Analysis of Pseudo Random Sequences Generated by Cellular Automata
The security of cellular automata for stream cipher applications is investigated. A cryptanalytic algorithm is developed for a known plaintext attack where the plaintext is assumed to be known up to the unicity distance. The algorithm is shown to be successful on small computers for key sizes up to N between 300 and 500 bits. For a cellular automaton to be secure against more powerful adversaries it is concluded that the key size N needs to be about 1000 bits.
The cryptanalytic algorithm takes advantage of an equivalent description of the cryptosystem in which the keys are not equiprobable. It is shown that key search can be reduced considerably if one is contented to succeed only with a certain success probability. This is established by an information theoretic analysis of arbitrary key sources with non-uniform probability distribution.
- I. Damgård, A Design Principle for Hash Functions, Advances in Cryptology—Crypto’89, Proceedings, pp. 416–427, Springer-Verlag, 1990.Google Scholar
- W. Diffie, The First Ten Years of Public-Key Cryptography, Proceedings of the IEEE, pp. 560–577, 1988.Google Scholar
- U. Maurer, A Universal Statistical Test for Random Bit Generators, Proceedings of Crypto’90, Springer-Verlag, to appear.Google Scholar
- S. Wolfram, Cryptography with Cellular Automata, Advances in Cryptology—Crypto’85, Proceedings, pp. 429–432, Springer-Verlag, 1986.Google Scholar