Qquestions that i can not understand!!!

in the BR ,why do we choose bits from s0,s2,s5,s7,s9,s11,s14,s15 other than others ???
what is the reason of this choice??
When we set values of LFSR states,why we choose D like:
d0=100010011010111
d1=010011010111100
d2=110001001101011
......
what if we choose other values?????

Who can answer me in detail !

Pls. refer to the criteria on the design of the bit reorganization below:
1. Suitable for software implementation;
2. The four 32-bit words from the bit reorganization have good randomness in the statistical sense;
3. The number of the overlapping bits of four 32-bit words at consecutive times is small.

As for the constant D, it is constructed by some m-sequences of length 15, see:
https://zucalg.forumotion.net/t32-the-source-for-the-constant-d

Of course, you can choose other values to the constant D. I believe that they have no essential effect to ZUC's security.

Daystar wrote:in the BR ,why do we choose bits from s0,s2,s5,s7,s9,s11,s14,s15 other than others ???
what is the reason of this choice??
When we set values of LFSR states,why we choose D like:
d0=100010011010111
d1=010011010111100
d2=110001001101011
......
what if we choose other values?????