A Keystream Generator Inspired by the Experiment of Drawing Balls with Replacement
摘要
Many keystream generator designs rely on mapping internal state bits to the output via a Boolean function. This introduces correlation between the keystream and the generator’s state, as well as a functional dependency, rendering the generator vulnerable to various cryptanalytic techniques such as correlation, algebraic, and distinguishing attacks. These attacks can often be leveraged for key recovery. A core challenge in stream cipher design, therefore, is to develop generators producing keystream with strong statistical properties while ensuring security beyond vulnerability to known cryptanalytic methods—specifically, achieving a security level where key recovery is, in principle, limited only to the exhaustive key search. In this work, we address this challenge with the Random Transposition Cipher (RTC), a generator inspired by the experiment of drawing balls with replacement from an urn. This analogy forms the basis of a hidden Markov model (HMM) of the random transposition shuffling process and constitutes the core of the RTC, superficially resembling the RC4 stream cipher. We present a detailed security analysis of the RTC, demonstrating its resistance to correlation, algebraic, and distinguishing attacks. Furthermore, we establish that key recovery for the RTC is theoretically infeasible by any method other than the exhaustive search.