Cryptanalysis of Achterbahn-128/80

نویسنده

  • María Naya-Plasencia
چکیده

This paper presents two key-recovery attacks against Achterbahn-128/80, the last version of one of the stream cipher proposals in the eSTREAM project. The attack against the 80-bit variant, Achterbahn80, has complexity 2. The attack against Achterbahn-128 requires 2 operations and 2 keystream bits. These attacks are based on an improvement of the attack due to Hell and Johansson against Achterbahn version 2. They mainly rely on an algorithm that makes pro t of the independence of the constituent registers.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Cryptanalysis of Achterbahn-128/80 with a New Keystream Limitation

This paper presents two key-recovery attacks against the last modi cation to Achterbahn-128/80 proposed by the authors at SASC 2007 due to the previous attacks. The 80-bit variant, Achterbahn-80, has been limited to produce at most 2 bits of keystream with the same pair of key and IV, while Achterbahn-128 is limited to 2. The attack against Achterbahn-80 has complexity 2 and needs fewer than 2 ...

متن کامل

Cryptanalyse de Achterbahn-128/80

This paper presents two attacks against Achterbahn-128/80, the last version of one of the stream cipher proposals in the eSTREAM project. The attack against the 80-bit variant, Achterbahn-80, has complexity 2^{56.32}. The attack against Achterbahn-128 requires 2^{75.4} operations and 2^{61} keystream bits. These attacks are based on an improvement of the attack due to Hell and Johansson against...

متن کامل

Cryptanalysis of Achterbahn-128/80

A key recovery attack on the stream cipher Achterbahn128/80, a cipher in the second phase of eSTREAM, is given. The key observation is a high dependency between some input bits to the Boolean combining function generating the keystream. It results in the first known attacks on both the 128-bit and the 80-bit variants of the cipher. The amount of keystream bits required in the attacks is less th...

متن کامل

Achterbahn-128/80: Design and Analysis

We determine the imbalances of the keystreams produced by Achterbahn-80 and Achterbahn-128 in two different ways. The number of cyclically inequivalent keystreams produced by the keystream generators of Achterbahn-80 and Achterbahn-128 is determined. An abstract model for the keystream generator of a primitive NLFSR combination generator is used to justify the correlation attack introduced in [...

متن کامل

Fault Analysis on the Stream Ciphers LILI-128 and Achterbahn

LILI-128 is a clock controlled stream cipher based on two LFSRs with one clock control function and one non-linear filter function. The clocking of the second LFSR is controlled by the first LFSR. In this paper we propose a fault algebraic attack on LILI-128 stream cipher. We first recover the state bits of the first LFSR by injecting a single bit fault in the first LFSR. After that we recover ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2007