Advertisement

On the security of shift register based keystream generators

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 809)

Abstract

Security against divide and conquer correlation attacks of binary keystream generators based on regularly or irregularly clocked shift registers combined by a function with or without memory is discussed. A comprehensive survey of the results published in the literature is presented, some new concepts are introduced, and many open problems are pointed out.

Keywords

Boolean Function Shift Register Stream Cipher Input String Correlation Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    R. J. Anderson, ”Solving a class of stream ciphers,” Gryptologia, 14(3):285–288, 1990.Google Scholar
  2. 2.
    R. J. Anderson, ”Faster attack on certain stream ciphers,” Electr. Lett., 29(15): 1322–1323, July 1993.Google Scholar
  3. 3.
    W. G. Chambers and D. Gollmann, ”Lock-in effect in cascades of clock-controlled shift registers,” Advances in Cryptology — EUROCRYPT '88, Lecture Notes in Computer Science, vol. 330, C. G. Günther ed., Springer-Verlag, pp. 331–342, 1988.Google Scholar
  4. 4.
    V. Chepyzhov and B. Smeets, ”On a fast correlation attack on stream ciphers,” Advances in Cryptology — EUROCRYPT '91, Lecture Notes in Computer Science, vol. 547, D. V. Davies ed., Springer-Verlag, pp. 176–185, 1991.Google Scholar
  5. 5.
    E. Dawson and B. Goldburg, ”Universal logic sequences,” Advances in Cryptology — AUSCRYPT '90, Lecture Notes in Computer Science, vol. 453, J. Seberry and J. Pieprzyk eds., Springer-Verlag, pp. 426–432, 1990.Google Scholar
  6. 6.
    E. Dawson, ”Cryptanalysis of summation generator,” Advances in Cryptology — AUSCRYPT '92, Lecture Notes in Computer Science, vol. 718, J. Seberry and Y. Zheng eds., Spinger-Verlag, pp. 209–215, 1993.Google Scholar
  7. 7.
    E. Dawson and A. Clark, ”Divide and conquer attacks on certain classes of stream ciphers,” to appear in Cryptologia.Google Scholar
  8. 8.
    C. Ding, G. Xiao, and W. Shan, The Stability Theory of Stream Ciphers. Lecture Notes in Computer Science, vol. 561, Berlin: Springer-Verlag, 1991.Google Scholar
  9. 9.
    R. Forré, ”A fast correlation attack on nonlinearly feedforward filtered shiftregister sequences,” Advances in Cryptology — EUROCRYPT '89, Lecture Notes in Computer Science, vol. 434, J.-J. Quisquater, J. Vandewalle eds., Springer-Verlag, pp. 586–595, 1990.Google Scholar
  10. 10.
    R. G. Gallager, ”Low-density parity-check codes,” IRE Trans. Inform. Theory, 8:21–28, Jan. 1962.Google Scholar
  11. 11.
    J. Dj. Golić and M. V. Zivković,”On the linear complexity of nonuniformly decimated PN-sequences,” IEEE Trans. Inform. Theory, 34:1077–1079, Sep. 1988.Google Scholar
  12. 12.
    J. Dj. Golić and M. J. Mihaljević, ”A noisy clock-controlled shift register cryptanalytic concept based on sequence comparison approach,” Advances in Cryptology — EUROCRYPT '90, Lecture Notes in Computer Science, vol. 473, I. B. Damgard ed., Springer-Verlag, pp. 487–491, 1990.Google Scholar
  13. 13.
    J. Dj. Golić and M. J. Mihaljević, ”A generalized correlation attack on a class of stream ciphers based on the Levenshtein distance,” Journal of Cryptology, 3(3):201–212, 1991.Google Scholar
  14. 14.
