Graph-Based Approach to the Edit Distance Cryptanalysis of Irregularly Clocked Linear Feedback Shift Registers

This paper proposes a speed-up of a known-plaintext attack on some stream ciphers based on Linear Feedback Shift Registers (LFSRs). The algorithm consists of two basic steps: first, to guess the initial seed value of one of the LFSRs, and then to use the resulting binary sequence in order to deduce useful information about the cipher parameters. In particular, the proposed divide-and-conquer attack is based on a combination of graph-based techniques with edit distance concepts. While the original edit distance attack requires the exhaustive search over the set of all possible initial states of the involved LFSR, this work presents a new heuristic optimization that avoids the evaluation of an important number of initial states through the identification of the most promising branches of the search graph. The strongest aspects of the proposal are the facts that the obtained results from the attack are absolutely deterministic, and that many inconsistent initial states of the target LFSRs are recognized and avoided during search.This work was supported by the Spanish Ministry of Science and Innovation and European FEDER Fund under Project TIN2008-02236/TSI as well as by CDTI (Spain)and the companies INDRA, Unin Fenosa, Tecnobit, Visual Tool, Brainstorm, SAC and Technosafe under Project Cenit-HESPERIA.Peer reviewe

Decim v2

The original publication is available at www.springerlink.comIn this paper, we present Decimv2, a stream cipher hardware- oriented selected for the phase 3 of the ECRYPT stream cipher project eSTREAM. As required by the initial call for hardware-oriented stream cipher contribution, Decimv2 manages 80-bit secret keys and 64-bit public initialization vectors. The design of Decimv2 combines two filtering mechanisms: a nonlinear Boolean filter over a LFSR, followed by an irregular decimation mechanism called the ABSG. Since designers have been invited to demonstrate flexibility of their design by proposing vari-ants that take 128-bit keys, we also present a 128-bit security version of Decim called Decim-128

Stream ciphers for secure display

In any situation where private, proprietary or highly confidential material is being dealt with, the need to consider aspects of data security has grown ever more important. It is usual to secure such data from its source, over networks and on to the intended recipient. However, data security considerations typically stop at the recipient's processor, leaving connections to a display transmitting raw data which is increasingly in a digital format and of value to an adversary. With a progression to wireless display technologies the prominence of this vulnerability is set to rise, making the implementation of 'secure display' increasingly desirable. Secure display takes aspects of data security right to the display panel itself, potentially minimising the cost, component count and thickness of the final product. Recent developments in display technologies should help make this integration possible. However, the processing of large quantities of time-sensitive data presents a significant challenge in such resource constrained environments. Efficient high- throughput decryption is a crucial aspect of the implementation of secure display and one for which the widely used and well understood block cipher may not be best suited. Stream ciphers present a promising alternative and a number of strong candidate algorithms potentially offer the hardware speed and efficiency required. In the past, similar stream ciphers have suffered from algorithmic vulnerabilities. Although these new-generation designs have done much to respond to this concern, the relatively short 80-bit key lengths of some proposed hardware candidates, when combined with ever-advancing computational power, leads to the thesis identifying exhaustive search of key space as a potential attack vector. To determine the value of protection afforded by such short key lengths a unique hardware key search engine for stream ciphers is developed that makes use of an appropriate data element to improve search efficiency. The simulations from this system indicate that the proposed key lengths may be insufficient for applications where data is of long-term or high value. It is suggested that for the concept of secure display to be accepted, a longer key length should be used

Predicting the Shrinking Generator with Fixed Connections

Abstract. We propose a novel distinguishing attack on the shrinking generator with known feedback polynomial for the generating LFSR. The attack can e.g. reliably distinguish a shrinking generator with a weight 4 polynomial of degree as large as 10000, using 2 32 output bits. As the feedback polynomial of an arbitrary LFSR is known to have a polynomial multiple of low weight, our distinguisher applies to arbitrary shrunken LFSR’s of moderate length. The analysis can also be used to predict the distribution of blocks in the generated keystream.