Fast correlation attacks on certain stream ciphers
Journal of Cryptology
Matrix multiplication via arithmetic progressions
Journal of Symbolic Computation - Special issue on computational algebraic complexity
Correlation properties of combiners with memory in stream ciphers
Journal of Cryptology - Eurocrypt '90
Handbook of Applied Cryptography
Handbook of Applied Cryptography
The Security of Hidden Field Equations (HFE)
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
SAC '00 Proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography
A New Version of the Stream Cipher SNOW
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Guess-and-Determine Attacks on SNOW
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Maximum Correlation Analysis of Nonlinear S-boxes in Stream Ciphers
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
On Correlation-Immune Functions
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of Block Ciphers with Probabilistic Non-linear Relations of Low Degree
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Linear Cryptanalysis of Bluetooth Stream Cipher
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Cryptanalysis of Block Ciphers with Overdefined Systems of Equations
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the Security of Nonlinear Filter Generators
Proceedings of the Third International Workshop on Fast Software Encryption
Cryptanalysis of Stream Ciphers with Linear Masking
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A new efficient algorithm for computing Gröbner bases without reduction to zero (F5)
Proceedings of the 2002 international symposium on Symbolic and algebraic computation
Efficient algorithms for solving overdefined systems of multivariate polynomial equations
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Higher order correlation attacks, XL algorithm and cryptanalysis of Toyocrypt
ICISC'02 Proceedings of the 5th international conference on Information security and cryptology
Algebraic attacks on stream ciphers with linear feedback
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
General principles of algebraic attacks and new design criteria for cipher components
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
The inverse s-box, non-linear polynomial relations and cryptanalysis of block ciphers
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
On Effectiveness of Clock Control in Stream Ciphers
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Information Security and Cryptology --- ICISC 2008
On guess and determine cryptanalysis of LFSR-based stream ciphers
IEEE Transactions on Information Theory
Algebraic immunity of S-boxes based on power mappings: analysis and construction
IEEE Transactions on Information Theory
Probabilistic versus deterministic algebraic cryptanalysis: a performance comparison
IEEE Transactions on Information Theory
ICISS'07 Proceedings of the 3rd international conference on Information systems security
Algebraic cryptanalysis of the data encryption standard
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
An analysis of the RC4 family of stream ciphers against algebraic attacks
AISC '10 Proceedings of the Eighth Australasian Conference on Information Security - Volume 105
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
MASHA: low cost authentication with a new stream cipher
ISC'11 Proceedings of the 14th international conference on Information security
A different algebraic analysis of the ZUC stream cipher
Proceedings of the 4th international conference on Security of information and networks
Algebraic analysis of the SSS stream cipher
Proceedings of the 4th international conference on Security of information and networks
Algebraic attacks on clock-controlled cascade ciphers
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Open problems related to algebraic attacks on stream ciphers
WCC'05 Proceedings of the 2005 international conference on Coding and Cryptography
Upper bounds on algebraic immunity of boolean power functions
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Cryptography and Communications
Cryptanalysis of WG-7: a lightweight stream cipher
Cryptography and Communications
Algebraic attacks on a class of stream ciphers with unknown output function
Designs, Codes and Cryptography
| Hi-index | 0.18 |
Algebraic attacks on stream ciphers[14] recover the key by solving an overdefined system of multivariate equations. Such attacks can break many LFSR-based stream ciphers, when the output is obtained by a Boolean function, see [14,15,16]. Recently this approach has been successfully extended also to combiners with memory, provided the number of memory bits is small, see [1,16,2]. In [2] it is shown that, for ciphers built with LFSRs and an arbitrary combiner using a subset of k LFSR state bits, and with l inner state/memory bits, a polynomial attack always do exist when k and l are fixed. Yet this attack becomes very quickly impractical: already when k and l exceed about 4. In this paper we give a simpler proof of this result from [2], and prove a more general theorem. We show that much faster algebraic attacks exist for any cipher that (in order to be fast) outputs several bits at a time. In practice our result substantially reduces the complexity of the best attack known on four well known constructions of stream ciphers when the number of outputs is increased. We present interesting attacks on modified versions of Snow, E0, LILI-128 and Turing ciphers. Note: An extended version is available at eprint.iacr.org/2003/125/.