Results 1  10
of
20
Searching for the Optimum Correlation Attack
 FSE’94, LNCS 1008
, 1995
"... We present some new ideas on attacking stream ciphers based on regularly clocked shift registers. The nonlinear lter functions used in such systems may leak information if they interact with shifted copies of themselves, and this gives us a systematic way to search for correlations between a keystr ..."
Abstract

Cited by 32 (0 self)
 Add to MetaCart
(Show Context)
We present some new ideas on attacking stream ciphers based on regularly clocked shift registers. The nonlinear lter functions used in such systems may leak information if they interact with shifted copies of themselves, and this gives us a systematic way to search for correlations between a keystream and the underlying shift register sequence.
Three Characterizations of Nonbinary CorrelationImmune and Resilient Functions
 Designs, Codes and Cryptography 5
, 1997
"... A function f(X 1 ; X 2 ; : : : ; Xn ) is said to be t thorder correlationimmune if the random variable Z = f(X 1 ; X 2 ; : : : ; Xn ) is independent of every set of t random variables chosen from the independent equiprobable random variables X 1 ; X 2 ; : : : ; Xn . Additionally, if all possible o ..."
Abstract

Cited by 20 (8 self)
 Add to MetaCart
(Show Context)
A function f(X 1 ; X 2 ; : : : ; Xn ) is said to be t thorder correlationimmune if the random variable Z = f(X 1 ; X 2 ; : : : ; Xn ) is independent of every set of t random variables chosen from the independent equiprobable random variables X 1 ; X 2 ; : : : ; Xn . Additionally, if all possible outputs are equally likely, then f is called a t \Gamma resilient function. In this paper, we provide three different characterizations of t thorder correlation immune functions and resilient functions where the random variable is over GF (q). The first is in terms of the structure of a certain associated matrix. The second characterization involves Fourier transforms. The third characterization establishes the equivalence of resilient functions and large sets of orthogonal arrays. keywords: Correlationimmune functions, resilient functions, stream ciphers, Fourier transforms, orthogonal arrays. 1 Definitions Let GF (q) denote the Galois Field with q elements, where q = p a is a prime po...
A New Statistical Testing for Symmetric Ciphers and Hash Functions
 Proc. Information and Communications Security 2002, volume 2513 of LNCS
, 2002
"... This paper presents a new, powerful statistical testing of symmetric ciphers and hash functions which allowed us to detect biases in both of these systems where previously known tests failed. We first give a complete characterization of the Algebraic Normal Form (ANF) of random Boolean functions by ..."
Abstract

Cited by 17 (1 self)
 Add to MetaCart
(Show Context)
This paper presents a new, powerful statistical testing of symmetric ciphers and hash functions which allowed us to detect biases in both of these systems where previously known tests failed. We first give a complete characterization of the Algebraic Normal Form (ANF) of random Boolean functions by means of the M obius transform. Then we built a new testing based on the comparison between the structure of the different Boolean functions Algebraic Normal Forms characterizing symmetric ciphers and hash functions and those of purely random Boolean functions. Detailed testing results on several cryptosystems are presented. As a main result we show that AES, DES Snow and Lili128 fail all or part of the tests and thus present strong biases.
Dragon: A fast word based stream cipher
 Proc. ICISC 2004, volume 3506 of LNCS
, 2005
"... This is the author’s version of a work that was submitted/accepted for publication in the following source: ..."
Abstract

