Guess-and-determine Attack on the Bit-search Generator

Jia  Yan-Yan; Hu Yu-Pu; Gao Jun-Tao

doi:10.3724/SP.J.1146.2010.00030

Volume 32 Issue 12

Jan. 2011

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2010 > 32(12): 2925-2929

Jia Yan-Yan, Hu Yu-Pu, Gao Jun-Tao. Guess-and-determine Attack on the Bit-search Generator[J]. Journal of Electronics & Information Technology, 2010, 32(12): 2925-2929. doi: 10.3724/SP.J.1146.2010.00030

Citation:

Jia Yan-Yan, Hu Yu-Pu, Gao Jun-Tao. Guess-and-determine Attack on the Bit-search Generator[J]. Journal of Electronics & Information Technology, 2010, 32(12): 2925-2929. doi: 10.3724/SP.J.1146.2010.00030

Citation:

PDF( 211 KB)

Guess-and-determine Attack on the Bit-search Generator

doi: 10.3724/SP.J.1146.2010.00030 cstr: 32379.14.SP.J.1146.2010.00030

Received Date: 2010-01-12
Rev Recd Date: 2010-07-09
Publish Date: 2010-12-19

Abstract

Abstract

For the Bit-Search-Generators (BSG) with a low weight feedback polynomial, a fast key recovery algorithm is presented using the ideas of the guess-and-determine attack. A candidate differential sequence is recovered firstly from the intercepted keystream sequence based on the differential construction of the BSG sequence. Then the feedback polynomial is used to check the candidate differential sequence, which will reduce the number of the linear equation systems of L dimensions thus to reduce significantly the complexity of the algorithm. Theoretical analysis and simulation experiment results show that, when the weight of the feedback polynomial is less than 10, the complexity of the attack is noticeably better than that of the existing methods. Specially, the attack complexity can be significantly reduced from the best known attack complexity O(L320.5L) to O(L20.5L) when the weight is 3.
- Stream cipher,
- Cryptanalysis,
- Bit-Search Generator (BSG),
- Guess-and-determine attacks,
- Complexity analysis

FullText(HTML)

References(1)

References

[1] Coppersmith D.[J].Krawczyk D, and Mansour Y. The shrinking generator[C]. CRYPTO93. Santa Barbara, USA, Springer- Verlag.1993,:- [2] Meier W and Staffelbach O. The self-shrinking generator[C]. EUROCRYPT94. Santa Barbara, USA, Springer-Verlag, 1994: 205-214. [3] Gouget A and Sibert H. The bit-search generator[C]. In The State of the Art of Stream Ciphers: Workshop Record, Brugge, Belgium, 2004: 60-68. [4] Debraize B and Goubin L. Guess-and-determine algebraic attack on the self-shrinking generator[C]. FSE 2008. Lausanne, Switzerland, Spinger-Verlag, 2008: 235-252. [5] Kanso A A. Modified clock-controlled alternating step generators[J].Computer Communications.2009, 32(5):787-799 [6] Hell M and Johansson T. Some attacks on the bit-search generator[C]. FSE 2005. Berlin, Germany, Springer-Verlag, 2005: 215-227. [7] Hell M and Johansson T. Two new attacks on the self-shrinking generator[J].IEEE Transactions on Information Theory.2006, 52(8):3837-3843 [8] Gouget A, Sibert H, Berbain C, and Coutois N, et al.. Analysis of the bit-search generator and sequence compression techniques[C]. FSE 2005. Berlin, Germany, Spinger-Verlag, 2005: 196-214. [9] 臧玉亮，韩文报. 线性反馈移位寄存器的差分能量攻击[J].电子与信息学报.2009, 31(10):2406-2410浏览 Zang Yu-liang and Han Wen-bao. Differential power attack on linear feedback shift register[J].Journal of Electronics Information Technology.2009, 31(10):2406-2410 [10] Altug Y, Ayerden N P, Mihcak M K, and Anarim E. A note on the periodicity and the output rate of bit search type generators [J].IEEE Transactions on Information Theory.2008, 54(2):666-679 [11] Coppersmith D and Winograd S. Matrix multiplication via arithmetic progression[J].Journal Symbolic Computation.1990, 9(3):251-280 [12] Strassen V. Gaussian elimination is not optimal[J]. Numerische Mathematic, 1969, 14(3): 354-356.

Relative Articles

Supplements(0)

Cited By

Proportional views