|
In cryptography, an alternating step generator (ASG) is a cryptographic pseudorandom number generator intended to be used in a stream cipher. The design was published in 1987 by C. G. Günther. It is also known as the alternating stop-and-go generator. == Overview == Linear feedback shift registers (LFSRs) are, statistically speaking, excellent pseudorandom generators, with good distribution and simple implementation. However, they cannot be used as-is because their output can be predicted easily. An ASG comprises three linear feedback shift registers, which we will call LFSR0, LFSR1 and LFSR2 for convenience. The output of one of the registers decides which of the other two is to be used; for instance if LFSR2 outputs a 0, LFSR0 is clocked, and if it outputs a 1, LFSR1 is clocked instead. The output is the exclusive OR of the last bit produced by LFSR0 and LFSR1. The initial state of the three LFSRs is the key. Customarily, the LFSRs use primitive polynomials of distinct but close degree, preset to non-zero state, so that each LFSR generates a maximum length sequence. Under these assumptions, the ASG's output demonstrably has long period, high linear complexity, and even distribution of short subsequences. Example code in C: / * 16-bit toy ASG (much too small for practical usage); return 0 or 1. */ unsigned ASG16toy(void) An ASG is very simple to implement in hardware. In particular, contrary to the shrinking generator and self-shrinking generator, an output bit is produced at each clock, ensuring consistent performance and resistance to timing attacks. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Alternating step generator」の詳細全文を読む スポンサード リンク
|