146 research outputs found
Algebraic Attack on the Alternating Step(r,s)Generator
The Alternating Step(r,s) Generator, ASG(r,s), is a clock-controlled sequence
generator which is recently proposed by A. Kanso. It consists of three
registers of length l, m and n bits. The first register controls the clocking
of the two others. The two other registers are clocked r times (or not clocked)
(resp. s times or not clocked) depending on the clock-control bit in the first
register. The special case r=s=1 is the original and well known Alternating
Step Generator. Kanso claims there is no efficient attack against the ASG(r,s)
since r and s are kept secret. In this paper, we present an Alternating Step
Generator, ASG, model for the ASG(r,s) and also we present a new and efficient
algebraic attack on ASG(r,s) using 3(m+n) bits of the output sequence to find
the secret key with O((m^2+n^2)*2^{l+1}+ (2^{m-1})*m^3 + (2^{n-1})*n^3)
computational complexity. We show that this system is no more secure than the
original ASG, in contrast to the claim of the ASG(r,s)'s constructor.Comment: 5 pages, 2 figures, 2 tables, 2010 IEEE International Symposium on
Information Theory (ISIT2010),June 13-18, 2010, Austin, Texa
On the Design and Analysis of Stream Ciphers
This thesis presents new cryptanalysis results for several different stream cipher constructions. In addition, it also presents two new stream ciphers, both based on the same design principle. The first attack is a general attack targeting a nonlinear combiner. A new class of weak feedback polynomials for linear feedback shift registers is identified. By taking samples corresponding to the linear recurrence relation, it is shown that if the feedback polynomial has taps close together an adversary to take advantage of this by considering the samples in a vector form. Next, the self-shrinking generator and the bit-search generator are analyzed. Both designs are based on irregular decimation. For the self-shrinking generator, it is shown how to recover the internal state knowing only a few keystream bits. The complexity of the attack is similar to the previously best known but uses a negligible amount of memory. An attack requiring a large keystream segment is also presented. It is shown to be asymptotically better than all previously known attacks. For the bit-search generator, an algorithm that recovers the internal state is given as well as a distinguishing attack that can be very efficient if the feedback polynomial is not carefully chosen. Following this, two recently proposed stream cipher designs, Pomaranch and Achterbahn, are analyzed. Both stream ciphers are designed with small hardware complexity in mind. For Pomaranch Version 2, based on an improvement of previous analysis of the design idea, a key recovery attack is given. Also, for all three versions of Pomaranch, a distinguishing attack is given. For Achterbahn, it is shown how to recover the key of the latest version, known as Achterbahn-128/80. The last part of the thesis introduces two new stream cipher designs, namely Grain and Grain-128. The ciphers are designed to be very small in hardware. They also have the distinguishing feature of allowing users to increase the speed of the ciphers by adding extra hardware
Fault Jumping Attacks against Shrinking Generator
In this paper we outline two new cryptoanalytic attacks against hardware implementation of the shrinking generator by Coppersmith et al., a classic design in low-cost, simple-design pseudorandom bitstream generator.
This is a report on work on progress, since implementation and careful adjusting
the attack strategy in order to optimize the atatck is still not completed
Analysis of the generalized self-shrinking generator
AbstractThis work shows that the output sequences of a well-known cryptographic generator, the so-called generalized self-shrinking generator, are particular solutions of homogeneous linear difference equations with binary coefficients. In particular, all those generated sequences are just linear combinations of primary sequences weighted by binary values. Furthermore, the complete class of solutions of these difference equations includes other balanced sequences with the same period and even greater linear complexity than that of the generalized self-shrinking sequences. Cryptographic parameters of all above mentioned sequences are here analyzed in terms of linear equation solutions. In addition, this work describes an efficient algorithm to synthesize the component primary sequences as well as to compute the linear complexity and period of any generalized self-shrinking sequence
An Improved Linear Feedback Shift Register (LFSR- based) Stream Cipher Generator
Linear feedback shift register ( LFSR-based) stream cipher an improved design for a random key generator in a stream cipher algorithm. The proposed random key generator is simply designed to produce a very quick algorithm to be used for securing GSM communication as mobiles or in satellite communications channels, and it use to avoid attack that happen on cryptography in general and on stream cipher in specific. The simplicity of the design derived from using of four small LFSR and three Xored gates and a single (3 to 1) multiplexer on the content of 8-stages LFSR
Some Results on Distinguishing Attacks on Stream Ciphers
Stream ciphers are cryptographic primitives that are used to ensure the privacy of a message that is sent over a digital communication channel. In this thesis we will present new cryptanalytic results for several stream ciphers. The thesis provides a general introduction to cryptology, explains the basic concepts, gives an overview of various cryptographic primitives and discusses a number of different attack models. The first new attack given is a linear correlation attack in the form of a distinguishing attack. In this attack a specific class of weak feedback polynomials for LFSRs is identified. If the feedback polynomial is of a particular form the attack will be efficient. Two new distinguishing attacks are given on classical stream cipher constructions, namely the filter generator and the irregularly clocked filter generator. It is also demonstrated how these attacks can be applied to modern constructions. A key recovery attack is described for LILI-128 and a distinguishing attack for LILI-II is given. The European network of excellence, called eSTREAM, is an effort to find new efficient and secure stream ciphers. We analyze a number of the eSTREAM candidates. Firstly, distinguishing attacks are described for the candidate Dragon and a family of candidates called Pomaranch. Secondly, we describe resynchronization attacks on eSTREAM candidates. A general square root resynchronization attack which can be used to recover parts of a message is given. The attack is demonstrated on the candidates LEX and Pomaranch. A chosen IV distinguishing attack is then presented which can be used to evaluate the initialization procedure of stream ciphers. The technique is demonstrated on four candidates: Grain, Trivium, Decim and LEX
- …