An Improved Fast Correlation Attack on Stream Ciphers

  • Bin Zhang
  • Dengguo Feng
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5381)


At Crypto’2000, Johansson and Jönsson proposed a fast correlation attack on stream ciphers based on the Goldreich-Rubinfeld-Sudan algorithm. In this paper we show that a combination of their approach with techniques for substituting keystream and evaluating parity-checks gives us the most efficient fast correlation attack known so far. An application of the new algorithm results in the first-known near-practical key recovery attack on the shrinking generator with the parameters suggested by Krawczyk in 1994, which was verified in the 40-bit data LFSR case for which the only previously known efficient attacks were distinguishing attacks.


Stream ciphers Correlation attacks Linear feedback shift register (LFSR) Shrinking generator 


  1. 1.
    Canteaut, A., Trabbia, M.: Improved fast correlation attacks using parity-check equations of weight 4 and 5. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 573–588. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  2. 2.
    Chepyzhov, V.V., Johansson, T., Smeets, B.: A simple algorithm for fast correlation attacks on stream ciphers. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 181–195. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Chose, P., Joux, A., Mitton, M.: Fast correlation attacks: An algorithmic point of view. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 209–221. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  4. 4.
    Coppersmith, D., Krawczyk, H., Mansour, Y.: The shrinking generator. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 22–39. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  5. 5.
    Ekdahl, P., Johansson, T.: Predicting the shrinking generator with fixed connections. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 330–344. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Goldreich, O., Rubinfeld, R., Sudan, M.: Learning polynomials with queries: the highly noisy case. In: 36th Annual Symposium on Foundations of Computer Science, Milwaukee, Wisconsin, pp. 294–303 (1995)Google Scholar
  7. 7.
    Golić, J.D.: Correlation analysis of the shrinking generator. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 440–457. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Golić, J.D., O’Connor, L.: Embedding and probabilistic correlation attacks on clock-controlled shift registers. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 230–243. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  9. 9.
    Golić, J.D.: Iterative optimum symbol-by-symbol decoding and fast correlation attack. IEEE Trans. Inform. Theory 47, 3040–3049 (2001)MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Golić, J.D., Hawkes, P.: Vectorial appraoch to fast correlation attacks. Designs, Codes and Cryptography 35, 5–19 (2005)CrossRefzbMATHGoogle Scholar
  11. 11.
    Krawczyk, H.: The shrinking generator: some practical considerations. In: Anderson, R. (ed.) FSE 1993. LNCS, vol. 809, pp. 45–46. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  12. 12.
    Johansson, T., Jönsson, F.: Fast correlation attacks based on turbo code techniques. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 181–197. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  13. 13.
    Johansson, T.: Reduced complexity correlation attacks on two clock-controlled generators. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 342–357. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  14. 14.
    Johansson, T., Jönsson, F.: Improved fast correlation attacks on stream ciphers via convolutional codes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 347–362. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  15. 15.
    Johansson, T., Jönsson, F.: Fast correlation attacks through reconstruction of linear polynomials. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 300–315. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  16. 16.
    Lu, Y., Vaudenay, S.: Faster correlation attack on bluetooth keystream generator E0. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 407–425. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  17. 17.
    Meier, W., Staffelbach, O.: Fast correlation attacks on certain stream ciphers. Journal of Cryptology, 159–176 (1989)Google Scholar
  18. 18.
    Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC, Boca Raton (1996)CrossRefzbMATHGoogle Scholar
  19. 19.
    Mihaljević, M.J., Fossorier, M.P.C., Imai, H.: A low-complexity and high-performance algorithm for the fast correlation attack. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 196–212. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  20. 20.
    Mihaljević, M.J., Fossorier, M.P.C., Imai, H.: Fast correlation attack algorithm with listing decoding and an application. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 196–212. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  21. 21.
    Shannon, C.E.: A Mathematical theory of communication. Bell Syst. Tech., J. 27 (1948)Google Scholar
  22. 22.
    Siegenthaler, T.: Decrypting a class of stream ciphers using ciphertext only. IEEE Transactions on Computer C-34, 81–85 (1985)CrossRefGoogle Scholar
  23. 23.
    Simpson, L.R., Golić, J.D., Dawson, E.: A probabilistic correlation attack on the shrinking generator. In: Boyd, C., Dawson, E. (eds.) ACISP 1998. LNCS, vol. 1438, pp. 147–158. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  24. 24.
    Zhang, B., Wu, H., Feng, D., Bao, F.: A fast correlation attack on the shrinking generator. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 72–86. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  25. 25.
    Zhang, B., Feng, D.: Multi-pass fast correlation attack on stream ciphers. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 234–248. Springer, Heidelberg (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Bin Zhang
    • 1
    • 2
  • Dengguo Feng
    • 2
  1. 1.Laboratory of Algorithmics, Cryptology and SecurityUniversity of LuxembourgLuxembourg
  2. 2.State Key Laboratory of Information Security, Institute of SoftwareChinese Academy of SciencesBeijingChina

Personalised recommendations