摘要
对Eric Filiol提出的采样攻击方法(Proc. of INDOCRYPT’00,Springer-Verlag出版,2000)进行改进,利用n级LFSR序列的已知相似序列的2个不同起点的d采样序列,同时攻击2个Ld级LFSR序列,得到2Ld个关于n级LFSR初态的线性无关的线性方程,再攻击LFSR初态的其余n-2Ld个比特,从而恢复n级LFSR的初态。改进后的采样攻击方法计算复杂性由Eric Filiol采样攻击的C(Ld)+C(n-Ld)降为2C(Ld)+C(n-2Ld)。
This paper improves the decimation attacks method presented by Filiol. By d-decimating the known sequence from two different initial points, it can attack the initial states of two Ld-series LFSR, obtaining 2Ld independent equations with the bits of the initial state of the n-series LFSR, then attacks the other n-2Ld bit of the n-series LFSR initial states, consequently recovers the initial states of the n-series LFSR. The computational complexity of improved decimation attack is reduced from C(Ld)+C(n-Ld) of decimation attacks presented by Filiol to 2C(Ld)+C(n-2Ld), where C(m) is the computational complexity of attacking m-series LFSR by correlation attacks or fast correlation attacks.
出处
《计算机工程》
CAS
CSCD
北大核心
2009年第8期155-157,共3页
Computer Engineering
基金
河南省自然科学基金资助项目(072300410030)
关键词
序列密码
采样序列
采样攻击
stream cipher
decimation sequence
decimation attacks