On the existence of secure keystream generators

4Citations
Citations of this article
31Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Designers of stream ciphers have generally used ad hoc methods to build systems that are secure against known attacks. There is often a sense that this is the best that can be done, that any system will eventually fall to a practical attack. In this paper we show that there are families of keystream generators that resist all possible attacks of a very general type in which a small number of known bits of a keystream are used to synthesize a generator of the keystream (called a synthesizing algorithm). Such attacks are exemplified by the Berlekamp-Massey attack. We first formalize the notions of a family of finite keystream generators and of a synthesizing algorithm. We then show that for any function h(n) that is in O(2n/d) for every d > 0, there is a family B of periodic sequences such that any efficient synthesizing algorithm outputs a generator of size /i(log(per())) given the required number of bits of a sequence B 6 B of large enough period. This result is tight in the sense that it fails for any faster growing function h(n). We also consider several variations on this scenario. © 2001 International Association for Cryptologic Research.

Cite

CITATION STYLE

APA

Klapper, A. (2001). On the existence of secure keystream generators. Journal of Cryptology, 14(1), 1–15. https://doi.org/10.1007/s001450010014

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free