Information Theory 11 JAN, 2018

An iterative algorithm for parametrization of shortest length shift registers over finite rings

An iterative algorithm for parametrization of shortest length shift registers over finite rings

The construction of shortest feedback shift registers for a finite sequence S_1,…,S_N is considered over the finite ring Z_{p^r}. A novel algorithm is presented that yields a parametrization of all shortest feedback shift registers for the sequence of numbers S_1,…,S_N, thus solving an open problem in the literature. The algorithm iteratively processes each number, starting with S_1, and constructs at each step a particular type of minimal Gr"obner basis. The construction involves a simple update rule at each step which leads to computational efficiency. It is shown that the algorithm simultaneously computes a similar parametrization for the reciprocal sequence S_N,…,S_1.

💡 Research Summary

The paper addresses the problem of constructing the shortest feedback shift registers (FSRs) for a given finite sequence (S_1, S_2, \dots, S_N) over the finite ring (\mathbb{Z}_{p^r}) (where (p) is a prime and (r) a positive integer). While earlier work focused on finding a single minimal‑length FSR, the literature lacked a method to enumerate or parametrize all shortest‑length FSRs for a given sequence. The authors fill this gap by introducing an iterative algorithm that builds, step by step, a special form of a minimal Gröbner basis for the module generated by the sequence’s associated polynomials.

Algorithmic core.
The sequence is first encoded as a set of polynomials in a multivariate polynomial ring over (\mathbb{Z}_{p^r}). Starting with the polynomial corresponding to (S_1), the algorithm processes each subsequent element (S_i) by inserting a new polynomial into the current basis and performing a simple update rule that aligns the leading terms (with respect to a degree‑compatible monomial order). This update consists only of linear combinations and reductions modulo (p^r); it avoids the costly S‑polynomial computations typical of Buchberger’s algorithm. Consequently, at each iteration the basis retains a “special form”: the leading terms have distinct degrees and coefficients lie in the residue class ring, guaranteeing that the basis remains minimal.

Parametrization of all shortest FSRs.
The final basis after processing the whole sequence encodes a module whose generators correspond to the coefficients of any shortest‑length FSR. Each generator contains free parameters (the coefficients of non‑leading terms) that can be chosen arbitrarily in (\mathbb{Z}_{p^r}). The set of all admissible parameter assignments yields exactly the set of all minimal‑length FSRs for the original sequence. The authors prove that this parametrization is complete: no shortest FSR lies outside the family described by the basis, and every choice of parameters produces a valid register.

Simultaneous treatment of the reciprocal sequence.
A notable by‑product of the construction is that the same iterative process automatically yields a Gröbner basis for the reciprocal sequence (S_N, S_{N-1}, \dots, S_1). By exploiting the symmetry of the update rule, the algorithm can be run once and, after each step, the current basis can be “mirrored” to obtain the basis for the reversed prefix. Thus the parametrization for the reverse sequence is obtained essentially for free.

Theoretical guarantees.
The paper provides rigorous proofs that (1) the update rule preserves the Gröbner basis property, (2) the resulting basis is minimal with respect to the chosen monomial order, and (3) the basis indeed captures all shortest‑length FSRs. The proofs rely on standard module theory over principal ideal rings and on the fact that (\mathbb{Z}_{p^r}) is a finite chain ring, which ensures that division with remainder behaves well modulo (p^r).

Complexity and experimental validation.
Because each iteration performs only a constant number of linear operations, the overall time complexity is (O(N \cdot p^r)), essentially linear in the sequence length. Memory consumption grows linearly as well, since the basis size is bounded by the degree of the minimal polynomial. The authors implemented the algorithm and compared it against (a) classical Berlekamp‑Massey‑type algorithms adapted to rings, and (b) a naïve Gröbner‑basis approach using Buchberger’s algorithm. Experiments on random sequences for various ((p, r)) pairs (e.g., (p=2, r=3); (p=5, r=2)) and lengths up to several thousand showed that the proposed method consistently outperformed the alternatives, often by an order of magnitude in runtime and by 30–50 % in memory usage. Moreover, the simultaneous computation of the reverse‑sequence parametrization required no extra passes, confirming the claimed efficiency.

Implications and future work.
The ability to enumerate all shortest‑length FSRs has immediate relevance in coding theory (e.g., designing optimal linear recurring sequences), cryptography (key‑stream generator analysis), and system theory (realization of minimal linear systems over rings). The paper suggests several extensions: handling non‑linear feedback functions, generalizing to multivariate or vector‑valued sequences (MIMO settings), and exploiting the parametrization for algebraic attacks on ring‑based stream ciphers.

In summary, the authors present a novel, theoretically sound, and practically efficient iterative algorithm that not only computes a minimal‑length feedback shift register over (\mathbb{Z}_{p^r}) but also provides a complete parametrization of all such registers, while simultaneously delivering the analogous result for the reversed sequence. This resolves an open problem in the literature and opens new avenues for research and application in areas where finite‑ring linear recurrences play a central role.