Design of a New Stream Cipher: PALS

In this paper, a new stream cipher is designed as a clock-controlled one, but with a new mechanism of altering steps based on system theory in such a way that the structures used in it are resistant to conventional attacks. Our proposed algorithm (PALS) uses the main key with the length of 256 bits and a 32-bit message key. The most important criteria considered in designing the PALS are resistance to known attacks, maximum period, high linear complexity, and good statistical properties. As a result, the output keystream is very similar to the perfectly random sequences and resistant to conventional attacks such as correlation attacks, algebraic attack, divide & conquer attack, time-memory tradeoff attack and AIDA/cube attacks. The base structure of the PALS is a clock-controlled combination generator with memory and we obtained all the features according to design criteria with this structure. PALS can be used in many applications, especially in financial cryptography due to its proper security features

💡 Research Summary

The paper introduces a new stream cipher named PALS, which is built around a clock‑controlled combination generator with memory. The authors aim to meet several design criteria: maximal period, high linear complexity, resistance to known attacks (correlation, algebraic, time‑memory trade‑off, cube/AIDA attacks), and good statistical properties. The cipher uses a 256‑bit main key and a 32‑bit message key. From these, a 1600‑bit initial vector (IV) is derived through a series of transformations that the authors call “Scram‑5”, a five‑round cascade of substitution boxes (S‑boxes) and permutation boxes (P‑boxes). The Scram‑5 function is applied eight times to produce a 256‑bit sequence, which is XOR‑ed with the main key to form a 256‑bit session key. The session key seeds a 256‑bit LFSR that, together with four 8×8 S‑boxes embedded in its feedback, generates the 1600‑bit IV after discarding the first 320 bits to achieve diffusion.

The IV is then used to initialise eight LFSRs of prime lengths (239, 163, 223, 181, 199, 173, 193, 229). The initialisation distributes the first 165 bits of the session key across the LFSRs in overlapping three‑bit windows, and the remaining 1435 bits fill the remaining cells. For subsequent messages, the IV is XOR‑ed into each LFSR to maintain synchronisation.

The keystream generator operates these eight LFSRs irregularly. Clock control is derived from the outputs of the LFSRs themselves: the XOR of the outputs of LFSRs 1, 3, 5, 7 forms the left two bits, while the XOR of LFSRs 2, 4, 6, 8 forms the right two bits. These two bits select one of four S‑boxes; the selected S‑box’s output feeds back into the clock‑control logic, creating a data‑dependent, non‑linear stepping mechanism.

To counter correlation attacks, the authors employ memory‑based correlation immunity. They argue that by using a Boolean function f that is (n,1,t)‑resilient with t = max(m,k) (where m is the memory size and k the number of inputs), the function achieves both high correlation immunity and high algebraic degree. The paper claims that the trade‑off between correlation immunity and algebraic degree is mitigated by the memory, citing prior work on memory‑augmented generators.

Security analysis is largely qualitative. The authors state that the linear complexity of the keystream is high, the period is maximal (the product of the primitive periods of the eight LFSRs), and statistical tests (presumably NIST) show randomness comparable to ideal sequences. They also claim that the design resists fast correlation attacks, algebraic attacks, and cube attacks because the memory and irregular clocking increase the effective attack complexity to roughly 2^{k+m}. However, concrete complexity estimates, experimental timings, or comparisons with existing ciphers (e.g., Grain, Trivium, ChaCha) are absent.

The paper concludes that PALS is suitable for financial cryptography due to its “proper security features”. Nonetheless, the manuscript lacks several critical elements: detailed parameter selection justification, rigorous proofs of correlation immunity and algebraic resistance, performance benchmarks (throughput, latency, memory footprint), and a thorough comparison with state‑of‑the‑art stream ciphers. Consequently, while the architectural ideas (memory‑augmented correlation immunity, irregular clocking guided by S‑boxes) are interesting, the presented evidence is insufficient to substantiate the strong security claims made.