Fast Correlation Attacks: An Algorithmic Point of View

  • Philippe Chose
  • Antoine Joux
  • Michel Mitton
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2332)


In this paper, we present some major algorithmic improvements to fast correlation attacks. In previous articles about fast correlations, algorithmics never was the main topic. Instead, the authors of these articles were usually addressing theoretical issues in order to get better attacks. This viewpoint has produced a long sequence of increasingly successful attacks against stream ciphers, which share a main common point: the need to find and evaluate parity-checks for the underlying linear feedback shift register. In the present work, we deliberately take a different point of view and we focus on the search for efficient algorithms for finding and evaluating parity-checks. We show that the simple algorithmic techniques that are usually used to perform these steps can be replaced by algorithms with better asymptotic complexity using more advanced algorithmic techniques. In practice, these new algorithms yield large improvements on the efficiency of fast correlation attacks.


Stream ciphers fast correlation attacks match-and-sort algorithmics parity-checks linear feedback shift registers cryptanalysis 


  1. 1.
    D. Boneh, A. Joux, and P. Nguyen. Why textbook ElGamal and RSA encryption are insecure. In Proceedings of ASIACRYPT’2000, volume 1976 of Lecture Notes in Computer Science, pages 30–43. Springer, 2000.Google Scholar
  2. 2.
    A. Canteaut and M. Trabbia. Improved fast correlation attacks using parity-check equations of weight 4 and 5. In Advances in Cryptology-EUROCRYPT’00, volume 1807 of Lecture Notes in Computer Science, pages 573–588. Springer Verlag, 2000.CrossRefGoogle Scholar
  3. 3.
    V. V. Chepyzhov, T. Johansson, and B. Smeets. A simple algorithm for fast correlation attacks on stream ciphers. In Fast Software Encryption-FSE’00, volume 1978 of Lecture Notes in Computer Science. Springer Verlag, 2000.Google Scholar
  4. 4.
    É. Jaulmes and A. Joux. Cryptanalysis of pkp: a new approach. In Public Key Cryptography 2001, volume 1992 of Lecture Notes in Computer Science, pages 165–172. Springer, 2001.CrossRefGoogle Scholar
  5. 5.
    T. Johansson and F. Jönsson. Fast correlation attacks through reconstruction of linear polynomials. In Advances in Cryptology-CRYPTO’00, volume 1880 of Lecture Notes in Computer Science, pages 300–315. Springer Verlag, 2000.CrossRefGoogle Scholar
  6. 6.
    A. Joux and R. Lercier. “Chinese & Match”, an alternative to atkin’s “Match and Sort” method used in the SEA algorithm. Accepted for publication in Math. Comp., 1999.Google Scholar
  7. 7.
    W. Meier and O. Staffelbach. Fast correlation attacks on certain stream ciphers. Journal of Cryptology, 1:159–176, 1989.zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    M. Mihaljević, M. P. C. Fossorier, and H. Imai. A low-complexity and high-performance algorithm for fast correlation attack. In Fast Software Encryption-FSE’00, pages 196–212. Springer Verlag, 2000.Google Scholar
  9. 9.
    M. Mihaljević, M. P. C. Fossorier, and H. Imai. Fast correlation attack algorithm with list decoding and an application. In Fast Software Encryption-FSE’01, pages 208–222. Springer Verlag, 2001. Pre-proceedings, final proceedings to appear in LNCS.Google Scholar
  10. 10.
    W. T. Penzhorn and G. J. Kuhn. Computation of low-weight parity checks for correlation attacks on stream ciphers. In Cryptography and Coding-5th IMA Conference, volume 1025 of Lecture Notes in Computer Science, pages 74–83. Springer, 1995.Google Scholar
  11. 11.
    R. Schroeppel and A. Shamir. A T = O(2n/2), S = O(2n/4) algorithm for certain NP-complete problems. SIAM J. Comput., 10(3):456–464, 1981.zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    T. Siegenthaler. Correlation-immunity of nonlinear combining functions for cryptographic applications. IEEE Trans. on Information Theory, IT-30:776–780, 1984.CrossRefMathSciNetGoogle Scholar
  13. 13.
    T. Siegenthaler. Decrypting a class of stream ciphers using ciphertext only. IEEE Trans. Comput., C-34:81–85, 1985.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Philippe Chose
    • 1
  • Antoine Joux
    • 1
  • Michel Mitton
    • 1
  1. 1.DCSSIIssy-les-Moulineaux cedexFrance

Personalised recommendations