A new simple attack on a wide class of cryptographic sequence generators

Abstract

The class of decimation-based sequence generators attempts to obtain an implicit non-linearity from the decimation process. In this work, it is shown that the output sequence of a well known member of this generator class, the shrinking generator, is composed of PN-sequences generated by Linear feedback Shift Registers. Furthermore, these PN-sequences are shifted versions of a unique sequence whose initial positions can be determined using discrete logarithms. Taking advantage of the linearity of the PN-sequences, a method of recovering the whole output sequence from a small number of intercepted bits is proposed. The algorithm is deterministic, always finds the cryptosystem key and is very adequate for parallelization. The basic ideas of this work can be generalized to other elements in the same class of sequence generators.