Why are LFSRs represented as polynomials?

Question

Disclaimer: I am neither an electronics engineer nor am I a mathematician.
I understand what an LFSR is. I can derive the periodic sequence if an LFSR is described by it's taps.

My question is - why are LFSRs represented as polynomials?

What is the advantage of representing taps as x^n? What is the x? What is the constant at the end?

I see a very similar question - Why is the polynomial of an LFSR called so?

But I am still asking my question because I don't understand the answers. I don't understand what a delay operator is. So the answer is not useful to me.

Also that answer doesn't really cover the advantage of representing it as a polynomial.

Answer 1

why are LFSRs represented as polynomials?

Because it gives useful insights into the behavior of the LFSR.

If the feedback terms are represented by the polynomial $P$, and if the initial state of the LFSR is represented by the polynomial $Q$, then the state of the LFSR after $n$ steps will be the polynomial $x^n Q \bmod P$ (where the calculation is done on polynomials, and not on the underlying field - algebra on polynomials is not difficult, however it is different than what you may be used to).

Why is this a useful insight? Because we can determine the long-term behavior from this observation. For one, we have $x^n Q \bmod P = (x^n \bmod P) \times Q \bmod P$; assuming that the constant term of $P$ is relatively prime to the field characteristic, then $x^n \bmod P = 1$ for some $n$, and so the LFSR will eventually return to its initial state (and not fall into an intermediate-state loop).

Furthermore, we can deduce that, as long as $Q$ is relatively prime to $P$, then the number of steps that the LFSR will take before it returns to the original step is independent of the actual setting of $Q$.

Thirdly, if $P$ is an "irreducible polynomial", that is, if there do not exist polynomials $R, S$ with degree > 0 s.t. $P = R \times S$, then the amount of time taken before the LFSR returns to its initial state will be a factor of $p^k - 1$, where $p$ is the size of the field used (2 if we're doing out LFSR in a binary field) and $k$ is the degree of $P$.

These observations (except for the first) are not obvious from the abstract definition of an LFSR.

And your final question:

What is the final constant in the polynomial?

It's just another feedback term from the LFSR. The LFSR can be represented in 'Fibonacci' or 'Galois' modes (and the above abstraction works for both, so it doesn't matter which for the above discussion). In the 'Fibonacci' mode (which appears to be what you are asking about), this constant term corresponds to the sum of the feedback terms that is used to generate the new bit within the LFSR.

Answer 2

Since you said you learnt a lot of math in your undergrad, here is an analogy (just an analogy):

Differential Equations:

$x’’(t)=a x’(t)+bx(t)$

Why are $a,b$ there? What does linking $x’’(t),x’(t),x(t)$ this way mean?

It is the model for a physical dynamical process.

Why do we use the characteristic polynomial below?

$\lambda^2 + a \lambda + b =0 $

Fourier/Laplace theory relates it to the model. Then we can express the solutions as something like

$ x(t)=c_1 e^{\lambda_1 t} + c_2 e^{\lambda_2 t} $

where $\lambda_i$ are the roots of the polynomial.

In discrete maths either over reals or over finite fields there is a completely analogous theory of difference equations

$x_n= a x_{n-1}+ b x_{n-2}$

and roots of characteristic polynomials are used to represent solutions.

The LFSR implements a difference equation over the binary field $GF(2).$ The solutions as linear combinations of powers of roots of the characteristic polynomial. Plus we build the LFSR pick the coefficients in the binary field.

Edit: For primitive polynomials which give maximum length LFSR sequences, the roots have a special algebraic structure (conjugates) which means you can write and efficiently calculate (say) the 199,999th term of the sequence without computing the previous terms, via the trace representation. You cannot do this otherwise, say with the taps.

Bonus: Everything being finite the solutions are exact which we need in coding, cryptography, etc.