Some observations on HC-128
نویسندگان
چکیده
In this paper, we use linear approximations of the addition modulo 2 of three n-bit integers to identify linear approximations of g1, g2, the feedback functions of HC-128. This, in turn, shows that the process of keystream output generation of HC-128 can be well approximated by linear functions. In this direction, we show that the “least significant bit” based distinguisher (presented by the designer himself) of HC-128 works for the complete 32-bit word. In a different note, in the line of Dunkelman’s observation, we also study how HC-128 keystream words leak secret state information of the cipher due to the properties of the functions h1, h2 and present improved results.
منابع مشابه
Differential Fault Analysis of HC-128
HC-128 is a high speed stream cipher with a 128-bit secret key and a 128-bit initialization vector. It has passed all the three stages of the ECRYPT stream cipher project and is a member of the eSTREAM software portfolio. In this paper, we present a differential fault analysis attack on HC-128. The fault model in which we analyze the cipher is the one in which the attacker is able to fault a ra...
متن کاملA Combinatorial Analysis of HC-128
We show that the knowledge of any one of the two internal state arrays of HC-128 along with the knowledge of 2048 keystream words is sufficient to construct the other state array completely in 2 time complexity. Though our analysis does not lead to any attack on HC-128, it reveals a structural insight into the cipher. In the process, we theoretically establish certain combinatorial properties o...
متن کاملOptimized GPU Implementation and Performance Analysis of HC Series of Stream Ciphers
The ease of programming offered by the CUDA programming model attracted a lot of programmers to try the platform for acceleration of many non-graphics applications. Cryptography, being no exception, also found its share of exploration efforts, especially block ciphers. In this contribution we present a detailed walk-through of effective mapping of HC-128 and HC-256 stream ciphers on GPUs. Due t...
متن کاملThe Stream Cipher HC-128
Statement 1. HC-128 supports 128-bit key and 128-bit initialization vector. Statement 2. 2 keystream bits can be generated from each key/IV pair. Statement 3. There is no hidden flaw in HC-128. Statement 4. The smallest period is expected to be much larger than 2. Statement 5. Recovering the secret key is as difficult as exhaustive key search. Statement 6. Distinguishing attack requires more th...
متن کاملCryptanalysis of Selected Stream Ciphers
T he aim of this dissertation is to show some cryptanalytical results on a selection of stream ciphers. We have grouped theory and results into three main parts. The first part focuses on the FCSR-based constructions X-FCSR and F-FCSRH v3. For the X-FCSR family of stream ciphers we perform a severe state recovery attack. This attack works for both X-FCSR-128 and X-FCSR-256. We then develop a ge...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2008 شماره
صفحات -
تاریخ انتشار 2008