Issue No. 10 - October (2000 vol. 49)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/12.888045
<p><b>Abstract</b>—A nonlinear filter generator is a basic keystream generator for stream cipher applications consisting of a single linear feedback shift register whose output is filtered by a nonlinear combining function. A binary nonlinear filter generator is viewed as a finite input memory automaton with one binary input and one binary output. The generalized inversion attack on a binary nonlinear filter generator is developed and analyzed by the theory of critical branching processes. Its objective is to recover the unknown input sequence from a given segment of the output sequence, provided that the filter function is known. Unlike the inversion attack, which requires that the filter function be linear in the first or the last input variable, this attack can be applied for any filter function. Both theory and systematic experiments show that its time complexity remains close to <tmath>$2^M$</tmath>, which is the time complexity of the inversion attack, where <tmath>$M$</tmath> denotes the input memory size in bits.</p>
Binary trees, Boolean functions, critical branching processes, inversion of finite automata, keystream generators.
A. Clark, J. D. Golic and E. Dawson, "Generalized Inversion Attack on Nonlinear Filter Generators," in IEEE Transactions on Computers, vol. 49, no. , pp. 1100-1109, 2000.