21,446 research outputs found
A Simple Attack on Some Clock-Controlled Generators
We present a new approach to edit distance attacks on certain
clock-controlled generators, which applies basic concepts of Graph Theory to
simplify the search trees of the original attacks in such a way that only the
most promising branches are analyzed. In particular, the proposed improvement
is based on cut sets defined on some graphs so that certain shortest paths
provide the edit distances. The strongest aspects of the proposal are that the
obtained results from the attack are absolutely deterministic, and that many
inconsistent initial states of the target registers are recognized beforehand
and avoided during search
Quantifying Shannon's Work Function for Cryptanalytic Attacks
Attacks on cryptographic systems are limited by the available computational
resources. A theoretical understanding of these resource limitations is needed
to evaluate the security of cryptographic primitives and procedures. This study
uses an Attacker versus Environment game formalism based on computability logic
to quantify Shannon's work function and evaluate resource use in cryptanalysis.
A simple cost function is defined which allows to quantify a wide range of
theoretical and real computational resources. With this approach the use of
custom hardware, e.g., FPGA boards, in cryptanalysis can be analyzed. Applied
to real cryptanalytic problems, it raises, for instance, the expectation that
the computer time needed to break some simple 90 bit strong cryptographic
primitives might theoretically be less than two years.Comment: 19 page
Algebraic Attack on the Alternating Step(r,s)Generator
The Alternating Step(r,s) Generator, ASG(r,s), is a clock-controlled sequence
generator which is recently proposed by A. Kanso. It consists of three
registers of length l, m and n bits. The first register controls the clocking
of the two others. The two other registers are clocked r times (or not clocked)
(resp. s times or not clocked) depending on the clock-control bit in the first
register. The special case r=s=1 is the original and well known Alternating
Step Generator. Kanso claims there is no efficient attack against the ASG(r,s)
since r and s are kept secret. In this paper, we present an Alternating Step
Generator, ASG, model for the ASG(r,s) and also we present a new and efficient
algebraic attack on ASG(r,s) using 3(m+n) bits of the output sequence to find
the secret key with O((m^2+n^2)*2^{l+1}+ (2^{m-1})*m^3 + (2^{n-1})*n^3)
computational complexity. We show that this system is no more secure than the
original ASG, in contrast to the claim of the ASG(r,s)'s constructor.Comment: 5 pages, 2 figures, 2 tables, 2010 IEEE International Symposium on
Information Theory (ISIT2010),June 13-18, 2010, Austin, Texa
A New Algorithm for Solving Ring-LPN with a Reducible Polynomial
The LPN (Learning Parity with Noise) problem has recently proved to be of
great importance in cryptology. A special and very useful case is the RING-LPN
problem, which typically provides improved efficiency in the constructed
cryptographic primitive. We present a new algorithm for solving the RING-LPN
problem in the case when the polynomial used is reducible. It greatly
outperforms previous algorithms for solving this problem. Using the algorithm,
we can break the Lapin authentication protocol for the proposed instance using
a reducible polynomial, in about 2^70 bit operations
MV3: A new word based stream cipher using rapid mixing and revolving buffers
MV3 is a new word based stream cipher for encrypting long streams of data. A
direct adaptation of a byte based cipher such as RC4 into a 32- or 64-bit word
version will obviously need vast amounts of memory. This scaling issue
necessitates a look for new components and principles, as well as mathematical
analysis to justify their use. Our approach, like RC4's, is based on rapidly
mixing random walks on directed graphs (that is, walks which reach a random
state quickly, from any starting point). We begin with some well understood
walks, and then introduce nonlinearity in their steps in order to improve
security and show long term statistical correlations are negligible. To
minimize the short term correlations, as well as to deter attacks using
equations involving successive outputs, we provide a method for sequencing the
outputs derived from the walk using three revolving buffers. The cipher is fast
-- it runs at a speed of less than 5 cycles per byte on a Pentium IV processor.
A word based cipher needs to output more bits per step, which exposes more
correlations for attacks. Moreover we seek simplicity of construction and
transparent analysis. To meet these requirements, we use a larger state and
claim security corresponding to only a fraction of it. Our design is for an
adequately secure word-based cipher; our very preliminary estimate puts the
security close to exhaustive search for keys of size < 256 bits.Comment: 27 pages, shortened version will appear in "Topics in Cryptology -
CT-RSA 2007
Attacking the combination generator
We present one of the most efficient attacks against the combination
generator. This attack is inherent to this system as its only assumption is
that the filtering function has a good autocorrelation. This is usually the
case if the system is designed to be resistant to other kinds of attacks. We
use only classical tools, namely vectorial correlation, weight 4 multiples and
Walsh transform
- …