Re: Criticism of a proposed stream cipher requested.
- From: Paul Rubin <no.email@xxxxxxxxxxxxxx>
- Date: Wed, 02 Jun 2010 09:46:10 -0700
Francois Grieu <fgrieu@xxxxxxxxx> writes:
I suspect that there might be ways to trade abundance of known
plaintext against less time and/or memory; or perhaps a much more
devastating attack. But I fail to pinpoint that right now.
Isn't this a trivial linear algebra problem? Let K1...K100 be the
unknown key bits. Let P1...P100 be the known plaintext. Let C1,C2....
be the ciphertext. Let Si,j be the j'th bit of the square root of i.
So
Cn = K1*S1,n + K2*S2,n + ... + K100*S100,n + Pn
where the multiplication is in GF(2). Solve simultaneous equations to
get K. Am I misunderstanding the question and/or overlooking something
silly?
.
- Follow-Ups:
- Re: Criticism of a proposed stream cipher requested.
- From: Scott Fluhrer
- Re: Criticism of a proposed stream cipher requested.
- From: Francois Grieu
- Re: Criticism of a proposed stream cipher requested.
- References:
- Criticism of a proposed stream cipher requested.
- From: Cryptoengineer
- Re: Criticism of a proposed stream cipher requested.
- From: Francois Grieu
- Criticism of a proposed stream cipher requested.
- Prev by Date: Re: Criticism of a proposed stream cipher requested.
- Next by Date: Re: Criticism of a proposed stream cipher requested.
- Previous by thread: Re: Criticism of a proposed stream cipher requested.
- Next by thread: Re: Criticism of a proposed stream cipher requested.
- Index(es):
Relevant Pages
|
