An Improved Attack on WG Stream Cipher
نویسندگان
چکیده
WG is a synchronous stream cipher submitted to the hardware profile of eSTREAM project. The main feature of this stream cipher is the use of WG transformation. WG uses keys and initial vectors (IVs) of the same lengths 80, 96, 112 and 128 bits. Moreover, IVs of the length 32 and 64 bits are admitted. The most important key recovery attack on WG was presented by Wu and Preneel and uses the weakness of the initialization step of the algorithm. The attack is a chosen IV one which its success probability for WG with 80 bit (or more) and 64 bit IVs is close to 1 and , respectively. The attack cannot be performed on WG with IVs of the length 32 bits. In this paper Wu and Preneel’s attack is improved in such a way that the success probability increases nearly to 1 for IVs of length 64 and 32 bits. 5 2
منابع مشابه
MILP-Based Cube Attack on the Reduced-Round WG-5 Lightweight Stream Cipher
The cube attack is a powerful cryptanalytic tool for the analysis of stream ciphers, which until recently were investigated in a blackbox scenario with a minimal consideration to their internal and polynomial structures. In this paper, we analyze the lightweight stream cipher WG5, which offers 80-bit security, using cube attacks in a non-blackbox polynomial setting employing the division proper...
متن کاملResynchronization Attacks on WG and LEX
WG and LEX are two stream ciphers submitted to eStream – the ECRYPT stream cipher project. In this paper, we point out security flaws in the resynchronization of these two ciphers. The resynchronization of WG is vulnerable to a differential attack. For WG with 80-bit key and 80-bit IV, 48 bits of the secret key can be recovered with about 2 chosen IVs . For each chosen IV, only the first four k...
متن کاملAn Improved Guess-and-Determine Attack on the A5/1 Stream Cipher
In Europe and North America, the most widely used stream cipher to ensure privacy and confidentiality of conversations in GSM mobile phones is the A5/1. In this paper, we present an improved guess-and-determine attack on the A5/1 stream cipher with an average time complexity of 248.5, which is much less than any known guessand-determine attack. The attack has a 100% success rate and requires a ...
متن کاملWG-8: A Lightweight Stream Cipher for Resource-Constrained Smart Devices
Lightweight cryptographic primitives are essential for securing pervasive embedded devices like RFID tags, smart cards, and wireless sensor nodes. In this paper, we present a lightweight stream cipher WG-8, which is tailored from the well-known Welch-Gong (WG) stream cipher family, for resource-constrained devices. WG-8 inherits the good randomness and cryptographic properties of the WG stream ...
متن کاملAlgebraic Countermeasure to Enhance the Improved Summation Generator with 2-Bit Memory
Recently proposed algebraic attack has been shown to be very effective on several stream ciphers. In this paper, we have investigated the resistance of PingPong family of stream ciphers against algebraic attacks. This stream cipher was proposed in 2008 to enhance the security of the improved summation generator against the algebraic attack. In particular, we focus on the PingPong-128 stream cip...
متن کامل