Advertisement

Some Attacks on the Bit-Search Generator

  • Martin Hell
  • Thomas Johansson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3557)

Abstract

The bit-search generator (BSG) was proposed in 2004 and can be seen as a variant of the shrinking and self-shrinking generators. It has the advantage that it works at rate 1/3 using only one LFSR and some selection logic. We present various attacks on the BSG based on the fact that the output sequence can be uniquely defined by the differential of the input sequence. By knowing only a small part of the output sequence we can reconstruct the key with complexity O(L 320.5 L). This complexity can be significantly reduced in a data/time tradeoff manner to achieve a complexity of O(L 320.27 L) if we have O(20.27 L) of keystream. We also propose a distinguishing attack that can be very efficient if the feedback polynomial is not carefully chosen.

References

  1. 1.
    Coppersmith, D., Krawczyk, H., Mansour, Y.: The shrinking generator. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 22–39. Springer, Heidelberg (1994)Google Scholar
  2. 2.
    Coppersmith, D., Winograd, S.: Matrix Multiplication via Arithmetic Progressions. J. Symbolic Computation 9, 251–280 (1990)MATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Ekdahl, P., Meier, W., Johansson, T.: Predicting the Shrinking Generator with Fixed Connections. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 330–344. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Ekdahl, P., Johansson, T., Meier, W.: A Note on the Self-Shrinking Generator. In: Proceedings of International Symposium on Information Theory, p. 166. IEEE, Los Alamitos (2003)CrossRefGoogle Scholar
  5. 5.
    Englund, H., Hell, M., Johansson, T.: Correlation attacks using a new class of weak feedback polynomials. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 127–142. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Golić, J.D.: Computation of Low-Weight Parity Check Polynomials. Electronic Letters 32(21), 1981–1982 (1996)CrossRefGoogle Scholar
  7. 7.
    Golić, J.D.: Correlation analysis of the shrinking generator. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 440–457. Springer, Heidelberg (2001)Google Scholar
  8. 8.
    Golić, J.D., Menicocci, R.: Edit distance correlation attack on the alternating step generator. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 499–512. Springer, Heidelberg (1997)Google Scholar
  9. 9.
    Golić, J.D., Menicocci, R.: Edit Probability Correlation Attack on the Alternating Step Generator. In: Ding, C., Helleseth, T., Niederreiter, H. (eds.) Sequences and their Applications–SETA 1998. Discrete Mathematics and Theoretical Computer Science, pp. 213–227. Springer, Heidelberg (1999)Google Scholar
  10. 10.
    Gouget, A., Sibert, H.: The Bit-Search Generator. In: The State of the Art of Stream Ciphers: Workshop Record, Brugge, Belgium, October 2004, pp. 60–68 (2004)Google Scholar
  11. 11.
    Günther, C.G.: Alternating step generators controlled by de bruijn sequences. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 5–14. Springer, Heidelberg (1988)Google Scholar
  12. 12.
    Johansson, T.: Reduced Complexity Correlation Attacks on Two Clock-Controlled Generators. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 342–357. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  13. 13.
    Krause, M.: BDD-based cryptanalysis of keystream generators. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 222–237. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  14. 14.
    McEliece, R.J.: Finite Fields for Computer Scientists and Engineers. Kluwer Academic Publishers, Dordrecht (1987)MATHGoogle Scholar
  15. 15.
    Meier, W., Staffelbach, O.: Fast correlation attacks on stream ciphers. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 301–314. Springer, Heidelberg (1988)Google Scholar
  16. 16.
    Meier, W., Staffelbach, O.: The self-shrinking generator. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 205–214. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  17. 17.
    Mihaljevic, M.: A Faster Cryptanalysis of the Self-Shrinking Generator. In: Pieprzyk, J.P., Seberry, J. (eds.) ACISP 1996. LNCS, vol. 1172, pp. 182–189. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  18. 18.
    Simpson, L., Golić, J.D., Dawson, E.: A probabilistic correlation attack on the shrinking generator. In: Boyd, C., Dawson, E. (eds.) ACISP 1998. LNCS, vol. 1438, pp. 147–158. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  19. 19.
    Strassen, V.: Gaussian Elimination is Not Optimal. Numerische Mathematik 13, 354–356 (1969)MATHCrossRefMathSciNetGoogle Scholar
  20. 20.
    Wagner, D.: A generalized birthday problem. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 288–303. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  21. 21.
    Zenner, E., Krause, M., Lucks, S.: Improved cryptanalysis of the self-shrinking generator. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 21–35. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Martin Hell
    • 1
  • Thomas Johansson
    • 1
  1. 1.Dept. of Information TechnologyLund UniversityLundSweden

Personalised recommendations