Modelling Nonlinear Sequence Generators in terms of Linear Cellular Automata

In this work, a wide family of LFSR-based sequence generators, the so-called Clock-Controlled Shrinking Generators (CCSGs), has been analyzed and identified with a subset of linear Cellular Automata (CA). In fact, a pair of linear models describing the behavior of the CCSGs can be derived. The algorithm that converts a given CCSG into a CA-based linear model is very simple and can be applied to CCSGs in a range of practical interest. The linearity of these cellular models can be advantageously used in two different ways: (a) for the analysis and/or cryptanalysis of the CCSGs and (b) for the reconstruction of the output sequence obtained from this kind of generators.Comment: 15 pages, 0 figure

Algebraic Attack on the Alternating Step(r,s)Generator

The Alternating Step(r,s) Generator, ASG(r,s), is a clock-controlled sequence generator which is recently proposed by A. Kanso. It consists of three registers of length l, m and n bits. The first register controls the clocking of the two others. The two other registers are clocked r times (or not clocked) (resp. s times or not clocked) depending on the clock-control bit in the first register. The special case r=s=1 is the original and well known Alternating Step Generator. Kanso claims there is no efficient attack against the ASG(r,s) since r and s are kept secret. In this paper, we present an Alternating Step Generator, ASG, model for the ASG(r,s) and also we present a new and efficient algebraic attack on ASG(r,s) using 3(m+n) bits of the output sequence to find the secret key with O((m^2+n^2)*2^{l+1}+ (2^{m-1})*m^3 + (2^{n-1})*n^3) computational complexity. We show that this system is no more secure than the original ASG, in contrast to the claim of the ASG(r,s)'s constructor.Comment: 5 pages, 2 figures, 2 tables, 2010 IEEE International Symposium on Information Theory (ISIT2010),June 13-18, 2010, Austin, Texa

A Simple Attack on Some Clock-Controlled Generators

We present a new approach to edit distance attacks on certain clock-controlled generators, which applies basic concepts of Graph Theory to simplify the search trees of the original attacks in such a way that only the most promising branches are analyzed. In particular, the proposed improvement is based on cut sets defined on some graphs so that certain shortest paths provide the edit distances. The strongest aspects of the proposal are that the obtained results from the attack are absolutely deterministic, and that many inconsistent initial states of the target registers are recognized beforehand and avoided during search

Permutation and sampling with maximum length CA for pseudorandom number generation

In this paper, we study the effect of dynamic permutation and sampling on the randomness quality of sequences generated by cellular automata (CA). Dynamic permutation and sampling have not been explored in previous CA work and a suitable implementation is shown using a two CA model. Three different schemes that incorporate these two operations are suggested - Weighted Permutation Vector Sampling with Controlled Multiplexing, Weighted Permutation Vector Sampling with Irregular Decimation and Permutation Programmed CA Sampling. The experiment results show that the resulting sequences have varying degrees of improvement in DIEHARD results and linear complexity compared to the CA

Guaranteeing the diversity of number generators

A major problem in using iterative number generators of the form x_i=f(x_{i-1}) is that they can enter unexpectedly short cycles. This is hard to analyze when the generator is designed, hard to detect in real time when the generator is used, and can have devastating cryptanalytic implications. In this paper we define a measure of security, called_sequence_diversity_, which generalizes the notion of cycle-length for non-iterative generators. We then introduce the class of counter assisted generators, and show how to turn any iterative generator (even a bad one designed or seeded by an adversary) into a counter assisted generator with a provably high diversity, without reducing the quality of generators which are already cryptographically strong.Comment: Small update