MV3: A new word based stream cipher using rapid mixing and revolving buffers

MV3 is a new word based stream cipher for encrypting long streams of data. A direct adaptation of a byte based cipher such as RC4 into a 32- or 64-bit word version will obviously need vast amounts of memory. This scaling issue necessitates a look for new components and principles, as well as mathematical analysis to justify their use. Our approach, like RC4's, is based on rapidly mixing random walks on directed graphs (that is, walks which reach a random state quickly, from any starting point). We begin with some well understood walks, and then introduce nonlinearity in their steps in order to improve security and show long term statistical correlations are negligible. To minimize the short term correlations, as well as to deter attacks using equations involving successive outputs, we provide a method for sequencing the outputs derived from the walk using three revolving buffers. The cipher is fast -- it runs at a speed of less than 5 cycles per byte on a Pentium IV processor. A word based cipher needs to output more bits per step, which exposes more correlations for attacks. Moreover we seek simplicity of construction and transparent analysis. To meet these requirements, we use a larger state and claim security corresponding to only a fraction of it. Our design is for an adequately secure word-based cipher; our very preliminary estimate puts the security close to exhaustive search for keys of size < 256 bits.Comment: 27 pages, shortened version will appear in "Topics in Cryptology - CT-RSA 2007

RC4 Encryption-A Literature Survey

AbstractA chronological survey demonstrating the cryptanalysis of RC4 stream cipher is presented in this paper. We have summarized the various weaknesses of RC4 algorithm followed by the recently proposed enhancements available in the literature. It is established that innovative research efforts are required to develop secure RC4 algorithm, which can remove the weaknesses of RC4, such as biased bytes, key collisions, and key recovery attacks on WPA. These flaws in RC4 are still offering an open challenge for developers. Hence our chronological survey corroborates the fact that even though researchers are working on RC4 stream cipher since last two decades, it still offers a plethora of research issues. The attraction of community towards RC4 is still alive

Cryptanalysis of an Encryption Scheme Based on Blind Source Separation

Recently Lin et al. proposed a method of using the underdetermined BSS (blind source separation) problem to realize image and speech encryption. In this paper, we give a cryptanalysis of this BSS-based encryption and point out that it is not secure against known/chosen-plaintext attack and chosen-ciphertext attack. In addition, there exist some other security defects: low sensitivity to part of the key and the plaintext, a ciphertext-only differential attack, divide-and-conquer (DAC) attack on part of the key. We also discuss the role of BSS in Lin et al.'s efforts towards cryptographically secure ciphers.Comment: 8 pages, 10 figures, IEEE forma

Some Results on Distinguishing Attacks on Stream Ciphers

Stream ciphers are cryptographic primitives that are used to ensure the privacy of a message that is sent over a digital communication channel. In this thesis we will present new cryptanalytic results for several stream ciphers. The thesis provides a general introduction to cryptology, explains the basic concepts, gives an overview of various cryptographic primitives and discusses a number of different attack models. The first new attack given is a linear correlation attack in the form of a distinguishing attack. In this attack a specific class of weak feedback polynomials for LFSRs is identified. If the feedback polynomial is of a particular form the attack will be efficient. Two new distinguishing attacks are given on classical stream cipher constructions, namely the filter generator and the irregularly clocked filter generator. It is also demonstrated how these attacks can be applied to modern constructions. A key recovery attack is described for LILI-128 and a distinguishing attack for LILI-II is given. The European network of excellence, called eSTREAM, is an effort to find new efficient and secure stream ciphers. We analyze a number of the eSTREAM candidates. Firstly, distinguishing attacks are described for the candidate Dragon and a family of candidates called Pomaranch. Secondly, we describe resynchronization attacks on eSTREAM candidates. A general square root resynchronization attack which can be used to recover parts of a message is given. The attack is demonstrated on the candidates LEX and Pomaranch. A chosen IV distinguishing attack is then presented which can be used to evaluate the initialization procedure of stream ciphers. The technique is demonstrated on four candidates: Grain, Trivium, Decim and LEX

A practical attack on the fixed RC4 in the wep mode

Abstract. In this paper we revisit a known but ignored weakness of the RC4 keystream generator, where secret state info leaks to the generated keystream, and show that this leakage, also known as Jenkins’ correlation or the RC4 glimpse, can be used to attack RC4 in several modes. Our main result is a practical key recovery attack on RC4 when an IV modifier is concatenated to the beginning of a secret root key to generate a session key. As opposed to the WEP attack from [FMS01] the new attack is applicable even in the case where the first 256 bytes of the keystream are thrown and its complexity grows only linearly with the length of the key. In an exemplifying parameter setting the attack recoversa16-bytekeyin2 48 steps using 2 17 short keystreams generated from different chosen IVs. A second attacked mode is when the IV succeeds the secret root key. We mount a key recovery attack that recovers the secret root key by analyzing a single word from 2 22 keystreams generated from different IVs, improving the attack from [FMS01] on this mode. A third result is an attack on RC4 that is applicable when the attacker can inject faults to the execution of RC4. The attacker derives the internal state and the secret key by analyzing 2 14 faulted keystreams generated from this key