Cryptanalysis of Achterbahn

Abstract. We present several attacks against the Achterbahn stream cipher, which was proposed to the eSTREAM competition. We can break the reduced and the full version with complexity of 2 55 and 2 61 steps. Extensions of our attacks are also described to break modified versions of the Achterbahn stream cipher, which were proposed following the publication of preliminary cryptanalysis results. These attacks highlight some problems in the design principle of Achterbahn, i.e., combining the outputs of several nonlinear (but small) shift registers using a nonlinear (but rather sparse) output function.

On the Selection of Pairing-Friendly Groups

We propose a simple algorithm to select group generators suitable for pairing-based cryptosystems. The selected parameters are shown to favor implementations of the Tate pairing that are at once conceptually simple and efficient, with an observed performance about 2 to 10 times better than previously reported implementations, depending on the embedding degree. Our algorithm has beneficial side effects: various non-pairing operations become faster, and bandwidth may be saved