Cryptanalysis of Selected Stream Ciphers
نویسنده
چکیده
T he aim of this dissertation is to show some cryptanalytical results on a selection of stream ciphers. We have grouped theory and results into three main parts. The first part focuses on the FCSR-based constructions X-FCSR and F-FCSRH v3. For the X-FCSR family of stream ciphers we perform a severe state recovery attack. This attack works for both X-FCSR-128 and X-FCSR-256. We then develop a generalized birthday algorithm for finding linear relations in FCSRs. This algorithm applies to the most recent and general FCSR architecture, the ring FCSR, so it can be used for analyzing the FCSR of any FCSR-based design. We apply the algorithm to produce an efficient distinguisher for F-FCSR-H v3, which was previously unbroken. The second part of the dissertation covers topics related to the HC family of stream ciphers. First, a very general treatment of sampling methods is presented. Surprisingly, perhaps, a positive result is given. We prove that an efficient sampling method based on sampling vector weights is optimal in a given context. This sampling technique is employed to produce the best known distinguisher for HC-128. We go on to show a few theoretical results on functions that use word rotation and xor. These results are applied to a modified variant of HC-128, and this application shows how the theory could be used in a cryptanalytical scenario. It also shows the important role of the addition operator in HC-128, without which the cipher would be much less secure. In the third part of the dissertation we analyze stream ciphers, and block ciphers to a lesser extent, using algebraic methods. We develop a simple and intuitive greedy algorithm for automatic security testing of cryptographic primitives. This is done in a black box fashion, without using any information on the internal structure of the primitives. Despite this, it is shown how structural information is revealed very clearly under certain circumstances. The main features here are some nice results for the well-known stream ciphers Trivium, Grain-128 and Grain v1.
منابع مشابه
Cryptanalysis and Design of Stream Ciphers
This thesis presents some novel results on the cryptanalysis and design of stream ciphers. The first part of the thesis introduces various stream ciphers design and cryptanalysis techniques. The second part of the thesis gives the cryptanalysis of seven stream ciphers. The properties of addition are exploited in the cryptanalysis of two stream ciphers: the differential-linear cryptanalysis agai...
متن کاملOn the computational complexity of finding a minimal basis for the guess and determine attack
Guess-and-determine attack is one of the general attacks on stream ciphers. It is a common cryptanalysis tool for evaluating security of stream ciphers. The effectiveness of this attack is based on the number of unknown bits which will be guessed by the attacker to break the cryptosystem. In this work, we present a relation between the minimum numbers of the guessed bits and uniquely restricted...
متن کاملDifferential Cryptanalysis in Stream Ciphers
In this paper we present a general framework for the application of the ideas of differential cryptanalysis to stream ciphers. We demonstrate that some differences in the key (or the initial state or the plaintext) are likely to cause predicted differences in the key stream or in the internal state. These stream differences can then be used to analyze the internal state of the cipher and retrie...
متن کاملDifferential Cryptanalysis of the Stream Ciphers Py, Py6 and Pypy
A multi-year project to identify new stream ciphers that might become suitable for widespread adoption
متن کاملExtending the Resynchronization Attack
Synchronous stream ciphers need perfect synchronization between sender and receiver. In practice, this is ensured by a resync mechanism. Daemen et al. [10] first described attacks on ciphers using such a resync mechanism. In this paper, we extend their attacks in several ways by combining the standard attack with cryptanalytic techniques such as algebraic attacks and linear cryptanalysis. Our r...
متن کاملHardware results for selected stream cipher candidates
This paper presents hardware implementation and performance metrics for the candidate stream ciphers in the Phase II Hardware Focus. Quantitative consideration is also given to all candidate ciphers as to whether any should be added to the Hardware Focus set. In this treatment, only the submissions without licensing restrictions have been considered. The results are presented in tabular and gra...
متن کامل