Improved Linear Distinguishers for SNOW 2.0
نویسندگان
چکیده
In this paper we present new and more accurate estimates of the biases of the linear approximation of the FSM of the stream cipher SNOW 2.0. Based on improved bias estimates we also find a new linear distinguisher with bias 2−86.9 that is significantly stronger than the previously found ones by Watanabe et al. (2003) and makes it possible to distinguish the output keystream of SNOW 2.0 of length 2 words from a truly random sequence with workload 2. This attack is also stronger than the recent distinguishing attack by Maximov and Johansson (2005). We also investigate the diffusion properties of the MixColumn transformation used in the FSM of SNOW 2.0 and present some evidence why much more efficient distinguishers may not exist.
منابع مشابه
On the sliding property of SNOW 3 G and SNOW 2.0
SNOW 3G is a stream cipher chosen by the 3rd Generation Partnership Project (3GPP) as a crypto-primitive to substitute KASUMI in case its security is compromised. SNOW 2.0 is one of the stream ciphers chosen for the ISO/IEC standard IS 18033-4. In this paper, we show that the initialization procedure of the two ciphers admits a sliding property, resulting in several sets of related-key pairs. I...
متن کاملAnalysis of LFSR Based Snow Family against Guess and Determine Attack
Stream Cipher is a cryptographic primitive that is used to make sure privacy on a communication channel. SNOW family is a typical example of word oriented stream ciphers based on Linear Feedback Shift Register (LFSR). In this paper two versions of SNOW family have been analyzed against Guess and Determine (GD) Attack. Original SNOW 2.0 is an improved version of SNOW 1.0 claimed to be more secur...
متن کاملImproved Integral and Zero-correlation Linear Cryptanalysis of Reduced-round CLEFIA Block Cipher
CLEFIA is a block cipher developed by Sony Corporation in 2007. It is a recommended cipher of CRYPTREC, and has been adopted as ISO/IEC international standard in lightweight cryptography. In this paper, some new 9-round zero-correlation linear distinguishers of CLEFIA are constructed with the input masks and output masks being independent, which allow multiple zero-correlation linear attacks on...
متن کاملAutomatic Search of Bit-Based Division Property for ARX Ciphers and Word-Based Division Property
Division property is a generalized integral property proposed by Todo at Eurocrypt 2015. Previous tools for automatic searching are mainly based on the Mixed Integer Linear Programming (MILP) method and trace the division property propagation at the bit level. In this paper, we propose automatic tools to detect ARX ciphers’ division property at the bit level and some specific ciphers’ division ...
متن کاملIntegral and Multidimensional Linear Distinguishers with Correlation Zero
Zero-correlation cryptanalysis uses linear approximations holding with probability exactly 1/2. In this paper, we reveal fundamental links of zero-correlation distinguishers to integral distinguishers and multidimensional linear distinguishers. We show that an integral implies zero-correlation linear approximations and that a zero-correlation linear distinguisher is actually a special case of m...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006