1 / 10

Attack Based on Direct Sum Decomposition against NLFG

Attack Based on Direct Sum Decomposition against NLFG. Jingjing Wang , Xiangxue Li, Kefei Chen, Wenzheng Zhang. AfricaCrypt 2012 Ifrane, Morocco, July 2012. Nonlinear Filter Generator (NLFG). Wide a pplications in stream cipher Fast and easy to implement (HW)

pascha
Download Presentation

Attack Based on Direct Sum Decomposition against NLFG

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Attack Based on Direct Sum Decomposition against NLFG JingjingWang, XiangxueLi, KefeiChen, WenzhengZhang AfricaCrypt 2012 Ifrane, Morocco, July 2012

  2. Nonlinear Filter Generator (NLFG) • Wide applications in stream cipher • Fast and easy to implement (HW) • E.g. Toyocrypt, LILI, Sfinks, … • Vulnerability • Initial state easily recovered by algebraic attacks • E.g. AA, FAA, RH

  3. Algebraic Attacks • General Attack: • Step 1: construct equations of initial state • Step 2: solve equations

  4. Algebraic Attacks against NLFG • AA: • Low-degree annihilator h(意思完整) • Not very effective due to algebraic immune functions • FAA: • Linear relation of initial state (unknown) • Random equations

  5. Algebraic Attacks against NLFG • RH: specific against NLFG • By properly choosing , # NLFG offline bits for coefficients: Success probability: • Can we do better?

  6. Algebraic Attacks against NLFG • RH: specific against NLFG • By properly choosing , # NLFG offline bits for coefficients: Success probability: • Can we do better? by properly choosing

  7. Algebraic Attack Based on Direct Sum Decomposition • Attack: • Special property of NLFG output from its direct sum decomposition Linear equations • Operations: • Success probability:

  8. Direct Sum Decomposition of Sequence Space • Seq. set : all seq. with char. poly. • Linear space • Closed under shift • Let . Direct sum decomposition of :

  9. Properties of NLFG Output

  10. Properties of NLFGOutput • Let be the characteristic poly. of the seq. • in the linear space where contains all the seq. of characteristic poly. • Linear space

More Related