Attack Based on Direct Sum Decomposition against the Nonlinear Filter Generator

The nonlinear filter generator (NLFG) is a powerful building block commonly used in stream ciphers. In this paper, we present the direct sum decomposition of the NLFG output sequence that leads to a system of linear equations in the initial state of the NLFG and further to an efficient algebraic attack. The coefficients of the equation system rely only on the NLFG structure. The attack is operated in an online/offline manner, doing most of the work (determining the coefficients of the equation system) in the offline phase. Thus the online phase is very fast, requiring only four multiplications and one diagonalization of n×n matrices. Compared with related works, our attack has the advantages in both online computation cost and success probability. On the one hand, far fewer output bits and significantly less matrix computation are required in our attack, although the online computation complexity O(LC) (LC is the linear complexity of the output sequence) is the same as in the known Ronjom-Helleseth attack. On the other hand, the success probability of the attack is analyzed in this paper, different from most prior work. The success probability of this algebraic attack is $1-2^{-\phi(2^n-1)}$ (φ(·) is the Euler function), which is much greater than 1−2−n, the success probability of the Ronjom-Helleseth attack.

[1]  Alfred Menezes,et al.  Topics in Cryptology – CT-RSA 2005 , 2005 .

[2]  R. A. Rueppel Analysis and Design of Stream Ciphers , 2012 .

[3]  Josef Pieprzyk,et al.  Advances in Cryptology - ASIACRYPT 2008, 14th International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, Australia, December 7-11, 2008. Proceedings , 2008, ASIACRYPT.

[4]  Nicolas Courtois,et al.  Higher Order Correlation Attacks, XL Algorithm and Cryptanalysis of Toyocrypt , 2002, ICISC.

[5]  Chae Hoon Lim,et al.  Information Security and Cryptology — ICISC 2002 , 2003, Lecture Notes in Computer Science.

[6]  Frederik Armknecht,et al.  Algebraic Attacks on Combiners with Memory , 2003, CRYPTO.

[7]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[8]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[9]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[10]  Natasa Zivic Coding and Cryptography , 2013 .

[11]  Claude Carlet,et al.  An Infinite Class of Balanced Functions with Optimal Algebraic Immunity, Good Immunity to Fast Algebraic Attacks and Good Nonlinearity , 2008, ASIACRYPT.

[12]  Olivier Billet,et al.  Resistance of SNOW 2.0 Against Algebraic Attacks , 2005, CT-RSA.

[13]  H. Niederreiter,et al.  Finite Fields: Encyclopedia of Mathematics and Its Applications. , 1997 .

[14]  Nicolas Courtois Cryptanalysis of Sfinks , 2005, ICISC.

[15]  Guang Gong,et al.  Signal Design for Good Correlation: For Wireless Communication, Cryptography, and Radar , 2005 .

[16]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[17]  Nicolas Courtois Fast Algebraic Attacks on Stream Ciphers with Linear Feedback , 2003, CRYPTO.

[18]  Leonie Ruth Simpson,et al.  On the Security of the LILI Family of Stream Ciphers Against Algebraic Attacks , 2007, ACISP.

[19]  Frederik Armknecht,et al.  Introducing a New Variant of Fast Algebraic Attacks and Minimizing Their Successive Data Complexity , 2005, Mycrypt.

[20]  Cunsheng Ding,et al.  The Stability Theory of Stream Ciphers , 1991, Lecture Notes in Computer Science.

[21]  Josef Pieprzyk,et al.  Algebraic Attacks on SOBER-t32 and SOBER-t16 without Stuttering , 2004, FSE.

[22]  Aggelos Kiayias,et al.  Efficient Secure Group Signatures with Dynamic Joins and Keeping Anonymity Against Group Managers , 2005, Mycrypt.

[23]  Tor Helleseth,et al.  Fast Discrete Fourier Spectra Attacks on Stream Ciphers , 2011, IEEE Transactions on Information Theory.

[24]  Tor Helleseth,et al.  A New Attack on the Filter Generator , 2007, IEEE Transactions on Information Theory.

[25]  Rudolf Lide,et al.  Finite fields , 1983 .

[26]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[27]  Claude Carlet,et al.  Algebraic Attacks and Decomposition of Boolean Functions , 2004, EUROCRYPT.

[28]  Philip Hawkes,et al.  Rewriting Variables: The Complexity of Fast Algebraic Attacks on Stream Ciphers , 2004, CRYPTO.

[29]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[30]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[31]  Willi Meier,et al.  Fast Algebraic Attacks on Stream Ciphers with Linear Feedback , 2003, CRYPTO.

[32]  William Millan,et al.  LILI Keystream Generator , 2000, Selected Areas in Cryptography.

[33]  Anne Canteaut,et al.  Open Problems Related to Algebraic Attacks on Stream Ciphers , 2005, WCC.

[34]  Edwin L. Key,et al.  An analysis of the structure and complexity of nonlinear binary sequence generators , 1976, IEEE Trans. Inf. Theory.

[35]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.