Skip to main content
SpringerLink
Log in

Differential Cryptanalysis of Salsa20 Based on Comprehensive Analysis of PNBs

  • Conference paper
  • First Online:
Information Security Practice and Experience (ISPEC 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13620))

Abstract

This paper focuses on the differential cryptanalysis of the Salsa20 stream cipher. The existing differential cryptanalysis approaches first study the differential bias of the Salsa20 stream cipher and then search for probabilistic neutral bits (PNBs). However, the differential bias and the set of PNBs obtained in this method are not always the optimal solution. To figure out a better solution, we apply the differential cryptanalysis based on the comprehensive analysis of PNBs on the reduced-round Salsa20 introduced in [19]. At first, we comprehensively analyze the neutrality measure of all keybits concerning all output differential \(\mathcal{O}\mathcal{D}\) bits. Afterward, we select the \(\mathcal{O}\mathcal{D}\) bit position with the best neutrality measure and look for the corresponding input differential \(\mathcal{I}\mathcal{D}\) with the best differential bias. Taking everything into account, the proposed approach could be used to attack Salsa20/8 with a time complexity of \(2^{144.75}\) and a data complexity of \(2^{55.74}\).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The [9] proposed an attack with a lower time complexity than [8]. However the nature of attack in [9] is different.

  2. 2.

    In our experiment, we used the \(\mathcal{I}\mathcal{D}\) (7,31) reported in [1] and used in [8, 16].

  3. 3.

    We considered the average neutral value because we computed the neutrality measure of all 256 key-bit with the respect to each \(\mathcal{O}\mathcal{D}\) bit.

  4. 4.

    According to [1] Under some reasonable independency assumptions, the equality \(\varepsilon =\varepsilon _d*\varepsilon _a\) holds.

  5. 5.

    We used the effective attack algorithm of [1] from Sect. 3.4.

  6. 6.

    Arka [4] also reported the 5th round bias of Salsa20. However, the author used the differential-linear adversary model. We used single bit differential bias.

References

  1. Aumasson, J.-P., Fischer, S., Khazaei, S., Meier, W., Rechberger, C.: New features of latin dances: analysis of salsa, ChaCha, and Rumba. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 470–488. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-71039-4_30

    Chapter  Google Scholar 

  2. Bernstein, D.J.: The Salsa20 family of stream ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 84–97. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68351-3_8

    Chapter  Google Scholar 

  3. Biham, E., Shamir, A.: Differential cryptanalysis of des-like cryptosystems. J. Cryptology (1991)

    Google Scholar 

  4. Choudhuri, A.R., Maitra, S.: Differential cryptanalysis of salsa and chacha-an evaluation with a hybrid model. Cryptology ePrint Archive (2016)

    Google Scholar 

  5. Choudhuri, A.R., Maitra, S.: Significantly improved multi-bit differentials for reduced round salsa and chacha. IACR Transactions on Symmetric Cryptology, pp. 261–287 (2016)

    Google Scholar 

  6. Crowley, P.: Truncated differential cryptanalysis of five rounds of salsa20. Cryptology ePrint Archive (2005)

    Google Scholar 

  7. Deepthi Kakumani, K.C., Singh, K., Karthika, S.K.: Improved related-cipher attack on salsa and Chacha: revisited. Int. J. Inf. Technol. 14(3), 1535–1542 (2022)

    Google Scholar 

  8. Dey, S., Sarkar, S.: improved analysis for reduced round salsa and Chacha. Discret. Appl. Math. 227, 58–69 (2017)

    Article  MathSciNet  MATH  Google Scholar 

  9. Ding, L.: Improved related-cipher attack on salsa20 stream cipher. IEEE Access 7, 30197–30202 (2019)

    Article  Google Scholar 

  10. The eSTREAM Project. http://www.ecrypt.eu.org/stream

  11. Fischer, S., Meier, W., Berbain, C., Biasse, J.-F., Robshaw, M.J.B.: Non-randomness in eSTREAM candidates Salsa20 and TSC-4. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 2–16. Springer, Heidelberg (2006). https://doi.org/10.1007/11941378_2

