On the Multi-output Filtering Model and Its Applications

In this paper, we propose a novel technique, called multi-output filtering model, to study the non-randomness property of a cryptographic algorithm such as message authentication codes and block ciphers. A multi-output filtering model consists of a linear feedback shift register (LFSR) and a multi-output filtering function. Our contribution in this paper is twofold. First, we propose an attack technique under IND-CPA using the multi-output filtering model. By introducing a distinguishing function, we theoretically determine the success rate of this attack. In particular, we construct a distinguishing function based on the distribution of the linear complexity of component sequences, and apply it on studying TUAK’s f1 algorithm, AES, KASUMI and PRESENT. We demonstrate that the success rate of the attack on KASUMI and PRESENT is non-negligible, but f1 and AES are resistant to this attack. Second, we study the distribution of the cryptographic properties of component functions of a random primitive in the multi-output filtering model. Our experiments show some non-randomness in the distribution of algebraic degree and nonlinearity for KASUMI.