11 research outputs found

    On The Nonlinearity of Maximum-length NFSR Feedbacks

    Get PDF
    Linear Feedback Shift Registers (LFSRs) are the main building block of many classical stream ciphers; however due to their inherent linearity, most of the LFSR-based designs do not offer the desired security levels. In the last decade, using Nonlinear Feedback Shift Registers(NFSRs) in stream ciphers became very popular. However, the theory of NFSRs is not well-understood, and there is no efficient method that constructs a cryptographically strong feedback function with maximum period and also, given a feedback function it is hard to predict the period. In this paper, we study the maximum-length NFSRs, focusing on the nonlinearity of their feedback functions. First, we provide some upper bounds on the nonlinearity of the maximum-length feedback functions, and then we study the feedback functions having nonlinearity 2 in detail. We also show some techniques to improve the nonlinearity of a given feedback function using cross-joining

    Modified Alternating Step Generators

    Get PDF
    Irregular clocking of feedback shift registers is a popular technique to improve parameters of keystream generators in stream ciphers. Another technique is to implement nonlinear functions. We join these techniques and propose Modified Alternating Step Generators built with linear and nonlinear feedback shift registers. Adequate nonlinear Boolean functions are used as feedbacks or as filtering functions of shift registers in order to increase complexity of sequences produced by individual registers and the whole generator. We investigate basic parameters of proposed keystream generators, such as period, linear complexity and randomness

    On the Maximum Nonlinearity of De Bruijn Sequence Feedback Function

    Get PDF
    The nonlinearity of Boolean function is an important cryptographic criteria in the Best Affine Attack approach. In this paper, based on the definition of nonlinearity, we propose a new design index of nonlinear feedback shift registers. Using the index and the correlative necessary conditions of de Bruijn sequence feedback function, we prove that when n9n \ge 9, the maximum nonlinearity Nl(f)maxNl{(f)_{\max }} of arbitrary nn - order de Bruijn sequence feedback function ff satisfies 32n3(Zn+1)<Nl(f)max2n12n123 \cdot {2^{n - 3}} - ({Z_n} + 1) < Nl{(f)_{\max }} \le {2^{n - 1}} - {2^{\frac{{n - 1}}{2}}} and the nonlinearity of de Bruijn sequence feedback function, based on the spanning tree of adjacency graph of affine shift registers, has a fixed value. At the same time, this paper gives the correlation analysis and practical application of the index

    New cryptanalysis of LFSR-based stream ciphers and decoders for p-ary QC-MDPC codes

    Get PDF
    The security of modern cryptography is based on the hardness of solving certain problems. In this context, a problem is considered hard if there is no known polynomial time algorithm to solve it. Initially, the security assessment of cryptographic systems only considered adversaries with classical computational resources, i.e., digital computers. It is now known that there exist polynomial-time quantum algorithms that would render certain cryptosystems insecure if large-scale quantum computers were available. Thus, adversaries with access to such computers should also be considered. In particular, cryptosystems based on the hardness of integer factorisation or the discrete logarithm problem would be broken. For some others such as symmetric-key cryptosystems, the impact seems not to be as serious; it is recommended to at least double the key size of currently used systems to preserve their security level. The potential threat posed by sufficiently powerful quantum computers motivates the continued study and development of post-quantum cryptography, that is, cryptographic systems that are secure against adversaries with access to quantum computations. It is believed that symmetric-key cryptosystems should be secure from quantum attacks. In this manuscript, we study the security of one such family of systems; namely, stream ciphers. They are mainly used in applications where high throughput is required in software or low resource usage is required in hardware. Our focus is on the cryptanalysis of stream ciphers employing linear feedback shift registers (LFSRs). This is modelled as the problem of finding solutions to systems of linear equations with associated probability distributions on the set of right hand sides. To solve this problem, we first present a multivariate version of the correlation attack introduced by Siegenthaler. Building on the ideas of the multivariate attack, we propose a new cryptanalytic method with lower time complexity. Alongside this, we introduce the notion of relations modulo a matrix B, which may be seen as a generalisation of parity-checks used in fast correlation attacks. The latter are among the most important class of attacks against LFSR-based stream ciphers. Our new method is successfully applied to hard instances of the filter generator and requires a lower amount of keystream compared to other attacks in the literature. We also perform a theoretical attack against the Grain-v1 cipher and an experimental attack against a toy Grain-like cipher. Compared to the best previous attack, our technique requires less keystream bits but also has a higher time complexity. This is the result of joint work with Semaev. Public-key cryptosystems based on error-correcting codes are also believed to be secure against quantum attacks. To this end, we develop a new technique in code-based cryptography. Specifically, we propose new decoders for quasi-cyclic moderate density parity-check (QC-MDPC) codes. These codes were proposed by Misoczki et al.\ for use in the McEliece scheme. The use of QC-MDPC codes avoids attacks applicable when using low-density parity-check (LDPC) codes and also allows for keys with short size. Although we focus on decoding for a particular instance of the p-ary QC-MDPC scheme, our new decoding algorithm is also a general decoding method for p-ary MDPC-like schemes. This algorithm is a bit-flipping decoder, and its performance is improved by varying thresholds for the different iterations. Experimental results demonstrate that our decoders enjoy a very low decoding failure rate for the chosen p-ary QC-MDPC instance. This is the result of joint work with Guo and Johansson.Doktorgradsavhandlin

