Keystream

Abstract: A binary stream cipher, known as A5, consisting of three short LFSRs of total length 64 that are mutually clocked in the stop/go manner is cryptanalyzed. It is allegedly used in the GSM standard for digital cellular mobile telephones. Very short keystream sequences are generated from different initial states obtained by combining a 64-bit secret session key and a known 22-bit public key. A basic divide-and-conquer attack recovering the unknown initial state from a known keystream sequence is first introduced. It exploits the specific clocking rule used and has average computational complexity around 240. A time-memory trade-off attack based on the birthday paradox which yields the unknown internal state at a known time for a known keystream sequence is then pointed out. The attack is successful if T ċ M ≥ 2633.32, where T and M are the required computational time and memory (in 128-bit words), respectively. The precomputation time is O(M) and the required number of known keystream sequences generated from different public keys is about T/102. For example, one can choose T ≅ 227.67 and M ≅ 235.65. To obtain the secret session key from the determined internal state, a so-called internal state reversion attack is proposed and analyzed by the theory of critical and subcritical branching processes.

Abstract: Two pseudorandom binary sequence generators, based on logistic chaotic maps intended for stream cipher applications, are proposed. The first is based on a single one-dimensional logistic map which exhibits random, noise-like properties at given certain parameter values, and the second is based on a combination of two logistic maps. The encryption step proposed in both algorithms consists of a simple bitwise XOR operation of the plaintext binary sequence with the keystream binary sequence to produce the ciphertext binary sequence. A threshold function is applied to convert the floating-point iterates into binary form. Experimental results show that the produced sequences possess high linear complexity and very good statistical properties. The systems are put forward for security evaluation by the cryptographic committees.

Abstract: A system and method for scrambling and selectively descrambling television signals that are transmitted to subscribers' descramblers in a subscription television system. A working key signal is generated by processing an "initialization vector" signal in accordance with the DES algorithm upon the algorithm being keyed by either a common category key signal or a signal having a predetermined relationship to the common category key signal. A unique encryption keystream is generated by processing the initialization vector signal in accordance with the DES algorithm upon the algorithm being keyed by the working key signal. A television signal is scrambled in accordance with the unique encryption keystream to provide a scrambled television signal. A plurality of unique encrypted category key signals individually addressed to different selected subscribers' descramblers are generated by processing the initial common category key signal in accordance with the DES algorithm upon the algorithm being keyed by a plurality of different "unit key" signal unique to different selected descramblers. The scrambled television signal. the initialization vector signal, and the plurality of encrypted category key signals are broadcast to the descramblers. A corresponding tier of DES algorithms are employed at the descramblerto reproduce the encryption keystream; and the TV signal is descrambled in accordance therewith. Each descrambler has its unique unit key signal stored in a secure memory for use in reproducing the common category key signal when the descrambler is addressed by its unique encrypted category key signal.