• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.71-77
• /
• 2004

It was proved that Hen is an algebraic ,elation of degree [n(l+1]/2] for an (n, 1)-combine. which consists of n LFSRs and l memory bits. For the summation generator with $2^k$ LFSRs which uses k memory bits, we show that there is a non-trivial relation of degree at most $2^k$ using k+1 consecutive outputs. In general, for the summation generator with n LFSRs, we can construct a non-trivial algebraic relation of degree at most 2$^{{2^{[${log}_2$}n]}}$ using [${log}_2$＋1 consecutive outputs.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.7 no.2
• /
• pp.93-106
• /
• 1997

Summation generator is a real adder generator with maximum period, near maximum linear complexity and maximum order of correlation immunity. But this generator has been analyzed by a correlation attack(a kind of known-plaintext attack), which confers carry bits from output sequences of consecutive 0's or 1's. As methods of immunizing carry-output correlation, an immunized summation generator which exclusively-ORed summation generator output with output of a stage of LFSR was proposed. But the immunized generator reuses the output of LFSR by k-bit later and does not garantees maximum period in special case. In this paper we proposed an improved summation generator with 2-bit memory and analyzed it.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.65-70
• /
• 2006

It is hewn that we can apply algebraic attacks on combiners with memory such as summation generators. [1,8] To apply algebraic attacks on combiners with memory, we need to construct algebraic relations between the keystream bits and the initial bits of the LFSRs. Until now, all known methods produce algebraic relations involving several consecutive bits of keystream. [l.4.8] In this paper, we show that algebraic relations involving only one keystream bit can be constructed for summation generators. We also show that there is an algebraic relation involving only one keystream bit for ISG (9) proposed by Lee and Moon. Using this fact, we analyze the keystream generators which generate the keystreams by combining summation generators.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.7C
• /
• pp.640-648
• /
• 2009

Summation generator with high period and high linear complexity can be easily implemented by a simple hardware or software and it is proper to apply in mobile security system for ubiquitous environments. However the generator has been some weaknesses from Dawson's divided-and-conquer attack, Golic's correlation attack and Meier's fast correlation attack. In this paper, we propose an improved version($2^{128}$security level) of $E_0$algorithm, CVC-NSG(Circular-Clock-Controlled - Nonlinear Summation Generator), which partially replaces LFSRs with nonlinear FSRs and controls the irregular clock to reinforce it's own weaknesses. Finally, we analyze our proposed design in terms of security and performance.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.1C
• /
• pp.80-86
• /
• 2006

In this paper, we propose the PingPong-128(PP-128) keystream generator, based on summation generator. Proposed PingPong-128, a specific cipher of the PingPong Family, takes 128 bits key and 128 bit initial vector, has 258 bit internal state, and achieves a security level of 128 bits. The security analysis of PingPong-128 is presented, including the resistence to known attacks against the summation generator and other clock-controlled generators.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.357-362
• /
• 2009

Summation generator can be easily made as a simple hardware or software and it's period and linear complexity are very high. So it is appropriate to mobile security system for ubiquitous environment. But it showed us the weakness by Golic's correlation attack and Meier's fast correlation attack. In this paper, we proposed a Nonlinear Summation Generator(NSG), which is improved by using LFSR and NFSR(nonlinear feedback shift register), is different from $E_0$ algorithm which use only LFSR in summation generator. It enhanced nonlinearity and is hard to decipher even though the correlation attack or fast correlation attack. We also analyzed the security aspects and the performances for the proposed algorithm.

• The KIPS Transactions:PartC
• /
• v.8C no.1
• /
• pp.12-15
• /
• 2001

A summation generator creates sequence from addition with carry of LFSR (Linear Feedback Shift Register) sequences. Similarly, it is possible to generate keystream by bitwise exclusive-oring on two FCSR sequences. In this paper, we described the cryptographic properties of a sequence generated by the FCSRs.

• The KIPS Transactions:PartC
• /
• v.10C no.7
• /
• pp.851-856
• /
• 2003

The LM generator is an improved summation generator with maximum period, near maximum linear complexity and maximum order of correlation immunity, and it has a property with the input-output correlation immunity In this paper, we propose the high-speed m-parallel LM-BSG and 8-parallel LM-BSG for detail as a design example. When compared with a conventional stream cipher, the properties of the proposed cipher exhibited the same crypto-degree (security) with a rt times faster processing.

• Journal of KIISE:Computer Systems and Theory
• /
• v.32 no.10
• /
• pp.507-511
• /
• 2005

We have derived the linear complexity of a binary sequence generated by a Feedback with Carry Shift Regiater(FCSR) under the following condition: q is a power of a prime such that $q=r^e,\;(e{\geq}2)$ and r=2p+1, where both r and p are 2-prime. Also, a summation generator creates sequence from addition with carry of LFSR(Linear Feedback Shift Register) sequences. Similarly, it is possible to generate keystream by bitwise exclusive-oring on two FCSR sequences. In this paper, we described the cryptographic properties of a sequence generated by the FCSRs in view of the linear complexity.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2004.05a
• /
• pp.1011-1014
• /
• 2004

본 논문에서 제안된 Self_Decimated LM-128 키 수열 발생기(Keystream generator)는 2개의 비트 메모리 합산 수열발생기(summation generator)를 갖는 자체 클럭 조절형 키 수열 발생기(stream cipher)이다. Self_Decimated LM-128은 LM 계열에서 제시된 특수한 암호로 128비트 키와 128비트 초기 벡터 그리고 257 비트의 내부 상태를 가지며 128 비트의 보안 레벨을 유지한다. 알려진 보안 분석의 공격에 대비해서 2-비트 메모리를 이용한 합산 수열발생기와 자체 클럭 조절형 키 수열 발생기를 포함한다.