This Article 
 Bibliographic References 
 Add to: 
Generalized Inversion Attack on Nonlinear Filter Generators
October 2000 (vol. 49 no. 10)
pp. 1100-1109

Abstract—A nonlinear filter generator is a basic keystream generator for stream cipher applications consisting of a single linear feedback shift register whose output is filtered by a nonlinear combining function. A binary nonlinear filter generator is viewed as a finite input memory automaton with one binary input and one binary output. The generalized inversion attack on a binary nonlinear filter generator is developed and analyzed by the theory of critical branching processes. Its objective is to recover the unknown input sequence from a given segment of the output sequence, provided that the filter function is known. Unlike the inversion attack, which requires that the filter function be linear in the first or the last input variable, this attack can be applied for any filter function. Both theory and systematic experiments show that its time complexity remains close to $2^M$, which is the time complexity of the inversion attack, where $M$ denotes the input memory size in bits.

[1] R.J. Anderson, “Searching for the Optimum Correlation Attack,” Proc. Fast Software Encryption—Leuven '94, B. Preneel, ed., pp. 137-143, 1995.
[2] K.B. Athreya and P.E. Ney, Branching Processes. Berlin: Springer-Verlag, 1972.
[3] J.Dj. Golic, “On the Security of Nonlinear Filter Generators,” Proc. Fast Software Encryption—Cambridge '96, D. Gollmann, ed., pp. 173-188, 1996.
[4] T.H. Harris, The Theory of Branching Processes. Berlin: Springer-Verlag, 1963.
[5] W. Meier and O. Stafflebach, “Fast Correlation Attacks on Certain Stream Ciphers,” J. Cryptology, vol. 1, pp. 159-176, 1989.
[6] A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography, CRC Press, Boca Raton, Fla., 1996, pp. 543-590.
[7] R.A. Rueppel, Analysis and Design of Stream Ciphers. Springer-Verlag, 1986.

Index Terms:
Binary trees, Boolean functions, critical branching processes, inversion of finite automata, keystream generators.
Jovan Dj. Golic, Andrew Clark, Ed Dawson, "Generalized Inversion Attack on Nonlinear Filter Generators," IEEE Transactions on Computers, vol. 49, no. 10, pp. 1100-1109, Oct. 2000, doi:10.1109/12.888045
Usage of this product signifies your acceptance of the Terms of Use.