2 research outputs found
Finding matching initial states for equivalent NLFSRs in the fibonacci and the galois configurations
In this paper, a mapping between initial states of the Fibonacci and the
Galois configurations of NLFSRs is established. We show how to choose initial
states for two configurations so that the resulting output sequences are
equivalent.Comment: 4 page
Generalized NLFSR Transformation Algorithms and Cryptanalysis of the Class of Espresso-like Stream Ciphers
Lightweight stream ciphers are highly demanded in IoT applications. In order
to optimize the hardware performance, a new class of stream cipher has been
proposed. The basic idea is to employ a single Galois NLFSR with maximum period
to construct the cipher. As a representative design of this kind of stream
ciphers, Espresso is based on a 256-bit Galois NLFSR initialized by a 128-bit
key. The maximum period is assured because the Galois NLFSR is
transformed from a maximum length LFSR. However, we propose a
Galois-to-Fibonacci transformation algorithm and successfully transform the
Galois NLFSR into a Fibonacci LFSR with a nonlinear output function. The
transformed cipher is broken by the standard algebraic attack and the R\o
njom-Helleseth attack with complexity and
respectively. The transformation algorithm is derived
from a new Fibonacci-to-Galois transformation algorithm we propose in this
paper. Compare to existing algorithms, proposed algorithms are more efficient
and cover more general use cases. Moreover, the transformation result shows
that the Galois NLFSR used in any Espresso-like stream ciphers can be easily
transformed back into the original Fibonacci LFSR. Therefore, this kind of
design should be avoided in the future