Article thumbnail

distinguishing attacks on generalized self-shrinking generators

By Li Xuelian, Gao Juntao, Hu Yupu and Zhang Fengrong

Abstract

With simple construction and easy implementation, the generalized self-shrinking generator is a keystream generator intended to be used as a stream cipher. This paper investigates the security of the generalized self-shrinking generator. We propose two distinguishing attacks on the generalized self-shrinking sequences by using the feedback polynomial and the sequence v. The results show that the attacker can launch a distinguishing attack by choosing the hw-1 keystream bit of the generalized self-shrinking generator, if the feedback polynomial f(x) is of hamming weight w and degree h. On the other hand, if the hamming weight of f(x) is low, then the attacker can launch a distinguishing attack, and the attack complexity depends on the weight of f(x). Therefore, neither type of the polynomials can be chosen as the feedback polynomials of the generalized self-shrinking generator. Users should choose the feedback polynomial carefully, otherwise the stream cipher can suffer from distinguishing attacks.With simple construction and easy implementation, the generalized self-shrinking generator is a keystream generator intended to be used as a stream cipher. This paper investigates the security of the generalized self-shrinking generator. We propose two distinguishing attacks on the generalized self-shrinking sequences by using the feedback polynomial and the sequence v. The results show that the attacker can launch a distinguishing attack by choosing the hw-1 keystream bit of the generalized self-shrinking generator, if the feedback polynomial f(x) is of hamming weight w and degree h. On the other hand, if the hamming weight of f(x) is low, then the attacker can launch a distinguishing attack, and the attack complexity depends on the weight of f(x). Therefore, neither type of the polynomials can be chosen as the feedback polynomials of the generalized self-shrinking generator. Users should choose the feedback polynomial carefully, otherwise the stream cipher can suffer from distinguishing attacks

Topics: Cryptography, Polynomials, Shift registers
Year: 2012
OAI identifier: oai:ir.iscas.ac.cn:311060/14987
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://ir.iscas.ac.cn/handle/3... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.