Formally entered the field of cryptography, and found that cryptography is more like a mathematics, mainly the simple application of logarithm theory, modern algebra and the use of algorithms, often combined with modular operations and digital logic operations.
The first part of stream cipher mainly compares synchronous stream cipher and self-synchronized stream cipher. Among them, self-synchronized stream cipher is difficult to analyze theoretically because the generation of key stream is related to plain text. Most of the current research results are about synchronized stream ciphers.
As for the shift register, it is a major component of the key stream generated by the stream cipher. The linear feedback shift register LFCR is commonly used.
Stream cipher (1)
Article Directory
The basic idea of stream cipher is to use key k to generate a key stream z = z0 z1 ⋯, and use the following rules to encrypt the plaintext string x = x0 x1 x2 ⋯: y = y0 y1 y2 ⋯ = Ez0 (x0) Ez1 (x1) ) Ez2 (x2) ... The key stream is generated by the key stream generator f: zi = f (k, σ i), where σ i is the state of the memory element (memory) in the encryptor at time i, and f is the keys k and σ i The generated function. Plaintext message using the encryption transformation changing by-character encryption (binary) of. The rolling key z0 = f (k, σ 0) of the stream cipher is completely determined by the function f, the key k, and the specified initial state σ 0. 0) is completely determined by the function f, the key k and the specified initial state σ 0. After that, since the plaintext input to the encryptor may affect the storage state of the internal memory element in the encryptor, σ i (i> 0) may depend on k, σ 0, x0, x1, ⋯, xi-1 and other parameters.
The characteristic of the stream cipher is that it is fast and does not require very complicated hardware circuits. There is only limited error propagation, that is, the loss or error of a certain password in the transmission will only affect this character.
Stream cipher classification
Symmetric key and public key
Synchronization and self-synchronization: According to whether the storage state σ i of the memory element in the encryptor depends on the input plain text characters, stream ciphers can be further divided into two types: synchronization and self-synchronization. σ i independent of the plaintext characters is called a synchronization stream cipher, otherwise it is called a self-synchronization stream cipher.
Sync stream password
Synchronous stream cipher refers to the generation of independent clear text messages and cipher texts of the key stream in the cipher system. Due to this characteristic of synchronous stream cipher, the cipher of synchronous stream cipher can be divided into two parts: key stream generator and encryption converter
In synchronous stream ciphers, since zi = f (k, σ i) has nothing to do with plaintext characters, the ciphertext characters yi = Ezi (xi) at this time also do not depend on the previous plaintext characters. There are many options for the encryption transformation Ez i as long as the transformation is reversible. The digital security communication systems actually used are generally binary systems.
The key to synchronizing stream ciphers is the key stream generator. It can generally be regarded as a finite state automaton with parameter k, which consists of an output symbol set Z, a state set ∑, two functions φ and ψ, and an initial state σ 0. The finite state kiosk can transfer state and form a closed loop under the transition function according to the finite state set and the input and output character set. In order to achieve this goal, a nonlinear function must be used.
The most popular and practical keystream generator driver part is one or more linear feedback shift registers.
The nature of synchronous stream ciphers: Synchronization is strict and requires error-free propagation. The propagation error of a single character does not affect it, but it cannot resist active attacks.
The binary addition stream cipher is a common synchronous stream cipher. The key stream, plain text, and cipher text characters are all binary characters, and the output function h is an XOR function.
Self-Sync Streaming Password
Self-synchronous stream cipher (asynchronous stream cipher) means that the key stream is generated by the function of the key and a fixed number of previous ciphertext characters. The encryption process is shown in the figure, t is the number of encryption registers.
Nature: Self-synchronization, limited error propagation, errors in the transmission process will affect t characters of the password, t is the number of encryption and decryption registers, can not prevent active attacks, the attacker interrupts the communication through the attack. The spread of plaintext statistics, the previous plaintext ciphertext will always affect the subsequent plaintext ciphertext
Linear feedback shift register LFSR
The shift register is a main component of the key stream generated by the stream cipher. Its characteristics: it is the basic component of many key stream generators; LFSR is very suitable for hardware implementation; it can generate large periodic sequences; it can generate sequences with good statistical properties; it is easy to analyze it using algebraic methods.
