CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Fast Software Encryption Functions
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish)
Fast Software Encryption, Cambridge Security Workshop
Mercy: A Fast Large Block Cipher for Disk Sector Encryption
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Scream: A Software-Efficient Stream Cipher
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
Cryptanalysis of Mir-1: A T-Function-Based Stream Cipher
IEEE Transactions on Information Theory
| Hi-index | 0.00 |
Mir-1 is a stream cipher proposed for Profile 1 at the ECRYPT Stream Cipher Project (eSTREAM). The Mir-1 designer claims a security level of at least 2128, meaning that the secret key cannot be recovered or that the Mir-1 output sequence cannot be distinguished from a truly random number sequence more efficiently than an exhaustive search. At SASC 2006, however, a distinguishing attack on Mir-1 was proposed making use of vulnerabilities in Mir-1 initialization. This paper shows that unknown entries in the key-dependent S-box used by Mir-1 can be classified into partially equivalent pairs by extending the SASC 2006 technique. It also demonstrates an attack that applies that information to recovering the Mir-1 secret key more efficiently than an exhaustive search. To the best of the authors' knowledge, the results described in this paper represent the first successful key recovery attack on Mir-1.