Resynchronization Attack on Stream Ciphers Filtered by Maiorana-McFarland Functions

In this paper, we present an extension to the resynchronization attack on stream ciphers of (Daemen et al., 1993). The most general attack in (Daemen et al., 1993) on a nonlinearly filtered register with linear resync has attack complexity ⌈ φ⌉× 2 φ, where n is the key length and φ the input size of the filter function. It was further shown specifically that the attack complexity can be reduced in the case when the filter function is a multiplexer. The attack of (Daemen et al., 1993) is most efficient when the input size is small. We shall show that a large input size may not necessarily guard against this attack, even when a function with good cryptographic properties is used. It may decrease the attack complexity, in the example illustrated in this paper. Boolean functions from the Maiorana-McFarland class make good choices for these filter functions due to their good cryptographic properties such as balance, high nonlinearity and high order of resiliency. However, these functions can become linear when certain input bits are fixed. We shall demonstrate this weakness and use it to achieve lower attack complexities for the general resynchronization attack of (Daemen et al., 1993).