp Massey [2]. Un ra#nement est le profil de complexite qui est la courbe d' evolution de la complexit e lineaire de la sequence observee sur un intervalle [0, t] en fonction du temps t. L'application principale est le point 1 plus haut. Une mesure du second type est l'autocorrelation qui est essentiellement le produit scalaire de la sequence (convenablement complexifiee par l'usage d 'un caractere additif du corps fini ambiant) avec une version decalee circulairement d'elle-meme. Suivant la nature de cette copie on parle de correlation periodique, aperiodique, Doppler. Les applications de cette mesure sont les points 2 et 3 plus haut. Objectifs L'objectif principal du projet est d'implementer en caracterist

Chanson, Ding and Salomaa have recently constructed several classes of authentication codes using certain classes of functions. In this paper, we further extend that work by constructing two classes of Cartesian authentication codes using the logarithm functions. The codes constructed here involve the theory of cyclotomy and are better than a subclass of Helleseth–Johansson’s codes and Bierbrauer’s codes in terms of the maximum success probability with respect to the substitution attack.

Abstract—The paper presents a general framework for improving the security of the cryptosystem based on the symmetric block cipher. The main idea is based on possibility of chancing substitution boxes (called S-boxes) in encryption/decryption algorithm. In order to make it possible, it is necessary to generate identical boxes by an encryption and decryption party. This is the main reason, why deterministic methods of generating substitution boxes based on the pseudorandom sequences will be presented.