Crossword puzzle attack on NLS

  • Authors:

  • Joo Yeon Cho;Josef Pieprzyk

  • Affiliations:

  • Centre for Advanced Computing, Algorithms and Cryptography, Department of Computing, Macquarie University, NSW, Australia;Centre for Advanced Computing, Algorithms and Cryptography, Department of Computing, Macquarie University, NSW, Australia

  • Venue:
  • SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
  • Year:
  • 2006

Quantified Score

Hi-index 0.00

Visualization

Abstract

NLS is one of the stream ciphers submitted to the eSTREAM project. We present a distinguishing attack on NLS by Crossword Puzzle (CP) attack method which is introduced in this paper. We build the distinguisher by using linear approximations of both the non-linear feedback shift register (NFSR) and the nonlinear filter function (NLF). Since the bias of the distinguisher depends on the Konst value, which is a key-dependent word, we present the graph showing how the bias of distinguisher vary with Konst. In result, we estimate the bias of the distinguisher to be around O(2-30). Therefore, we claim that NLS is distinguishable from truly random cipher after observing O(260) keystream words. The experiments also show that our distinguishing attack is successful on 90.3% of Konst among 232 possible values. We extend the CP attack to NLSv2 which is a tweaked version of NLS. In result, we build a distinguisher which has the bias of around 2-48. Even though this attack is below the eSTREAM criteria (2-40), the security margin of NLSv2 seems to be too low.