Results 1  10
of
12
Predicting the Shrinking Generator with Fixed Connections
 In Advances in Cryptology  EUROCRYPT 2003
, 2003
"... Abstract. We propose a novel distinguishing attack on the shrinking generator with known feedback polynomial for the generating LFSR. The attack can e.g. reliably distinguish a shrinking generator with a weight 4 polynomial of degree as large as 10000, using 2 32 output bits. As the feedback polynom ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
Abstract. We propose a novel distinguishing attack on the shrinking generator with known feedback polynomial for the generating LFSR. The attack can e.g. reliably distinguish a shrinking generator with a weight 4 polynomial of degree as large as 10000, using 2 32 output bits. As the feedback polynomial of an arbitrary LFSR is known to have a polynomial multiple of low weight, our distinguisher applies to arbitrary shrunken LFSR’s of moderate length. The analysis can also be used to predict the distribution of blocks in the generated keystream. 1
A New Statistical Distinguisher for the Shrinking Generator
, 2003
"... The shrinking generator is a wellknown keystream generator composed of two linear feedback shift registers, LFSR 1 and LFSR 2 , where LFSR 1 is clockcontrolled according to regularly clocked LFSR 2 . The keystream sequence is thus a decimated LFSR 1 sequence. ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
The shrinking generator is a wellknown keystream generator composed of two linear feedback shift registers, LFSR 1 and LFSR 2 , where LFSR 1 is clockcontrolled according to regularly clocked LFSR 2 . The keystream sequence is thus a decimated LFSR 1 sequence.
The Stream Cipher HC128
"... Statement 1. HC128 supports 128bit key and 128bit initialization vector. Statement 2. 2 64 keystream bits can be generated from each key/IV pair. Statement 3. There is no hidden flaw in HC128. Statement 4. The smallest period is expected to be much larger than 2 128. Statement 5. Recovering the ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Statement 1. HC128 supports 128bit key and 128bit initialization vector. Statement 2. 2 64 keystream bits can be generated from each key/IV pair. Statement 3. There is no hidden flaw in HC128. Statement 4. The smallest period is expected to be much larger than 2 128. Statement 5. Recovering the secret key is as difficult as exhaustive key search. Statement 6. Distinguishing attack requires more than 2 64 keystream bits. Statement 7. There is no weak key in HC128. Statement 8. Encryption speed is 3.05 cycles/byte on Pentium M processor. Statement 9. The key and IV setup takes about 27,300 clock cycles Statement 10. HC128 is not covered by any patent and it is freely available. Remarks. When more than 2 64 keystream bits are generated from each key/IV pair, the effect on the security of the message/key is negligible. Thus there is no need to implement any mechanism to restrict the keystream length in practice. 1
The Alternating Step(r, s) Generator
, 2002
"... A new construction of a pseudorandom generator based on a simple combination of three feedback shift registers (FSRs) is introduced. The main characteristic of its structure is that the output of one of the three FSRs controls the clocking of the other two FSRs. This construction allows users to ge ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
A new construction of a pseudorandom generator based on a simple combination of three feedback shift registers (FSRs) is introduced. The main characteristic of its structure is that the output of one of the three FSRs controls the clocking of the other two FSRs. This construction allows users to generate a large family of sequences using the same initial states and the same feedback functions of the three combined FSRs. The construction is related to the Alternating Step Generator that is a special case of this construction. The period, and the lower and upper bound of the linear complexity of the output sequences of the construction whose control FSR generates a de Bruijn sequence and the other two FSRs generate msequences are established. Furthermore, it is established that the distribution of short patterns in these output sequences occur equally likely and that they are secure against correlation attacks. All these properties make it a suitable cryptogenerator for stream cipher applications.
Cryptanalysis of LFSRbased pseudorandom generators  a survey
, 2004
"... Pseudorandom generators based on linear feedback shift registers (LFSR) are a traditional building block for cryptographic stream ciphers. In this report, we review the general idea for such generators, as well as the most important techniques of cryptanalysis. ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Pseudorandom generators based on linear feedback shift registers (LFSR) are a traditional building block for cryptographic stream ciphers. In this report, we review the general idea for such generators, as well as the most important techniques of cryptanalysis.
ClockControlled Alternating Step Generator
, 2002
"... A new construction ofapseudorandom generator based on a simple combination of three feedback shift registers (FSRs) is introduced. The main characteristic of its structure is that the output of one of the three FSRs controls the clocking of the other two FSRs. This construction allows users to g ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
A new construction ofapseudorandom generator based on a simple combination of three feedback shift registers (FSRs) is introduced. The main characteristic of its structure is that the output of one of the three FSRs controls the clocking of the other two FSRs. This construction allows users to generate a large family of sequences using the same initial states and the same feedback functions of the three combined FSRs. The construction is related to the Alternating Step Generator that is a special case of this construction.