Skip to main content
SpringerLink
Log in

Two Generic Methods of Analyzing Stream Ciphers

  • Conference paper
  • First Online:
Information Security (ISC 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9290))

Included in the following conference series:

Abstract

Since the security analysis against stream ciphers becomes more difficult nowadays, it is urgent and significant to propose new generic methods. In this work, we introduce guess-and-determine techniques to two traditional analysis methods and make the new approaches methodological for generalization. We show the power of the new methods by analyzing two stream ciphers: Grain-v1 and ACORN. Grain-v1 is one of the finalists selected in the eSTREAM project. We present a time-memory-data tradeoff attack against Grain-v1 by importing the idea of conditional sampling resistance based on the k-linear-normality and a specific guessing path, with the parameters of \(2^{61}\) time online employing a memory of \(2^{71}\) assuming available keystream of \(2^{79}\) and \(2^{81}\) preprocessing time, which are much better than the best tradeoffs in the single key and IV pair setting so far. We transform the parameters into cipher ticks, and all the complexities are lower than \(2^{87.4}\) cipher ticks, which is the actual complexity of the brute force attack. We also evaluate the security of another lightweight authenticated cipher ACORN, since there is few security analysis of the recently submitted cipher to CAESAR competition. The analysis against this cipher emphasizes on finding the linear approximations of the output function and the efficiently guessed combination information of the upstate function, and exploiting the integer linear programming problem as a tool to search the optimal complexity. Our attack calls for \(2^{157}\) tests, which estimate the security margin of ACORN.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. The ecrypt stream cipher project. eSTREAM Portfolio Revision (2008). http://www.ecrypt.eu.org/stream

  2. Caesar (2013). http://competitions.cr.yp.to/index.html

  3. Babbage, S.: Improved “exhaustive search” attacks on stream ciphers. In: European Convention on Security and Detection, pp. 161–166. IET (1995)

    Google Scholar 

  4. Berbain, C., Gilbert, H., Maximov, A.: Cryptanalysis of grain. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 15–29. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  5. Biryukov, A., Kizhvatov, I., Zhang, B.: Cryptanalysis of the atmel cipher in SecureMemory, CryptoMemory and CryptoRF. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 91–109. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  6. Biryukov, A., Shamir, A.: Cryptanalytic time/memory/data tradeoffs for stream ciphers. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 1–13. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  7. Biryukov, A., Shamir, A., Wagner, D.: Real time cryptanalysis of A5/1 on a PC. In: Goos, G., Hartmanis, J., van Leeuwen, J., Schneier, B. (eds.) FSE 2000. LNCS, vol. 1978, pp. 1–18. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  8. Bjørstad, T.: Cryptanalysis of grain using time/memory/data tradeoffs (2008). http://www.ecrypt.eu.org/stream/grainp3.htm

  9. Bluetooth, S.: Specification of the bluetooth system, version 1.1 (2001). http://www.bluetooth.com

  10. Briceno, M., Goldberg, I., Wagner, D.: A pedagogical implementation of a5/1 (1999). http://jya.com/a51-pi.htm

  11. Charpin, P.: Normal boolean functions. J. Complex. 20(2–3), 245–265 (2004). Festschrift for Harald Niederreiter, Special Issue on Coding and Cryptography

    Article  MathSciNet  MATH  Google Scholar 

  12. De Cannière, C., Küçük, Ö., Preneel, B.: Analysis of grain’s initialization algorithm. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 276–289. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  13. Ding, L., Jin, C., Guan, J., Qi, C.: New treatment of the BSW sampling and its applications to stream ciphers. In: Pointcheval, D., Vergnaud, D. (eds.) AFRICACRYPT. LNCS, vol. 8469, pp. 136–146. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  14. Dobbertin, H.: Construction of bent functions and balanced boolean functions with high nonlinearity. In: Preneel, B. (ed.) FES 2000. LNCS, vol. 1008, pp. 61–74. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  15. Golić, J.D.: Cryptanalysis of alleged A5 stream cipher. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 239–255. Springer, Heidelberg (1997)

