for security reasons.
It has been indeed proven~\cite{DBLP:conf/crypto/ShubBB82} that this PRNG
has the cryptographically security property, \textit{i.e.},
-for any sequence $L$ of output bits $x_i$, $x_{i+1}$, \ldots, $x_{i+L-1}$,
+for any sequence of $L$ output bits $x_i$, $x_{i+1}$, \ldots, $x_{i+L-1}$,
there is no algorithm, whose time complexity is polynomial in $L$, and
which allows to find $x_{i-1}$ and $x_{i+L}$ with a probability greater
than $1/2$.
-Thus, even if the encrypted message would be extracted,
-it would thus be not possible to retrieve the original one in a
+Equivalent formulations of such a property can
+be found. They all lead to the fact that,
+even if the encrypted message is extracted,
+it is impossible to retrieve the original one in
polynomial time.