    Chapter  MATH  Google Scholar 

  12. Ishiguro, T., Kiyomoto, S., Miyake, Y.: Latin dances revisited: new analytic results of Salsa20 and ChaCha. In: Qing, S., Susilo, W., Wang, G., Liu, D. (eds.) ICICS 2011. LNCS, vol. 7043, pp. 255–266. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25243-3_21

    Chapter  Google Scholar 

  13. Ito, R.: Rotational cryptanalysis of salsa core function. In: Susilo, W., Deng, R.H., Guo, F., Li, Y., Intan, R. (eds.) ISC 2020. LNCS, vol. 12472, pp. 129–145. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-62974-8_8

    Chapter  Google Scholar 

  14. Khazaei, S.: Neutrality-based symmetric cryptanalysis. Technical report, EPFL (2010)

    Google Scholar 

  15. Lipmaa, H., Moriai, S.: Efficient algorithms for computing differential properties of addition. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 336–350. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45473-X_28

    Chapter  Google Scholar 

  16. Maitra, S.: Chosen IV cryptanalysis on reduced round ChaCha and Salsa. Discret. Appl. Math. 208, 88–97 (2016)

    Article  MathSciNet  MATH  Google Scholar 

  17. Mantin, I., Shamir, A.: A practical attack on broadcast RC4. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 152–164. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45473-X_13

    Chapter  Google Scholar 

  18. Mazumdar, B., Subidh Ali, S.K., Sinanoglu, O.: Power analysis attacks on arx: an application to salsa20. In: 2015 IEEE 21st International On-Line Testing Symposium (IOLTS), pp. 40–43. IEEE (2015)

    Google Scholar 

  19. Miyashita, S., Ito, R., Miyaji, A.: Pnb-focused differential cryptanalysis of chacha stream cipher. Cryptology ePrint Archive, Report 2021/1537 (2021). https://ia.cr/2021/1537

  20. Shi, Z., Zhang, B., Feng, D., Wu, W.: Improved key recovery attacks on reduced-round Salsa20 and ChaCha. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 337–351. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37682-5_24

    Chapter  Google Scholar 

  21. Stachowiak, S., Kurkowski, M., Soboń, A.: SAT-based cryptanalysis of Salsa20 cipher. In: Choraś, M., Choraś, R.S., Kurzyński, M., Trajdos, P., Pejaś, J., Hyla, T. (eds.) CORES/IP &C/ACS -2021. LNNS, vol. 255, pp. 252–266. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-81523-3_25

    Chapter  Google Scholar 

Download references

Acknowledgements

This work is partially supported by JSPS KAKENHI Grant Number JP21H03443 and Innovation Platform for Society 5.0 at MEXT.

Author information

Authors and Affiliations

  1. Osaka University, 2-1 Yamadaoka, Suita-shi, Osaka, Japan

    Nasratullah Ghafoori & Atsuko Miyaji

  2. Japan Advanced Institute of Science and Technology, Nomi, Japan

    Atsuko Miyaji

Authors
  1. Nasratullah Ghafoori
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Atsuko Miyaji
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Nasratullah Ghafoori or Atsuko Miyaji .

Editor information

Editors and Affiliations

  1. University of Aizu, Fukushima, Japan

    Chunhua Su

  2. Athens University of Economics and Business, Athens, Greece

    Dimitris Gritzalis

  3. Università degli Studi di Milano, Milan, Italy

    Vincenzo Piuri

Rights and permissions

Reprints and permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Ghafoori, N., Miyaji, A. (2022). Differential Cryptanalysis of Salsa20 Based on Comprehensive Analysis of PNBs. In: Su, C., Gritzalis, D., Piuri, V. (eds) Information Security Practice and Experience. ISPEC 2022. Lecture Notes in Computer Science, vol 13620. Springer, Cham. https://doi.org/10.1007/978-3-031-21280-2_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-21280-2_29

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-21279-6

  • Online ISBN: 978-3-031-21280-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation