Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
3Activity
0 of .
Results for:
No results containing your search query
P. 1
COM

COM

Ratings: (0)|Views: 233|Likes:
Published by SPRTOSHBTI
GROUP WISE DOWNLOAD OF SPRTOS2011
GROUP WISE DOWNLOAD OF SPRTOS2011

More info:

Published by: SPRTOSHBTI on Mar 19, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

12/19/2012

pdf

text

original

 
CONFEREN
CE ON ―SIGNAL
PROCESSING AND REAL TIME OPERATING SYSTEM (SP
RTOS)‖ MARCH 26
-27 2011COMO1O1-1
Comparison of LFSR and CA as PseudorandomNumber Generator
Ashutosh Mishra*, Dr. Harsh Vikram Singh**, S.P. Gangwar***Student (M.Tech), ** Astt. Prof. Dept. of Electronics Engineering, KNIT SULTANPUR
Abstract
Pseudorandom number generator (PRNG) isa Key element in stream cipher. This paper compares two techniques: Linear Feedback Shift Register (LFSR) and Cellular Automata (CA), used for pseudorandomnumber generation. Both LFSR and CA areanalyzed based on their construction and characteristics. A comparison of LFSR and CA is presented to demonstrate their shortfalls and suitability to certainapplications.
Introduction
In cryptography, a stream cipher combinesthe plaintext bits with apseudorandomcipher bit stream (key stream), typically byan exclusive-or (XOR) operation. In astream cipher the plaintext digits areencrypted one at a time, and thetransformation of successive digits variesduring the encryption. In practice, the digitsare typically singlebitsor bytes.A stream cipher makes use of much smallerand more convenient key
— 
128 bits, forexample. Based on this key, it generates apseudorandom key stream which can becombined with the plaintext digits in asimilar fashion to the one-time pad.However, this comes at a cost: because thekey stream is now pseudorandom, and nottruly random, the proof of securityassociated with the one-time pad no longerholds: it is quite possible for a stream cipherto be completely insecure. Binary streamciphers are often constructed using PRNGsuch as linear feedback shift register (LFSR)or additive cellular automat (ACA) in
today‘s cryptographic scenario.
LFSRs can be implemented in hardware,and this makes them useful in applicationsthat require very fast generation of a pseudo-random sequence, such as direct-sequencespread spectrum radio. LFSRs have alsobeen used for generating an approximationof white noise in various programmablesound generators.An ACA is a cellular automaton whose ruleis compatible with an addition of states.Typically, this addition is derived frommodular arithmetic. Additive rules allow theevolution for different initial conditions tobe computed independently, then the resultscombined by simply adding. The results forarbitrary starting conditions can therefore becomputed very efficiently by convolving theevolution of a single cell with an appropriateconvolution kernel (which, in the case of two-color automata, would correspond to theset of initially "active" cells).
Linear feedback shift register
A linear feedback shift register (LFSR) is ashift register whose input bit is a linearfunction of its previous state.The only linear function of single bits isXOR, thus it is a shift register whose input
 
CONFEREN
CE ON ―SIGNAL
PROCESSING AND REAL TIME OPERATING SYSTEM (SP
RTOS)‖ MARCH 26
-27 2011COMO1O1-2
bit is driven by the exclusive-or (XOR) of some bits of the overall shift register value.The initial value of the LFSR is called theseed, and because the operation of theregister is deterministic, the stream of valuesproduced by the register is completelydetermined by its current (or previous) state.Likewise, because the register has a finitenumber of possible states, it must eventuallyenter a repeating cycle. However, an LFSRwith a well-chosen feedback function canproduce a sequence of bits which appearsrandom and which has a very long cycle.
Additive cellular automata
 
Cellular automata evolve in step and thevalue of node depends on the value of neighbors. An additive Automata (ACA)consists of a collection of cells/nodesformed by flip-flops which are logicallyrelated to their nearest neighbors usingXOR/XNOR gates[5]. When the value of anode is deter-mined only by neighboringcells the ACA is known as one-dimensionallinear CA. The logical relations which relatea node to its neighbors are known as rulesand they define the characteristics of anACA.
 
