Nonlinear equivalence of stream ciphers

Authors:
Sondre Rønjom;Carlos Cid
Affiliations:
Crypto Technology Group, Norwegian National Security Authority, Bærum, Norway;Information Security Group, Royal Holloway, University of London, Egham, United Kingdom
Venue:
FSE'10 Proceedings of the 17th international conference on Fast software encryption
Year:
2010

Citing 8
Cited 1

Fast correlation attacks on stream ciphers

Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Handbook of Applied Cryptography

Handbook of Applied Cryptography
Essential Algebraic Structure within the AES

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
In How Many Ways Can You Write Rijndael?

ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Signal Design for Good Correlation: For Wireless Communication, Cryptography, and Radar

Signal Design for Good Correlation: For Wireless Communication, Cryptography, and Radar
Algebraic attacks on stream ciphers with linear feedback

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
An algebraic framework for cipher embeddings

IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
A New Attack on the Filter Generator

IEEE Transactions on Information Theory

On equivalence classes of boolean functions

ICISC'10 Proceedings of the 13th international conference on Information security and cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we investigate nonlinear equivalence of stream ciphers over a finite field, exemplified by the pure LFSR-based filter generator over F2. We define a nonlinear equivalence class consisting of filter generators of length n that generate a binary keystream of period dividing 2n-1, and investigate certain cryptographic properties of the ciphers in this class. We show that a number of important cryptographic properties, such as algebraic immunity and nonlinearity, are not invariant among elements of the same equivalence class. It follows that analysis of cipher-components in isolation presents some limitations, as it most often involves investigating cryptographic properties that vary among equivalent ciphers. Thus in order to assess the resistance of a cipher against a certain type of attack, one should in theory determine the weakest equivalent cipher and not only a particular instance. This is however likely to be a very difficult task, when we consider the size of the equivalence class for ciphers used in practice; therefore assessing the exact cryptographic properties of a cipher appears to be notoriously difficult.