Security Analysis of Linearly Filtered NLFSRs

Our contributions are applying distinguishing attack on Linearly Filtered NLFSR as a primitive or associated with filter generators. We extend the attack on linear combinations of Linearly Filtered NLFSRs as well. Generally, these structures can be examined by the proposed techniques and the criteria will be achieved to design secure primitive. The attacks allow attacker to mount linear attack to distinguish the output of the cipher and recover its internal state. Also, we investigate security of the modified version of Grain stream cipher to present how invulnerable is the scheme against distinguishing attacks

Security analysis of linearly filtered NLFSRs

Non-linear feedback shift register (NLFSR) ciphers are cryptographic tools of choice of the industry especially for mobile communication. Their attractive feature is a high efficiency when implemented in hardware or software. However, the main problem of NLFSR ciphers is that their security is still not well investigated. The paper makes a progress in the study of the security of NLFSR ciphers. In particular, we show a distinguishing attack on linearly filtered NLFSR (or LF-NLFSR) ciphers. We extend the attack to a linear combination of LF-NLFSRs. We investigate the security of a modified version of the Grain stream cipher and show its vulnerability to both key recovery and distinguishing attacks.20 page(s

Cryptanalysis of lightweight cryptographic algorithms

Empirical thesis.Bibliography: pages 111-124.1. Introduction -- 2. Stream ciphers -- 3. Cryptanalysis of WG-7 stream cipher -- 4. Security evaluation of Rakaposhi stream cipher -- 5. Security analysis of linearly filtered NLFSRs -- 6. Practical attack on NLM generators -- 7. Cryptanalysis of RC4(n,m) stream cipher -- 8. Cryptanalysis of a hash function based on RC4 -- 9. Conclusion.Stream ciphers are symmetric cipher systems which provide confidentiality in many applications ranging from mobile phone communication to virtual private networks. They may be implemented effciently in software and hardware and are a preferred choice when dealing with resource-constrained environments, such as smart cards, RFID tags,and sensor networks. This dissertation addresses cryptanalysis of several stream ciphers, and a hash function based on stream cipher. Also, the thesis investigates the design principles and security of stream ciphers built from nonlinear feedback shift registers. In a design view, any cryptographic attack shows a weak point in the design and immediately can be converted into an appropriate design criterion. Firstly, this thesis focuses on the WG-7, a lightweight stream cipher. It is shown that thekey stream generated by WG-7 can be distinguished from a random sequence with a negligible error probability. In addition, a key-recovery attack on the cipher has been successfully proposed. Then, a security evaluation of the Rakaposhi stream cipher identifies weaknesses of the cipher. The main observation shows that the initialisation procedure has a sliding property. This property can be used to launch distinguishing and key-recovery attacks. Further, the cipher is studied when the registers enter short cycles. In this case, the internal state can be recovered with less complexity than exhaustive search. New security features of a specific design based on nonlinear feedback shift registers have been explored. The idea applies a distinguishing attack on linearly filtered nonlinear feedback shift registers. The attack extends the idea on linear combinations of linearly filtered nonlinear feedback shift registers as well. The proposed attacks allow the attacker to mount linear attacks to distinguish the output of the cipher and recover its internal state. The next topic analyses a new lightweight communication framework called NLM-MAC. Several critical cryptographic weaknesses leading to key-recovery and forgery attack have been indicated. It is shown that the adversary can recover the internal state of the NLM generator. The attacker also is able to forge any MAC tag in real time. The proposed attacks are completely practical and break the scheme. Another part demonstrates some new cryptographic attacks on RC4(n,m) stream cipher. The investigations have revealed several weaknesses of the cipher. Firstly, a distinguisher for the cipher is proposed. Secondly, a key-recovery attack uses a method to find the secret key in real time. Finally, the RC4-BHF hash function that is based on the well-known RC4 stream cipher is analysed. Two attacks on RC4-BHF have been developed. In the first attack, the adversary is able to find collisions for two different messages. The second attack shows how to design a distinguisher that can tell apart the sequence generated by RC4-BHF from a random one.Mode of access: World wide web1 online resource (xviii, 124 pages) table