International Association for Cryptologic Research

International Association
for Cryptologic Research


Marc P. C. Fossorier


A Novel Algorithm for Solving the LPN Problem and its Application to Security Evaluation of the HB Protocol for RFID Authentication
A novel algorithm for solving the LPN problem is proposed and analyzed. The algorithm originates from the recently proposed advanced fast correlation attacks, and it employs the concepts of decimation, linear combining, hypothesizing and minimum distance decoding. The proposed algorithm appears as more powerful than the best one previously reported known as the BKW algorithm. In fact the BKW algorithm is shown to be a special instance of the proposed algorithm, but without optimized parameters. An improved security evaluation of the HB protocol for RFID authentication is then developed. Employing the proposed algorithm, the security of the HB protocol is reevaluated, implying that the previously reported security margins appear as overestimated.
Time-Data-Memory Trade-Off Based Cryptanalysis of Certain Broadcast Encryption Schemes
Miodrag J. Mihaljevic Marc P.C. Fossorier Hideki Imai
This paper points out to a generic vulnerability of certain broadcast encryption schemes. This vulnerability can be effectively explored assuming chosen plaintext attacks, and in some cases even under ciphertext only attack. The developed methods for cryptanalysis are based on an attacking approach not taken into account in the security evaluations of the reported broadcast encryption schemes. The proposed attacks are based on employment of a dedicated time-data-memory trade-off approach for cryptanalysis. Two algorithms for cryptanalysis are proposed and their main characteristics regarding the complexity and required sample are pointed out. The algorithms are applied for cryptanalysis of particular recently reported broadcast encryption schemes implying that their security is far below the claimed ones.