Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
A Practical Attack on Broadcast RC4
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
A New Class of Invertible Mappings
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
On the optimality of linear, differential, and sequential distinguishers
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
A new class of single cycle t-functions
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Cryptanalysis of a particular case of klimov-shamir pseudo-random generator
SETA'04 Proceedings of the Third international conference on Sequences and Their Applications
Differential cryptanalysis of T-function based stream cipher TSC-4
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Non-randomness in eSTREAM candidates salsa20 and TSC-4
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Linear cryptanalysis of the TSC family of stream ciphers
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Cryptanalysis of t-function-based hash functions
ICISC'06 Proceedings of the 9th international conference on Information Security and Cryptology
Hi-index | 0.01 |
Klimov and Shamir proposed a new class of simple cryptographic primitives named T-functions. For two concrete proposals based on the squaring operation, a single word T-function and a previously unbroken multi-word T-function with a 256-bit state, we describe an efficient distinguishing attack having a 232 data complexity. Furthermore, Hong et al. recently proposed two fully specified stream ciphers, consisting of multi-word T-functions with 128-bit states and filtering functions. We describe distinguishing attacks having a 222 and a 234 data complexity, respectively. The attacks have been implemented.