In this paper, the hardware implementations of five representative stream ciphers are compared in terms of performance and consumed area in an FPGA device. The ciphers used for the comparison are the A5/1, W7, E0, RC4 and Helix. The first three ones have been used for the security part of well-known standards, especially wireless communication protocols. The Helix cipher is a recently introduce...

Time-memory-data (TMD) tradeoff attacks limit the security level of many classical stream ciphers (like E0, A5/1, Trivium, Grain) to 2 n, where n denotes the inner state length of the underlying keystream generator. In this paper, we present Lizard, a lightweight stream cipher for power-constrained devices like passive RFID tags. Its hardware efficiency results from combining a Grain-like desig...

-In the today world, security is required to transmit confidential information over the network. Security is also demanding in wide range of applications. Cryptographic algorithms play a vital role in providing the data security against malicious attacks. But on the other hand, they consume significant amount of computing resources like CPU time, memory, encryption time etc. Normally, symmetric...

Many popular stream ciphers apply a filter/combiner to the state of one or several LFSRs. Algebraic attacks on such ciphers [10, 11] are possible, if there is a multivariate relation involving the key/state bits and the output bits. Recent papers by Courtois, Meier, Krause and Armknecht [1, 2, 10, 11] show that such relations exist for several well known constructions of stream ciphers immune t...

A new family of very fast stream ciphers called COS (for “crossing over system”) has been proposed by Filiol and Fontaine, and seems to have been adopted for at least one commercial standard. COS(2,128) Mode I and COS(2,128) Mode II are particular members of this family for which the authors proposed a cryptanalysis challenge. The ciphers accept secret keys of 256, 192 or 128 bits. In this note...

We present a new scheme called universal block chaining with sum (or chain & sum primitive (C&S) for short), and show its application to the problem of combined encryption and authentication of data. The primitive is a weak CBC-type encryption along with a summing step, and can be used as a front end to stream ciphers to encrypt pages or blocks of data (e.g., in an encrypted le system or in a v...

We demonstrate that the existence of distinguishing attacks against stream ciphers is unrelated to their security in practical use, and in particular that the amount of data required to perform a distinguishing attack is unrelated to the key length of the cipher. The implication for the NESSIE Project is that no submitted symmetric cipher would be accepted under the unpublished rules for distin...

Boolean functions with high nonlinearity and good autocorrelation properties play an important role in the design of block ciphers and stream ciphers. In this paper, we give a method to construct balanced Boolean functions on n variables, where n ≥ 10 is an even integer, satisfying strict avalanche criterion (SAC). Compared with the known balanced Boolean functions with SAC property, the constr...

Synchronous stream ciphers need perfect synchronization between sender and receiver. In practice, this is ensured by a resync mechanism. Daemen et al. [9] first described attacks on ciphers using such a resync mechanism. In this paper, we extend their attacks in several ways by combining the standard attack with cryptanalytic techniques such as algebraic attacks and linear cryptanalysis. Our re...