PBOOF OF WASSEY'S CONJECTURED ALCORITHH
C w s h e n g Ding
Department o f Applied Mathematics
N o r t h w e s t Telecommunication Engineering I n s t i t u t e
X i a n , P e o p l e ' s Republic o f China
ABSTRACT: Massey's c o n j e c t u r e d a l g o r i t h m f o r multi-sequence
shift register
s y n t h e s i s i s p r o v e d , a n d i t s s u i t a b i l i t y for t h e minimal r e a l i z a t i o n o f any
l i n e a r system is also v e r i f i e d .
I
.
INTRODUCTION
It i s well known that t h e SLFSR(shortest l i n e a r feedback s h i f t r e g i s t e r )
is o f great importance i n p r a c t i c e ( 1)(2 ) . The
a l g o r i t h m gives an e f f i c i e n t one( 2). The problem o f s y n t h e -
s y n t h e s i s o f single-sequence
Berlekamp-Nassey
s i z i n g m u l t i - s e q u e n c e w i t h LZSR has been g i v e n much concern by many s c h o l a r s in
Wassey gave a c o n j e c t u r e d a l g o r i t h m
i n f o r m a t i o n and c o n t r o l s o c i e t y . J.L.
for
t h e SLFSRsyntheais of m u l t i - s e q u e n c e i n 1972. I n 1985 Fen C u e i l i a n g and K.K.
Tzeng also gave a n o t h e r o n e ( 3 ) . I n t h i s paper we are g o i n g t o prove Massey's
c o n j e c t u r e d a l g o r i t h m , and v e r i f y that it is an u n i v e r s a l one and i s s u i t e d f o r
t h e minimal r e a l i z a t i o n o f any l i n e a r system.
I1
.
PROOF OF MASSEY'S CONJECTURED ALGOBITl33
L e t Bi=
and Si-(ali
ail...
aZi
as,
... , M ,
ill,
... sri)t , %(B1
B2
be H sequences of l e n g t h N i n t h e f i e l d F
... B M ) t , Si=S I...S
Then t h e Massey's
i'
c o n j e c t u r e d a l g o r i t h m in F i g . 1 can be s t a t e d as
MASSEY'S CONJECTUREr Assume t h a t ( f i , l i )
and d i = f i ( S i + l )
i s t h e ith d i s c r e p a n c y , i - 0 ,
i s t h e SLF'SR which g e n e r a t e s Si,
... , n.
Then
( i ) i f dn=O, t h e n l n + l = land fn+l=fn.
n
'
\,be
( 1 1 ) if d 3 0 , and i s a l i n e a r combination o f di,
a basis of
and (kl, k2,
dn =
-
d.
:
... , kr )
2
ui&Ki
OSiSn-1
... ,
i-0,
s u c h t h a t max{n-ki+lki
n-l, l e t
: 1SiSx-r)is minimal
i s m a x i m a l i n a l p h a b e t i c o r d e r . Let
,
I=
ti
: uiko,
%, ,...
16isr)
i=1
C.G. Guenther (Ed.): Advances in Cryptology - EUROCRYPT '88, LNCS 330, pp. 345-349, 1988.
0 Springer-Verlag Berlin Heidelberg 1988
346
( i i i ) i f dn i s not a l i n e a r combination o f d i , L O ,
n+l and fn+l can be any p o l y n o m i a l i n F[x]
... , n-1,
t h e n ln+l=
o f degree n+1.
F i r s t , w e give some n o t a t i o n s and simple r e s u l t s :
L e t fi= l + f i , l s +
=**
+
fi,li
,Ii,
be a v e c t o r of l e n g t h n+l. Denote Dn+l=(do dl
and Fn+I=(ffO f f l
...
... 0 fiYl ... f i , l i l
... dn) t , An+l-(sl
and ffi-(O
82
...
0
6
a
.
0)
n+ 1 )t
f f n ) t . Then it i s e a s y t o know that
(i) Fn+l i s a l o w e r t r i a n g u l a r matrix, and i s i n v e r t a b l e .
(1')
Dn+1 = F n + l *n+1- An+l
Cn+l Dn+l'
-1 and is a l s o a lower triangular matrix.
where Cn+l= Fn+l,
Let us s p l i t t h e m a t r i o e e Fn+l,
Cn+l,
Dn+l
and p a r t i t i o n them by u r i t i n g
[n-L )xn
where B-(0
... 0 '4. ...ul) t , 0
c
(0
t h e f o l l o w i n g t h e o r e m 1 holds.
