A realtime key recovery attack on the authenticated cipher FASER128
نویسندگان
چکیده
FASER is a family of authenticated ciphers submitted to the CAESAR competition, which contains two parent ciphers: FASER128 and FASER256. In this work we only focus on FASER128 and present a key recovery attack to FASER128, which needs at most 64 key words and is realtime in a PC. The result shows that FASER128 is very insecure. What’s more, our attack can be easily applied to FASER256 and break it entirely.
منابع مشابه
CPA on COLM Authenticated Cipher and the Protection Using Domain-Oriented Masking
Authenticated encryption schemes are important cryptographic primitives that received extensive attention recently. They can provide both confidentiality and authenticity services, simultaneously. Correlation power analysis (CPA) can be a thread for authenticated ciphers, similar to the any physical implementation of any other cryptographic scheme. In this paper, a three-step CPA attack against...
متن کاملA practical state recovery attack on the stream cipher Sablier v1
Sablier is an authenticated encryption cipher submitted to the CAESAR competition, which is composed of the encryption Sablier v1 and the authentication Au. In this work we present a state recovery attack against the encryption Sablier v1 with time complexity about 2 operations and data complexity about 24 of 16-bit keywords. Our attack is practical in the workstation. It is noticed that the up...
متن کاملIs AEZ v4.1 Sufficiently Resilient Against Key-Recovery Attacks?
AEZ is a parallelizable, AES-based authenticated encryption algorithm that is well suited for software implementations on processors equipped with the AES-NI instruction set. It aims at offering exceptionally strong security properties such as nonce and decryption-misuse resistance and optimal security given the selected ciphertext expansion. AEZ was submitted to the authenticated ciphers compe...
متن کاملUniversal Forgery and Key Recovery Attacks on ELmD Authenticated Encryption Algorithm
In this paper, we provide a security analysis of ELmD: a block cipher based Encrypt-Linear-mix-Decrypt authentication mode. As being one of the second-round CAESAR candidate, it is claimed to provide misuse resistant against forgeries and security against blockwise adaptive adversaries as well as 128-bit security against key recovery attacks. We scrutinize ElmD in such a way that we provide uni...
متن کاملPractical State Recovery Attack on ICEPOLE
ICEPOLE is a CAESAR candidate which is claimed to have intermediate level of robustness under nonce reuse circumstances. In this report, we apply the differential-linear cryptanalysis to the ICEPOLE family and show that ICEPOLE is insecure when the nonce is reused. Under the nonce-misuse circumstances, there is differential-linear distinguishing attack on ICEPOLE with time and data complexity l...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2014 شماره
صفحات -
تاریخ انتشار 2014