MV3: A new word based stream cipher using rapid mixing and revolving buffers

MV3 is a new word based stream cipher for encrypting long streams of data. A direct adaptation of a byte based cipher such as RC4 into a 32- or 64-bit word version will obviously need vast amounts of memory. This scaling issue necessitates a look for new components and principles, as well as mathematical analysis to justify their use. Our approach, like RC4's, is based on rapidly mixing random walks on directed graphs (that is, walks which reach a random state quickly, from any starting point). We begin with some well understood walks, and then introduce nonlinearity in their steps in order to improve security and show long term statistical correlations are negligible. To minimize the short term correlations, as well as to deter attacks using equations involving successive outputs, we provide a method for sequencing the outputs derived from the walk using three revolving buffers. The cipher is fast -- it runs at a speed of less than 5 cycles per byte on a Pentium IV processor. A word based cipher needs to output more bits per step, which exposes more correlations for attacks. Moreover we seek simplicity of construction and transparent analysis. To meet these requirements, we use a larger state and claim security corresponding to only a fraction of it. Our design is for an adequately secure word-based cipher; our very preliminary estimate puts the security close to exhaustive search for keys of size < 256 bits.Comment: 27 pages, shortened version will appear in "Topics in Cryptology - CT-RSA 2007

On the Design and Analysis of Stream Ciphers

This thesis presents new cryptanalysis results for several different stream cipher constructions. In addition, it also presents two new stream ciphers, both based on the same design principle. The first attack is a general attack targeting a nonlinear combiner. A new class of weak feedback polynomials for linear feedback shift registers is identified. By taking samples corresponding to the linear recurrence relation, it is shown that if the feedback polynomial has taps close together an adversary to take advantage of this by considering the samples in a vector form. Next, the self-shrinking generator and the bit-search generator are analyzed. Both designs are based on irregular decimation. For the self-shrinking generator, it is shown how to recover the internal state knowing only a few keystream bits. The complexity of the attack is similar to the previously best known but uses a negligible amount of memory. An attack requiring a large keystream segment is also presented. It is shown to be asymptotically better than all previously known attacks. For the bit-search generator, an algorithm that recovers the internal state is given as well as a distinguishing attack that can be very efficient if the feedback polynomial is not carefully chosen. Following this, two recently proposed stream cipher designs, Pomaranch and Achterbahn, are analyzed. Both stream ciphers are designed with small hardware complexity in mind. For Pomaranch Version 2, based on an improvement of previous analysis of the design idea, a key recovery attack is given. Also, for all three versions of Pomaranch, a distinguishing attack is given. For Achterbahn, it is shown how to recover the key of the latest version, known as Achterbahn-128/80. The last part of the thesis introduces two new stream cipher designs, namely Grain and Grain-128. The ciphers are designed to be very small in hardware. They also have the distinguishing feature of allowing users to increase the speed of the ciphers by adding extra hardware

On Cryptographic Properties of LFSR-based Pseudorandom Generators

Pseudorandom Generators (PRGs) werden in der modernen Kryptographie verwendet, um einen kleinen Startwert in eine lange Folge scheinbar zufälliger Bits umzuwandeln. Viele Designs für PRGs basieren auf linear feedback shift registers (LFSRs), die so gewählt sind, dass sie optimale statistische und periodische Eigenschaften besitzen. Diese Arbeit diskutiert Konstruktionsprinzipien und kryptanalytische Angriffe gegen LFSR-basierte PRGs. Nachdem wir einen vollständigen Überblick über existierende kryptanalytische Ergebnisse gegeben haben, führen wir den dynamic linear consistency test (DLCT) ein und analysieren ihn. Der DLCT ist eine suchbaum-basierte Methode, die den inneren Zustand eines PRGs rekonstruiert. Wir beschließen die Arbeit mit der Diskussion der erforderlichen Zustandsgröße für PRGs, geben untere Schranken an und Beispiele aus der Praxis, die veranschaulichen, welche Größe sichere PRGs haben müssen

Analysis of the generalized self-shrinking generator

AbstractThis work shows that the output sequences of a well-known cryptographic generator, the so-called generalized self-shrinking generator, are particular solutions of homogeneous linear difference equations with binary coefficients. In particular, all those generated sequences are just linear combinations of primary sequences weighted by binary values. Furthermore, the complete class of solutions of these difference equations includes other balanced sequences with the same period and even greater linear complexity than that of the generalized self-shrinking sequences. Cryptographic parameters of all above mentioned sequences are here analyzed in terms of linear equation solutions. In addition, this work describes an efficient algorithm to synthesize the component primary sequences as well as to compute the linear complexity and period of any generalized self-shrinking sequence

Interleaving Shifted Versions of a PN-Sequence

The output sequence of the shrinking generator can be considered as an interleaving of determined shifted versions of a single PN -sequence. In this paper, we present a study of the interleaving of a PN-sequence and shifted versions of itself. We analyze some important cryptographic properties as the period and the linear complexity in terms of the shifts. Furthermore, we determine the total number of the interleaving sequences that achieve each possible value of the linear complexity.This research is partially supported by Ministerio de Economía, Industria y Competitividad (MINECO), Agencia Estatal de Investigación (AEI), and Fondo Europeo de Desarrollo Regional (FEDER, UE) under project COPCIS, reference TIN2017-84844-C2-1-R. It is also supported by Comunidad de Madrid (Spain) under project CYNAMON (P2018/TCS-4566), co-funded by FSE and European Union FEDER funds. Finally, the third author is partially supported by Spanish grant VIGROB-287 of the Universitat d’Alacant

Computational Analysis of Interleaving PN-Sequences with Different Polynomials

Binary PN-sequences generated by LFSRs exhibit good statistical properties; however, due to their intrinsic linearity, they are not suitable for cryptographic applications. In order to break such a linearity, several approaches can be implemented. For example, one can interleave several PN-sequences to increase the linear complexity. In this work, we present a deep randomness study of the resultant sequences of interleaving binary PN-sequences coming from different characteristic polynomials with the same degree. We analyze the period and the linear complexity, as well as many other important cryptographic properties of such sequences.This work was supported in part by the Spanish State Research Agency (AEI) of the Ministry of Science and Innovation (MICINN), project P2QProMeTe (PID2020-112586RB-I00/AEI/ 10.13039/501100011033). It was also supported by Comunidad de Madrid (Spain) under project CYNAMON (P2018/TCS-4566), co-funded by FSE and European Union FEDER funds. The work of the second author was partially supported by Spanish grant VIGROB-287 of the University of Alicante

Cryptanalysis of LFSR-based Pseudorandom Generators - a Survey

Pseudorandom generators based on linear feedback shift registers (LFSR) are a traditional building block for cryptographic stream ciphers. In this report, we review the general idea for such generators, as well as the most important techniques of cryptanalysis