Fast Software Encryption

Volume 6147 of the series Lecture Notes in Computer Science pp 40-54

Nonlinear Equivalence of Stream Ciphers

  • Sondre RønjomAffiliated withCrypto Technology Group, Norwegian National Security Authority
  • , Carlos CidAffiliated withInformation Security Group, Royal Holloway, University of London


In this paper we investigate nonlinear equivalence of stream ciphers over a finite field, exemplified by the pure LFSR-based filter generator over \(\mathbb{F}_2\). We define a nonlinear equivalence class consisting of filter generators of length n that generate a binary keystream of period dividing 2 n  − 1, and investigate certain cryptographic properties of the ciphers in this class. We show that a number of important cryptographic properties, such as algebraic immunity and nonlinearity, are not invariant among elements of the same equivalence class. It follows that analysis of cipher-components in isolation presents some limitations, as it most often involves investigating cryptographic properties that vary among equivalent ciphers. Thus in order to assess the resistance of a cipher against a certain type of attack, one should in theory determine the weakest equivalent cipher and not only a particular instance. This is however likely to be a very difficult task, when we consider the size of the equivalence class for ciphers used in practice; therefore assessing the exact cryptographic properties of a cipher appears to be notoriously difficult.


Stream ciphers sequences nonlinear equivalence