Fast correlation attacks on stream ciphers
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Essential Algebraic Structure within the AES
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
In How Many Ways Can You Write Rijndael?
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Signal Design for Good Correlation: For Wireless Communication, Cryptography, and Radar
Signal Design for Good Correlation: For Wireless Communication, Cryptography, and Radar
Algebraic attacks on stream ciphers with linear feedback
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
An algebraic framework for cipher embeddings
IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
A New Attack on the Filter Generator
IEEE Transactions on Information Theory
On equivalence classes of boolean functions
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
Hi-index | 0.00 |
In this paper we investigate nonlinear equivalence of stream ciphers over a finite field, exemplified by the pure LFSR-based filter generator over F2. We define a nonlinear equivalence class consisting of filter generators of length n that generate a binary keystream of period dividing 2n-1, and investigate certain cryptographic properties of the ciphers in this class. We show that a number of important cryptographic properties, such as algebraic immunity and nonlinearity, are not invariant among elements of the same equivalence class. It follows that analysis of cipher-components in isolation presents some limitations, as it most often involves investigating cryptographic properties that vary among equivalent ciphers. Thus in order to assess the resistance of a cipher against a certain type of attack, one should in theory determine the weakest equivalent cipher and not only a particular instance. This is however likely to be a very difficult task, when we consider the size of the equivalence class for ciphers used in practice; therefore assessing the exact cryptographic properties of a cipher appears to be notoriously difficult.