How to construct random functions
Journal of the ACM (JACM)
A Software-Optimised Encryption Algorithm
Fast Software Encryption, Cambridge Security Workshop
A Bulk Data Encription Algorithm
Fast Software Encryption, Cambridge Security Workshop
NESSIE: A European Approach to Evaluate Cryptographic Algorithms
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
A New Keystream Generator MUGI
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
Hi-index | 0.00 |
We show two methods of distinguishing the LEVIATHAN stream cipher from a random stream using 236 bytes of output and proportional effort; both arise from compression within the cipher. The first models the cipher as two random functions in sequence, and shows that the probability of a collision in 64-bit output blocks is doubled as a result; the second shows artifacts where the same inputs are presented to the key-dependent S-boxes in the final stage of the cipher for two successive outputs. Both distinguishers are demonstrated with experiments on a reduced variant of the cipher.