Abstract

This paper focuses on the analysis of LFSR-based stream ciphers with low data complexity. We introduce a novel parameter called the k-th truncated compressed preimage set (TCP set), and propose a low data complexity attack to recover the initial LFSR state via the TCP sets. Our method costs very few keystream bits and less time than the brute force under some condition. We apply our method to a 90-stage LFSR-based keystream generator with filter Boolean function which can resist the algebraic attack and inversion attack given by Goli\(\acute{c}\) to the greatest extent. It needs only 10-bit keystream to recover the 90-bit initial state, costing less time and data than the algebraic attack. The time complexity is also less than that of the inversion attack. Moreover, we recover the 128-bit initial state of the stream cipher LILI-128 with our method. The data cost is just 9 keystream bits along with a memory cost of O(28.5), which is the minimum data cost to theoretically break LILI-128 so far as we know. The time complexity is O(2122.4), better than the brute force. We also define a new security parameter called T comp and suggest a design criterion for the LFSR-based stream ciphers.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.