Fast correlation attacks on stream ciphers
Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Fast correlation attacks on certain stream ciphers
Journal of Cryptology
AUSCRYPT '90 Proceedings of the international conference on cryptology on Advances in cryptology
Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
The Design of Rijndael
Fast Correlation Attacks: An Algorithmic Point of View
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
A Practical Attack on Broadcast RC4
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
Fast Correlation Attack Algorithm with List Decoding and an Application
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
Computation of Low-Weight Parity Checks for Correlation Attacks on Stream Ciphers
Proceedings of the 5th IMA Conference on Cryptography and Coding
Cryptography: An Introduction
Linear statistical weakness of alleged RC4 keystream generator
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
An improved correlation attack on a5/1
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
A new simple technique to attack filter generators and related ciphers
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
The conditional correlation attack: a practical attack on bluetooth encryption
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
On the complexity of some cryptographic problems based on the general decoding problem
IEEE Transactions on Information Theory
Universally composable and forward-secure RFID authentication and authenticated key exchange
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
On analysis and synthesis of (n, k)-non-linear feedback shift registers
Proceedings of the conference on Design, automation and test in Europe
The Grain Family of Stream Ciphers
New Stream Cipher Designs
Universally Composable RFID Identification and Authentication Protocols
ACM Transactions on Information and System Security (TISSEC)
Grain-128a: a new version of Grain-128 with optional authentication
International Journal of Wireless and Mobile Computing
CAR30: A new scalable stream cipher with rule 30
Cryptography and Communications
| Hi-index | 0.00 |
Let us have an NLFSR with the feedback function g(x) and an LFSR with the generating polynomial f(x). The function g(x) is a Boolean function on the state of the NLFSR and the LFSR, at any time instance t. Whenever the LFSR has good statistical properties, it is used for controlling the randomness of the NLFSR's state machine. In this paper we define and study the general class of "Grain" family of stream ciphers, where the keystream bits are generated by another Boolean function h(y) on the states of the NLFSR and the LFSR. We show that the cryptographic strength of this family is related to the general decoding problem, when a key-recovering attack is considered. A proper choice of the functions f(·), g(·) and h(·) could, potentially, give us a strong instance of a stream cipher. One of such stream ciphers Grain was recently proposed as a candidate for the European project ECRYPT in May, 2005. Grain uses the secret key of length 80 bits and its internal state is of size 160 bits. It was suggested as a fast and small primitive for efficient hardware implementation. In our work we propose the analysis of such structures in general, and, in particular, we give a linear distinguishing attack on Grain with time complexity O(254), when O(251) bits of the keystream is available. This is the first paper presenting an attack on Grain, and it reveals a leakage in the choice of the functions in this particular design instance.