Fast correlation attacks on certain stream ciphers
Journal of Cryptology
Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Linear Models for Keystream Generators
IEEE Transactions on Computers
Detection of Signals in Noise
Fast Correlation Attacks Based on Turbo Code Techniques
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
x2 Cryptanalysis of the SEAL Encryption Algorithm
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Fast Hashing and Stream Encryption with PANAMA
FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
Statistical Analysis of the Alleged RC4 Keystream Generator
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Ciphertext Only Reconstruction of Stream Ciphers Based on Combination Generators
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Cryptanalysis of the SEAL 3.0 Pseudorandom Function Family
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
Distinguishing Attacks on SOBER-t16 and t32
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
Scream: A Software-Efficient Stream Cipher
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
A New Keystream Generator MUGI
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
Cryptanalysis of Stream Ciphers with Linear Masking
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A study of statistical zero-knowledge proofs
A study of statistical zero-knowledge proofs
Linear statistical weakness of alleged RC4 keystream generator
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Improved fast correlation attacks on stream ciphers via convolutional codes
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
A New Version of the Stream Cipher SNOW
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Cryptanalysis of Stream Ciphers with Linear Masking
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Three ways to mount distinguishing attacks on irregularly clocked stream ciphers
International Journal of Security and Networks
The Dragon Stream Cipher: Design, Analysis, and Implementation Issues
New Stream Cipher Designs
New Stream Cipher Designs
Sosemanuk, a Fast Software-Oriented Stream Cipher
New Stream Cipher Designs
Cryptanalysis of Sosemanuk and SNOW 2.0 Using Linear Masks
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Modified clock-controlled alternating step generators
Computer Communications
On Effectiveness of Clock Control in Stream Ciphers
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Linearity properties of binary FCSR sequences
Designs, Codes and Cryptography
A practical distinguisher for the Shannon cipher
Journal of Systems and Software
Crossword puzzle attack on NLS
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Survey and benchmark of stream ciphers for wireless sensor networks
WISTP'07 Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems
On the optimality of linear, differential, and sequential distinguishers
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Predicting the shrinking generator with fixed connections
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Improved linear cryptanalysis of SOSEMANUK
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Loiss: a byte-oriented stream cipher
IWCC'11 Proceedings of the Third international conference on Coding and cryptology
Fast correlation attacks: methods and countermeasures
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Linear approximations of addition modulo 2n-1
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Cryptanalysis of the stream cipher BEAN
Proceedings of the 4th international conference on Security of information and networks
A new simple technique to attack filter generators and related ciphers
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
Fast computation of large distributions and its cryptographic applications
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
A new distinguisher for clock controlled stream ciphers
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Two attacks against the HBB stream cipher
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Two linear distinguishing attacks on VMPC and RC4A and weakness of RC4 family of stream ciphers
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
INDOCRYPT'05 Proceedings of the 6th international conference on Cryptology in India
Improved linear distinguishers for SNOW 2.0
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Resistance of SNOW 2.0 against algebraic attacks
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Algebraic attacks on combiners with memory and several outputs
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Dragon: a fast word based stream cipher
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
QUAD: a practical stream cipher with provable security
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Distinguishing attack on SOBER-128 with linear masking
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
MV3: a new word based stream cipher using rapid mixing and revolving buffers
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Correlation attacks on combination generators
Cryptography and Communications
Determining quality of s-boxes using pseudo random sequences generated from stream ciphers
ICA3PP'12 Proceedings of the 12th international conference on Algorithms and Architectures for Parallel Processing - Volume Part II
MaD2: an ultra-performance stream cipher for pervasive data encryption
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
| Hi-index | 0.00 |
We describe a cryptanalytical technique for distinguishing some stream ciphers from a truly random process. Roughly, the ciphers to which this method applies consist of a "non-linear process" (say, akin to a round function in block ciphers), and a "linear process" such as an LFSR (or even fixed tables). The output of the cipher can be the linear sum of both processes. To attack such ciphers, we look for any property of the "non-linear process" that can be distinguished from random. In addition, we look for a linear combination of the linear process that vanishes. We then consider the same linear combination applied to the cipher's output, and try to find traces of the distinguishing property.In this report we analyze two specific "distinguishing properties". One is a linear approximation of the non-linear process, which we demonstrate on the stream cipher SNOW. This attack needs roughly 295 words of output, with work-load of about 2100. The other is a "low-diffusion" attack, that we apply to the cipher Scream-0. The latter attack needs only about 243 bytes of output, using roughly 250 space and 280 time.