A New Version of the Stream Cipher SNOW
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Linear Cryptanalysis of Bluetooth Stream Cipher
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
A Simple Algorithm for Fast Correlation Attacks on Stream Ciphers
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Cryptanalysis of Stream Ciphers with Linear Masking
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Crossword puzzle attack on NLS
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Improved linear distinguishers for SNOW 2.0
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Improved linear cryptanalysis of SOSEMANUK
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Differential fault analysis of Sosemanuk
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
On the sosemanuk related Key-IV sets
LATINCRYPT'12 Proceedings of the 2nd international conference on Cryptology and Information Security in Latin America
MaD2: an ultra-performance stream cipher for pervasive data encryption
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
Hi-index | 0.00 |
In this paper, we present a correlation attack on Sosemanuk withcomplexity less than 2150. Sosemanuk is a softwareoriented stream cipher proposed by Berbain et al. to the eSTREAMcall for stream cipher and has been selected in the finalportfolio. Sosemanuk consists of a linear feedback shiftregister(LFSR) of ten 32-bit words and a finite state machine(FSM)of two 32-bit words. By combining linear approximation relationsregarding the FSM update function, the FSM output function and thekeystream output function, it is possible to derive linearapproximation relations with correlation -2-21.41involving only the keystream words and the LFSR initial state.Using such linear approximation relations, we mount a correlationattack with complexity 2147.88 and success probability99% to recover the initial internal state of 384 bits. We alsomount a correlation attack on SNOW 2.0 with complexity2204.38.