Results 1  10
of
11
Searching for the Optimum Correlation Attack
 FSE’94, LNCS 1008
, 1995
"... We present some new ideas on attacking stream ciphers based on regularly clocked shift registers. The nonlinear lter functions used in such systems may leak information if they interact with shifted copies of themselves, and this gives us a systematic way to search for correlations between a keystr ..."
Abstract

Cited by 32 (0 self)
 Add to MetaCart
(Show Context)
We present some new ideas on attacking stream ciphers based on regularly clocked shift registers. The nonlinear lter functions used in such systems may leak information if they interact with shifted copies of themselves, and this gives us a systematic way to search for correlations between a keystream and the underlying shift register sequence.
Statistical Techniques for Language Recognition: An Introduction and Guide for Cryptanalysts
 Cryptologia
, 1993
"... We explain how to apply statistical techniques to solve several languagerecognition problems that arise in cryptanalysis and other domains. Language recognition is important in cryptanalysis because, among other applications, an exhaustive key search of any cryptosystem from ciphertext alone requir ..."
Abstract

Cited by 13 (2 self)
 Add to MetaCart
(Show Context)
We explain how to apply statistical techniques to solve several languagerecognition problems that arise in cryptanalysis and other domains. Language recognition is important in cryptanalysis because, among other applications, an exhaustive key search of any cryptosystem from ciphertext alone requires a test that recognizes valid plaintext. Written for cryptanalysts, this guide should also be helpful to others as an introduction to statistical inference on Markov chains. Modeling language as a finite stationary Markov process, we adapt a statistical model of pattern recognition to language recognition. Within this framework we consider four welldefined languagerecognition problems: 1) recognizing a known language, 2) distinguishing a known language from uniform noise, 3) distinguishing unknown 0thorder noise from unknown 1storder language, and 4) detecting nonuniform unknown language. For the second problem we give a most powerful test based on the NeymanPearson Lemma. For the oth...
On Fibonacci Keystream Generators
 Fast Software Encryption, 2nd International Workshop Proceedings
, 1994
"... . A number of keystream generators have been proposed which are based on Fibonacci sequences, and at least one has been fielded. They are attractive in that they can use some of the security results from the theory of shift register based keystream generators, while running much more quickly in soft ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
(Show Context)
. A number of keystream generators have been proposed which are based on Fibonacci sequences, and at least one has been fielded. They are attractive in that they can use some of the security results from the theory of shift register based keystream generators, while running much more quickly in software. However, new designs bring new risks, and we show how a system proposed at last year's workshop, the Fibonacci Shrinking Genertor (FISH), can be broken by an opponent who knows a few thousand words of keystream. We then discuss how such attacks can be avoided, and present a new algorithm, PIKE, which is based on the A5 algorithm used in GSM telephones. 1 Introduction For many years, cryptologists have studied keystream generators based on linear feedback shift registers [1]. When implemented in hardware, such systems can use a relatively small number of gates for a given level of security; they were very popular in the days before very large scale integration, and are still used in app...
How to Break Gifford's Cipher (Extended Abstract)
, 1994
"... We present and implement a ciphertextonly algorithm to break Gifford's cipher, a stream cipher designed in 1984 by David Gifford of MIT and used to encrypt New York Times and Associated Press wire reports. Applying linear algebra over finite fields, we exploit a timespace tradeoff to separate ..."
Abstract
 Add to MetaCart
We present and implement a ciphertextonly algorithm to break Gifford's cipher, a stream cipher designed in 1984 by David Gifford of MIT and used to encrypt New York Times and Associated Press wire reports. Applying linear algebra over finite fields, we exploit a timespace tradeoff to separately determine key segments derived from a decomposition of the feedback function. This work, the first proposed attack on Gifford's cipher, illustrates a powerful attack on stream ciphers and shows that Gifford's cipher is illsuited for encrypting broadcast data in the MITbased Boston Community Information System (BCIS). Gifford's cipher is a filter generatora linear feedback shift register with nonlinear output. Our cryptanalytic problem is to determine the secret 64bit initial fill, which is changed for each news article. Representing the feedback function as a binary matrix F , we decompose the vector space of register states into a direct sum of four F invariant Support for this res...
Efficient Stream Cipher with Variable Internal State
"... This paper presents an efficient stream cipher using an internal state with variable structure and evolution. Arbitrarily large internal states can be used in order to defeat bruteforce guessing attacks without compromising the performance of cipher, and possibly improving it. Attacking is made eve ..."
Abstract
 Add to MetaCart
This paper presents an efficient stream cipher using an internal state with variable structure and evolution. Arbitrarily large internal states can be used in order to defeat bruteforce guessing attacks without compromising the performance of cipher, and possibly improving it. Attacking is made even more complicated by dynamically chosing different topologies and evolutions for the cipher's internal state. The cipher controls the evolution of its internal state by using both an external keyed pseudorandom generator (EKPRG), either cryptographically strong or weak, and plaintext feedback. The plaintext feedback reduces the probability of producing cyclic keystreams without compromising the security of the cipher. The parameters controlling the structure and evolution of the cipher's internal state can be chosen in order to achieve different levels of security, memory consumption and performance. In terms of security, we evaluate the impact of this parameters in the strength of the c...
INTRODUCTION TO THE APPLICATIONS OF EVOLUTIONARY COMPUTATION IN COMPUTER SECURITY AND CRYPTOGRAPHY
"... ..."