Cited by 13 (1 self)
 Add to MetaCart
This is the author’s version of a work that was submitted/accepted for publication in the following source:
Decimation Attack of Stream Ciphers
 Progress in Cryptology  INDOCRYPT
, 2000
"... This paper presents a new attack called Decimation Attack of most stream ciphers. It exploits the property that multiple clocking (or equivalently dth decimation) of a LFSR can simulate the behavior of many other LFSRs of possible shorter length. It yields then significant improvements of all the p ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
(Show Context)
This paper presents a new attack called Decimation Attack of most stream ciphers. It exploits the property that multiple clocking (or equivalently dth decimation) of a LFSR can simulate the behavior of many other LFSRs of possible shorter length. It yields then significant improvements of all the previous known correlation and fast correlation attacks. A new criterion on the length of the polynomial is then defined to resist to the decimation attack. Simulation results and complexity comparison are detailed for ciphertext only attacks.
A Systematic Procedure for Applying Fast Correlation Attacks to Combiners with Memory
, 1997
"... A systematic procedure for applying fast correlation attacks to combiners with memory is introduced. This procedure consists of the following four stages: identifying correlated linear input and output transforms with maximum possible or relatively large correlation coefficient, calculating loww ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
A systematic procedure for applying fast correlation attacks to combiners with memory is introduced. This procedure consists of the following four stages: identifying correlated linear input and output transforms with maximum possible or relatively large correlation coefficient, calculating lowweight polynomial multiples based on the identified input linear transform, applying an iterative error correction algorithm to the linear transform of the observed keystream and solving several sets of linear equations to determine the initial state of the input LFSRs. This procedure is successfully applied to three keystream generators, namely, the summation generators with three and five inputs, the nonlinear filter generator and the multiplexed sequence generator. 1 Introduction A wellknown type of keystream generator for stream cipher applications consists of a number of linear feedback shift registers (LFSRs) combined by a memoryless nonlinear function. The keystream sequences pr...
Vectorial Boolean Functions and Induced Algebraic Equations
, 2004
"... A general mathematical framework behind algebraic cryptanalytic attacks is developed. The framework ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
A general mathematical framework behind algebraic cryptanalytic attacks is developed. The framework
Fast Attacks on TreeStructured Ciphers
 University
, 1994
"... Treestructures have been proposed for both the construction of block ciphers by Kam and Davida [7], and selfsynchronous stream ciphers by Kuhn [9]. Attacks on these ciphers have been given by Anderson [2] and Heys and Tavares [6]. In this paper it is demonstrated that a more efficient attack can b ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Treestructures have been proposed for both the construction of block ciphers by Kam and Davida [7], and selfsynchronous stream ciphers by Kuhn [9]. Attacks on these ciphers have been given by Anderson [2] and Heys and Tavares [6]. In this paper it is demonstrated that a more efficient attack can be conducted when the underlying Boolean functions for the cells are known. It is shown that this attack requires less then 1 3 the chosen ciphertext of Anderson's original attack on Kuhn's cipher. We also comment on an improved version of Kuhn's cipher that was modified in light of Anderson's original attack. The work in this paper has been funded in part by the Cooperative Research Centres program through the Department of the Prime Minister and Cabinet of Australia. 1 Introduction This paper deals with the cryptanalysis of ciphers which can be reduced to a boolean function which has a treestructure, such as the cipher proposed by Kuhn [9], and Kam and Davida's construction [7] of ...
An Evolutionary Multiobjective Approach to Design Highly Nonlinear Boolean Functions
"... The proliferation of all kinds of devices with different security requirements and constraints, and the armsrace nature of the security problem are increasingly demanding the development of tools to help on the automatic design of Boolean functions with security application. Nowadays, the design of ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
The proliferation of all kinds of devices with different security requirements and constraints, and the armsrace nature of the security problem are increasingly demanding the development of tools to help on the automatic design of Boolean functions with security application. Nowadays, the design of strong cryptographic Boolean functions is a multiobjective problem. However, so far evolutionary multiobjective algorithms have been largely overlooked and not much is known about this problem from a multiobjective optimization perspective. In this work we focus on nonlinearity related criteria and explore a multiobjective evolutionary approach aiming to find several balanced functions of similar characteristics satisfying multiple criteria. We show that the multiobjective approach is an efficient alternative to single objective optimization approaches presented so far. We also argue that it is a better framework for automatic design of cryptographic Boolean functions.