Abstract
Since the security analysis against stream ciphers becomes more difficult nowadays, it is urgent and significant to propose new generic methods. In this work, we introduce guess-and-determine techniques to two traditional analysis methods and make the new approaches methodological for generalization. We show the power of the new methods by analyzing two stream ciphers: Grain-v1 and ACORN. Grain-v1 is one of the finalists selected in the eSTREAM project. We present a time-memory-data tradeoff attack against Grain-v1 by importing the idea of conditional sampling resistance based on the k-linear-normality and a specific guessing path, with the parameters of \(2^{61}\) time online employing a memory of \(2^{71}\) assuming available keystream of \(2^{79}\) and \(2^{81}\) preprocessing time, which are much better than the best tradeoffs in the single key and IV pair setting so far. We transform the parameters into cipher ticks, and all the complexities are lower than \(2^{87.4}\) cipher ticks, which is the actual complexity of the brute force attack. We also evaluate the security of another lightweight authenticated cipher ACORN, since there is few security analysis of the recently submitted cipher to CAESAR competition. The analysis against this cipher emphasizes on finding the linear approximations of the output function and the efficiently guessed combination information of the upstate function, and exploiting the integer linear programming problem as a tool to search the optimal complexity. Our attack calls for \(2^{157}\) tests, which estimate the security margin of ACORN.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
The ecrypt stream cipher project. eSTREAM Portfolio Revision (2008). http://www.ecrypt.eu.org/stream
Caesar (2013). http://competitions.cr.yp.to/index.html
Babbage, S.: Improved “exhaustive search” attacks on stream ciphers. In: European Convention on Security and Detection, pp. 161–166. IET (1995)
Berbain, C., Gilbert, H., Maximov, A.: Cryptanalysis of grain. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 15–29. Springer, Heidelberg (2006)
Biryukov, A., Kizhvatov, I., Zhang, B.: Cryptanalysis of the atmel cipher in SecureMemory, CryptoMemory and CryptoRF. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 91–109. Springer, Heidelberg (2011)
Biryukov, A., Shamir, A.: Cryptanalytic time/memory/data tradeoffs for stream ciphers. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 1–13. Springer, Heidelberg (2000)
Biryukov, A., Shamir, A., Wagner, D.: Real time cryptanalysis of A5/1 on a PC. In: Goos, G., Hartmanis, J., van Leeuwen, J., Schneier, B. (eds.) FSE 2000. LNCS, vol. 1978, pp. 1–18. Springer, Heidelberg (2001)
Bjørstad, T.: Cryptanalysis of grain using time/memory/data tradeoffs (2008). http://www.ecrypt.eu.org/stream/grainp3.htm
Bluetooth, S.: Specification of the bluetooth system, version 1.1 (2001). http://www.bluetooth.com
Briceno, M., Goldberg, I., Wagner, D.: A pedagogical implementation of a5/1 (1999). http://jya.com/a51-pi.htm
Charpin, P.: Normal boolean functions. J. Complex. 20(2–3), 245–265 (2004). Festschrift for Harald Niederreiter, Special Issue on Coding and Cryptography
De Cannière, C., Küçük, Ö., Preneel, B.: Analysis of grain’s initialization algorithm. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 276–289. Springer, Heidelberg (2008)
Ding, L., Jin, C., Guan, J., Qi, C.: New treatment of the BSW sampling and its applications to stream ciphers. In: Pointcheval, D., Vergnaud, D. (eds.) AFRICACRYPT. LNCS, vol. 8469, pp. 136–146. Springer, Heidelberg (2014)
Dobbertin, H.: Construction of bent functions and balanced boolean functions with high nonlinearity. In: Preneel, B. (ed.) FES 2000. LNCS, vol. 1008, pp. 61–74. Springer, Heidelberg (1995)
Golić, J.D.: Cryptanalysis of alleged A5 stream cipher. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 239–255. Springer, Heidelberg (1997)
Hawkes, P., Rose, G.G.: Guess-and-determine attacks on SNOW. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 37–46. Springer, Heidelberg (2003)
Hell, M., Johansson, T., Maximov, A., Meier, W.: The grain family of stream ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 179–190. Springer, Heidelberg (2008)
Hell, M., Johansson, T., Meier, W.: Grain: a stream cipher for constrained environments. Int. J. Wirel. Mob. Comput. 2(1), 86–93 (2007)
Hellman, M.: A cryptanalytic time-memory trade-off. IEEE Trans. Inf. Theory 26(4), 401–406 (1980)
Hong, J., Sarkar, P.: New applications of time memory data tradeoffs. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 353–372. Springer, Heidelberg (2005)
Khazaei, S., Hassanzadeh, M., Kiaei, M.: Distinguishing attack on grain (2005)
Lee, Y., Jeong, K., Sung, J., Hong, S.H.: Related-key chosen IV attacks on Grain-v1 and Grain-128. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 321–335. Springer, Heidelberg (2008)
Liu, M., Lin, D.: Cryptanalysis of lightweight authenticated cipher acorn. Cryptocompetitions mailing list. (2014). https://groups.google.com/forum/#!topic/crypto-competitions/2mrDnyb9hfM
Mihaljevic, M., Gangopadhyay, S., Paul, G., Imai, H.: Internal state recovery of grain-v1 employing normality order of the filter function. IET Inf. Secur. 6(2), 55–64 (2012)
Rivest, R.: The rc4 encryption algorithm, rsa data security inc. (1992)
Wei, Y., Pasalic, E., Zhang, F., Wu, W.: Key recovery attacks on grain family using bsw sampling and certain weaknesses of the filtering function. Cryptology ePrint Archive, Report 2014/971 (2014). http://eprint.iacr.org/
Wu, H.: Acorn: a lightweight authenticated cipher (v1). Submission to CAESAR (2014). http://competitions.cr.yp.to/round1/acornv1.pdf
Zhang, B., Li, Z., Feng, D., Lin, D.: Near collision attack on the grain v1 stream cipher. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 518–538. Springer, Heidelberg (2014)
Acknowledgements
This work was supported by the National Grand Fundamental Research 973 Program of China (Grant No. 2013CB338002) and the programs of the National Natural Science Foundation of China (Grant No. 61379142, 60833008, 60603018, 61173134, 91118006, 61272476).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Jiao, L., Zhang, B., Wang, M. (2015). Two Generic Methods of Analyzing Stream Ciphers. In: Lopez, J., Mitchell, C. (eds) Information Security. ISC 2015. Lecture Notes in Computer Science(), vol 9290. Springer, Cham. https://doi.org/10.1007/978-3-319-23318-5_21
Download citation
DOI: https://doi.org/10.1007/978-3-319-23318-5_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-23317-8
Online ISBN: 978-3-319-23318-5
eBook Packages: Computer ScienceComputer Science (R0)