Resynchronization Attacks on WG and LEX
نویسندگان
چکیده
WG and LEX are two stream ciphers submitted to eStream – the ECRYPT stream cipher project. In this paper, we point out security flaws in the resynchronization of these two ciphers. The resynchronization of WG is vulnerable to a differential attack. For WG with 80-bit key and 80-bit IV, 48 bits of the secret key can be recovered with about 2 chosen IVs . For each chosen IV, only the first four keystream bits are needed in the attack. The resynchronization of LEX is vulnerable to a slide attack. If a key is used with about 2 random IVs, and 20,000 keystream bytes are generated from each IV, then the key of the strong version of LEX could be recovered easily with a slide attack. The resynchronization attack on WG and LEX shows that block cipher related attacks are powerful in analyzing non-linear resynchronization mechanisms.
منابع مشابه
Cryptanalysis and Design of Stream Ciphers
This thesis presents some novel results on the cryptanalysis and design of stream ciphers. The first part of the thesis introduces various stream ciphers design and cryptanalysis techniques. The second part of the thesis gives the cryptanalysis of seven stream ciphers. The properties of addition are exploited in the cryptanalysis of two stream ciphers: the differential-linear cryptanalysis agai...
متن کاملSome Results on Distinguishing Attacks on Stream Ciphers
Stream ciphers are cryptographic primitives that are used to ensure the privacy of a message that is sent over a digital communication channel. In this thesis we will present new cryptanalytic results for several stream ciphers. The thesis provides a general introduction to cryptology, explains the basic concepts, gives an overview of various cryptographic primitives and discusses a number of d...
متن کاملMaximum Cardinality Search for Computing Minimal Triangulations
We present a new algorithm, called MCS-M, for computing minimal triangulations of graphs. Lex-BFS, a seminal algorithm for recognizing chordal graphs, was the genesis for two other classical algorithms: Lex-M and MCS. Lex-M extends the fundamental concept used in Lex-BFS, resulting in an algorithm that also computes a minimal triangulation of an arbitrary graph. MCS simplified the fundamental c...
متن کاملPowers of Subfield Polynomials and Algebraic Attacks on Word-Based Stream Ciphers
In this paper we investigate univariate algebraic attacks on filter generators over extension fields Fq = F2n with focus on the WelchGong (WG) family of stream ciphers. Our main contribution is to break WG-5, WG-7, WG-8 and WG-16 by combining results on the so-called spectral immunity (minimum distance of certain cyclic codes) with properties of the WG type stream cipher construction. The spect...
متن کاملImage Watermarking Resynchronization to Geometric Attacks in DWT Domain
This paper presents a novel image watermarking resynchronization technique in discrete wavelet trans-form (DWT) domain. Rotation and shearing attacks desynchronizing watermark model in DWT domain are given respectively. According to these models, two corresponding watermarking resynchronization algorithms are proposed. The ideal watermark can be extracted from the resynchronized watermarked ima...
متن کامل