Advances in Cryptology — EUROCRYPT ’91

Volume 547 of the series Lecture Notes in Computer Science pp 186-199


Analysis of Pseudo Random Sequences Generated by Cellular Automata

  • Willi MeierAffiliated withHTL Brugg-Windisch
  • , Othmar StaffelbachAffiliated withGRETAG


The security of cellular automata for stream cipher applications is investigated. A cryptanalytic algorithm is developed for a known plaintext attack where the plaintext is assumed to be known up to the unicity distance. The algorithm is shown to be successful on small computers for key sizes up to N between 300 and 500 bits. For a cellular automaton to be secure against more powerful adversaries it is concluded that the key size N needs to be about 1000 bits.

The cryptanalytic algorithm takes advantage of an equivalent description of the cryptosystem in which the keys are not equiprobable. It is shown that key search can be reduced considerably if one is contented to succeed only with a certain success probability. This is established by an information theoretic analysis of arbitrary key sources with non-uniform probability distribution.