Definition: A linear feedback shift register (LFSR) of length L consists of 0, 1, ..., L-1 with a total of L stages and a clock, each stage has 1 bit input and 1 bit output, and can be stored 1-bit character; clock is used to control the movement of data. The following operations are performed within each time unit: The characters stored in level 0 are output as part of the output sequence. For each i belongs to [1, L-1], move the content of level i into level i-1. The new element stored in the L-1 level is the feedback bit sj, which is obtained by adding modulo 2 of the content of a fixed subset in the L-1 level.
The above picture is especially important. Where the constant ci = 0 or 1, is modulo 2 addition. ci = 0 or 1 can be achieved by opening and closing the switch. The output sequence {at} satisfies an + t = cn at cn-1 at + 1 ⋯ c 1 an + t- 1, where t is a non-negative positive integer.
Special attention: in linear feedback shift registers, it is always assumed that at least one of c 1, c 2, ⋯, cn is not 0, otherwise f (a1, a2, ⋯, an) ≡0, in this case, in After n pulses, the state must be 00 ⋯ 0. The state period of the n-level linear feedback shift register is less than or equal to 2n-1. The period of its output sequence is equal to the state period, and it is also less than or equal to 2n-1. Choosing the appropriate feedback function can make the sequence's period reach the maximum value 2n-1, and the sequence whose period reaches the maximum value is called m sequence.
Suppose that the output sequence {ai} of the n-level linear shift register satisfies the recurrence relationship
an + k = c 1 an + k-1 XOR c 2 an + k-2 XOR ⋯ XOR cn ak (*) for any k≥1 Established. This recurrence relationship can be used as a one-degree high-order polynomial
p (x) = 1 + c 1 x + ⋯ + cn-1 xn-1 + cn xn
Represent, call this polynomial the characteristic polynomial or characteristic polynomial of LFSR.
Look at an example:
Theorem : The necessary condition for a sequence generated by n-level LFSR with a maximum period of 2 ^ n-1 is that its characteristic polynomial is irreducible.
Proof : Suppose the sequence period generated by n-level LFSR reaches a maximum of 2 ^ n-1, except for the 0 sequence, the period of each sequence is uniquely determined by the characteristic polynomial, regardless of the initial state. Let the characteristic polynomial be p (x), if p (x) is reducible, it can be set as p (x) = g (x) h (x), where g (x) is irreducible, and the degree k <n. Since G (g (x)) belongs to G (p (x)), the period of the sequence in G (g (x)) does not exceed 2 ^ k-1 on the one hand, and 2 ^ n-1, on the other hand This is contradictory, so p (x) is irreducible. (Certification)
The inverse theorem does not hold. F (x) = x ^ 4 + x ^ 3 + x ^ 2 + x + 1 is an irreducible polynomial on GF (2), which can be determined by x, x + 1,
x ^ 2 + x + 1 It cannot be divided by f (x). The output sequence of LFSR with f (x) as the characteristic polynomial can be obtained from
ak = ak-1 XOR ak-2 XOR ak-3 XOR ak-4 (k ≥ 4) and the given initial state, and set the initial If the status is 0001, the output sequence is 000110001100011 ..., the period is 5, not the m sequence.
** Theorem ** If the order of the n-th irreducible polynomial p (x) is 2n-1, then p (x) is said to be the n-order primitive polynomial. Let {ai} ∈G (p (x)), {ai} be a sufficient and necessary condition for the m sequence that p (x) is the original polynomial .
Definition: The LFSR shown in the previous figure can be written as <L, C (D)>. If the number of C (D) is L, the LFSR is called non-singular. For each i, belongs to [0, L-1], if the initial storage value of level i is {0, 1}, then [sL-1, ..., s1, s0] is called the initial state of the LFSR. Each output sequence of LFSR <L, C (D)> (that is, for all possible initial states) is periodic if and only if the degree of C (D) of the connection polynomial is L.
