1996
DOI: 10.1007/3-540-60865-6_51
|View full text |Cite
|
Sign up to set email alerts
|

Correlation attacks on stream ciphers: Computing low-weight parity checks based on error-correcting codes

Abstract: The fast correlation attack described by Meier and Staffelbach [6] on certain classes of stream ciphers, based on linear feedback shift registers, requires that the number of taps of the characteristic polynomial must be small-typically less than 10. The attack can be extended to characteristic polynomials with an arbitrary number of taps if it is possible to compute low-weight polynomial multiples of the feedback polynomial. In this paper we present an algorithm for the efficient computation of low-weight par… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
11
0

Year Published

2000
2000
2013
2013

Publication Types

Select...
6
1
1

Relationship

0
8

Authors

Journals

citations
Cited by 21 publications
(11 citation statements)
references
References 8 publications
0
11
0
Order By: Relevance
“…Note that the technique of FWT was used in another context [7] to speed up other kinds of fast correlation attacks. In the next section we will see how it helps to speed up the attack [10] by a factor of 2 24 . We estimate similar correlation attacks like [6] can be speeded up by a factor of 10; undoubtedly, some other attacks can be significantly improved by our algorithm as well.…”
Section: Where W Is Defined By Eq(8)mentioning
confidence: 99%
“…Note that the technique of FWT was used in another context [7] to speed up other kinds of fast correlation attacks. In the next section we will see how it helps to speed up the attack [10] by a factor of 2 24 . We estimate similar correlation attacks like [6] can be speeded up by a factor of 10; undoubtedly, some other attacks can be significantly improved by our algorithm as well.…”
Section: Where W Is Defined By Eq(8)mentioning
confidence: 99%
“…For d > 4 the choice of the algorithm used in the preprocessing step then highly depends on the available memory amount. Similar techniques for finding low-weight parity-check equations are presented in [14].…”
Section: The Number Of Operations Required By This Algorithm Is Then mentioning
confidence: 99%
“…A necessary condition is that the feedback polynomial of the LFSR has a very low weight. This work was followed by several papers, providing improvements to the initial results of Meier and Staffelbach, see [16,4,5,17]. However, the algorithms are efficient (good performance and low complexity) only if the feedback polynomial is of low weight.…”
Section: Fig 1 a Binary Additive Stream Ciphersmentioning
confidence: 99%