Abstract
Attacks on linear feedback shift register (LFSR) based cryptosystems typically assume that all the system details except the initial state of the LFSR are known. We address the problem assuming that the nonlinear output function is also unknown and frame the problem as one of a multivariate interpolation. The solution to this problem yields a system that produces an output identical to that of the original system with some other initial state. The attack needs to observe M bits of data and has complexity O(M ω) where \({M = \sum_{i=0}^{d} C(n, i)}\) is the number of monomials of degree at most d in n variables, n being the state size and d the degree of the output function. When the output function has annihilators of degree e < d then with O(D) bits of data one can reconstruct parts of the keystream where \({D = \sum_{i=0}^{e} C(n, i)}\).
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Armknecht F.: Improving fast algebraic attacks. In: Roy, B.K., Meier, W. (eds.) FSE, Volume 3017 of Lecture Notes in Computer Science, pp. 65–82. Springer, Berlin (2004)
Armknecht F., Carlet C., Gaborit P., Künzli S., Meier W., Ruatta O.: Efficient computation of algebraic immunity for algebraic and fast algebraic attacks. In: Vaudenay, S. (ed.) EUROCRYPT, Volume 4004 of Lecture Notes in Computer Science, pp. 147–164. Springer, Berlin (2006)
Canteaut A.: Open problems related to algebraic attacks on stream ciphers. In: Ytrehus, Ø. (ed.) WCC, Volume 3969 of Lecture Notes in Computer Science., pp. 120–134. Springer, Berlin (2005)
Coppersmith D., Winograd S.: Matrix multiplication via arithmetic progressions. J. Symb. Comput 9(3), 251–280 (1990)
Courtois N.: Higher order correlation attacks, XL algorithm and cryptanalysis of Toyocrypt. In: Lee, P.J., Lim, C.H. (eds.) ICISC, Volume 2587 of Lecture Notes in Computer Science, pp. 182–199. Springer, Berlin (2002)
Courtois N.: Fast algebraic attacks on stream ciphers with linear feedback. In: Boneh, D. (ed.) CRYPTO, Volume 2729 of Lecture Notes in Computer Science, pp. 176–194. Springer, Berlin (2003)
Courtois N.: Algebraic attacks on combiners with memory and several outputs. In: Park, C., Chee, S. (eds.) ICISC, Volume 3506 of Lecture Notes in Computer Science, pp. 3–20. Springer, Berlin (2004)
Courtois N., Klimov A., Patarin J., Shamir A.: Efficient algorithms for solving overdefined systems of multivariate polynomial equations. In: EUROCRYPT, Volume 1807 of Lecture Notes in Computer Science, pp. 392–407. Springer, Berlin (2000).
Courtois N., Meier W.: Algebraic attacks on stream ciphers with linear feedback. In: Biham, E. (ed.) EUROCRYPT, Volume 2656 of Lecture Notes in Computer Science, pp. 345–359. Springer, Berlin (2003)
Courtois N., Pieprzyk J.: Cryptanalysis of block ciphers with overdefined systems of equations. In: Zheng, Y. (ed.) SIACRYPT, Volume 2501 of Lecture Notes in Computer Science, pp. 267–287. Springer, Berlin (2002)
Faugere J.-C., Ars G.: An algebraic cryptanalysis of nonlinear filter generators using Gröbner bases. Technical Report 4739, INRIA, (2003).
Hawkes P., Rose G.G.: Rewriting variables: The complexity of fast algebraic attacks on stream ciphers. In: Franklin, M.K. (ed.) CRYPTO, Volume 3152 of Lecture Notes in Computer Science, pp. 390–406. Springer, Berlin (2004)
Ibeas A., Winterhof A. : Noisy interpolation of multivariate sparse polynomials in finite fields. In: AAECC, Volume 5527 of Lecture Notes in Computer Science, pp. 169–178. Springer, Berlin (2009).
Key E.L.: An analysis of the structure and complexity of nonlinear binary sequence generators. IEEE Trans. Inf. Theory 22(6), 732–736 (1976)
Massey J.L.: Shift register synthesis and BCH decoding. IEEE Trans. Inform. Theory 15(1), 122–127 (1969)
Meier W., Pasalic E., Carlet C.: Algebraic attacks and decomposition of boolean functions. In: Cachin, C., Camenisch, J. (eds.) EUROCRYPT, Volume 3027 of Lecture Notes in Computer Science, pp. 474–491. Springer, Berlin (2004)
Palit S., Roy B.K.: Cryptanalysis of lfsr-encrypted codes with unknown combining function. In: Lam, K.-Y., Okamoto, E., Xing, C. (eds.) ASIACRYPT, Volume 1716 of Lecture Notes in Computer Science, pp. 306–320. Springer, Berlin (1999)
Rønjom S., Helleseth T.: A new attack on the filter generator. IEEE Trans. Inf. Theory 53(5), 1752–1758 (2007)
Siegenthaler T.: Cryptanalysts representation of nonlinearly filtered ML-sequences. In: EUROCRYPT 85, Volume 219 of Lecture Notes in Computer Science, pp. 103–110. Springer, Berlin (1986).
Strassen V.: Gaussian elimination is not optimal. Numer. Math. 13, 354–356 (1969)
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by C. Cid.
Rights and permissions
About this article
Cite this article
Pillai, N.R., Bedi, S.S. Algebraic attacks on a class of stream ciphers with unknown output function. Des. Codes Cryptogr. 69, 317–330 (2013). https://doi.org/10.1007/s10623-012-9665-7
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10623-012-9665-7