Improved Linear Cryptanalysis of SOSEMANUK

Abstract

Abstract. The SOSEMANUK stream cipher is one of the finalists of the eSTREAM project. In this paper, we improve the linear cryptanalysis of SOSEMANUK presented in Asiacrypt 2008. We apply the generalized linear masking technique to SOSEMANUK and derive many linear approximations holding with the correlations of up to 2 −25.5. We show that the data complexity of the linear attack on SOSEMANUK can be reduced by a factor of 2 10 if multiple linear approximations are used. Since SOSEMANUK claims 128-bit security, our attack would not be a real threat on the security of SOSEMANUK. Keywords: Stream Ciphers, Linear Cryptanalysis, SOSEMANUK, SOBER-128.