Collusion attack is a challenge issue for digital fingerprinting, and it is very beneficial to study for fingerprinting design. Two models for linear and non-linear collusion attack are constructed from the angles of owner and colluder in the paper. Through theory and simulation analysis in fingerprints embedding domain and non-embedding domain some conclusions are obtained: (1) The attack effe...

radio frequency identification (rfid) applications have spread all over the world. in order to provide their security and privacy, researchers proposed different kinds of protocols. in this paper, we analyze the privacy of a new protocol, proposed by yu-jehn in 2015 which is based on electronic product code class1 generation 2 (epc c1 g2) standard. by applying the ouafi_phan privacy model, we s...

Bivium is a simplified version of Trivium, a hardware profile finalist of the eSTREAM project. Bivium has an internal state size of 177 bits and a key length of 80 bits. In this paper, a guess and determine attack on this cipher is introduced. In the proposed method, the best linear approximations for the updating functions are first defined. Then by using these calculated approximations, a sys...

MIBS is a 32-round lightweight block cipher with 64-bit block size and two different key sizes, namely 64-bit and 80-bit keys. Bay et al. provided the first impossible differential, differential and linear cryptanalyses of MIBS. Their best attack was a linear attack on the 18-round MIBS-80. In this paper, we significantly improve their attack by discovering more approximations and mounting Herm...

The SOSEMANUK stream cipher is one of the finalists of the eSTREAM project. In this paper, we improve the linear cryptanalysis of SOSEMANUK presented in Asiacrypt 2008. We apply the generalized linear masking technique to SOSEMANUK and derive many linear approximations holding with the correlations of up to 2−25.5. We show that the data complexity of the linear attack on SOSEMANUK can be reduce...

RAKAPOSHI is a hardware oriented stream cipher designed by Carlos Cid et al. in 2009. The stream cipher is based on Dynamic Linear Feedback Shift Registers, with a simple and potentially scalable design, and is particularly suitable for hardware applications with restricted resources. The RAKAPOSHI stream cipher offers 128-bit security. In this paper, we point out some weaknesses in the cipher....

SMS4 is a 128-bit block cipher with a 128-bit user key and 32 rounds, which is used in WAPI, the Chinese WLAN national standard. In this paper, we present a linear attack and a differential attack on a 22round reduced SMS4; our 22-round linear attack has a data complexity of 2 known plaintexts, a memory complexity of 2 bytes and a time complexity of 2 22-round SMS4 encryptions and 2 arithmetic ...

PRESENT is a hardware-oriented block cipher suitable for resource constrained environment. In this paper we analyze PRESENT by the multidimensional linear cryptanalysis method. We claim that our attack can recover the 80-bit secret key of PRESENT up to 25 rounds out of 31 rounds with around 2 data complexity. Furthermore, we showed that the 26-round version of PRESENT can be attacked faster tha...

We analyze the security of the SC2000 block cipher against both differential and linear attacks. SC2000 is a six-and-a-half-round block cipher, which has a unique structure that includes both the Feistel and Substitution-Permutation Network (SPN) structures. Taking the structure of SC2000 into account, we investigate oneand two-round iterative differential and linear characteristics. We present...