Spritz - a spongy RC4-like stream cipher and hash function
نویسندگان
چکیده
This paper reconsiders the design of the stream cipher RC4, and proposes an improved variant, which we call “Spritz” (since the output comes in fine drops rather than big blocks.) Our work leverages the considerable cryptanalytic work done on the original RC4 and its proposed variants. It also uses simulations extensively to search for biases and to guide the selection of intermediate expressions. We estimate that Spritz can produce output with about 24 cycles/byte of computation. Furthermore, our statistical tests suggest that about 2 bytes of output are needed before one can reasonably distinguish Spritz output from random output; this is a marked improvement over RC4. In addition, we formulate Spritz as a “sponge (or sponge-like) function,”[7], which can Absorb new data at any time, and from which one can Squeeze pseudorandom output sequences of arbitrary length. Spritz can thus be easily adapted for use as a cryptographic hash function, an encryption algorithm, or a message-authentication code generator. (However, in hash-function mode, Spritz is rather slow.)
منابع مشابه
Hardware Accelerator for Stream Cipher Spritz
RC4, the dominant stream cipher in e-commerce and communication protocols such as, WEP, TLS, is being considered for replacement due to the series of vulnerabilities that have been pointed out in recent past. After a thorough analysis of the possible weaknesses, Spritz, a new stream cipher is proposed to that effect by the author of RC4. The design of Spritz is based on Cryptographic Sponge con...
متن کاملRandomness of Spritz via DieHarder testing
RC4 is a stream cipher included in the TLS protocol, and widely used for encrypting network traffic during the last decades. Spritz is a possible candidate for replacing RC4. Spritz is based on a sponge construction and preserves the byte-oriented behaviour existing in RC4, but introduces an interface that provides encryption, hashing or MAC-generation functionalities. We present here the resul...
متن کاملCollisions for RC4-Hash
RC4-Hash is a variable digest length cryptographic hash function based on the design of the RC4 stream cipher. In this paper, we show that RC4-Hash is not collision resistant. Collisions for any digest length can be found with an expected effort of less than 2 compression function evaluations. This is extended to multicollisions for RC4-Hash. Finding a set of 2 colliding messages has an expecte...
متن کاملCryptanalysis of the Full Spritz Stream Cipher
Spritz is a stream cipher proposed by Rivest and Schuldt at the rump session of CRYPTO 2014. It is intended to be a replacement of the popular RC4 stream cipher. In this paper we propose distinguishing attacks on the full Spritz, based on a short-term bias in the first two bytes of a keystream and a long-term bias in the first two bytes of every cycle of N keystream bytes, where N is the size o...
متن کاملHash Function Designs Based on Stream Ciphers
Hash functions are fundamental components of many cryptographic applications. Due to the recent attacks on classical designs, alternative design approaches are proposed. In this paper, we give a survey for hash function constructions based stream ciphers mainly concentrating on Panama, RadioGatún and RC4-hash. Also, we propose an example hash function Dragon-Hash based on the stream cipher Dragon.
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2016 شماره
صفحات -
تاریخ انتشار 2016