International Association
for Cryptologic Research

In this paper, we propose a novel technique, called multi-output filtering model, to study the non-randomness property of a cryptographic algorithm such as message authentication codes and block ciphers. A multi-output filtering model consists of a linear feedback shift register (LFSR) and a multi-output filtering function.

Our contribution in this paper is twofold. First, we propose an attack technique under IND-CPA using the multi-output filtering model.

By introducing a distinguishing function, we theoretically determine the success rate of this attack. In particular, we construct a distinguishing function based on the distribution of the linear complexity of component sequences, and apply it on studying $\\T$\'s $f_1$ algorithm, $\\AES$, $\\Kasumi$ and $\\Present$. We demonstrate that the success rate of the attack on $\\Kasumi$ and $\\Present$ is non-negligible, but $f_1$ and $\\AES$ are resistant to this attack.

Second, we study the distribution of the cryptographic properties of component functions of a random primitive in the multi-output filtering model. Our experiments show some non-randomness in the distribution of algebraic degree and nonlinearity for $\\Kasumi$.