    On Some Symmetric Lightweight Cryptographic Designs

    Get PDF
    This dissertation presents cryptanalysis of several symmetric lightweight primitives, both stream ciphers and block ciphers. Further, some aspects of authentication in combination with a keystream generator is investigated, and a new member of the Grain family of stream ciphers, Grain-128a, with built-in support for authentication is presented. The first contribution is an investigation of how authentication can be provided at a low additional cost, assuming a synchronous stream cipher is already implemented and used for encryption. These findings are then used when presenting the latest addition to the Grain family of stream ciphers, Grain-128a. It uses a 128-bit key and a 96-bit initialization vector to generate keystream, and to possibly also authenticate the plaintext. Next, the stream cipher BEAN, superficially similar to Grain, but notably using a weak output function and two feedback with carry shift registers (FCSRs) rather than linear and (non-FCSR) nonlinear feedback shift registers, is cryptanalyzed. An efficient distinguisher and a state-recovery attack is given. It is shown how knowledge of the state can be used to recover the key in a straightforward way. The remainder of this dissertation then focuses on block ciphers. First, a related-key attack on KTANTAN is presented. The attack notably uses only a few related keys, runs in less than half a minute on a current computer, and directly contradicts the designers' claims. It is discussed why this is, and what can be learned from this. Next, PRINTcipher is subjected to linear cryptanalysis. Several weak key classes are identified and it is shown how several observations of the same statistical property can be made for each plaintext--ciphertext pair. Finally, the invariant subspace property, first observed for certain key classes in PRINTcipher, is investigated. In particular, its connection to large linear biases is studied through an eigenvector which arises inside the cipher and leads to trail clustering in the linear hull which, under reasonable assumptions, causes a significant number of large linear biases. Simulations on several versions of PRINTcipher are compared to the theoretical findings

    Generation of Nonlinear Feedback Shift Registers with special-purpose hardware

    Get PDF
    The nonlinear feedback shift registers (NLFSR) are used to construct pseudorandom generators for stream ciphers. Their theory is not so complete as that of the linear feedback shift registers (LFSR). In general, it is not known how to construct NLFSRs with maximum period. The direct method is to search for such registers with suitable properties. We used the implementation of NLFSRs in Field Programmable Gate Arrays (FPGA) to perform a corresponding search. We also investigated local statistical properties of the binary sequences ganerated by NLFSRs of order 25 and 27

    On cross joining de Bruijn sequences

    Get PDF
    We explain the origins of Boolean feedback functions of nonlinear feedback shift registers (NLFSRs) of fixed order n generating de Bruijn binary sequences. They all come into existence by cross joining operations starting from one maximum period feedback shift register, e.g., a linear one which always exists for any order n. The result obtained yields some constructions of NLFSRs generating maximum period 2n1 2^n-1 binary sequences

    AN INVESTIGATION OF CIRRUS CLOUD PROPERTIES USING AIRBORNE LIDAR

    Get PDF
    The impact of cirrus clouds on the Earth's radiation budget remains a key uncertainty in assessing global radiative balance and climate change. Composed of ice, and located in the cold upper troposphere, cirrus clouds can cause large warming effects because they are relatively transmissive to short-wave solar radiation, but absorptive of long wave radiation. Our ability to model radiative effects of cirrus clouds is inhibited by uncertainties in cloud optical properties. Studies of mid-latitude cirrus properties have revealed notable differences compared to tropical anvil cirrus, likely a consequence of varying dynamic formation mechanisms. Cloud-aerosol lidars provide critical information about the vertical structure of cirrus for climate studies. For this dissertation, I helped develop the Airborne Cloud-Aerosol Transport System (ACATS), a Doppler wind lidar system at NASA Goddard Space Flight Center (GSFC). ACATS is also a high spectral resolution lidar (HSRL), uniquely capable of directly resolving backscatter and extinction properties of a particle from high-altitude aircraft. The first ACATS science flights were conducted out of Wallops Island, VA in September of 2012 and included coincident measurements with the Cloud Physics Lidar (CPL) instrument. In this dissertation, I provide an overview of the ACATS method and instrument design, describe the ACATS retrieval algorithms for cloud and aerosol properties, explain the ACATS HSRL retrieval errors due to the instrument calibration, and use the coincident CPL data to validate and evaluate ACATS cloud and aerosol retrievals. Both the ACATS HSRL and standard backscatter retrievals agree well with coincident CPL retrievals. Mean ACATS and CPL extinction profiles for three case studies demonstrate similar structure and agree to within 25 percent for cirrus clouds. The new HSRL retrieval algorithms developed for ACATS have direct application to future spaceborne missions. Furthermore, extinction and particle wind velocity retrieved from ACATS can be used for science applications such as dust transport and convective anvil outflow. The relationship between cirrus cloud properties and dynamic formation mechanism is examined through statistics of CPL cirrus observations from more than 100 aircraft flights. The CPL 532 nm lidar ratios (also referred to as the extinction to backscatter ratio) for cirrus clouds formed by synoptic-scale uplift over land are lower than convectively-generated cirrus over tropical oceans. Errors in assuming a constant lidar ratio can lead to errors of ~50% in cloud optical extinction derived from space-borne lidar such as CALIOP. The 1064 nm depolarization ratios for synoptically-generated cirrus over land are lower than convectively-generated cirrus, formed due to rapid upward motions of tropical convection, as a consequence of differences in cloud temperatures and ice particle size and shape. Finally, the backscatter color ratio is directly proportional to depolarization ratio for synoptically-generated cirrus, but not for any other type of cirrus. The relationships between cirrus properties and formation mechanisms determined in this study can be used as part of a larger global climatology of cirrus clouds to improve parameterizations in global climate models and satellite retrievals to improve our understanding of the impact of clouds on weather and climate
    corecore