350 rub
Journal Science Intensive Technologies №1 for 2010 г.
Article in number:
Inverstigation on linear subsystems of nonlinear equation systems for gamma generators
Authors:
V.M. Fomichev, N.V. Fomichev
Abstract:
The main characteristic of cryptographic methods is security of implemented cryptograpic systems. Practical security of cryptosystem is estimated with respect to wide range of well known analysis methods. In some cases these methods are based on solving of equations systems to determine key elements. This paper is devoted to determination of linear subsystems in non-linear equations system. This non-linear system describes gamma of clock-controlled shift registers. Complexity of linear systems solvig can be not high. Highly topical problems of cryptographic analysis of some non-linear systems are considered: - determination of linear subsystems if exist, - proof of linear subsystems absence. Following results are achived: 1. Theorem 1 is proved for ?- steps - generator based on LSR-1 (linear shift register) of length n with uniformly distrubuted boolean filter function f(x) and generating LSR-2 of length m: «Exponent of linearity of substitution, which generates group of generator, is equal to 2п-1; order of generator-s linear subgroup is , where =2n-1(+)+f(0,?,0)(-)-.» 2. Theorem 2 is proved for alternating step generators based on controlling LSR-1 of length n and generating LSR-2 of length m and LSR-3 of length r: «Exponent of linearity of substitution, which generates group of generator, is equal to 2п-1; order of generator-s linear subgroup is ». These results mean for generators described in theorem 1 and theorem 2 following: equations of gamma generating are linear if and only if their numbers are multiple of 2n-1. 3. It-s shown for (,)-selfdecimation generators based on LSR of length n, that any equation of gamma generating is non-linear if n>3 and =2, where (,2n-1)=1. Consequently, linearization method using searching of linear subsystems is ineffective in relation to described generators of (,)-selfdecimation, ?- steps - and generators with alternating step, if length of period of controlling gamma exceeds length of known gamma.
Pages: 28-33
References
  1. Алфёров А.П., Зубов А.Ю., Кузьмин А.С., Черёмушкин А.В. Основы криптографии. - М.: Гелиос АРВ. 2001.
  2. Гилл А. Линейные последовательностные машины. М.: Наука. 1974.
  3. Коновальцев И.В. Об одном алгоритме решения систем линейных уравнений в конечных полях. Проблемы кибернетики. М.: Физматгиз. 1967.
  4. Фаддеев Д.К., Фаддеева В.Н. Вычислительные методы линейной алгебры. М.: Физматгиз. 1960.
  5. Фомичёв В.М. Дискретная математика и криптология. М.: ДИАЛОГ-МИФИ. 2003.
  6. Фомичёв В.М. Исследование признаков в конечных группах и в группах подстановок // Математические вопросы кибернетики. Вып.14: Сборник статей / Под ред. О.Б. Лупанова. М.: Физматлит, 2005. С. 161-260.
  7. Фомичёв В.М., Фомичёв Н.В. Исследование признаков элементов в конечных полугруппах и группах // Безопасность информационных технологий. М.: МИФИ. 2006. №1. - С. 97-100.
  8. Фомичев Н.В. Свойства линейных признаков в полугруппах преобразований. // Обозрение прикладной и промышленной математики. 2007. т.14, в.5.
  9. Шеннон К. Работы по теории информации и кибернетике. М.: ИЛ. 1963.
  10. Шнайер Б. Прикладная криптография. Протоколы, алгоритмы, исходные тексты на языке Си. М.: ТРИУМФ. 2002.
  11. Bunch J.R., Hopcroft J.E. Triangular factorization and inversion by fastmatrix multiplication. Mathematics Computations, 1974, v.28, №125.
  12. Coppersmith D., Winograd S. Matrix multiplication via arithmetic progressions, J. Symbolic Computation (1990), 9.
  13. Gollmann D. and Chambers W.G. Clock-controlled shift registers: A review // IEEE J. Selected Areas Commune, v.7, May 1989. P. 525-533.
  14. Gunther C.G. Alternating step generators controlled by de Burin sequences. Lecture Notes in Computer Science 304 // Advances in Cryptology: Proc. Eurocrypt-87. - D. Chaum and W.L. Price, Eds., Amsterdam, The Netherlands, April 13-15, 1987. P. 5-14. Berlin: Springer-Verlag, 1988.
  15. Rueppel R.A. When shift registers clock themselves. Lecture Notes in Computer Science 304; Advances in Cryptology: Proc. EuroCrypt-87. Berlin: Springer Verlag, 1988.
  16. Strassen V. Gaussian elimination is not optimal. Numerishe Math., 1969. v.13.
  17. Tretter S.A. Properties of PN2 sequences // IEEE Trans. Inform. Theory. v.IT-20, March 1974. P. 295-297.