Cryptanalyse de Achterbahn-128/80

نویسنده

  • María Naya-Plasencia
چکیده

This paper presents two attacks against Achterbahn-128/80, the last version of one of the stream cipher proposals in the eSTREAM project. The attack against the 80-bit variant, Achterbahn-80, has complexity 2^{56.32}. The attack against Achterbahn-128 requires 2^{75.4} operations and 2^{61} keystream bits. These attacks are based on an improvement of the attack due to Hell and Johansson against Achterbahn version 2 and also on an algorithm that makes profit of the short lengths of the constituent registers. ***** Ce papier pr\'{e}sente deux attaques sur Achterbahn-128/80, la derni\`{e}re version d'un des algorithmes propos\'{e}s dans le cadre de eSTREAM. L'attaque sur la version de 80 bits, Achterbahn-80, est en 2^{56.32}. L'attaque sur Achterbahn-128 a besoin de 2^{75.4} calculs et 2^{61} bits de suite chiffrante. Ces attaques sont bas\'{e}es sur une am\'{e}lioration de l'attaque propos\'{e}e par Hell et Johansson sur la version 2 d'Achterbahn et aussi sur un algorithme qui tire profit des petites longueurs des registres.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Cryptanalysis of Achterbahn-128/80 with a New Keystream Limitation

This paper presents two key-recovery attacks against the last modi cation to Achterbahn-128/80 proposed by the authors at SASC 2007 due to the previous attacks. The 80-bit variant, Achterbahn-80, has been limited to produce at most 2 bits of keystream with the same pair of key and IV, while Achterbahn-128 is limited to 2. The attack against Achterbahn-80 has complexity 2 and needs fewer than 2 ...

متن کامل

Achterbahn-128/80: Design and Analysis

We determine the imbalances of the keystreams produced by Achterbahn-80 and Achterbahn-128 in two different ways. The number of cyclically inequivalent keystreams produced by the keystream generators of Achterbahn-80 and Achterbahn-128 is determined. An abstract model for the keystream generator of a primitive NLFSR combination generator is used to justify the correlation attack introduced in [...

متن کامل

Cryptanalysis of Achterbahn-128/80

This paper presents two key-recovery attacks against Achterbahn-128/80, the last version of one of the stream cipher proposals in the eSTREAM project. The attack against the 80-bit variant, Achterbahn80, has complexity 2. The attack against Achterbahn-128 requires 2 operations and 2 keystream bits. These attacks are based on an improvement of the attack due to Hell and Johansson against Achterb...

متن کامل

Cryptanalysis of Achterbahn-128/80

A key recovery attack on the stream cipher Achterbahn128/80, a cipher in the second phase of eSTREAM, is given. The key observation is a high dependency between some input bits to the Boolean combining function generating the keystream. It results in the first known attacks on both the 128-bit and the 80-bit variants of the cipher. The amount of keystream bits required in the attacks is less th...

متن کامل

Improved Boolean Combining Functions for Achterbahn

The Boolean combining function in the 80-bit-key stream cipher Achterbahn [1] is weak. Its major weakness consists of the fact that by setting two specific variables to zero, the function becomes linear. Its second weakness consists of the fact that it can be approximated by a linear function which agrees with the Boolean combining function with probability 3/4. By exploiting the first weakness...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • CoRR

دوره abs/cs/0611033  شماره 

صفحات  -

تاریخ انتشار 2006