    J. Dj. Golić, ”Correlation via linear sequential circuit approximation of combiners with memory,” Advances in Cryptology — EUROCRYPT '92, Lecture Notes in Computer Science, vol. 658, R. A Rueppel ed., Springer-Verlag, pp. 113–123, 1993.Google Scholar
  15. 15.
    J. Dj. Golić and S. V. Petrović, ”A generalized correlation attack with a probabilistic constrained edit distance,” Advances in Cryptology — EUROCRYPT '92, Lecture Notes in Computer Science, vol. 658, R. A. Rueppel ed., Springer-Verlag, pp. 472–476, 1992.Google Scholar
  16. 16.
    J. Dj. Golić and S. V. Petrović, ”Constrained edit distance for a memoryless function of strings,” invited introductory paper, Proceedings of the Second Spanish Conf. Cryptology, Madrid, pp. 1–23, Oct. 1992.Google Scholar
  17. 17.
    D. Gollmann and W. G. Chambers, ”Clock controlled shift registers: a review,” IEEE J. Sel. Ar. Commun., 7(4):525–533, 1989.Google Scholar
  18. 18.
    D. Gollmann and W. G. Chambers, ”A cryptanalysis of stepk,m-cascades,” Advances in Cryptology — EUROCRYPT '89, Lecture Notes in Computer Science, vol. 434, J.-J. Quisquater, J. Vandewalle eds., Springer-Verlag, pp. 680–687, 1990.Google Scholar
  19. 19.
    J. L. Massey, Threshold Decoding. Cambridge, MA: MIT Press, 1963.Google Scholar
  20. 20.
    J. L. Massey and R. A. Rueppel, ”Method of, and apparatus for, transforming a digital sequence into an encoded form” U. S. Patent No. 4,797,922, 1989.Google Scholar
  21. 21.
    W. Meier and O. Staffelbach, ”Fast correlation attacks on certain stream ciphers,” Journal of Cryptology, 1(3):159–176, 1989.Google Scholar
  22. 22.
    W. Meier and O. Staffelbach, ”Nonlinearity criteria for cryptographic applications,” Advances in Cryptology — EUROCRYPT '89, Lecture Notes in Computer Science, vol. 434, J.-J. Quisquater, J. Vandewalle eds., Springer-Verlag, pp. 549–562, 1990.Google Scholar
  23. 23.
    W. Meier and O. Staffelbach, ”Correlation properties of combiners with memory in stream ciphers,” Journal of Cryptology, 5(1):67–86, 1992.Google Scholar
  24. 24.
    R. Menicocci, ”Cryptanalysis of a two-stage Gollmann cascade generator,” Proceedings of SPRC '93, Rome, pp. 62–69, 1993.Google Scholar
  25. 25.
    R. Menicocci, ”Short Gollmann cascade generators may be insecure,” Abstracts of the Fourth IMA Conference on Coding and Cryptography, Cirencester, 1993.Google Scholar
  26. 26.
    M. J. Mihaljević and J. Dj. Golić, ”A fast iterative algorithm for a shift register initial state reconstruction given the noisy output sequence,” Advances in Cryptology — AUSCRYPT '90, Lecture Notes in Computer Science, vol. 453, J. Seberry and J. Pieprzyk eds., Springer-Verlag, pp. 165–175, 1990.Google Scholar
  27. 27.
    M. J. Mihaljević and J. Dj. Golić, ”A comparison of cryptanalytic principles based on iterative error-correction,” Advances in Cryptology — EUROCRYPT '91, Lecture Notes in Computer Science, vol. 547, D. V. Davies ed., Springer-Verlag, pp. 527–531, 1991.Google Scholar
  28. 28.
    M. J. Mihaljević and J. Dj. Golić, ”Convergence of a Bayesian iterative errorcorrection procedure on a noisy shift register sequence,” Advances in Cryptology — EUROCRYPT '92, Lecture Notes in Computer Science, vol. 658, R. A. Rueppel ed., Springer-Verlag, pp. 124–137, 1993.Google Scholar
  29. 29.
