## Cryptology ePrint Archive: Report 2014/542

On the Multi-output Filtering Model and Its Applications

Guang Gong and Kalikinkar Mandal and Yin Tan and Teng Wu

Abstract: In this paper, we propose a novel technique, called multi-output filtering model, to study the non-randomness property of a cryptographic algorithm such as message authentication codes and block ciphers. A multi-output filtering model consists of a linear feedback shift register (LFSR) and a multi-output filtering function. Our contribution in this paper is twofold. First, we propose an attack technique under IND-CPA using the multi-output filtering model. By introducing a distinguishing function, we theoretically determine the success rate of this attack. In particular, we construct a distinguishing function based on the distribution of the linear complexity of component sequences, and apply it on studying $\T$'s $f_1$ algorithm, $\AES$, $\Kasumi$ and $\Present$. We demonstrate that the success rate of the attack on $\Kasumi$ and $\Present$ is non-negligible, but $f_1$ and $\AES$ are resistant to this attack. Second, we study the distribution of the cryptographic properties of component functions of a random primitive in the multi-output filtering model. Our experiments show some non-randomness in the distribution of algebraic degree and nonlinearity for $\Kasumi$.

Category / Keywords: foundations / IND-CPA, Multi-output Filtering Model, Distinguishing, TUAK, Keccak, AES, KASUMI, PRESENT