Explore the vast range of titles available.

Let n be a positive integer. An n-stage Galois NFSR has n registers and each register is updated by a feedback function. Then a Galois NFSR is called nonsingular if every register generates (strictly) periodic sequences, i.e., no branch points. In this paper, a generic method for investigating nonsingular Galois NFSRs is provided. Two fundamental concepts that are standard Galois NFSRs and the simplified feedback function of a standard Galois NFSR are proposed. Based on the new concepts, a sufficient condition is given for nonsingular Galois NFSRs. In particular, for the class of Galois NFSRs with linear simplified feedback functions, a necessary and sufficient condition is presented.

Cascade connection architectures of nonlinear feedback shift registers (NFSRs) have been widely used in cryptography. In particular, the Grain family of stream ciphers uses the cascade connection architecture of an LFSR into an NFSR. A cascade connection representation is not always unique. The nonuniqueness of the representation may threat the security of a cipher. Inspired by the Grain family of stream ciphers, in this paper, we focus on cascade connections of an LFSR into an NFSR. A necessary and sufficient condition for the uniqueness of this class of cascade connection representations is provided under a reasonable condition that the involved NFSR has only trivial cascade connection decompositions. In particular, as a direct application of new results, it is theoretically proved that the cascade connection representation of a Grain-like structure, an n-bit primitive LFSR into an n-bit NFSR with a positive integer n, is unique not considering some trivial distinct representations if the involved n-bit NFSR satisfies the condition. Besides, it is verified that all the main registers used in the Grain family of stream ciphers satisfy the condition.

Impossible differential and zero correlation linear cryptanalysis are two important cryptanalytic methods. In this paper, we study the security of some Feistel structures against these two cryptanalytic methods. Throughout this paper, we consider the impossible differential and zero correlation linear hull that are independent of the choices of the non-linear parts. Based on that, a method is introduced to estimate the number of rounds that the longest impossible differential could cover for one kind of Feistel-SP structure. Fortunately, our method also applies to some generalized Feistel structures, such as the Type-2 generalized Feistel structure. Then we project our results to zero correlation by the links between impossible differential and zero correlation linear hull. Lastly, as an application of our method, we prove that there do not exist 15-round impossible differential and zero correlation linear hull for LBlock and TWINE.

Nonlinear feedback shift registers (NFSRs) are widely used in stream cipher designs. In this paper, we propose a variant of cascade connections of NFSRs, called ring-like cascade connections. It is shown that given an initial state of a ring-like cascade connection, each register outputs the sequence of the same period. Based on this configuration, a class of NFSRs with the same cycle structure can be derived. Moreover, inspired by this result, two more general types of NFSRs with the same cycle structures are also studied.

A nonlinear feedback shift register (NFSR) can be implemented in the Galois configuration or in the Fibonacci configuration. In the former, the feedback can potentially be applied to every stage, whereas in the latter, the feedback is applied to the last stage only. In this paper, we concentrate on the equivalence between these two configurations. First, we define a large number of Galois NFSRs, which have very rich choices of feedback functions. Then we study their equivalence with the Fibonacci type and discuss their nonsingularity. Finally, we specify the inclusion relations between the previous results and ours.

Acupuncture is widely used to relieve shoulder pain. A survey was conducted in order to recognize hotspots and frontiers of acupuncture for shoulder pain from the year 2000-2022. The Web of Science Core Collection was used to collect literature related to acupuncture therapy for shoulder pain, which spanned January 2000 to August 2022. The number of publications yearly, countries/institutions, journals, and keywords was analyzed and visualized in shoulder pain with acupuncture therapy by CiteSpace v.5.7.R5. We totally analyzed 214 articles that met the inclusion criteria. The overall trend of publication volume continues to increase. The most productive authors in the field were César Fernández las Peñas and José L Arias-Buría, and the most influential author was Green S. Kyung Hee University and the People's Republic of China had the highest volume of publications, respectively. The most influential journal is Pain with high citation and impact factor. The hot keywords were \"acupuncture\", \"shoulder pain\", \"dry needling\", \"randomized trial\", and \"injection\". The research frontier in acupuncture for treating chronic shoulder pain was mainly \"mechanism\". Over the last 22 years, the findings of this bibliometric analysis have provided research trends and frontiers in clinical research on acupuncture therapy for patients with shoulder pain, which identifying hot topics and exploring new directions for the future may be helpful to researchers. Studying mechanisms underlying acupuncture therapy for shoulder pain remains a focus of future research.

