Encryption System with Variable Number of Registers

Abstract

Encryption in wireless communication systems is an extremely important factor to protect information and prevent fraud. In this paper, we propose a new encryption system for use in stream cipher applications. The design proposed is intended for hardware implementation and based on $(n+1)$ feedback shift registers interconnected in such a way that one register controls the clocking of the other n registers. The aim of this construction is to allow the production of a large family of distinct keystreams when the initial states and feedback functions of the feedback shift registers are unchanged. The produced keystreams are shown to possess the basic security requirements for cryptographic sequences such as long period, high linear complexity and good statistical properties, provided that suitable parameters are chosen. Furthermore, the design is shown to resist various types of cryptanalytic attacks. These characteristics and properties enhance its use as a suitable encryption system for stream cipher applications.

Introduction

There are two types of symmetric ciphers: block ciphers and stream ciphers. Block ciphers tend to simultaneously encrypt a group of characters, usually of length 128, whereas stream ciphers act on individual characters of a plaintext message one at a time. Stream ciphers have faster execution in hardware than any already existing block cipher, and they have low error propagation rate. Several symmetric ciphers have been reported in the literature [1], [2], [3], [4], [5], [6], [7], [8], [9], [10], [11], [12], [13], [14], [15], [16], [17], [18], [19], [20]. Most of these ciphers are binary additive stream ciphers involving pseudorandom number generators, known as keystream generators. The latter is an algorithm that takes a short sequence of binary digits, usually regarded as the secret key, K, for the generation of a much longer random-looking sequence, known as the keystream. In a binary additive stream cipher, the plaintext, keystream and ciphertext are all in binary form. The keystream $(Z_t)=Z_0\text{,}{Z}_1\text{,}\dots$, is masked with the plaintext, $({\mu }_t)={\mu }_0\text{,}{\mu }_1\text{,}\dots$, usually with an exclusive-or gate XOR (i.e., bitwise addition modulo 2), to produce the ciphertext, $({\zeta }_t)={\zeta }_0\text{,}{\zeta }_1\text{,}\dots$, which is transmitted over an insecure channel i.e.,

$${\zeta }_i={\mu }_i\oplus Z_i\text{,}\text{for}i=0\text{,}1\text{,}2\text{,}\dots \text{.}$$

In symmetric key cryptography, the secret key K is exchanged between the communicating parties, hence the receiver can generate an identical keystream $(Z_t)=Z_0\text{,}{Z}_1\text{,}\dots$, and recover the plaintext by masking the ciphertext with the keystream i.e.,

$${\mu }_i={\zeta }_i\oplus Z_i\text{,}\text{for}i=0\text{,}1\text{,}2\text{,}\dots \text{.}$$

Keystream generators are meant to approximate the one time pad (the only theoretically secure cipher) whose security follows from the fact that the bits of the keystream are randomly chosen. Therefore, when designing a stream cipher, the main goal for designers is to construct a keystream generator that can efficiently generate keystreams that are indistinguishable from truly random sequences. Most keystream generators are built up from simple devices that are easy to implement in software⧹hardware and run efficiently. A linear feedback shift register (LFSR) is a very good example of such devices. LFSRs are fast, simple to implement in hardware, and have mathematical techniques for analyzing them [21]. An LFSR is capable of generating sequences with long period and good statistical distribution properties. However, such sequences are linear, and can be easily predicted given some previous output bits. For this reason, LFSRs are unsuitable for direct keystreams generation. In order to use LFSRs in the design of keystream generators, their linearity must be destroyed. Several methods were proposed in the literature aim at introducing nonlinearity to keystreams generated by LFSRs-based keystream generators while preserving a long period and good statistical distribution properties of such keystreams. One method is to apply a nonlinear Boolean function in k variables to the outputs of a set of k regularly clocked LFSRs. Another method is to use one LFSR to control the clocking of one or several LFSRs (i.e., to irregularly clock LFSRs). The stop⧹go generator [1], alternating step generator (ASG) [2], shrinking generator [5], A5 [7], more generalized alternating step generator [12] and Delta [18] are examples of the latter method. Keystream generators based on regularly clocked LFSRs were shown to be subject to various cryptanalytic attacks including basic and fast correlation attacks [22]. In a fast correlation attack, the initial states of the LFSRs (which usually constitute the secret key) are reconstructed from a known portion of the keystream of the generator without performing an exhaustive search over all possible initial states. To achieve immunity to these correlation attacks, clock-controlled keystream generators that use irregular clocking were proposed. This technique limits the possibilities of performing classical correlation attacks [23]. This is due to the fact that in such a situation, a cryptanalyst having access to a portion of the keystream becomes unaware of which internal bits of the generating LFSRs contribute to which keystream bits.

In this paper, we propose a new keystream generator, Encryption System with Variable Number of Registers (ESVR), based on irregularly clocked feedback shift registers (FSRs). ESVR is intended for use in stream cipher applications, and it can be easily implemented in hardware. The generated keystreams are shown to possess the basic security requirements for cryptographic sequences, such as long period, high linear complexity and good statistical properties, provided that suitable parameters are selected. Furthermore, ESVR is shown to resist various types of cryptanalytic attacks.

ESVR keystream generator is a generalization of the alternating step generator (ASG) [2]. It is composed of $(n+1)$ feedback shift registers ${\mathbb{A}}^0\text{,}{\mathbb{A}}^1\text{,}{\mathbb{A}}^2\text{,}\dots \text{,}{\mathbb{A}}^{n-1}$ and ${\mathbb{A}}^n$ that are interconnected such that the contents of some selected w fixed stages of the register ${\mathbb{A}}^0$ controls the clocking of the other n registers. The secret key $\mathbf{K}$ is often used to provide values for the initial states of the $(n+1)$ registers and the selected w fixed stages of ${\mathbb{A}}^0$. However, to achieve a maximum level of security the feedback functions of the $(n+1)$ registers should be included in the key.

The paper is organized as follows. In Section 2, we present related work to the proposed generator. Section 3 consists of a detailed description of ESVR. In Section 4, the properties of randomness of the generated keystreams such as long period, high linear complexity and good statistical properties are established. Section 5 presents a number of cryptanalytic attacks that can be applied on the proposed generator. Section 6 is devoted for the hardware implementation of ESVR. Section 7 presents a comparison with an existing generator (ASG) and experimental results. Finally, Section 8 consists of the conclusion of this paper.