Abstract
In recent years, small-state stream ciphers (SSCs) has drawn serious attention, whose proposal is to reduce the internal state without harming its security against time-memory-data (TMD) tradeoff attacks. The idea of it allows designing stream ciphers with small area size and low power consumption. It is regarded as a promising low-cost solution for IoT security. A small-state stream cipher is highly efficient in terms of hardware cost. Compared to conventional designs, the most significant advantage of the proposed designs is that they are highly efficient in terms of hardware cost. Based on the idea, the first small-state stream cipher was proposed in 2015, named Sprout. But soon it was proved to be insecure. However, its design shows a hopeful direction of designing stream ciphers. Then, more small-state stream ciphers are proposed. Unfortunately, the lack of enough theoretical work towards small-state stream cipher apparently restricts its development. This motivates researchers to study the security of these small-state stream ciphers. Fruit-80 is the final version of Grain-like small-state stream cipher proposed in 2018. In this paper, by combining the fast correlation attack algorithms for small-state stream ciphers with a technique-elimination by factorization, we present a fast correlation attack (FCA) on Fruit-80 with the data complexity \( 2^{23.35} \) and the time complexity \( 2^{72.71} \). It can be seen from the analysis that the design is insecure and we need further study.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Barkan, E., Biham, E., Shamir, A.: Rigorous bounds on cryptanalytic time/memory tradeoffs. In: CRYPTO 2006, pp. 1–21. Springer, Heidelberg (2006)
Biryukov, A., Shamir, A.: Cryptanalytic time/memory/data tradeoffs for stream ciphers. In: ASIACRYPT 2000, pp. 1–13. Springer, Heidelberg (2000)
Ågren, M., Hell, M., Johansson, T., Meier, W.: Grain-128a: a new version of Grain-128 with optional authentication. IJWMC 5(1), 48–59 (2011)
Banik, S.: Some results on Sprout. In: Progress in Cryptology–INDOCRYPT 2015, LNCS, vol. 9462, pp. 124–139 (2015)
Zhang, B., Gong, X.: Another tradeoff attack on Sprout-like stream ciphers. In: Advances in Cryptology-ASIACRYPT 2015, LNCS, vol. 9453, pp. 561–585 (2015)
Esgin, M.F., Kara, O.: Practical cryptanalysis of full Sprout with TMD tradeoff attacks. In: Selected Areas in Cryptography–SAC 2015, LNCS, vol. 9566, pp. 67–85 (2015)
Lallemand, V., Naya-Plasencia, M.: Cryptanalysis of full Sprout. In: Advances in Cryptology–CRYPTO 2015, LNCS, vol. 9215, pp. 663–682 (2015)
Maitra, S., Sarkar, S., Baksi, A., Dey, P.: Key recovery from state information of Sprout: application to cryptanalysis and fault attack. http://eprint.iacr.org/2015/236.pdf
Ghafari, V.A., Hu, H., Xie, C.: Fruit: ultra-lightweight stream cipher with shorter internal state. Cryptology ePrint archive report 2016/355 (2016). http://eprint.iacr.org/2016/355
Vahid Amin Ghafari, H.H., Chen, Y.: Fruit-v2: ultra-lightweight stream cipher with shorter internal state. Cryptology ePrint archive, report 2016/355 (2016). https://eprint.iacr.org/2016/355
Mikhalev, V., Armknecht, F., Müller, C.: On ciphers that continuously access the non-volatile key. IACR Trans. Symmetric Cryptol. 2016(2), 52–79 (2017)
Hamann, M., Krause, M., Meier, W.: LIZARD – a lightweight stream cipher for power-constrained devices. IACR Trans. Symmetric Cryptol. 2017(1), 45–79 (2017)
Ghafari, V.A., Hu, H.: Fruit-80: a secure ultra-lightweight stream cipher for constrained environments. Entropy 20(3), 180 (2018)
Aminghafarigharehshiran, V.: The initial vector statistical analysis of the design and selection of small-state stream ciphers. University of Science and Technology of China (2018)
