共查询到19条相似文献,搜索用时 41 毫秒
1.
2.
3.
给出3个停走生成器在模2加组合方式下符合率的有关结论。此类生成器的输出序列与相应停走生成器的控制序列相互独立;输出序列与相应停走生成器的目标LFSR输出序列不独立,本文对输出序列与目标LFSR序列的符合率进行了讨论,给出有限维联合分布的计算公式。 相似文献
4.
研究了基于带进位的反馈移位寄存器(FCSR)滤波的密钥流生成器族(F-FCSR),在分析F-FCSR线性弱点和F-FCSR-Hv2被攻破原因的基础之上,提出了全动态滤波密钥流生成器DF-FCSR-8。避免了利用该种情况而进行的Hell-Johansson攻击。其生成序列通过了美国技术与标准局(NIST)STS软件包的16项随机性测试,有良好的随机性。同时生成器也能抵抗其他攻击。 相似文献
5.
当前,由于还没有一个适于一般目的的流密码国际加密标准,流密码的设计与分析引起了广泛关注。在以前的流密码的设计中多采用线性反馈移位寄存器(LFSR)作为基本的部件。然而由于LFSR本身的线性性,基于LFSR的流密码备受攻击,进而相继出现了一些替换部件,例如T函数,带进位的反馈移位寄存器(FCSR)等等。文中给出了一个新的基于FCSR的密钥流生成器。理论分析表明该密钥流生成器具有高度的安全性。NIST统计测试表明该密钥流生成器的伪随机特性是理想的。 相似文献
6.
多值“加法型”组合生成器分析 总被引:1,自引:1,他引:0
文中运用信息论原理对多值“加法型”组合生成器序列进行分析,得到钟控序列与输出序列的互信息为零的结论,证明了钟控输入与输出序列之间互信息是输出序列长度的严格递增函数,进而对控选逻辑序列设计进行分析。 相似文献
7.
本文讨论一类非线性生成器的分析与综合。这类非线性生成器由三部份组成:nm级的带有本原联结多项式的线性移位寄存器,随机选择器;m端的非线性前馈函数。本文证明了该系统的线性复杂度是可控制的;易于实现(其软件实现的计算复杂度为O(m~3+nm));安全性远远高于原始的前馈网络,即在已知前馈函数和线性移位寄存器时,破译该系统穷举法成功的概率几乎为零。 相似文献
8.
9.
谭俊中 《信息安全与通信保密》2007,(5):158-160
文章描述了代数攻击的一般原理和可攻击的流密码类型,针对带记忆非线性组合流密码的代数攻击,基于Courtios等人的工作,给出了一种新的寻找可用于代数攻击的低阶多元方程的方法。 相似文献
10.
针对具有低重量反馈多项式的比特搜索生成器(BSG),利用猜测确定攻击的思想提出了一种快速密钥恢复攻击。该算法基于BSG序列的差分构造特点,首先由截获的密钥流恢复出候选差分序列,然后用反馈多项式对候选差分序列进行校验,以此减少需要求解的L维线性方程系统的数量,从而大大减少了算法所需的复杂度。理论分析和仿真结果表明,对于反馈多项式的重量小于10的BSG,该算法明显优于现有的攻击方法。特别地当反馈多项式的重量为3时,该算法能够将最好的攻击结果O(L320.5L)降低到O(L20.5L)。 相似文献
11.
Ma Weiju Feng Dengguo 《电子科学学刊(英文版)》2006,23(6):888-891
I. Introduction BluetoothTM is a standard for wireless short-range connectivity specified by the BluetoothTMspecial interest group in Ref.[1]. The specificationdefines a stream cipher algorithm E0 to be used forpoint-to-point encryption within the Bluetooth net-work. The main component of the Bluetooth streamcipher algorithm is the keystream generator (Blue-tooth combiner) which is derived from the well-known summation generator with four input LinearFeedback Shift Registers (LFSRs). A… 相似文献
12.
In this paper, we study an E0-like combiner with memory as the keystream generator. First, we formulate a systematic and simple
method to compute correlations of the FSM output sequences (up to certain bits). An upper bound of the correlations is given,
which is useful to the designer. Second, we show how to build either a uni-bias-based or multi-bias-based distinguisher to
distinguish the keystream produced by the combiner from a truly random sequence, once correlations are found. The data complexity
of both distinguishers is carefully analyzed for performance comparison. We show that the multi-bias-based distinguisher outperforms
the uni-bias-based distinguisher only when the patterns of the largest biases are linearly dependent. The keystream distinguisher
is then upgraded for use in the key-recovery attack. The latter actually reduces to the well-known Maximum Likelihood Decoding
(MLD) problem given the keystream long enough. We devise an algorithm based on Fast Walsh Transform (FWT) to solve the MLD
problem for any linear code with dimension L and length n within time O(n+L⋅2
L
). Meanwhile, we summarize a design criterion for our E0-like combiner with memory to resist the proposed attacks. 相似文献
13.
