How to generate cryptographically strong sequences of pseudo-random bits
SIAM Journal on Computing
A hard-core predicate for all one-way functions
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Differential cryptanalysis of the data encryption standard
Differential cryptanalysis of the data encryption standard
The Design of Rijndael
Differential Fault Analysis of Secret Key Cryptosystems
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalytic Time/Memory/Data Tradeoffs for Stream Ciphers
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Improved Cryptanalysis of Rijndael
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Treatment of the initial value in Time-Memory-Data Tradeoff attacks on stream ciphers
Information Processing Letters
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Cryptanalysis of alleged A5 stream cipher
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
The design of a stream cipher LEX
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Improved time-memory trade-offs with multiple data
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Differential fault analysis of LEX
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Automatic search of attacks on round-reduced AES and applications
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
ASC-1: an authenticated encryption stream cipher
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
Cryptanalysis of the Stream Cipher LEX
Designs, Codes and Cryptography
Hi-index | 0.00 |
In [6], Biryukov presented a new methodology of stream cipher design, called leak extraction . The stream cipher LEX, based on this methodology and on the AES block cipher, was selected to phase 3 of the eSTREAM competition. The suggested methodology seemed promising, and LEX, due to its elegance, simplicity and performance was expected to be selected to the eSTREAM portfolio. In this paper we present a key recovery attack on LEX. The attack requires about 236.3 bytes of key-stream produced by the same key (possibly under many different IVs), and retrieves the secret key in time of 2112 simple operations. Following a preliminary version of our attack, LEX was discarded from the final portfolio of eSTREAM.