Abstract
The main application of stream ciphers is online-encryption of arbitrarily long data, for example when transmitting speech data between a Bluetooth headset and a mobile GSM phone or between the phone and a GSM base station. Many practically used and intensively discussed stream ciphers such as the E 0 generator used in Bluetooth and the GSM cipher A5/1 consist of a small number of linear feedback shift registers (LFSRs) that transform a secret key x∈{0,1}n into an output keystream of arbitrary length. In 2002, Krause proposed a Binary Decision Diagram (BDD) based attack on this type of ciphers, which in the case of E 0 is the best short-keystream attack known so far. However, BDD-attacks generally require a large amount of memory. In this paper, we show how to substantially reduce the memory consumption by divide-and-conquer strategies and present the first comprehensive experimental results for the BDD-attack on reduced versions of E 0, A5/1 and the self-shrinking generator.
Chapter PDF
Similar content being viewed by others
References
Armknecht, F., Krause, M.: Algebraic attacks on combiners with memory. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 162–175. Springer, Heidelberg (2003)
Armknecht, F., Krause, M., Stegemann, D.: Design principles for combiners with memory. In: Maitra, S., Veni Madhavan, C.E., Venkatesan, R. (eds.) INDOCRYPT 2005. LNCS, vol. 3797, pp. 104–117. Springer, Heidelberg (2005)
Biryukov, A., Shamir, A., Wagner, D.: Real time cryptanalysis of A5/1 on a PC. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 1–13. Springer, Heidelberg (2001)
The Bluetooth SIG. Specification of the Bluetooth System (February 2001)
Briceno, M., Goldberg, I., Wagner, D.: A pedagogical implementation of A5/1 (May 1999), http://jya.com/a51-pi.htm
Courtois, N.: Fast algebraic attacks on stream ciphers with linear feedback. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 177–194. Springer, Heidelberg (2003)
Ekdahl, P., Johansson, T.: Another attack on A5/1. In: Proc. of International Symposium on Information Theory, p. 160. IEEE, Los Alamitos (2001)
Fluhrer, S.R., Lucks, S.: Analysis of the E 0 encryption system. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 38–48. Springer, Heidelberg (2001)
Golić, J.: Cryptanalysis of alleged A5 stream cipher. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 239–255. Springer, Heidelberg (1997)
Krause, M.: BDD-based cryptanalysis of keystream generators. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 222–237. Springer, Heidelberg (2002)
Lu, Y., Meier, W., Vaudenay, S.: The conditional correlation attack: A practical attack on bluetooth encryption. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 97–117. Springer, Heidelberg (2005)
Lu, Y., Vaudenay, S.: Cryptanalysis of the bluetooth keystream generator twolevel E0. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 483–499. Springer, Heidelberg (2004)
Maximov, A., Johansson, T., Babbage, S.: An improved correlation attack on A5/1. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 1–18. Springer, Heidelberg (2004)
Meier, W., Staffelbach, O.: The self-shrinking generator. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 205–214. Springer, Heidelberg (1995)
Mihaljević, M.J.: A faster cryptanalysis of the self-shrinking generator. In: Pieprzyk, J.P., Seberry, J. (eds.) ACISP 1996. LNCS, vol. 1172, pp. 192–198. Springer, Heidelberg (1996)
Shaked, Y., Wool, A.: Cryptanalysis of the bluetooth E 0 cipher using OBDDs. Technical report, Cryptology ePrint Archive, Report 2006/072 (2006)
Somenzi, F.: CUDD: CU decision diagram package. University of Colorado, Boulder, CO, USA (March 2001), http://vlsi.colorado.edu/~fabio/
Wegener, I.: Branching Programs and Binary Decision Diagrams: Theory and Applications. SIAM Monographs on Discrete Mathematics and Applications (2000)
Zenner, E., Krause, M., Lucks, S.: Improved cryptanalysis of the self-shrinking generator. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 21–35. Springer, Heidelberg (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Krause, M., Stegemann, D. (2006). Reducing the Space Complexity of BDD-Based Attacks on Keystream Generators. In: Robshaw, M. (eds) Fast Software Encryption. FSE 2006. Lecture Notes in Computer Science, vol 4047. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11799313_11
Download citation
DOI: https://doi.org/10.1007/11799313_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36597-6
Online ISBN: 978-3-540-36598-3
eBook Packages: Computer ScienceComputer Science (R0)