Correlation properties of a general binary combiner with memory 总被引:8,自引:0,他引:8
Jovan Dj. Golić 《Journal of Cryptology》1996,9(2):111-126
Correlation properties of a general binary combiner with an arbitrary number M of memory bits are derived and novel design criteria proposed. For any positive integer m, the sum of the squares of the correlation coefficients between all nonzero linear functions of m successive output bits and all linear functions of the corresponding m successive inputs is shown to be dependent upon a particular combiner, unlike the memoryless combiners. The minimum and maximum values of the correlation sum as well as the necessary and sufficient conditions for them to be achieved are determined. It turns out that the security of combiners with memory can be considerably improved if M is not small.An efficient linear sequential circuit approximation (LSCA) method is developed for obtaining output and input linear functions with comparatively large correlation coefficients which is feasible for large M and works for any practical scheme. The method consists in deriving and solving a linear sequential circuit with additional nonbalanced inputs that is based on linear approximations of the output and the component next-state functions. The corresponding correlation attack on combiners with linear feedback shift registers is analyzed and it is shown that every such combiner with or without memory is essentially zero-order correlation immune.A preliminary version of this paper was presented at Eurocrypt '92 and was published in the proceedings. This research was supported in part by the Science Fund of Serbia, Grant #0403, through the Institute of Mathematics, Serbian Academy of Arts and Sciences. 相似文献
14.
本文探讨了无记忆组合函数的非线性与相关免疫性之间的关系,利用Walsh交换,研究了广义相关免疫函数的频谱特征,并且讨论了Bent函数的广义相关免疫阶数。 相似文献
15.
For pseudo-random generators where one or several LFSRs are combined by a memoryless function, it is known that the output sequences are correlated to certain LFSR-sequences whose correlation coefficients c
t
satisfy the equation
i
c
2
i
= 1. In this paper it is proved that a corresponding result also holds for generators whose LFSRs are connected to a combiner with memory.If correlation probabilities are conditioned on side information, e.g., on known output digits, it is shown that new or stronger correlations may occur. This is exemplified for the summation cipher with only two LFSRs where such correlations can be exploited in a known plaintext attack. A cryptanalytic algorithm is given which is shown to be successful for LFSRs of considerable length and with arbitrary feedback connection.A preliminary version of this paper was presented at Eurocrypt '90, May 21–24, Århus, Denmark, and has appeared in the proceedings, pp. 204–213. 相似文献
16.
Muxiang Zhang 《Journal of Cryptology》2000,13(3):301-314
The maximum correlation of a Boolean function to all Boolean functions of a subset of its input variables is investigated.
A relationship is derived between the maximum correlation and the mutual information between the output of a balanced Boolean
function and a subset of its random input variables. For bent functions (which are never balanced), both the mutual information
and the maximum correlation are bounded and shown to be small in a strong sense.
Received 14 February 1996 and revised 15 January 2000 Online publication 19 May 2000 相似文献
17.
介绍了一种3路径向高功率合成器的设计,该3路功率合成器采用50Ω负载作为两路之间的隔离电阻,且通过50Ω阻抗线与电路主体连接,负载尺寸以及安装位置不影响合成器的电性能,实现了高功率隔离的目的。文中对该功分器各传输线的阻抗进行了分析计算,并给出了HFSS软件的仿真结果和实测结果。仿真和实测结果显示:该合成器在16%带宽内隔离度小于-25 dB,满足一般功率合成器的使用要求。该3路径向高功率合成器具有幅相一致性高,耐功率高的特点,可用于固态发射机的功率合成以及雷达天线阵面大功率输出和定标系统中。 相似文献
18.
设计了一种适用于对MMIC功率放大器进行合成的新型功率合成器。采用多端口网络理论对功率合成结构进行分析, 结合MMIC功放单片的工作特点总结出该功率合成器最重要的设计指标, 设计出工作在5GHz~6GHz的16路辐射线型功率合成器。通过测试发现该功率合成器的驻波〈1.5dB, 各端口幅度不平衡度〈±0.4dB, 相位不平衡度〈±2°, 并具有较好的隔离度, 整个功率合成器的直径小于56mm, 非常适合用于C波段大功率的合成。最终采用该功率合成器在5GHz~6GHz的工作频率内成功获得160W的合成功率。 相似文献