    M. J. Mihaljević, ”An approach to the initial state reconstruction of a clock-controlled shift register based on a novel distance measure,” Advances in Cryptology — AUSCRYPT '92, Lecture Notes in Computer Science, vol. 718, J. Seberry and Y. Zheng eds., Spinger-Verlag, pp. 349–356, 1993.Google Scholar
  30. 30.
    M. J. Mihaljević and J. Dj. Golić, ”A parity-check weight distribution for maximum-length sequences,” Abstracts of the Second International Conference on Finite Fields, University of Nevada, Las Vegas, p. 35, 1993.Google Scholar
  31. 31.
    S. V. Petrović and J. Dj. Golić, ”String editing under a combination of constraints,” Information Sciences, 74:151–163, 1993.Google Scholar
  32. 32.
    S. V. Petrović and J. Dj. Golić, ”A divide and conquer attack on clock-controlled shift registers combined by a function with memory,” submitted, 1993.Google Scholar
  33. 33.
    F. Rubin, ”Decrypting a stream cipher based on JK flip-flops,” IEEE Trans. Comput., 28(7):483–487, July 1979.Google Scholar
  34. 34.
    R. A. Rueppel, Analysis and Design of Stream Ciphers. Berlin: Springer-Verlag, 1986.Google Scholar
  35. 35.
    R. A. Rueppel, ”Correlation immunity and the summation generator,” Advances in Cryptology — CRYPTO '85, Lecture Notes in Computer Science, vol. 218, H. C. Williams ed., Springer-Verlag, pp. 260–272, 1986.Google Scholar
  36. 36.
    R. A. Rueppel, ”Stream ciphers,” in Contemporary Cryptology: The Science of Information Integrity, G. Simmons ed., pp. 65–134. New York: IEEE Press, 1991.Google Scholar
  37. 37.
    T. Siegenthaler, ”Decrypting a class of stream ciphers using ciphertext only,” IEEE Trans. Comput., 34:81–85, Jan. 1985.Google Scholar
  38. 38.
    T. Siegenthaler, ”Correlation immunity of nonlinear combining functions for cryptographic applications,” IEEE Trans. Inform. Theory, 30:776–780, Sep. 1984.Google Scholar
  39. 39.
    G. Z. Xiao and J. L. Massey, ”A spectral characterisation of correlation-immune combining functions,” IEEE Trans. Inform. Theory, 34:569–571, May 1988.Google Scholar
  40. 40.
    K. C. Zeng and M. Huang, ”On the linear syndrome method in cryptanalysis,” Advances in Cryptology-CRYPTO '88, Lecture Notes in Computer Science, vol. 403, S. Goldwasser ed., Springer-Verlag, pp. 469–478, 1990.Google Scholar
  41. 41.
    K. C. Zeng, C. H. Yang, and T. R. N. Rao, ”An improved linear syndrome algorithm in cryptanalysis with applications,” Advances in Cryptology — CRYPTO '90, Lecture Notes in Computer Science, vol. 537, A. J. Menezes S. A. Vanstone eds., Springer-Verlag, pp. 34–47, 1991.Google Scholar
  42. 42.
    K. C. Zeng, C. H. Yang, and T. R. N. Rao, ”On the linear consistency test (LCT) in cryptanalysis and its applications,” Advances in Cryptology — CRYPTO '89, Lecture Notes in Computer Science, vol. 218, G. Brassard ed., Springer-Verlag, pp. 164–174, 1990.Google Scholar
  43. 43.
    M. V. Zivković, ”On two probabilistic decoding algorithms for binary linear codes,” IEEE Trans. Inform. Theory, 37:1707–1716, Nov. 1991.Google Scholar
  44. 44.
    M. V. Zivković, ”An algorithm for the initial state reconstruction of the clock-controlled shift register,” IEEE Trans. Inform. Theory, 37:1488–1490, Sep. 1991.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1994

Authors and Affiliations

  1. 1.Information Security Research CentreQueensland University of TechnologyAustralia
  2. 2.School of Electrical EngineeringUniversity of BelgradeYugoslavia

Personalised recommendations