François Arnault

F-FCSR: design of a new class of stream ciphers

In this paper we present a new class of stream ciphers based on a very simple mechanism. The heart of our method is a Feedback with Carry Shift Registers (FCSR) automaton. This automaton is very similar to the classical LFSR generators, except the fact that it performs operations with carries. Its properties are well mastered: proved period, non-degenerated states, good statistical properties, high non-linearity. The only problem to use such an automaton directly is the fact that the mathematical structure (2-adic fraction) can be retrieved from few bits of its output using an analog of the Berlekamp-Massey algorithm. To mask this structure, we propose to use a filter on the cells of the FCSR automaton. Due to the high non-linearity of this automaton, the best filter is simply a linear filter, that is a XOR on some internal states. We call such a generator a Filtered FCSR (F-FCSR) generator. We propose four versions of our generator: the first uses a static filter with a single output at each iteration of the generator (F-FCSR-SF1). A second with an 8 bit output (F-FCSR-SF8). The third and the fourth are similar, but use a dynamic filter depending on the key (F-FCSR-DF1 and F-FCSR-DF8). We give limitations on the use of the static filter versions, in scope of the time/memory/data tradeoff attack. These stream ciphers are very fast and efficient, especially for hardware implementations.

Design and properties of a new pseudorandom generator based on a filtered FCSR automaton

Feedback with carry shift registers (FCSR) was introduced by Goresky and Klapper in 1993. It is similar to the classical linear feedback shift registers (LFSR) used in many pseudorandom generators. The main difference is that the elementary additions are not additions modulo 2 but with propagation of carries. The main problem for the use of an FCSR automaton is the fact that the generated sequences are predictable. In order to remove this weakness of FCSR-based generators, we propose filtering the state of the FCSR with a linear function. This method is efficient since the FCSR structure is not related to a linear property. This paper presents an extensive study of FCSR automata, a security analysis of our generator (concerning linear and 2-adic cryptanalysis, algebraic attack, correlation attack, etc.), and a practical example of parameters in order to design this generator. An important point concerning this generator is the fact that it is simple and efficient, both in hardware and software implementation.

A New Class of Stream Ciphers Combining LFSR and FCSR Architectures

We propose a new pseudorandom generator based on Linear Feedback Shift Registers (LFSR) and Feedback with Carry Shift Registers (FCSR).We then present a variant of this generator which can used for a self-synchronizing stream cipher.

Some Results on FCSR Automata With Applications to the Security of FCSR-Based Pseudorandom Generators

This article describes new theoretical results concerning the general behavior of a feedback with carry shift register (FCSR) automaton. They help to better understand how the initial parameters must be chosen to use this automaton as a basic block of a filtered stream cipher. These results especially concern the structure of the transition graph of an FCSR automaton and the number of iterations of the FCSR transition function required to reach the main part of the graph. A potential linear weakness and a easy way to prevent the corresponding attack are also given.

A matrix approach for FCSR automata

LFSRs are primitives widely used in information theory, coding theory and cryptography. However since 2002, they have faced algebraic attacks. To avoid this kind of attacks, FCSRs have been proposed as an alternative in [2–4]. In this paper, we first give a general representation of 2-adic automata using a traditional matrix representation. We then explore the special case of binary and ternary automata. We also study the complexity in terms of memory to implement such automata. Finally, we expose some proposed FCSR constructions for hardware and software oriented stream ciphers.

X-FCSR: a new software oriented stream cipher based upon FCSRs

Feedback with Carry Shift Registers (FCSRs) are a promising alternative to LFSRs in the design of stream ciphers. The previous constructions based on FCSRs were dedicated to hardware applications [3]. In this paper, we will describe X-FCSR a family of software oriented stream ciphers using FCSRs. The core of the system is composed of two 256-bits FCSRs. We propose two versions: X-FCSR-128 and X-FCSR- 256 which output respectively 128 and 256 bits at each iteration. We study the resistance of our design against several cryptanalyses. These stream ciphers achieve a high throughput and are suitable for software applications (6.3 cycles/byte).

F-FCSR Stream Ciphers

Feedback with Carry Shift Registers (FCSRs) are a promising alternative to Linear Feedback Shift Registers (LFSRs) for the design of stream ciphers. The main difference between these two automata lies in the computation of the feedback. While LFSRs use simple bitwise addition, FCSRs use addition with carries. Hence, the transition function of an FCSR is non-linear, more precisely quadratic. Since FCSRs were introduced by Goresky and Klapper [11], the properties of the sequences generated by an FCSR are now considered well mastered from a mathematical point of view.

A complete set of multidimensional Bell inequalities

We give a multidimensional generalization of the complete set of Bell-correlation inequalities given by Werner and Wolf (2001 Phys. Rev. A 64 032112) and by Zˆukowski and Brukner (2002 Phys. Rev. Lett. 88 210401), for the two-dimensional case. Our construction applies to the n-party, two-observable case, where each observable is d-valued. The inequalities obtained involve homogeneous polynomials. They define the facets of a polytope in a complex vector space of dimension dn. We detail the inequalities obtained in the case d = 3 and, from them, we recover known inequalities. We finally explain how the violations of our inequalities by quantum mechanics can be computed and could be observed, when using unitary observables.

Constructing Carmichael numbers which are strong pseudoprimes to several bases

Abstract We describe here a method of constructing Carmichael numbers which are strong pseudoprimes to some sets of prime bases. We apply it to find composite numbers which are found to be prime by the Rabin-Miller test of packages as Axiom or Maple. We also use a variation of this method to construct strong Lucas pseudoprimes with respect to several pairs of parameters.

Construction of self-dual normal bases and their complexity

Recent work of Pickett has given a construction of self-dual normal bases for extensions of finite fields, whenever they exist. In this article we present these results in an explicit and constructive manner and apply them, through computer search, to identify the lowest complexity of self-dual normal bases for extensions of low degree. Comparisons to similar searches amongst normal bases show that the lowest complexity is often achieved from a self-dual normal basis.