Cryptanalytic Time/Memory/Data Tradeoffs for Stream Ciphers

نویسندگان

  • Alex Biryukov
  • Adi Shamir
چکیده

In 1980 Hellman introduced a general technique for breaking arbitrary block ciphers with N possible keys in time T and memory M related by the tradeoff curve TM = N for 1 ≤ T ≤ N . Recently, Babbage and Golic pointed out that a different TM = N tradeoff attack for 1 ≤ T ≤ D is applicable to stream ciphers, where D is the amount of output data available to the attacker. In this paper we show that a combination of the two approaches has an improved time/memory/data tradeoff for stream ciphers of the form TMD = N for any D ≤ T ≤ N . In addition, we show that stream ciphers with low sampling resistance have tradeoff attacks with fewer table lookups and a wider choice of parameters.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Cryptanalytic Time-Memory-Data Tradeoffs for FX-Constructions with Applications to PRINCE and PRIDE

The FX-construction was proposed in 1996 by Kilian and Rogaway as a generalization of the DESX scheme. The construction increases the security of an n-bit core block cipher with a κ-bit key by using two additional n-bit masking keys. Recently, several concrete instances of the FX-construction were proposed, including PRINCE (proposed at Asiacrypt 2012) and PRIDE (proposed at CRYPTO 2014). These...

متن کامل

Stream ciphers and the eSTREAM project

Stream ciphers are an important class of symmetric cryptographic algorithms. The eSTREAM project contributed significantly to the recent increase of activity in this field. In this paper, we present a survey of the eSTREAM project. We also review recent time/memory/data and time/memory/key trade-offs relevant for the generic attacks on stream ciphers.

متن کامل

Cryptanalytic Time/memory/data Tradeoos for Stream Ciphers

In 1980 Hellman introduced a general technique for breaking arbitrary block ciphers with N possible keys in time T and memory M related by the tradeoo curve T M 2 = N 2 for 1 T N. Recently, Babbage and Golic pointed out that a diierent T M = N tradeoo attack for 1 T D is applicable to stream ciphers, where D is the amount of output data available to the attacker. In this paper we show that a co...

متن کامل

Real Time Cryptanalysis of Bluetooth Encryption with Condition Masking - (Extended Abstract)

The Bluetooth standard authorized by IEEE 802.15.1 adopts the two-level E0 stream cipher to protect short range privacy in wireless networks. The best published attack on it at Crypto 2005 requires 2 on-line computations, 2 off-line computations and 2 memory (which amount to about 19-hour, 37-hour and 64GB storage in practice) to restore the original encryption key, given the first 24 bits of 2...

متن کامل

Linearisation Attacks on FCSR-based Stream Ciphers

This paper presents a new class of cryptanalytic attacks, which are applicable against those binary additive synchronous stream ciphers, whose analysis theory is based on the properties of 2-adic numbers. These attacks are named as ‘Linearisation Attacks’. Linearisation attacks consist of three variants, which are referred as ‘Conventional Linearisation Attacks (CLAs)’, ‘Fast Linearisation Atta...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2000