Two nonlinear feedback shift registers (NFSRs) of the same stage number are called isomorphic if their state diagrams are of the same cycle structure. In this paper, we focus on a class of isomorphic NFSRs that are derived from a previous work (Zhao et al. in Des Codes Cryptogr 86(12):2775–2790, 2018). First, we give an explicit formula for counting this class of isomorphic NFSRs, which generalizes the previous result given by Rozhkov (Discret Math Appl 20(2):127–155, 2010). Then we study the inherent relation of the affine sub-families among these NFSRs. The obtained result shows that the analysis of the affine sub-families of these NFSRs could be reduced to the analysis of the affine sub-families of a specific NFSR. Finally, we present a Galois representation of some specific isomorphic NFSRs whose periods of the output sequences are controllable.

As a typical representative of the public key cryptosystem, RSA has attracted a great deal of cryptanalysis since its invention, among which a famous attack is the small private exponent attack. It is well-known that the best theoretical upper bound for the private exponent d that can be attacked is d ≤ N 0.292 , where N is a RSA modulus. However, this bound may not be achieved in practical attacks since the lattice constructed by Coppersmith method may have a large enough dimension and the lattice-based reduction algorithms cannot work so well in both efficiency and quality. In this paper, we propose a new practical attack based on the binary search for the most significant bits (MSBs) of prime divisors of N and the Herrmann-May’s attack in 2010. The idea of binary search is inspired by the discovery of phenomena called “multivalued-continuous phenomena”, which can significantly accelerate our attack. Together with several carefully selected parameters according to our exact and effective numerical estimations, we can improve the upper bound of d that can be practically achieved. More specifically, without the binary search method, we successfully attack RSA with a 1024-bit-modulus N when d ≤ N 0.285 . Moreover, by our new method, we can implement a successful attack for a 1024-bit-modulus RSA when d ≤ N 0.292 and for a 2048-bit-modulus RSA when d ≤ N 0.287 in about a month. We believe our method can provide some inspiration to practical attacks on RSA with mainstream-size moduli.

Recently nonlinear feedback shift registers (NFSRs) have frequently been used as basic building blocks for stream ciphers. A major problem concerning NFSRs is to construct NFSRs with large periods. In this paper, a new NFSR structure whose period could be theoretically analyzed is proposed and studied, called GL-S-NFSR. A GL-S-NFSR is a selective cascade connection of a primitive Galois LFSR into a standard Galois NFSR with a linear simplified feedback function, where standard Galois NFSRs with linear simplified feedback functions are very useful in stream ciphers, e.g., Trivium. It is proved that the periods of the output sequences of a GL-S-NFSR are lower bounded by the product of all the Zsigmondy primes of 2 n - 1 with a probability close to 1 under a weak assumption, and particularly, if n is a prime, then 2 n - 1 divides the periods of the output sequences with a high probability, where n is the stage of the Galois LFSR. Besides, it is also proved that there are several registers satisfying that the periods are multiples of Zsigmondy primes without any assumption. Note that the main building block of Kreyvium consists of a standard Galois NFSR with a linear simplified feedback function and two pure cycling registers (PCRs). Periodic results on GL-S-NFSR are applied to Kreyvium by modifying one PCR to a primitive LFSR and the modified building block of Kreyvium is called M-Kreyvium. It is shown that the sequences involved in M-Kreyvium could have large periods with high probabilities.

Recently nonlinear feedback shift registers (NFSRs) have frequently been used as building blocks for designing stream ciphers. Let NFSR (g) be an m-stage NFSR with characteristic function \\(g=x_0 g_1(x_1, ,x_m-1) x_m\\) . Up to now there has been no known method to determine whether the family of output sequences of the NFSR (g), denoted by S(g), contains a sub-family of sequences that are exactly the output sequences of an NFSR(f) of stage n < m. This paper studies affine cases, that is, finding an affine function f such that S(f) is a subset of S(g). If S(g) contains an affine sub-family S(f) whose order n is close to m, then a large number of sequences generated by the NFSR (g) have low linear complexities. First, we give two methods to bound the maximal order of affine sub-families included in S(g). Experimental data indicate that if S(g) contains an affine sub-family of order not smaller than m/2, then the upper bound given in the paper is tight. Second, we propose two algorithms to solve affine sub-families of a given order n included in S(g), both of which aim at affine sub-families with the maximal order. Algorithm 1 is applicable when n is close to m, while the feasibility of Algorithm 2 relies on the distribution of nonlinear terms of g. In particular, if Algorithm 2 works, then its computation complexity is less than that of Algorithm 1 and it is quite efficient for a number of cases.