Inferring sequences produced by nonlinear pseudorandom number generators using coppersmith's methods

Authors:
Aurélie Bauer;Damien Vergnaud;Jean-Christophe Zapalowicz
Affiliations:
Agence Nationale de la Sécurité des Systèmes d'Information, Paris 07, SP, France;École Normale Supérieure --- C.N.R.S. --- I.N.R.I.A., Paris Cedex 05, France;INRIA Rennes --- Bretagne Atlantique, Rennes, France
Venue:
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Year:
2012

Citing 13
Cited 0

Inferring sequences produced by pseudo-random number generators

Journal of the ACM (JACM)
Inferring sequences produced by a linear congruential generator missing low-order bits

Journal of Cryptology
Finding Small Roots of Univariate Modular Equations Revisited

Proceedings of the 6th IMA International Conference on Cryptography and Coding
Reconstructing noisy polynomial evaluation in residue rings

Journal of Algorithms
Secret linear congruential generators are not cryptographically secure

SFCS '87 Proceedings of the 28th Annual Symposium on Foundations of Computer Science
Toward a Rigorous Variation of Coppersmith's Algorithm on Three Variables

EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Attacking Power Generators Using Unravelled Linearization: When Do We Output Too Much?

ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Finding a small root of a univariate modular equation

EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Finding a small root of a bivariate integer equation; factoring with high bits known

EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
A strategy for finding roots of multivariate polynomials with new applications in attacking RSA variants

ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Cryptanalysis of the quadratic generator

INDOCRYPT'05 Proceedings of the 6th international conference on Cryptology in India
A tool kit for finding small roots of bivariate polynomials over the integers

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Attacking the Pollard Generator

IEEE Transactions on Information Theory

Quantified Score

Hi-index	0.00

Visualization

Abstract

Number-theoretic pseudorandom generators work by iterating an algebraic map F (public or private) over a residue ring ℤN on a secret random initial seed value v 0 ∈ℤN to compute values $v_{n+1} = F(v_n) \bmod{N}$ for n ∈ℕ. They output some consecutive bits of the state value v n at each iteration and their efficiency and security are thus strongly related to the number of output bits. In 2005, Blackburn, Gomez-Perez, Gutierrez and Shparlinski proposed a deep analysis on the security of such generators. In this paper, we revisit the security of number-theoretic generators by proposing better attacks based on Coppersmith's techniques for finding small roots on polynomial equations. Using intricate constructions, we are able to significantly improve the security bounds obtained by Blackburn et al. .