Abstract
For pseudo-random generators where one or several LFSRs are combined by a memoryless function, it is known that the output sequences are correlated to certain LFSR-sequences whose correlation coefficients c t satisfy the equation ∑ i c i 2 = 1. In this paper it is proved that a corresponding result also holds for generators whose LFSRs are connected to a combiner with memory.
If correlation probabilities are conditioned on side information, e.g., on known output digits, it is shown that new or stronger correlations may occur. This is exemplified for the summation cipher with only two LFSRs where such correlations can be exploited in a known plaintext attack. A cryptanalytic algorithm is given which is shown to be successful for LFSRs of considerable length and with arbitrary feedback connection.
Article PDF
Similar content being viewed by others
References
W. Feller, An Introduction to Probability Theory and its Applications, Vol. 1, Wiley, New York, 1968.
J. L. Massey, R. A. Rueppel, Method of, and Apparatus for, Transforming a Digital Data Sequence into a Encoded Form, U.S. Patent No. 4,797,922, 1989.
W. Meier, O. Staffelbach, Fast correlation attacks on certain stream ciphers, Journal of Cryptology, Vol. 1, No. 3 (1989), pp. 159–176.
W. Meier, O. Staffelbach, Nonlinearity criteria for cryptographic functions, Advances in Cryptology —Eurocrypt '89, Proceedings, Springer-Verlag, Berlin, 1990, pp. 549–562.
R. A. Rueppel, Correlation immunity and the summation generator, Advances in Cryptology—Crypto '85, Proceedings, Springer-Verlag, Berlin, 1986, pp. 260–272.
R. A. Rueppel, Analysis and Design of Stream Ciphers, Springer-Verlag, Berlin, 1986.
R. A. Rueppel, J. L. Massey, The knapsack as a non-linear function, IEEE Int. Symp. Inform. Theory, Brighton, England, Abstracts of Papers, 1985, p. 46.
T. Siegenthaler, Correlation-immunity of nonlinear combining functions for cryptographic applications, IEEE Trans. Inform. Theory, Vol. 30 (1984), pp. 776–780.
O. Staffelbach, W. Meier, Cryptographic significance of the carry for ciphers based on integer addition, Proceedings of Crypto '90, Springer-Verlag, Berlin (to appear).
Author information
Authors and Affiliations
Additional information
A preliminary version of this paper was presented at Eurocrypt '90, May 21–24, Århus, Denmark, and has appeared in the proceedings, pp. 204–213.
Rights and permissions
About this article
Cite this article
Meier, W., Staffelbach, O. Correlation properties of combiners with memory in stream ciphers. J. Cryptology 5, 67–86 (1992). https://doi.org/10.1007/BF00191322
Received:
Revised:
Issue Date:
DOI: https://doi.org/10.1007/BF00191322