Attacks Against Filter Generators Exploiting Monomial Mappings

Canteaut, Anne; Rotella, Yann

doi:10.1007/978-3-662-52993-5_5

Cited by 3 publications

(1 citation statement)

References 35 publications

(75 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They redefine the nonlinearity of the LFSR filter function as the minimal distance between equivalent filter functions and affine functions, which implies that a correlation attack may be more successful on a weak equivalent generator. This observation has been proved by Canteaut and Rotella at FSE 2016 [24]. In their paper, they describe how to mount a fast correlation attack on equivalent LFSR filters.…”

Section: Overall Security Analysismentioning

confidence: 82%

Generalized NLFSR Transformation Algorithms and Cryptanalysis of the Class of Espresso-like Stream Ciphers

Yao,

Parampalli

2019

Preprint

View full text Add to dashboard Cite

Lightweight stream ciphers are highly demanded in IoT applications. In order to optimize the hardware performance, a new class of stream cipher has been proposed. The basic idea is to employ a single Galois NLFSR with maximum period to construct the cipher. As a representative design of this kind of stream ciphers, Espresso is based on a 256-bit Galois NLFSR initialized by a 128-bit key. The 2 256 − 1 maximum period is assured because the Galois NLFSR is transformed from a maximum length LFSR. However, we propose a Galois-to-Fibonacci transformation algorithm and successfully transform the Galois NLFSR into a Fibonacci LFSR with a nonlinear output function. The transformed cipher is broken by the standard algebraic attack and the Rønjom-Helleseth attack with complexity O(2 68.44 ) and O(2 66.86 ) respectively. The transformation algorithm is derived from a new Fibonacci-to-Galois transformation algorithm we propose in this paper. Compare to existing algorithms, proposed algorithms are more efficient and cover more general use cases. Moreover, the transformation result shows that the Galois NLFSR used in any Espresso-like stream ciphers can be easily transformed back into the original Fibonacci LFSR. Therefore, this kind of design should be avoided in the future.

show abstract

Section: Overall Security Analysismentioning

confidence: 82%

Generalized NLFSR Transformation Algorithms and Cryptanalysis of the Class of Espresso-like Stream Ciphers

Yao,

Parampalli

2019

Preprint

View full text Add to dashboard Cite

show abstract

On generalized hyper-bent functions

Mesnager

2019

Cryptogr. Commun.

View full text Add to dashboard Cite

Decomposing Generalized Bent and Hyperbent Functions

Martinsen

Meidl

Mesnager

et al. 2017

IEEE Trans. Inform. Theory

View full text Add to dashboard Cite

In this paper we introduce generalized hyperbent functions from F 2 n to Z 2 k , and investigate decompositions of generalized (hyper)bent functions. We show that generalized (hyper)bent functions from F 2 n to Z 2 k consist of components which are generalized (hyper)bent functions from F 2 n to Z 2 k ′ for some k ′ < k. For odd n, we show that the Boolean functions associated to a generalized bent function form an affine space of semibent functions. This complements a recent result for even n, where the associated Boolean functions are bent.

show abstract

Attacks Against Filter Generators Exploiting Monomial Mappings

Cited by 3 publications

References 35 publications

Generalized NLFSR Transformation Algorithms and Cryptanalysis of the Class of Espresso-like Stream Ciphers

Generalized NLFSR Transformation Algorithms and Cryptanalysis of the Class of Espresso-like Stream Ciphers

On generalized hyper-bent functions

Decomposing Generalized Bent and Hyperbent Functions

Contact Info

Product

Resources

About