Primitive polynomials for robust linear feedback shift registers-based scramblers and stream ciphers

Abstract

It is well known that in order to build linear scramblers and stream ciphers that are robust against correlation-based reconstruction, primitive polynomials which do not have sparse multiples of moderate degrees must be used. In this paper, the existence and density of such 'good primitive polynomials' are studied. Two theoretical lower bounds on the degree d of the primitive polynomial are derived. When d is larger than the first lower bound, there exists at least one primitive polynomial of degree d which does not have any sparse multiple of moderate degree and when d is larger than the second lower bound, it is almost guaranteed that a randomly chosen primitive polynomial of degree d does not have any sparse multiples of moderate degree. To make the lower bound tight, the distribution of the minimum degrees of sparse multiples of primitive polynomials is investigated in this paper. From comparison, it can be seen that the lower bounds obtained in this paper are much better than the previous results reported in the literature.