Related-key attacks on the Py-family of ciphers and an approach to repair the weaknesses

Authors:
Gautham Sekar;Souradyuti Paul;Bart Preneel
Affiliations:
Katholieke Universiteit Leuven, Dept. ESAT/COSIC, Leuven-Heverlee, Belgium;Katholieke Universiteit Leuven, Dept. ESAT/COSIC, Leuven-Heverlee, Belgium;Katholieke Universiteit Leuven, Dept. ESAT/COSIC, Leuven-Heverlee, Belgium
Venue:
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
Year:
2007

Citing 12
Cited 1

Analysis of SHA-1 in Encryption Mode

CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Related-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA

ICICS '97 Proceedings of the First International Conference on Information and Communication Security
A Key-schedule Weakness in SAFER K-64

CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of LOKI

ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
Cryptanalysis of LOKI91

ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Distinguishing attack against TPypy

SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
RC4-hash: a new hash function based on RC4

INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Distinguishing attacks on the stream cipher py

FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Finding collisions in the full SHA-1

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
How to break MD5 and other hash functions

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
A simple related-key attack on the full SHACAL-1

CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
New weaknesses in the keystream generation algorithms of the stream ciphers TPy and Py

ISC'07 Proceedings of the 10th international conference on Information Security

New Attacks on the Stream Cipher TPy6 and Design of New Ciphers the TPy6-A and the TPy6-B

Research in Cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

The stream cipher TPypy has been designed by Biham and Seberry in January 2007 as the strongest member of the Py-family ciphers, after weaknesses in the other members Py, Pypy, Py6 were discovered. One main contribution of the paper is the detection of related-key weaknesses in the Py-family of ciphers including the strongest member TPypy. Under related keys, we show a distinguishing attack on TPypy with data complexity 2192.3 which is lower than the previous best known attack on the cipher by a factor of 288. It is shown that the above attack also works on the other members TPy, Pypy and Py. A second contribution of the paper is design and analysis of two fast ciphers RCR-64 and RCR-32 which are derived from the TPy and the TPypy respectively. The performances of the RCR-64 and the RCR-32 are 2.7 cycles/byte and 4.45 cycles/byte on Pentium III (note that the speeds of the ciphers Py, Pypy and RC4 are 2.8, 4.58 and 7.3 cycles/byte). Based on our security analysis, we conjecture that no attacks lower than brute force are possible on the RCR ciphers.