882 research outputs found
Algebraic analysis of Trivium-like ciphers
Trivium is a bit-based stream cipher in the final portfolio of the eSTREAM project. In this paper, we apply the approach of Berbain et al. to Trivium-like ciphers and perform new algebraic analyses on them, namely Trivium and its reduced versions: Trivium-N, Bivium-A and Bivium-B. In doing so, we answer an open question in the literature. We demonstrate a new algebraic attack on Bivium-A. This attack requires less time and memory than previous techniques which use the F4 algorithm to recover Bivium-A's initial state. Though our attacks on Bivium-B, Trivium and Trivium-N are worse than exhaustive keysearch, the systems of equations which are constructed are smaller and less complex compared to previous algebraic analysis. Factors which can affect the complexity of our attack on Trivium-like ciphers are discussed in detail
Fast Algebraic Attacks and Decomposition of Symmetric Boolean Functions
Algebraic and fast algebraic attacks are power tools to analyze stream
ciphers. A class of symmetric Boolean functions with maximum algebraic immunity
were found vulnerable to fast algebraic attacks at EUROCRYPT'06. Recently, the
notion of AAR (algebraic attack resistant) functions was introduced as a
unified measure of protection against both classical algebraic and fast
algebraic attacks. In this correspondence, we first give a decomposition of
symmetric Boolean functions, then we show that almost all symmetric Boolean
functions, including these functions with good algebraic immunity, behave badly
against fast algebraic attacks, and we also prove that no symmetric Boolean
functions are AAR functions. Besides, we improve the relations between
algebraic degree and algebraic immunity of symmetric Boolean functions.Comment: 13 pages, submitted to IEEE Transactions on Information Theor
Algebraic Attack on the Alternating Step(r,s)Generator
The Alternating Step(r,s) Generator, ASG(r,s), is a clock-controlled sequence
generator which is recently proposed by A. Kanso. It consists of three
registers of length l, m and n bits. The first register controls the clocking
of the two others. The two other registers are clocked r times (or not clocked)
(resp. s times or not clocked) depending on the clock-control bit in the first
register. The special case r=s=1 is the original and well known Alternating
Step Generator. Kanso claims there is no efficient attack against the ASG(r,s)
since r and s are kept secret. In this paper, we present an Alternating Step
Generator, ASG, model for the ASG(r,s) and also we present a new and efficient
algebraic attack on ASG(r,s) using 3(m+n) bits of the output sequence to find
the secret key with O((m^2+n^2)*2^{l+1}+ (2^{m-1})*m^3 + (2^{n-1})*n^3)
computational complexity. We show that this system is no more secure than the
original ASG, in contrast to the claim of the ASG(r,s)'s constructor.Comment: 5 pages, 2 figures, 2 tables, 2010 IEEE International Symposium on
Information Theory (ISIT2010),June 13-18, 2010, Austin, Texa
Recommended from our members
Morpheus: stream cipher for software & hardware applications
In a world where electronic devices with different characteristics are networked, privacy is an essential element for the communicating process. Privacy can be achieved by encryption algorithms with unique features based on the application that are deployed. In this paper a word-oriented stream cipher, or Morpheus, for both hardware and software devices, is proposed. Morpheus targets multimedia applications, such as Games-On-Demand or IPTV, where data are usually streamed over different kind of networks and devices. Morpheus behaves very well in all known statistical tests and is resilient to known attacks for both synchronous and self-synchronous encryption modes
- …