Title :
A New Attack on the Filter Generator
Author :
Rønjom, Sondre ; Helleseth, Tor
Author_Institution :
Dept. of Informatics, Bergen Univ.
fDate :
5/1/2007 12:00:00 AM
Abstract :
The filter generator is an important building block in many stream ciphers. The generator consists of a linear feedback shift register of length n that generates an m-sequence of period 2n-1 filtered through a Boolean function of degree d that combines bits from the shift register and creates an output bit zt at any time t. The previous best attacks aimed at reconstructing the initial state from an observed keystream, have essentially reduced the problem to solving a nonlinear system of D=Sigmai=1 d(n/i) equations in n unknowns using techniques based on linear algebra. This attack needs about D bits of keystream and the system can be solved in complexity O(Domega), where omega can be taken to be Strassen´s reduction exponent omega=log2(7)ap2.807. This paper describes a new algorithm that recovers the initial state of most filter generators after observing O(D) keystream bits with complexity O((D-n)/2)apO(D), after a pre-computation with complexity O(D(log2D)3)
Keywords :
Boolean functions; computational complexity; feedback; linear algebra; m-sequences; nonlinear systems; shift registers; Boolean function; filter generator; linear algebra; linear feedback shift register; m-sequence; nonlinear system; stream ciphers; Boolean functions; Galois fields; Helium; Linear algebra; Linear feedback shift registers; Nonlinear equations; Nonlinear filters; Nonlinear systems; Polynomials; Shift registers; $m$-sequence; Filter generator; solving nonlinear equations;
Journal_Title :
Information Theory, IEEE Transactions on
DOI :
10.1109/TIT.2007.894690
