Fault Cryptanalysis and the Shrinking Generator

  • Marcin Gomułkiewicz
  • Mirosław Kutyłowski
  • Paweł Wlaź
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4007)


We present two efficient and simple fault attacks on the shrinking generator. In a first case if the attacker can stop control generator for some small number of steps and observe the output, then with high probability he can deduce the full control sequence, and so the other input bitstream. The second method assumes that the attacker can disturb the control sequence (in an unpredictable and random way) and observe many samples of such experiments. Then he can reconstruct a certain sequence that agrees with the input sequence of the generator on a large fraction of bits.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Beth, T., Piper, F.C.: The Stop-and-Go Generator. In: Beth, T., Cot, N., Ingemarsson, I. (eds.) EUROCRYPT 1984. LNCS, vol. 209, pp. 88–92. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  2. 2.
    Boneh, D., DeMillo, R.A., Lipton, R.J.: On the Importance of Checking Cryptographic Protocols for Faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)Google Scholar
  3. 3.
    Coppersmith, D., Krawczyk, H., Mansour, Y.: The Shrinking Generator. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 22–39. Springer, Heidelberg (1994)Google Scholar
  4. 4.
    Chambers, W., Gollmann, D.: Clock-Controlled Shift Registers: A Review. IEEE J. Selected Areas Comm. 7(4), 525–533 (1989)CrossRefGoogle Scholar
  5. 5.
    Dawson, E., Dj. Golič, J., Simpson, L.: A Probabilistic Correlation Attack on the Shrinking Generator. In: Boyd, C., Dawson, E. (eds.) ACISP 1998. LNCS, vol. 1438, pp. 147–158. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  6. 6.
    Ekdahl, P., Johansson, T., Meier, W.: Predicting the Shrinking Generator with Fixed Connections. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 330–344. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Geffe, P.R.: How to Protect Data with Ciphers That Are Really Hard to Break. Electronics, 99–101 (January 4, 1973)Google Scholar
  8. 8.
    Dj. Golič, J., O’Connor, L.: Embedding and Probabilistic Correlation Attacks on Clock-Controlled Shift Registers. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 230–243. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  9. 9.
    Gomułkiewicz, M., et al.: Synchronization Fault Cryptanalysis for Breaking A5/1. In: Nikoletseas, S.E. (ed.) WEA 2005. LNCS, vol. 3503, pp. 415–427. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Krause, M., Lucks, S., Zenner, E.: Improved Cryptanalysis of the Self-Shrinking Generator. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 21–35. Springer, Heidelberg (2001)Google Scholar
  11. 11.
    Meier, W., Staffelbach, O.: The Self-shrinking Generator. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 205–214. Springer, Heidelberg (1995)CrossRefGoogle Scholar
  12. 12.
    Mihaljevic, M.: A Faster Cryptanalysis of the Self-shrinking Generator. In: Pieprzyk, J.P., Seberry, J. (eds.) ACISP 1996. LNCS, vol. 1172, pp. 182–188. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  13. 13.
    Rao, T.R.N., Yang, C.-H., Zeng, K.: An Improved Linear Syndrome Algorithm in Cryptanalysis With Applications. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 34–47. Springer, Heidelberg (1991)Google Scholar
  14. 14.
    Zenner, E.: On the Efficiency of the Clock Control Guessing Attack. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 200–212. Springer, Heidelberg (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Marcin Gomułkiewicz
    • 1
  • Mirosław Kutyłowski
    • 1
  • Paweł Wlaź
    • 2
  1. 1.Wrocław University of Technology 
  2. 2.Lublin University of Technology 

Personalised recommendations