Reconstruction of Suboptimal Paths in the Constrained Edit Distance Array with Application in Cryptanalysis
A new constrained edit distance computation algorithm is presented, as well as an algorithm for reconstruction of all the optimal and suboptimal paths in the array of partial constrained edit distances. The weight discrepancy of the suboptimal paths from the optimal ones does not overcome a threshold given in advance. The constraints include the maximum length of runs of deletions, the maximum length of runs of insertions and the total number of insertions. The edit operations are ordered in a sense that every substitution is preceded by at most one run of deletions followed by at most one run of insertions. This specific combination of constraints is determined by application of such a distance in cryptanalysis of pseudorandom sequence generators that employ decimation and interleaving of subgenerator sequences. Examples of generators from this family are the shrinking generator, the alternating step generator, the step 1/step 2 generator and so on. The search for the clock control sequence in such a generator is directed by relating the weight-difference threshold with the level of noise in the statistical model of the generator. In such a way, the efficiency of clock control sequence reconstruction is significantly improved. We show experimentally, on a problem of realistic size, that reconstruction of the clock control sequence in a generator from this family is feasible up to a relatively high level of noise in its statistical model.
KeywordsString Editing Constrained Edit distance Cryptanalysis Dynamic Programming Directed Search
Unable to display preview. Download preview PDF.
- 1.Barkan, E., Biham, E., Keller, N.: Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication, In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 600–616. Springer, Heidelberg (2003)Google Scholar
- 4.Coppersmith, D., Krawczyk, H., Mansour, Y.: The Shrinking Generator, Advances in Cryptology. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 22–39. Springer, Heidelberg (1994)Google Scholar
- 5.Eppstein, D.: Finding the k-Shortest Paths. In: Proc. of the 35th IEEE Symposium on Foundations of Computer Science, Santa Fe, pp. 154–165 (1994)Google Scholar
- 6.Golić, J., Menicocci, R.: Edit Distance Correlation Attack on the Alternating Step Generator. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 499–512. Springer, Heidelberg (1997)Google Scholar
- 8.Günther, C.G.: Alternating Step Generators Controlled by de Bruijn Sequences. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 5–14. Springer, Heidelberg (1988)Google Scholar
- 9.Hirschberg, D.: Serial Computations of Levenshtein Distances. In: Apostolico, A., Galil, Z. (eds.) Pattern Matching Algorithms, pp. 123–141. Oxford University Press, Oxford (1997)Google Scholar
- 10.Johansson, T.: Reduced Complexity Correlation Attacks on Two Clock-Controlled Generators. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 342–356. Springer, Heidelberg (1998)Google Scholar
- 13.Sankoff, D., Kruskal, J.B.: Time Warps, String Edits and Macromolecules: The Theory and Practice of Sequence Comparison. Addison Wesley, Reading (1983)Google Scholar