Cryptanalysis of TWOPRIME
نویسندگان
چکیده
Ding et al [DNRS97] propose a stream generator based on several layers. We present several attacks. First, we observe that the non-surjectivity of a linear combination step allows us to recover half the key with minimal effort. Next, we show that the various bytes are insufficiently mixed by these layers, enabling an attack similar to those on two-loop Vigenere ciphers to recover the remainder of the key. Combining these techniques lets us recover the entire TWOPRIME key. We require the generator to produce 2 blocks (2 bytes), or 19 hours worth of output, of which we examine about one million blocks (2 bytes); the computational workload can be estimated at 2 operations. Another set of attacks trades off texts for time, reducing the amount of known plaintext needed to just eight blocks (64 bytes), while needing 2 time and 2 space. We also show how to break two variants of TWOPRIME presented in the original paper.
منابع مشابه
Cryptanalysis of block-wise stream ciphers suitable for the protection of multimedia and ubiquitous systems
In this paper we introduce a general framework of related-key attack on block-wise stream ciphers which are suitable for the protection of multimedia and ubiquitous systems. As a case study, we show how our cryptanalytic framework is applied to a block-wise stream cipher TWOPRIME: we construct various related-key differentials of TWOPRIME and use them to show that recovering related keys of TWO...
متن کاملA new method for accelerating impossible differential cryptanalysis and its application on LBlock
Impossible differential cryptanalysis, the extension of differential cryptanalysis, is one of the most efficient attacks against block ciphers. This cryptanalysis method has been applied to most of the block ciphers and has shown significant results. Using structures, key schedule considerations, early abort, and pre-computation are some common methods to reduce complexities of this attack. In ...
متن کاملImpossible Differential Cryptanalysis on Deoxys-BC-256
Deoxys is a final-round candidate of the CAESAR competition. Deoxys is built upon an internal tweakable block cipher Deoxys-BC, where in addition to the plaintext and key, it takes an extra non-secret input called a tweak. This paper presents the first impossible differential cryptanalysis of Deoxys-BC-256 which is used in Deoxys as an internal tweakable block cipher. First, we find a 4.5-round...
متن کاملTime and Space Complexity Reduction of a Cryptanalysis Algorithm
Binary Decision Diagram (in short BDD) is an efficient data structure which has been used widely in computer science and engineering. BDD-based attack in key stream cryptanalysis is one of the best forms of attack in its category. In this paper, we propose a new key stream attack which is based on ZDD(Zero-suppressed BDD). We show how a ZDD-based key stream attack is more efficient in time and ...
متن کاملA Performance Survey of Meta-Heuristic And Brute-Force Search Algorithms to Cryptanalysis The SDES Encryption Algorithm
For many years, cryptanalysis has been considered as an attractive topic in jeopardizing the security and resistance of an encryption algorithm. The SDES encryption algorithm is a symmetric cryptography algorithm that performs a cryptographic operation using a crypt key. In the world of encryption, there are many search algorithms to cryptanalysis. In these researches, brute force attack algori...
متن کامل