Proceedings of the Third International Workshop on Fast Software Encryption
Statistical Analysis of the Alleged RC4 Keystream Generator
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
A Practical Attack on Broadcast RC4
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
Scream: A Software-Efficient Stream Cipher
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
Towards a general RC4-Like keystream generator
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
Distinguishing attacks on the stream cipher py
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Differential Cryptanalysis of the Stream Ciphers Py, Py6 and Pypy
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
New Attacks on the Stream Cipher TPy6 and Design of New Ciphers the TPy6-A and the TPy6-B
Research in Cryptology
Distinguishing attacks on stream ciphers based on arrays of pseudo-random words
Information Processing Letters
Improved Distinguishing Attacks on HC-256
IWSEC '09 Proceedings of the 4th International Workshop on Security: Advances in Information and Computer Security
Distinguishing attack against TPypy
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
On the evolution of GGHN cipher
INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
Cryptanalysis of RC4(n, m) stream cipher
Proceedings of the 6th International Conference on Security of Information and Networks
Hi-index | 0.00 |
Stream ciphers play an important role in symmetric cryptology because of their suitability in high speed applications where block ciphers fall short. A large number of fast stream ciphers or pseudorandom bit generators (PRBG's) can be found in the literature that are based on arrays and simple operations such as modular additions, rotations and memory accesses (e.g. RC4, RC4A, Py, Py6, ISAAC etc.). This paper investigates the security of array-based stream ciphers (or PRBG's) against certain types of distinguishing attacks in a unified way. We argue, counter-intuitively, that the most useful characteristic of an array, namely, the association of array-elements with unique indices, may turn out to be the origins of distinguishing attacks if adequate caution is not maintained. In short, an adversary may attack a cipher simply exploiting the dependence of array-elements on the corresponding indices. Most importantly, the weaknesses are not eliminated even if the indices and the array-elements are made to follow uniform distributions separately. Exploiting these weaknesses we build distinguishing attacks with reasonable advantage on five recent stream ciphers (or PRBG's), namely, Py6 (2005, Biham et al.), IA, ISAAC (1996, Jenkins Jr.), NGG, GGHN (2005, Gong et al.) with data complexities 268.61, 232.89, 216.89, 232.89 and 232.89 respectively. In all the cases we worked under the assumption that the key-setup algorithms of the ciphers produced uniformly distributed internal states. We only investigated the mixing of bits in the keystream generation algorithms. In hindsight, we also observe that the previous attacks on the other array-based stream ciphers (e.g. Py, etc.), can also be explained in the general framework developed in this paper. We hope that our analyses will be useful in the evaluation of the security of stream ciphers based on arrays and modular addition.