Predicting the Shrinking Generator with Fixed Connections

We propose a novel distinguishing attack on the shrinking generator with known feedback polynomial for the generating LFSR. The attack can e.g. reliably distinguish a shrinking generator with a weight 4 polynomial of degree as large as 10000, using 2(32) output bits. As the feedback polynomial of an arbitrary LFSR is known to have a polynomial multiple of low weight, our distinguisher applies to arbitrary shrunken LFSR's of moderate length. The analysis can also be used to predict the distribution of blocks in the generated keystream.

[1]  Rolf Johannesson,et al.  Fundamentals of Convolutional Coding , 1999 .

[2]  Leonie Ruth Simpson,et al.  A Probabilistic Correlation Attack on the Shrinking Generator , 1998, ACISP.

[3]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[4]  J. D. Golic Computation of low-weight parity-check polynomials , 1996 .

[5]  Anne Canteaut,et al.  Improved Fast Correlation Attacks Using Parity-Check Equations of Weight 4 and 5 , 2000, EUROCRYPT.

[6]  Jovan Dj. Golic Linear Models for Keystream Generators , 1996, IEEE Trans. Computers.

[7]  Thomas Johansson Reduced Complexity Correlation Attacks on Two Clock-Controlled Generators , 1998, ASIACRYPT.

[8]  Jovan Dj. Golic,et al.  Embedding and Probabilistic Correlation Attacks on Clock-Controlled Shift Registers , 1994, EUROCRYPT.

[9]  Thomas Johansson,et al.  Distinguishing Attacks on SOBER-t16 and t32 , 2002, FSE.

[10]  Thomas M. Cover,et al.  Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing) , 2006 .

[11]  Jovan Dj. Golic Correlation Analysis of the Shrinking Generator , 2001, CRYPTO.

[12]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[13]  Shai Halevi,et al.  Cryptanalysis of Stream Ciphers with Linear Masking , 2002, CRYPTO.

[14]  Jovan Dj. Golic,et al.  Towards Fast Correlation Attacks on Irregularly Clocked Shift Registers , 1995, EUROCRYPT.

[15]  Thomas Johansson,et al.  Fast Correlation Attacks through Reconstruction of Linear Polynomials , 2000, CRYPTO.

[16]  David A. Wagner,et al.  A Generalized Birthday Problem , 2002, CRYPTO.