Siegenthaler, T.: Decrypting a class of stream ciphers using ciphertext only. IEEE Trans. Comput. C-34(1), 81–85 (1985)
Meie, R.W., Staffelbach, O.: Fast correlation attacks on stream ciphers. J. Cryptol. 1(3), 159–176 (1989)
Zhang, B, Feng, D.G.: Multi-pass fast correlation attack on stream ciphers. In: Proceedings of the 13th International Workshop on Selected Areas in Cryptography, pp. 234–248. Springer, Heidelberg (2006)
Zhang, B., Feng, D.G.: Improved multi-pass fast correlation attacks with applications. Sci. China Inf. Sci. 54(8), 1635–1644 (2011)
Zhang, B., Gong, X., Meier, W.: Fast correlation attacks on Grain-like small-state stream ciphers. IACR Trans. Symmetric Cryptol. 2017(4), 58–81 (2017)
Hamann, M., et al.: Design and analysis of small-state Grain-like stream ciphers. Cryptography and Communications (2017)
Li, J., Guan, J., Sun, W., et al.: An improved linearization technique and its application. CMD J. 1(5), 491–503 (2014)
Rao Yarlagadda, R.K.: Hadamard Matrix Analysis and Synthesis, with Applications to Communications and Signal/Image Processing. Kluwer Academic Publishers, Boston (1996)
Chepyzhov, V.V., Johansson, T., Smeets, B.: A simple algorithm for fast correlation attacks on stream ciphers. In: International Workshop on Fast Software Encryption Springer, Heidelberg (2000)
Wang, S., Liu, M., Lin, D., Ma, L.: Fast correlation attacks on grain-like small-state stream ciphers and cryptanalysis of plantlet, Fruit-v2 and Fruit-80. Cryptology ePrint archive, report 2019/763 (2019). https://eprint.iacr.org/2019/763
Hao, Y.: A Related-key chosen-IV distinguishing attack on full Sprout stream cipher; Cryptology ePrint archive, report 2015/231 (2015). http://eprint.iacr.org/2015/231.pdf
Lallemand, V., Naya-Plasencia, M.: Cryptanalysis of full Sprout. In: Annual Cryptology Conference. Springer, Heidelberg (2015)
Maitra, S., et al.: Key Recovery from State Information of Sprout: Application to Cryptanalysis and Fault Attack (2015)
Esgin, M.F., Kara, O.: Practical cryptanalysis of full Sprout with TMD tradeoff attacks. In: International Conference on Selected Areas in Cryptography. Springer, Cham (2015)
Banik, S.: Some results on Sprout. In: International Conference in Cryptology in India. Springer, Cham (2015)
Zhang, B., Gong, X.: Another Tradeoff Attack on Sprout-Like Stream Ciphers (2015)
Dey, S., Sarkar, S.: Cryptanalysis of full round Fruit. Cryptology ePrint archive, report 2017/87 (2017). http://eprint.iacr.org/2017/87.pdf
Subhamoy Maitra, A.S.: A differential fault attack on plantlet. Cryptology ePrint archive, report 2017/088 (2017). http://eprint.iacr.org/2017/088
Banik, S., Isobe, T.: Some cryptanalytic results on lizard. Cryptology ePrint archive, report 2017/346 (2017). http://eprint.iacr.org/2017/346
Biryukov, A., Perrin, L.: State of the art in lightweight symmetric cryptography. Cryptology ePrint archive, report 2017/511 (2017). http://eprint.iacr.org/2017/511
Biryukov, A., Shamir, A..: Cryptanalytic time/memory/data tradeoffs for stream ciphers. In: Advances in Cryptology — ASIACRYPT 2000 (2000)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhang, C., Dong, L. (2020). An Improved Fast Correlation Attack on Fruit-80. In: Barolli, L., Amato, F., Moscato, F., Enokido, T., Takizawa, M. (eds) Advanced Information Networking and Applications. AINA 2020. Advances in Intelligent Systems and Computing, vol 1151. Springer, Cham. https://doi.org/10.1007/978-3-030-44041-1_120
Download citation
DOI: https://doi.org/10.1007/978-3-030-44041-1_120
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-44040-4
Online ISBN: 978-3-030-44041-1
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)