Lock-in effect in cascades of clock-controlled shift-registers
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Fast correlation attacks on certain stream ciphers
Journal of Cryptology
Solving a class of stream ciphers
Cryptologia
A cryptanalysis of Stepk,m-cascades
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
On the linear consistency test (LCT) in cryptanalysis with applications
CRYPTO '89 Proceedings on Advances in cryptology
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Shift Register Sequences
An Improved Linear Syndrome Algorithm in Cryptanalysis With Applications
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
On the Security of Shift Register Based Keystream Generators
Fast Software Encryption, Cambridge Security Workshop
Modes of Operation of Stream Ciphers
SAC '00 Proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography
Cryptanalysis of Stream Ciphers with Linear Masking
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of Achterbahn-version 1 and -version 2
Journal of Computer Science and Technology
An efficient cryptosystem Delta for stream cipher applications
Computers and Electrical Engineering
Linear statistical weakness of alleged RC4 keystream generator
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Cryptanalysis of alleged A5 stream cipher
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Predicting the shrinking generator with fixed connections
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Strengthening NLS against crossword puzzle attack
ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Fast correlation attacks: methods and countermeasures
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Fast computation of large distributions and its cryptographic applications
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Distinguishing stream ciphers with convolutional filters
SCN'06 Proceedings of the 5th international conference on Security and Cryptography for Networks
Hi-index | 14.98 |
It is shown that an arbitrary binary keystream generator with M bits of memory can be linearly modeled as a non-autonomous linear feedback shift register of length at most M with an additive input sequence of nonbalanced identically distributed binary random variables. The sum of the squares of input correlation coefficients over all the linear models of any given length proves to be dependent on a keystream generator. The minimum and maximum values of the correlation sum along with the necessary and sufficient conditions for them to be achieved are established. An effective method for the linear model determination based on the linear sequential circuit approximation of autonomous finite-state machines is developed. Linear models for clock controlled shift registers and arbitrary shift register based keystream generators are derived. Several examples including the basic summation generator, the clock-controlled cascade, and the shrinking generator are presented. Linear models are the basis for a general structure-dependent and initial-state-independent statistical test. They may also be used for divide and conquer correlation attacks on the initial state. Security against the corresponding statistical attack appears hard to control in practice and generally hard to achieve with simple keystream generator schemes