There are many rules which can beused to construct an ACA register, the mostpopular being rules 90 and 150 illustrated infigure .= (Rule 90)(Rule 150)The next state (t+1) of the node
i
 
isdetermined by
 
the current state
X (t)
of neighboring nodes
i-1
 
and X 
 
i+1
 
for rule 90and nodes
i
,
i-1
 
and
i+1
 
for rule 150. Allthe nodes of a CA register do not have to beimplemented with the same rule, differentnodes can employ different rules. The firstand the last nodes of a CA register have onlyone neighbor unlike all other nodes whichhave two, hence normal
rules
cannot beapplied here [5]. One solution is to assume
that the missing neighbor is fixed at logic ‗0‘
(null boundary condition). The othersolution assumes the last and first nodes tobe neighbors and is connected using normal
rules
(cyclic condition). Connectionbetween the end nodes (first and last nodes)introduces a feedback loop in the cyclicboundary condition; this makes nullboundary condition a better choice.
Comparison
Building on the results of Serra, et.al [3]
 
theconsequences of the similaritytransformation between cellular automataand LFSRs has been explored. By definitionthe LFSR obtained by a similaritytransformation of the transition matrix of aCA has the same characteristic polynomialas the original CA. It has been shown thatthe characteristic equation determines therecursion relation among the bits in the
D X
i-1
 D X
i
 D X
i+1
D X
i-1
 D X
i
 D X
i+1
 
CONFEREN
CE ON ―SIGNAL
PROCESSING AND REAL TIME OPERATING SYSTEM (SP
RTOS)‖ MARCH 26
-27 2011COMO1O1-3
output bit sequence of a CA. This impliesthat the same linear dependencies exist inthe output bit stream of a CA as in theoutput of the similar LFSR.LFSR and CA are characterized by theirtransition matrices, the analysis of thesematrices along with simulations give themeasure of the randomness in the patternsgenerated; these measures show the higherrandomness of patterns produced by CAs.Parallel patterns generated by LFSRs (usingoutputs from different nodes of an LFSR)have a strong correlation between each otherdue to the shifting of data. Patterngeneration in CAs does not involve shiftingof data.There is greater probability of an error inLFSR by aliasing compared to ACA due toshifting of data in LFSR [1]. In case of CAeach node value is a function of theneighboring nodes resulting in a lowerprobability of an error. The presence of XOR gates in the feedback path of anExternal Feedback LFSR and lack of afeedback path in a null boundary conditionresults in higher operating speed for CAs.LFSR have a feedback from their end nodes;this means a redesign of the LFSR is neededif the pattern length has to be changed. Thisis not the case with ACA. ACA is logicallyconnected to their only to their neighborsand there is no feed-back for an ACAemploying the null boundary condition [5].Therefore, the pattern length generated byCAs can be easily changed by cascading thenodes. The regular structure of the nodes forCA makes them ideal for CAD tools byproviding the much needed flexibility indesign. However, it is difficult to construct amaximum length sequence CA as comparedto an LFSR which can be constructed usingthe primitive polynomials which are verywell documented.An LFSR can be implemented using only afew XOR gates whereas a CA requires atleast one XOR gate for each node. This factbrings up an obvious draw-back of CA:Higher area overhead involved inimplementation of CA compared to anLFSR. So, the designer has to pay a penaltyon the area over-head by choosing CA overLFSR.In ACA the communication is generallylocal, being restricted to the nearestneighboring cells and cells are regular andtopologically equivalent to one another butin the case of LFSR these property does notexist [2].Following table shows the summary of comparison
Characteristics LFSR ACA
Performance
Very goodin case of internalfeedback,poor forexternalfeedback Good- nofeedback path andmaximumon XORgatebetweennodeRandomness of generatedpatternLow-shifting of bit causescorrelationbetweenpatternHigh
– 
noshifting of bitCAD Friendly No-requiresredesign forchange inpatternlengthYes- nodecan becascadedeasilySpeed Lower thanCAHigher thanLFSRErrorProbabilityGreater- byaliasing dueto shiftingLower- noshifting of bit

Activity (3)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
Gyejae Lim liked this

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->