Variants of the self-shrinking generator based on a linear-feedback shift register (LFSR) are studied for use in cryptography.[who?]
The procedure for clocking this kind of generator is as follows: This example will use the connection polynomial x8 + x4 + x3 + x2 + 1, and an initial register fill of 1 0 1 1 0 1 1 0.
The tap positions defined by the connection polynomial are marked with blue headings.
In their paper,[1] Meier and Steffelbach prove that a LFSR-based self-shrinking generator with a connection polynomial of length L results in an output sequence period of at least 2L/2, and a linear complexity of at least 2L/2-1.
An attack presented by the authors requires about 20.7L steps, assuming a known connection polynomial.