    Google Scholar 

  16. Hawkes, P., Rose, G.G.: Guess-and-determine attacks on SNOW. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 37–46. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. Hell, M., Johansson, T., Maximov, A., Meier, W.: The grain family of stream ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 179–190. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  18. Hell, M., Johansson, T., Meier, W.: Grain: a stream cipher for constrained environments. Int. J. Wirel. Mob. Comput. 2(1), 86–93 (2007)

    Article  Google Scholar 

  19. Hellman, M.: A cryptanalytic time-memory trade-off. IEEE Trans. Inf. Theory 26(4), 401–406 (1980)

    Article  MathSciNet  MATH  Google Scholar 

  20. Hong, J., Sarkar, P.: New applications of time memory data tradeoffs. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 353–372. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  21. Khazaei, S., Hassanzadeh, M., Kiaei, M.: Distinguishing attack on grain (2005)

    Google Scholar 

  22. Lee, Y., Jeong, K., Sung, J., Hong, S.H.: Related-key chosen IV attacks on Grain-v1 and Grain-128. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 321–335. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  23. Liu, M., Lin, D.: Cryptanalysis of lightweight authenticated cipher acorn. Cryptocompetitions mailing list. (2014). https://groups.google.com/forum/#!topic/crypto-competitions/2mrDnyb9hfM

  24. Mihaljevic, M., Gangopadhyay, S., Paul, G., Imai, H.: Internal state recovery of grain-v1 employing normality order of the filter function. IET Inf. Secur. 6(2), 55–64 (2012)

    Article  MathSciNet  Google Scholar 

  25. Rivest, R.: The rc4 encryption algorithm, rsa data security inc. (1992)

    Google Scholar 

  26. Wei, Y., Pasalic, E., Zhang, F., Wu, W.: Key recovery attacks on grain family using bsw sampling and certain weaknesses of the filtering function. Cryptology ePrint Archive, Report 2014/971 (2014). http://eprint.iacr.org/

  27. Wu, H.: Acorn: a lightweight authenticated cipher (v1). Submission to CAESAR (2014). http://competitions.cr.yp.to/round1/acornv1.pdf

  28. Zhang, B., Li, Z., Feng, D., Lin, D.: Near collision attack on the grain v1 stream cipher. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 518–538. Springer, Heidelberg (2014)

    Google Scholar 

Download references

Acknowledgements

This work was supported by the National Grand Fundamental Research 973 Program of China (Grant No. 2013CB338002) and the programs of the National Natural Science Foundation of China (Grant No. 61379142, 60833008, 60603018, 61173134, 91118006, 61272476).

Author information

Authors and Affiliations

  1. TCA, Institute of Software, Chinese Academy of Sciences, Beijing, 100190, China

    Lin Jiao & Bin Zhang

  2. University of Chinese Academy of Sciences, Beijing, 100049, China

    Lin Jiao

  3. SKLCS, Institute of Software, Chinese Academy of Sciences, Beijing, 100190, China

    Bin Zhang

  4. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China

    Mingsheng Wang

Authors
  1. Lin Jiao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bin Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mingsheng Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lin Jiao .

Editor information

Editors and Affiliations

  1. University of Malaga, Malaga, Spain

    Javier Lopez

  2. Royal Holloway University of London, Egham, United Kingdom

    Chris J. Mitchell

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Jiao, L., Zhang, B., Wang, M. (2015). Two Generic Methods of Analyzing Stream Ciphers. In: Lopez, J., Mitchell, C. (eds) Information Security. ISC 2015. Lecture Notes in Computer Science(), vol 9290. Springer, Cham. https://doi.org/10.1007/978-3-319-23318-5_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-23318-5_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-23317-8

  • Online ISBN: 978-3-319-23318-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation