Shrinking generator


In cryptography, the shrinking generator is a form of pseudorandom number generator intended to be used in a stream cipher. It was published in Crypto 1993 by Don Coppersmith, Hugo Krawczyk, and Yishay Mansour.
The shrinking generator uses two linear feedback shift registers. One, called the sequence, generates output bits, while the other, called the sequence, controls their output. Both and are clocked; if the bit is 1, then the bit is output; if the bit is 0, the bit is discarded, nothing is output, and we clock the registers again. This has the disadvantage that the generator's output rate varies irregularly, and in a way that hints at the state of S; this problem can be overcome by buffering the output. The random sequence generated by LFSR can not guarantee the unpredictability in secure system and various methods have been proposed to improve its randomness
Despite this simplicity, there are currently no known attacks better than exhaustive search when the feedback polynomials are secret. If the feedback polynomials are known, however, the best known attack requires less than • bits of output.
An interesting variant is the self-shrinking generator.

An implementation in Python

This example uses two Galois LFRSs to produce the output pseudorandom bitstream. The Python code can be used to encrypt and decrypt a file or any bytestream.

  1. !/usr/bin/env python
import sys
  1. ----------------------------------------------------------------------------
  2. Crypto4o functions start here
  3. ----------------------------------------------------------------------------
class GLFSR:
"""Galois linear-feedback shift register."""
def __init__:
print "Using polynom 0x%X, initial value: 0x%X." %
self.polynom = polynom | 1
self.data = initial_value
tmp = polynom
self.mask = 1
while tmp != 0:
if tmp & self.mask != 0:
tmp ^= self.mask
if tmp 0:
break
self.mask <<= 1
def next_state:
self.data <<= 1
retval = 0
if self.data & self.mask != 0:
retval = 1
self.data ^= self.polynom
return retval
class SPRNG:
def __init__:
print "GLFSR D0: ",
self.glfsr_d = GLFSR
print "GLFSR C0: ",
self.glfsr_c = GLFSR
def next_byte:
byte = 0
bitpos = 7
while True:
bit_d = self.glfsr_d.next_state
bit_c = self.glfsr_c.next_state
if bit_c != 0:
bit_r = bit_d
byte |= bit_r << bitpos
bitpos -= 1
if bitpos < 0:
break
return byte
  1. ----------------------------------------------------------------------------
  2. Crypto4o functions end here
  3. ----------------------------------------------------------------------------
def main:
prng = SPRNG, int,
int, int)
with open as f, open as g:
while True:
input_ch = f.read
if input_ch "":
break
random_ch = prng.next_byte & 0xff
g.write
if __name__ '__main__':
main