Improved Analysis of the BMGL Keystream Generator

In this paper we give an improved security analysis of the NESSIE submission BMGL. The new analysis improves also asymptotically some of the theoretical results on which the BMGL keystream generator is based. We also give an alternative, bootstrapped version of the generator which is implementation-wise very close to the original generator and offers even stronger provable security properties.

[1]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[2]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[3]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[4]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[5]  Oded Goldreich,et al.  Modern Cryptography, Probabilistic Proofs and Pseudorandomness , 1998, Algorithms and Combinatorics.

[6]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.