Improved Linear Cryptanalysis of SOSEMANUK

Abstract. The SOSEMANUK stream cipher is one of the finalists of the eSTREAM project. In this paper, we improve the linear cryptanalysis of SOSEMANUK presented in Asiacrypt 2008. We apply the generalized linear masking technique to SOSEMANUK and derive many linear approximations holding with the correlations of up to 2 −25.5. We show that the data complexity of the linear attack on SOSEMANUK can be reduced by a factor of 2 10 if multiple linear approximations are used. Since SOSEMANUK claims 128-bit security, our attack would not be a real threat on the security of SOSEMANUK. Keywords: Stream Ciphers, Linear Cryptanalysis, SOSEMANUK, SOBER-128.

Analisa Algoritma Ciphers Transposition: Study Literature

Technological developments allow the sending and storage of data can be done quickly, easily, practically, and safely. One security used uses cryptographic techniques. Cryptography is a technique of converting original text (plaintext) into secret text (ciphertext) using cryptographic algorithms (ciphers) or what is called the encryption process. The decryption process is the process of converting data encoded into original data. One of the cryptographic algorithms is the Cipher Transposition Algorithm. The analysis aims to determine the characteristics and application of the Transposition Cipher. The method used in this study by means of Study Literature, analyzes previous research from journals related to the Transposition Cipher Algorithm. The results are in the form of a view using the study literature method and knowing the characteristics and application of the Cipher Transposition algorithm and analyzing trends in previous studies. Kata Kunci : Cryptography, Algorithms, Cipher Transposition, Study literatur

Improved Fast Correlation Attacks on the Sosemanuk Stream Cipher

In this paper, we present a new algorithm for fast correlation attacks on stream ciphers with improved cryptanalysis results on the Sosemanuk stream cipher, one of the 7 finalists in the eSTREAM project in 2008. The new algorithm exploits the direct sum construction of covering codes in decoding phase which approximates the random vectors to a nearest codeword in a linear code. The new strategy provides large flexibility for the adversary and could reduce the time/memory/data complexities significantly. As a case study, we carefully revisit Sosemanuk and demonstrate a state recovery attack with a time complexity of 2134.8, which is 220 times faster than achievable before by the same kind of attack and is the fastest one among all known attacks so far. Our result indicates an inefficiency in longer keys than 135 bits and depicts that the security margin of Sosemanuk is around 28 for the 128-bit security for the first time

Analisa Algoritma Ciphers Transposition: Study Literature

Technological developments allow the sending and storage of data can be done quickly, easily, practically, and safely. One security used uses cryptographic techniques. Cryptography is a technique of converting original text (plaintext) into secret text (ciphertext) using cryptographic algorithms (ciphers) or what is called the encryption process. The decryption process is the process of converting data encoded into original data. One of the cryptographic algorithms is the Cipher Transposition Algorithm. The analysis aims to determine the characteristics and application of the Transposition Cipher. The method used in this study by means of Study Literature, analyzes previous research from journals related to the Transposition Cipher Algorithm. The results are in the form of a view using the study literature method and knowing the characteristics and application of the Cipher Transposition algorithm and analyzing trends in previous studies. Kata Kunci : Cryptography, Algorithms, Cipher Transposition, Study literatur

New Treatment of the BSW Sampling and Its Applications to Stream Ciphers

By combining the time-memory-data tradeoff (TMDTO) attack independently proposed by Babbage and Golic (BG) with the BSW sampling technique, this paper explores to mount a new TMDTO attack on stream ciphers. The new attack gives a wider variety of trade-offs, compared with original BG-TMDTO attack. It is efficient when multiple data is allowed for the attacker from the same key with different IVs, even though the internal state size is twice the key size. We apply the new attack to MICKEY and Grain stream ciphers, and improves the existing TMDTO attacks on them. Our attacks on Grain v1 and Grain-128 stream ciphers are rather attractive in the respect that the online time, offline time and memory complexities are all better than an exhaustive key search, and the amount of keystream needed are completely valid. Finally, we generalize the new attack to a Guess and Determine-TMDTO attack on stream ciphers, and mount a Guess and Determine-TMDTO attack on SOSEMANUK stream cipher with the online time and offline time complexities both equal to 2128, which achieves the best time com-plexity level compared with all existing attacks on SOSEMANUK so far

Multidimensional linear cryptanalysis

Linear cryptanalysis is an important tool for studying the security of symmetric ciphers. In 1993 Matsui proposed two algorithms, called Algorithm 1 and Algorithm 2, for recovering information about the secret key of a block cipher. The algorithms exploit a biased probabilistic relation between the input and output of the cipher. This relation is called the (one-dimensional) linear approximation of the cipher. Mathematically, the problem of key recovery is a binary hypothesis testing problem that can be solved with appropriate statistical tools. The same mathematical tools can be used for realising a distinguishing attack against a stream cipher. The distinguisher outputs whether the given sequence of keystream bits is derived from a cipher or a random source. Sometimes, it is even possible to recover a part of the initial state of the LFSR used in a key stream generator. Several authors considered using many one-dimensional linear approximations simultaneously in a key recovery attack and various solutions have been proposed. In this thesis a unified methodology for using multiple linear approximations in distinguishing and key recovery attacks is presented. This methodology, which we call multidimensional linear cryptanalysis, allows removing unnecessary and restrictive assumptions. We model the key recovery problems mathematically as hypothesis testing problems and show how to use standard statistical tools for solving them. We also show how the data complexity of linear cryptanalysis on stream ciphers and block ciphers can be reduced by using multiple approximations. We use well-known mathematical theory for comparing different statistical methods for solving the key recovery problems. We also test the theory in practice with reduced round Serpent. Based on our results, we give recommendations on how multidimensional linear cryptanalysis should be used

Three Snakes in One Hole: The First Systematic Hardware Accelerator Design for SOSEMANUK with Optional Serpent and SNOW 2.0 Modes

With increasing usage of hardware accelerators in modern heterogeneous System-on-Chips (SoCs), the distinction between hardware and software is no longer rigid. The domain of cryptography is no exception and efficient hardware design of so-called software ciphers are becoming increasingly popular. In this paper, for the first time we propose an efficient hardware accelerator design for SOSEMANUK, one of the finalists of the eSTREAM stream cipher competition in the software category. Since SOSEMANUK combines the design principles of the block cipher Serpent and the stream cipher SNOW 2.0, we make our design flexible to accommodate the option for independent execution of Serpent and SNOW 2.0. In the process, we identify interesting design points and explore different levels of optimizations. We perform a detailed experimental evaluation for the performance figures of each design point. The best throughput achieved by the combined design is 67.84 Gbps for SOSEMANUK, 33.92 Gbps for SNOW 2.0 and 2.12 Gbps for Serpent. Our design outperforms all existing hardware (as well as software) designs of Serpent, SNOW 2.0 and SOSEMANUK, along with those of all other eSTREAM candidates