On Data Complexity of Distinguishing Attacks vs. Message Recovery Attacks on Stream Ciphers
نویسندگان
چکیده
We revisit the different approaches used in the literature to estimate the data complexity of distinguishing attacks on stream ciphers and analyze their inter-relationships. In the process, we formally argue which approach is applicable (or not applicable) in what scenario. To our knowledge, this is the first kind of such an exposition. We also perform a rigorous statistical analysis of the message recovery attack that exploits a distinguisher and show that in practice there is a significant gap between the data complexities of a message recovery attack and the underlying distinguishing attack. This gap is not necessarily determined by a constant factor as a function of the false positive and negative rate, as one would expect. Rather this gap is also a function of the number of samples of the distinguishing attack. We perform a case study on RC4 stream cipher to demonstrate that the typical complexities for message recovery attack inferred in the literature are but under-estimates and the actual estimates are quite larger. Index Terms Data Complexity, Distinguisher, Distinguishing Attack, Message Recovery, Stream Cipher.
منابع مشابه
Some Results on Distinguishing Attacks on Stream Ciphers
Stream ciphers are cryptographic primitives that are used to ensure the privacy of a message that is sent over a digital communication channel. In this thesis we will present new cryptanalytic results for several stream ciphers. The thesis provides a general introduction to cryptology, explains the basic concepts, gives an overview of various cryptographic primitives and discusses a number of d...
متن کاملA New Simple Technique to Attack Filter Generators and Related Ciphers
This paper presents a new simple distinguishing attack that can be applied on stream ciphers constructed from filter generators or similar structures. We demonstrate the effectiveness by describing key recovery attacks on the stream cipher LILI-128. One attack on LILI-128 requires 2 bits of keystream and a computational complexity of roughly 2. This is a significant improvement compared to othe...
متن کاملNew Results of Related-key Attacks on All Py-Family of Stream Ciphers
The stream cipher TPypy has been designed by Biham and Seberry in January 2007 as the strongest member of the Py-family of stream ciphers. At Indocrypt 2007, Sekar, Paul and Preneel showed related-key weaknesses in the Py-family of stream ciphers including the strongest member TPypy. Furthermore, they modified the stream ciphers TPypy and TPy to generate two fast ciphers, namely RCR-32 and RCR-...
متن کاملTime-Memory-Data Tradeoff Attacks against Small-State Stream Ciphers
Time-memory-data (TMD) tradeoff attacks limit the security level of many classical stream ciphers (like E0, A5/1, Trivium, Grain) to 2 n, where n denotes the inner state length of the underlying keystream generator. This implies that to withstand TMD tradeoff attacks, the state size should be at least double the key size. In 2015, Armknecht and Mikhalev introduced a new line of research, which ...
متن کاملبهبود حمله حدس و تعیین اکتشافی به سامانه های رمز جریانی TIPSY و SNOW1.0
Guess and determine attacks are general attacks on stream ciphers. These attacks are classified into ad-hoc and Heuristic Guess and Determine (HGD) attacks. One of the Advantages of HGD attack algorithm over ad-hoc attack is that it is designed algorithmically for a large class of stream ciphers while being powerful. In this paper, we use auxiliary polynomials in addition to the original equati...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2015 شماره
صفحات -
تاریخ انتشار 2015