An Improved Distinguisher for Dragon

An Improved Estimate of the Correlation of Distinguisher for Dragon

The function F of Dragon plays an important role on both the keystream generation and the internal state update. We analyze the function F of Dragon by linear cryptanalytic methods. Thanks to an efficient algorithm on linear approximations of the modular addition, we observed that there were a large number of approximations with significant correlations in the nonlinear components of the functi...

Distinguishing WPA

We present an efficient algorithm that can distinguish the keystream of WPA from that of a generic instance of RC4 with a packet complexity of O(N), where N denotes the size of the internal permutation of RC4. In practice, our distinguisher requires approximately 2 packets; thus making it the best known distinguisher of WPA to date. This is a significantly improved distinguisher than the previo...

Improved Cryptanalysis on Reduced-Round GOST and Whirlpool Hash Function

The GOST hash function family has served as the new Russian national hash standard (GOST R 34.11-2012) since January 1, 2013, and it has two members, i.e., GOST256 and GOST-512 which correspond to two different output lengths. Most of the previous analyses of GOST emphasize on the compression function rather than the hash function. In this paper, we focus on security properties of GOST under th...

Improved cryptanalysis of Py

We improve on the best known cryptanalysis of the stream cipher Py by using a hidden Markov model for the carry bits in addition operations where a certain distinguishing event takes place, and constructing from it an “optimal distinguisher” for the bias in the output bits which makes more use of the information available. We provide a general means to efficiently measure the efficacy of such a...

Improved Single-Key Distinguisher on HMAC-MD5 and Key Recovery Attacks on Sandwich-MAC-MD5