Index tables of finite fields and modular Golomb rulers

For a Galois field GF(2 ⁿ) defined by a primitive element α with minimal polynomial f, the index table contains in row i the coordinates of α ⁱ in the polynomial basis α ^n-1, α ^n-2,..., α, 1. Each column i in this table equals the m-sequence with characteristic polynomial f, shifted cyclically by some offset h _i. In this paper we show that the set of the n shifts h _i contains large subsets which are modular Golomb rulers modulo 2 ⁿ -1 (i.e. all the differences are different). Let D be the set of integers j such that the coefficient of x ^j in f is non-zero. We prove that the set H _D of shifts corresponding to columns j ∈ D can be partitioned into two subsets (the columns in the left half of the table and the ones in the right half) each of which is a modular Golomb ruler. Based on this result and on computational data, we conjecture that in fact the whole set H _D is a modular Golomb ruler. We give a polynomial time algorithm for deciding if given a subset of column positions, the corresponding shifts are a modular Golomb ruler. These results are applied to filter generators used in the design of stream ciphers. Golić recommends that in order to withstand his inversion attack, one of the design requirements should be that the inputs of the non-linear filtering function are taken from positions of a Fibonacci LFSR which form a Golomb ruler. We propose using a Galois LFSR instead and selecting positions such that the corresponding shifts form a modular Golomb ruler. This would allow for a larger number of inputs to be selected (roughly n/2 rather than √2n) while still satisfying Golić's requirement.