By Topic

Linear models for keystream generators

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Golic, J. ; Inf. Security Res. Centre, Queensland Univ. of Technol., Brisbane, Qld., Australia

It is shown that an arbitrary binary keystream generator with M bits of memory can be linearly modeled as a non-autonomous linear feedback shift register of length at most M with an additive input sequence of nonbalanced identically distributed binary random variables. The sum of the squares of input correlation coefficients over all the linear models of any given length proves to be dependent on a keystream generator. The minimum and maximum values of the correlation sum along with the necessary and sufficient conditions for them to be achieved are established. An effective method for the linear model determination based on the linear sequential circuit approximation of autonomous finite-state machines is developed. Linear models for clock controlled shift registers and arbitrary shift register based keystream generators are derived. Several examples including the basic summation generator, the clock-controlled cascade, and the shrinking generator are presented. Linear models are the basis for a general structure-dependent and initial-state-independent statistical test. They may also be used for divide and conquer correlation attacks on the initial state. Security against the corresponding statistical attack appears hard to control in practice and generally hard to achieve with simple keystream generator schemes

Published in:

Computers, IEEE Transactions on  (Volume:45 ,  Issue: 1 )