Galois LFSR, Embedded Devices and Side Channel Weaknesses

  • Antoine Joux
  • Pascal Delaunay
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4329)


A new side channel attack against a simple LFSR is presented. The proposed attack targets a single Galois LFSR running on an embedded device where the only accessible information is the side channel leakage. Even if it is made only of simple XOR gates, such an object is vulnerable to side channel cryptanalysis depending on its implementation. Our attack combines simple side channel analysis and statistical analysis to guess output bits and fast correlation attack to recover the initial state. In practice, even if a LFSR is never used alone, this attack shows that simple XOR gates can reveal significant information in some circumstances.


Parity Check Side Channel Stream Cipher Linear Feedback Shift Register Embed Device 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Agrawal, D., Archambeault, B., Rao, J., Rohatgi, P.: The EM Side-Channel(s). In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Brier, E., Clavier, C., Olivier, F.: Optimal Statistical Power Analysis. Cryptology ePrint Archive: Report 2003/152Google Scholar
  3. 3.
    Canteaut, A., Trabbia, M.: Improved fast correlation attacks using parity-check equations of weight 4 and 5. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 573–588. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  4. 4.
    Chose, P., Joux, A., Mitton, M.: Fast correlation attacks: An algorithmic point of view. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 209–221. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  5. 5.
    Hell, M., Johansson, T., Meier, W.: Grain – a stream cipher for constrained environments. ECRYPT/eStream submission. Phase II, HW focusGoogle Scholar
  6. 6.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  7. 7.
    Lano, J., Mentens, N., Preneel, B., Verbauwhede, I.: Power analysis of synchronous stream ciphers with resynchronization mechanism. In: The State of the Art of Stream Ciphers (2004)Google Scholar
  8. 8.
    Lu, L., Meier, W., Vaudenay, S.: The conditional correlation attack. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 97–117. Springer, Heidelberg (2005)Google Scholar
  9. 9.
    Meier, W., Staffelbach, O.: Fast correlation attacks on certain stream ciphers. J. Cryptology 1(3), 159–176 (1989)zbMATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Mihaljević, M., Fossorier, M., Imai, H.: Fast correlation attack algorithm with list decoding and an application. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 196–210. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. 11.
    Muller, F.: Analyse d’algorithmes en cryptographie symétrique. PhD thesis, Ecole Polytechnique (April 2005)Google Scholar
  12. 12.
    Peeters, E., Standaert, F., Quisquater, J.: Power and Electromagnetic Analysis: Improved Model, Consequences and Comparisons. Special issue of Integration, The VLSI journal, Embedded Cryptographic Hardware (September 2006)Google Scholar
  13. 13.
    Prouff, E.: DPA Attacks and S-Boxes. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 424–442. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  14. 14.
    Rechberger, C., Oswald, E.: Stream ciphers and side-channel analysis. In: The State of the Art of Stream Ciphers (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Antoine Joux
    • 1
    • 2
  • Pascal Delaunay
    • 2
    • 3
  1. 1.DGA 
  2. 2.Université de Versailles St-Quentin-en-Yvelines, PRISMVersailles CedexFrance
  3. 3.Thales 

Personalised recommendations