Resynchronization attacks on WG and LEX

Authors:
Hongjun Wu;Bart Preneel
Affiliations:
Katholieke Universiteit Leuven, ESAT/SCD-COSIC, Leuven-Heverlee, Belgium;Katholieke Universiteit Leuven, ESAT/SCD-COSIC, Leuven-Heverlee, Belgium
Venue:
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Year:
2006

Citing 5
Cited 8

Resynchronization weaknesses in synchronous stream ciphers

EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Differential Cryptanalysis of DES-like Cryptosystems

CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Slide Attacks

FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Extending the resynchronization attack

SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
Cryptographic properties of the Welch-Gong transformation sequence generators

IEEE Transactions on Information Theory

WG: A family of stream ciphers with designed randomness properties

Information Sciences: an International Journal
Differential Cryptanalysis of the Stream Ciphers Py, Py6 and Pypy

EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Analysis of Grain's initialization algorithm

AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Algebraic analysis of LEX

AISC '09 Proceedings of the Seventh Australasian Conference on Information Security - Volume 98
Differential fault analysis of LEX

SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
ASC-1: an authenticated encryption stream cipher

SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
High order differential attacks on stream ciphers

Cryptography and Communications
Slid pairs in the initialisation of the A5/1 stream cipher

AISC '13 Proceedings of the Eleventh Australasian Information Security Conference - Volume 138

Quantified Score

Hi-index	0.00

Visualization

Abstract

WG and LEX are two stream ciphers submitted to eStream – the ECRYPT stream cipher project. In this paper, we point out security flaws in the resynchronization of these two ciphers. The resynchronization of WG is vulnerable to a differential attack. For WG with 80-bit key and 80-bit IV, 48 bits of the secret key can be recovered with about 231.3 chosen IVs . For each chosen IV, only the first four keystream bits are needed in the attack. The resynchronization of LEX is vulnerable to a slide attack. If a key is used with about 260.8 random IVs, and 20,000 keystream bytes are generated from each IV, then the key of the strong version of LEX could be recovered easily with a slide attack. The resynchronization attack on WG and LEX shows that block cipher related attacks are powerful in analyzing non-linear resynchronization mechanisms.