Fast correlation attacks and multiple linear approximations
The fast correlation attack based on iterative probabilistic decoding is applied to nonlinear filter generators in order to investigate the effect of multiple linear transforms of the same linear recurring sequence being correlated to the keystream sequence. Systematic computer simulations on random balanced filter functions reveal that the attack is successful if the number of parity-checks used is sufficiently large given the correlation coefficient of the best affine approximation to the filter function. Nevertheless, the attack is more successful when applied to the independent correlation noise which appears in memoryless combiners where a multiple linear transform effect is not present. The experiments conducted show that the attack is successful on many publicly proposed filter functions and indicate that some bent filter functions may be easier to attack than the others.
Key wordsNonlinear filter generator Fast correlation attacks Multiple linear approximations Correlation coefficients
Unable to display preview. Download preview PDF.
- 1.R. J. Anderson. Searching for optimum correlation attack. In Fast Software Encryption — Leuven '94, volume 1008 of Lecture Notes in Computer Science, pages 137–143. Springer-Verlag, 1995.Google Scholar
- 2.R. Forré. A fast correlation attack on nonlinearly filtered shift-register sequences. In J. J. Quisquater and J. Vandewalle, editors, Advances in Cryptology — CRYPTO '89, volume 434 of Lecture Notes in Computer Science, pages 586–595. Springer-Verlag, 1990.Google Scholar
- 3.J. Dj. Golić. Correlation via linear sequential circuit approximation of combiners with memory. In R. A. Rueppel, editor, Advances in Cryptology — EUROCRYPT '92, volume 658 of Lecture Notes in Computer Science, pages 113–123. Springer-Verlag, 1993.Google Scholar
- 5.J. Dj. Golić. On the security of nonlinear filter generators. In D. Gollmann, editor, Fast Software Encryption — Cambridge '96, volume 1039 of Lecture Notes in Computer Science, pages 173–188, 1996.Google Scholar
- 6.J. Dj. Golić, M. Salmasizadeh, A. Clark, A. Khodkar, and E. Dawson. Discrete optimisation and fast correlation attacks. In E. Dawson and J. Golić, editors, Cryptography: Policy and Algorithms, volume 1029 of Lecture Notes in Computer Science, pages 186–200. Springer-Verlag, 1996.Google Scholar
- 7.S. LEE, S. Chee, S. Park, and S. Park. Conditional correlation attack on nonlinear filter generators. In K. Kim and T. Matsumoto, editors, Advances in Cryptology — ASIACRYPT '96, volume 1163 of Lecture Notes in Computer Science, pages 360–367. Springer-Verlag, 1996.Google Scholar
- 9.R. Rueppel. Analysis and Design of Stream Ciphers. Springer-Verlag, Berlin, 1986.Google Scholar
- 10.H. Schildt. C the Complete Reference. Osborne McGraw-Hill, Berkeley, CA, 1990.Google Scholar
- 11.T. Siegenthaler. Decrypting a class of stream ciphers using ciphertext only. IEEE Trans. Comput., C-34:81–85, January 1985.Google Scholar
- 12.T. Siegenthaler. Cryptanalyst's representation of nonlinearly filtered mi-sequences. In F. Pichler, editor, Advances in Cryptology — EUROCRYPT '85, volume 219 of Lecture Notes in Computer Science, pages 103–110. Springer-Verlag, 1986.Google Scholar