Multiple Modular Additions and Crossword Puzzle Attack on NLSv2

Authors:
Joo Yeon Cho;Josef Pieprzyk
Affiliations:
Centre for Advanced Computing --- Algorithms and Cryptography, Department of Computing, Macquarie University, NSW, Australia, 2109;Centre for Advanced Computing --- Algorithms and Cryptography, Department of Computing, Macquarie University, NSW, Australia, 2109
Venue:
ISC '07 Proceedings of the 10th international conference on Information Security
Year:
2007

Citing 0
Cited 5

Specification for NLSv2

New Stream Cipher Designs
Cryptanalysis of MV3 Stream Cipher

CANS '08 Proceedings of the 7th International Conference on Cryptology and Network Security
Linear analysis of reduced-round cubehash

ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
Synthetic linear analysis: improved attacks on cubehash and rabbit

ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Synthetic linear analysis with applications to CubeHash and Rabbit

Cryptography and Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

NLS is a stream cipher which was submitted to the eSTREAM project. A linear distinguishing attack against NLS was presented by Cho and Pieprzyk, which was called Crossword Puzzle (CP) attack. NLSv2 is a tweak version of NLS which aims mainly at avoiding the CP attack. In this paper, a new distinguishing attack against NLSv2 is presented. The attack exploits high correlation amongst neighboring bits of the cipher. The paper first shows that the modular addition preserves pairwise correlations as demonstrated by existence of linear approximations with large biases. Next, it shows how to combine these results with the existence of high correlation between bits 29 and 30 of the S-box to obtain a distinguisher whose bias is around 2驴 37. Consequently, we claim that NLSv2 is distinguishable from a random cipher after observing around 274 keystream words.