Fast correlation attacks on certain stream ciphers
Journal of Cryptology
Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Cryptanalytic Time/Memory/Data Tradeoffs for Stream Ciphers
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A New Class of Invertible Mappings
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Linear statistical weakness of alleged RC4 keystream generator
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Algebraic attacks on stream ciphers with linear feedback
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Distinguishing attacks on t-functions
Mycrypt'05 Proceedings of the 1st international conference on Progress in Cryptology in Malaysia
New applications of t-functions in block ciphers and hash functions
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
A new class of single cycle t-functions
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Cryptographic properties of nonlinear pseudorandom number generators
Designs, Codes and Cryptography
Differential cryptanalysis of T-function based stream cipher TSC-4
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Non-randomness in eSTREAM candidates salsa20 and TSC-4
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Cryptanalysis of t-function-based hash functions
ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
| Hi-index | 0.00 |
In this paper, we introduce a new cryptanalysis method for stream ciphers based on T-functions and apply it to the TSC family which was proposed by Hong et al.. Our attack are based on linear approximations of the algorithms (in particular of the T-function). Hence, it is related to correlation attack, a popular technique to break stream ciphers with a linear update, like those using LFSR’s. We show a key-recovery attack for the two algorithms proposed at FSE 2005 : TSC-1 in 225.4 computation steps, and TSC-2 in 248.1 steps. The first attack has been implemented and takes about 4 minutes to recover the whole key on an average PC. Another algorithm in the family, called TSC-3, was proposed at the ECRYPT call for stream ciphers. Despite some differences with its predecessors, it can be broken by similar techniques. Our attack has complexity of 242 known keystream bits to distinguish it from random, and about 266 steps of computation to recover the full secret key. An extended version of this paper can be found on the ECRYPT website [23].