Correction to "Generalized Self-Shrinking Generator"

In this correspondence, it is given a correction to Theorem 4 in Y. Hu, and G. Xiao, “Generalized Self-Shrinking Generator,” IEEE Transactions on Information Theory, vol. 50, No. 4, pp. 714-719, April 2004.

💡 Research Summary

The paper addresses an error in Theorem 4 of Hu and Xiao’s 2004 article “Generalized Self‑Shrinking Generator.” The original theorem claimed that, for any degree‑n m‑sequence a, no more than one‑quarter of the 2ⁿ generalized self‑shrinking sequences in the set B(a) have a least period smaller than 2ⁿ⁻¹. The author presents two explicit counter‑examples for n = 3 and n = 2 that violate this claim.

In the n = 3 case, the m‑sequence generated by the primitive polynomial x³ + x² + 1 (a = 1110010) yields eight generalized self‑shrinking sequences. Four of them have least period T = 4 (2²), while the other four have periods T = 1 or T = 2, i.e., less than 2². Consequently, ½ of the sequences have periods below the bound, contradicting the “≤ ¼” statement. The proof flaw is traced to the assumption that the three cosets b(v(1))+B′, b(v(2))+B′, and b(v(3))+B′ are distinct; in this example the cosets overlap or coincide, invalidating the argument.

A similar contradiction is shown for n = 2. Using the primitive polynomial x² + x + 1 (a = 110), the four sequences in B(a) split evenly between periods 1 and 2, again giving a ½ proportion of sequences with periods below 2¹. The same coset‑overlap issue appears, demonstrating that the original proof does not hold for n = 2.

The author then notes that for n ≥ 4 the original reasoning does succeed: the cosets are indeed distinct and the number of sequences with periods less than 2ⁿ⁻¹ never exceeds one‑quarter of |B(a)|. Therefore, the theorem is revised to include the condition n ≥ 4. The corrected statement reads: “If n ≥ 4, then no more than one‑quarter of the sequences from B(a) have least periods less than 2ⁿ⁻¹.”

The paper concludes that the original theorem remains valid for n ≥ 4, but must be qualified for smaller n. This clarification prevents misinterpretation of the period distribution in generalized self‑shrinking generators, especially when low‑degree m‑sequences are employed, and underscores the importance of rigorous coset analysis in cryptographic sequence design.