Theorem 1. L e t f ( x ) = 1 + ulx +
-
S n + l i f and o n l y if U(n-L)x(n)GnDn
Theorem 2,
... O)t.
By d e f i n i t i o n , it i s a p p a r e n t that
... + uLxL ( L < n + l ) ,
0 and BGnD,
f
g,Dn
then (f,L) generates
+ dn
= 0-
If ( f , L ) can g e n e r a t e S n + l , L d n + l , t h e n t h e r e must e x i s t a v e c t o r
u such t h a t
Theorem 3. A s s u m e that ( f i , L )
i s t h e SLFSR u h i c h g e n e r a t e s S
i
Then ln+l=n+l if and o n l y i f dn i s n o t a l i n e a r combination of di,
, GO,
160,
n*
.a.
... ,
n-1.
Theorem 4. Assume t h a t g
c
fn +
ZCl ui
x
n-ki
fki, uifO,
Let 1; be t h e s h o r t e s t L s u c h t h a t ( f i , L ) can g e n e r a t e S
i
. If
i=l,
... ,
B.
(g,L) g e n e r a t e s
347
Sn+',
then we have
Lzmax
4 1;)
, ..., n-ks+%,>
n-kl+l&
, ... , n-ks+\,}
m a { ln, n-kl+\,
I n o r d e r t o prove theorem 4, we now prove t h e following lemma:
Lemma: Assume 0
-
m-k
f m + ulx
' fk,
, ulfO,
kl<m,
are
and (fm,lm), ( f k ,
t h e SLFSR's whioh g e n e r a t e Sm and Sk' r e s p e o t i v e l y , then if (g,L) g e n e r a t e Sw1,
we have
L a m a r {l;, m-kl+Gl)
= m a x {lm,
m-kl+
h,}
Proofs Prom the d e f i n i t i o n o f 1; and lm,w e o b t a i n that l=lmand
Becauae L a l m ,
t h a t fk
L>,ln-
80
.;1
. Let
1$,
Suppose lksL<m-kl+
I
- lk,.
j be t h e last j =oh
,*O.
9 3
because L a l k , so L-m+kl~l~-m+kl>,j.Put LLGm+kl and
1) i f j+m-k1sY,
h(x)-l+hlx+ ..+
h x j , where h f
ill,
j
i' kt ,i'
g(x)=fn+ P ~ X " - ~ ' h( I), js LL
...,
(5,.
... -g(S
Because (g,L) g e n e r a t e s Sm and L 2 1 m , so g(S")=
k
Thus h(S '
-f(Sbl)-O.
Sk', b u t LL<$
I
m=
ilk,
*kl+
.
...
1-
=h(SLL+l)-O.This
j . Then
L+l
-
, henoe
k l + j ) . Put LLL-m+kl, t h e n j a L L C 5
ilk,
, but
m-kl+
-
regard g(x) and fm+ xm-k' f k , as polynomials o f degree m y
m s n . Then t h e d e g e n e r a t i n g t e r m s of fm+ xmek'fk, is m-(m-kl+j),
Thus L2ma.x
GI
L',m-kl+
h,).
nax {I",
2 ) i f j+n-kl>lk,
LL) g e n e r a t e s Sk'
-=*
meas that (h,LL)=(g,LL) g e n e r a t e
It is c o n t r a r y t o t h e minimality o f
%'}
)=O, and f(S")=
LL<l;Cl
s,}
=
.
I
. For t h e
so m-Lsm-(m-
same reason we know t h a t ( h ( x ) ,
T h i s i s a l s o c o n t r a r y t o t h e minimality of
5,.
m a x {lm,
m-kl+lkl}.
PROOF O F THIEoBE# 4 1 By u s i n g t h e above lemma and induction on
8,
it is not
d i f f i c u l t t o s e e that Theorem 4 i s t r u e .
Theorem 5 . Let ( f i l l i )
0,
..a
-..)n-1,
9
n-1,
be t h e SLFSR which generate Si, and di=fi(S
i+l
1,
i-
n. I f dn(=%O) can be expressed as a l i n e a r oombination of d i , b 0 ,
say dn= 4n-l
L
-zu.d..
1 1
ln+l
min
U
dn=-0,
Let Iu= { O s i s n - l
m a r { l n ,n-i+li
I
i E I ~ )
t
ui*O)
. Put
... (a)
348
n-1
(ub,
where u'-
n-i
1
... ,
is t h e v e c t o r which makes t h e r i g h t a i d e o f (a) t a k e
i t s minimal value. Then (fn+l,ln+l)
i s a s h o r t e s t LFSR that generate Sn+l.
