A Fast Correlation Attack for LFSR-Based Stream Ciphers
This paper describes a novel fast correlation attack of stream ciphers. The salient feature of the algorithm is the absence of any pre-processing or iterative phase, an usual feature of existing fast correlation attacks. The algorithm attempts to identify a number of bits of the original linear feedback shift register (LFSR) output from the received bits of the ciphertext. These are then used to construct a system of linear equations which are subsequently solved to obtain the initial conditions. The algorithm is found to perform well for LFSRs of large sizes but having sparse polynomials. It may be noted that such polynomials have low Hamming weight which is one more than the number of feedback connections or “taps” of the corresponding LFSR. Its performance is good in situations even where limited cipherlength is available. Another important contribution of the paper is a modification of the approach when the LFSR outputs are combined by a function which is correlation immune and perhaps, unknown to the decrypter.
KeywordsStream cipher Correlation attack LFSR polynomial Correlation immune function
Unable to display preview. Download preview PDF.
- 4.Chepyzhov, V., Smeets, B.: On a fast correlation attack on stream ciphers. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 176–185. Springer, Heidelberg (1991)Google Scholar
- 5.Chepyzhov, V.V., Johansson, T., Smeets, B.: A simple algorithm for fast correlation attacks on stream ciphers. Fast Software Encryption (2000)Google Scholar
- 6.Clark, A., Golić, J., Dawson, E.: A comparison of fast correlation attacks. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 145–157. Springer, Heidelberg (1996)Google Scholar
- 7.Forre, R.: A fast correlation attack on non-linearly feedforward filtered shift register sequences. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 586–595. Springer, Heidelberg (1990)Google Scholar
- 8.Johansson, T., Jönsson, F.: Improved fast correlation attacks on stream ciphers via convolutional codes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 347–362. Springer, Heidelberg (1999)Google Scholar
- 9.Johansson, T., Jönsson, F.: Fast correlation attacks based on Turbo Code techniques. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 181–197. Springer, Heidelberg (1999)Google Scholar
- 11.Mihaljevic, M.J., Golić, J.: A comparison of cryptanalytic principles based on iterative error-correction. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 527–531. Springer, Heidelberg (1991)Google Scholar
- 12.Mihaljević, M., Fossorier, M.P.C., Imai, H.: Fast Correlation Attack Algorithm with List Decoding and an Application. In: Fast Software Encryption- FSE 2000 (2000)Google Scholar
- 17.Zeng, K., Huang, M.: On the linear syndrome method in cryptanalysis. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 469–478. Springer, Heidelberg (1990)Google Scholar