Proof: L e t L d e n o t e t h e r i g h t s i d e o f (a). It is obvious that l n + l S L .
Let
,
n+1 and ln+l-=n+l. By theorem 2 t h e r e mast
i s a SLFSB t h a t g e n e r a t e S
(f,ln+l)
exist a vector u snoh t h a t
f
-
fn +
ui In-i
-
f i , di
Then theorem 4 t e l l us that ln+l),max
YDn
I
-YE:
uidi,
{In, n-ki+lk, : i E xu)
aL, t h e r e f o r e
ln+l
= L. Thus (fn+l,ln+l) is a SLFSB which generate S.
From t h o base chosen i n Massey's
algorithm and Theorem
5
we can e a s i l y C o b
olude that t h e p a r t ( i i) i n Hassey's algorithm is t r u e . P a r t ( i i i ) has been
proved i n theorem 3. P u t ( i ) i s apparently t r u e . "hue we have c o m l e t e l g proved
Masscry's o o n j e c t u r e d a l g o r i t h m u n t i l now.
Let V be a v e o t o r spaoe o v e r t h e f i e l d P, S-sl...s
n
be a v e c t o r sequence o f
l e n g t h n. t h e problem o f f i n d i n g a p a i r ( f n ( x ) , l n ) such that ( f n , l n ) g e n e r a t e s
n
S and ln i s minimal i s r e f e r e d t o as t h e problem of minimal r e a l i z a t i o n f o r
veotor sequence.
Notioe that t h e p r o o f s o f a l l t h e theorems and lemma i s independent o f what
the si'a
a r e , but o n l y require t h a t si's belong t o a v e c t o r space o v e r
F. So
a l l t h e r e s u l t s a r e t r u e f o r v e c t o r sequence. This means t h a t Yarrsey's a l g o r i t h m
is an u n i v e r s a l one, it is s u i t e d f o r t h e minimal r e a l i z a t i o n of any
linear
system. W
e now g i v e some s p e c i a l c a s e s of t h e u n i v e r s a l algorithms
1 ) I f V = F, t h e n it i s t h e B-M a l g o r i t b .
2) If V
3) If V
sequence.
4 ) If F
--
Fnxn, t h e n it g i v e s a minimal r e a l i z a t i o n algorithm f o r
-
CF(q),
Fm, t h e n it i s t h e Massey's one f o r multi-sequence LFSR s y n t h e s i s .
V
-
matrix
G F ( 4 , then it g i v e s a minimal r e a l i z a t i o n a l g o r i t h m
f o r t h e sequence i n CF(qm) o v e r CF(q)
.
ACKNOWLEDMWT
The a u t h o r w i s h e s t o thank Prof. Xiao Cuozhen for h i s guidanoe. Also much
thanks t o Shan U e i j u a n , Cuo Baoan and the people i n t h e 'Seminar f o r t h e Theory
of Coding and Cryptologg' f o r t h e i r h e l p f u l l suggestions.
349
"CES
'Pseudorandom s q u e n o e s and t h e i r a p p l i c a t i o n s ' . The
National Defense I n d u e t r y Press of China.
( 2 ) J.L. Mirssey, ' S h i f t - r e g i s t e r synthesis and BCH deooding' IgEE T r a n s . I n f o r .
Theory, Vol. IT-15, Jan. 1969.
(3) Fang G u e i l i a n and K.K. Teeng, ' A I t a r a t i v e Algorithm for Wulti-aequenoeS
Synthesis with S h o r t a e t LFSB' S o i e n t i a Sinioa(Scienoa i n China), A. Angust
(1) X i s a Ouoeheng et.al,
.
.
c.-i
c(D)+l
1
COHMENT: any ~ ( D ) - l + c ~ D + . . . + cDn+
~+~
n+l
can be used a t t h e point marked
Does t h e r e exist
... ,
5,
ae such that dry$+...+
a,<?
yes
-
&al+.
I-- ( i
..+aedt
i
aixo}
d;cmar{Lgi+Ii
Inn
o*,(D) +c( D)
0
I
iEI}
%--L
c(D)+l
aeDq o z ( D)
L +n + l
1
Fig. 1 Massey' s Conjectured Algorithm for Multi-sequence Shift
Synthesis.
.
© Copyright 2026 Paperzz