Skip to main content
Springer Nature Link
Log in

Related-Key Attacks on the Py-Family of Ciphers and an Approach to Repair the Weaknesses

  • Conference paper
Progress in Cryptology – INDOCRYPT 2007 (INDOCRYPT 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4859))

Included in the following conference series:

Abstract

The stream cipher TPypy has been designed by Biham and Seberry in January 2007 as the strongest member of the Py-family ciphers, after weaknesses in the other members Py, Pypy, Py6 were discovered. One main contribution of the paper is the detection of related-key weaknesses in the Py-family of ciphers including the strongest member TPypy. Under related keys, we show a distinguishing attack on TPypy with data complexity 2192.3 which is lower than the previous best known attack on the cipher by a factor of 288. It is shown that the above attack also works on the other members TPy, Pypy and Py. A second contribution of the paper is design and analysis of two fast ciphers RCR-64 and RCR-32 which are derived from the TPy and the TPypy respectively. The performances of the RCR-64 and the RCR-32 are 2.7 cycles/byte and 4.45 cycles/byte on Pentium III (note that the speeds of the ciphers Py, Pypy and RC4 are 2.8, 4.58 and 7.3 cycles/byte). Based on our security analysis, we conjecture that no attacks lower than brute force are possible on the RCR ciphers.

This work was supported in part by the Concerted Research Action (GOA) Ambiorics 2005/11 of the Flemish Government, by the IAP Programme P6/26 BCRYPT of the Belgian State (Belgian Science Policy), and in part by the European Commission through the IST Programme under Contract IST-2002-507932 ECRYPT. The first author is supported by an IWT SoBeNeT project. The second author is supported by an IBBT (Interdisciplinary Institute for Broadband Technology) project. The information in this document reflects only the authors’ views, is provided as is and no guarantee or warranty is given that the information is fit for any particular purpose. The user thereof uses the information at its sole risk and liability.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Baignères, T., Junod, P., Vaudenay, S.: How Far Can We Go Beyond Linear Cryptanalysis? In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 432–450. Springer, Heidelberg (2004)

    Google Scholar 

  2. Biham, E.: New Types of Cryptanalytic Attacks Using Related Keys. J. Cryptology 7(4), 229–246 (1994)

    MATH  Google Scholar 

  3. Biham, E., Seberry, J.: Tweaking the IV Setup of the Py Family of Ciphers – The Ciphers Tpy, TPypy, and TPy6 (January 25, 2007), Published on the author’s webpage at http://www.cs.technion.ac.il/~biham/

  4. Biham, E., Seberry, J.: Py (Roo): A Fast and Secure Stream Cipher using Rolling Arrays. ecrypt submission (2005)

    Google Scholar 

  5. Biham, E., Seberry, J.: Pypy (Roopy): Another Version of Py. ecrypt submission (2006)

    Google Scholar 

  6. Chang, D., Gupta, K., Nandi, M.: RC4-Hash: A New Hash Function based on RC4 (Extended Abstract). In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  7. Crowley, P.: Improved Cryptanalysis of Py. In: Workshop Record of SASC 2006 - Stream Ciphers Revisited, ECRYPT Network of Excellence in Cryptology, Leuven, Belgium, pp. 52–60 (February 2006)

    Google Scholar 

  8. Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the Key Scheduling Algorithm of RC4. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 1–24. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  9. Handschuh, H., Knudsen, L., Robshaw, M.: Analysis of SHA-1 in Encryption Mode. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 70–83. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  10. Handschuh, H., Naccache, D.: SHACAL. In: First Nessie Workshop, Leuven (2000)

    Google Scholar 

  11. Isobe, T., Ohigashi, T., Kuwakado, H., Morii, M.: How to Break Py and Pypy by a Chosen-IV Attack. eSTREAM, ECRYPT Stream Cipher Project, Report 2006/060

    Google Scholar 

  12. Kelsey, J., Schneier, B., Wagner, D.: Related-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 233–246. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  13. Kelsey, J., Schneier, B., Wagner, D.: Key-Schedule Cryptoanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 237–251. Springer, Heidelberg (1996)

    Google Scholar 

  14. Knudsen, L.R.: Cryptanalysis of LOKI. In: Matsumoto, T., Imai, H., Rivest, R.L. (eds.) ASIACRYPT 1991. LNCS, vol. 739, pp. 22–35. Springer, Heidelberg (1993)

    Google Scholar 

  15. Knudsen, L.R.: Cryptanalysis of LOKI91. In: Zheng, Y., Seberry, J. (eds.) AUSCRYPT 1992. LNCS, vol. 718, pp. 196–208. Springer, Heidelberg (1993)

    Google Scholar 

  16. Knudsen, L.: A key-schedule weakness in SAFER K-64. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 274–286. Springer, Heidelberg (1995)

    Google Scholar 

  17. Dunkelman, O., Biham, E., Kellar, N.: A Simple Related-Key Attack on the Full SHACAL-1. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, Springer, Heidelberg (2006)

    Google Scholar 

  18. Paul, S., Preneel, B., Sekar, G.: Distinguishing Attacks on the Stream Cipher Py. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 405–421. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  19. Paul, S., Preneel, B.: On the (In)security of Stream Ciphers Based on Arrays and Modular Addition. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 69–83. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  20. Research and Development in Advanced Communication Technologies in Europe, RIPE Integrity Primitives: Final Report of RACE Integrity Primitives Evaluation (R1040), RACE (June 1992)

    Google Scholar 

  21. Sekar, G., Paul, S., Preneel, B.: New Weaknesses in the Keystream Generation Algorithms of the Stream Ciphers TPy and Py. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) Information Security Conference 2007. LNCS, vol. 4779, pp. 249–262. Springer, Heidelberg (2007)

    Google Scholar 

  22. Sekar, G., Paul, S., Preneel, B.: Attacks on the Stream Ciphers TPy6 and Py6 and Design of New Ciphers TPy6-A and TPy6-B. In: WEWoRC-Western European Workshop on Research in Cryptology (2007)

    Google Scholar 

  23. Sekar, G., Paul, S., Preneel, B.: Weaknesses in the Pseudorandom Bit Generation Algorithms of the Stream Ciphers TPypy and TPy, available at http://eprint.iacr.org/2007/075.pdf

  24. Sekar, G., Paul, S., Preneel, B.: Related-key Attacks on the Py-family of Ciphers and an Approach to Repair the Weaknesses, available at http://www.cosic.esat.kuleuven.be/publications/article-932.pdf

  25. Tsunoo, Y., Saito, T., Kawabata, T., Nakashima, H.: Distinguishing Attack against TPypy. Selected Areas in Cryptography (to appear, 2007)

    Google Scholar 

  26. Wang, X., Yao, A., Yao, F.: Cryptanalysis on SHA-1. Cryptographic Hash Workshop, NIST, Gaithersburg (2005)

    Google Scholar 

  27. Wang, X., Yin, Y.L., Yu, H.: Finding Collisions in the Full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)

    Google Scholar 

  28. Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)

    Google Scholar 

  29. Wu, H., Preneel, B.: Differential Cryptanalysis of the Stream Ciphers Py, Py6 and Pypy. In: Naor, M. (ed.) Eurocrypt 2007. LNCS, vol. 4515, pp. 276–290. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Katholieke Universiteit Leuven, Dept. ESAT/COSIC, Kasteelpark Arenberg 10, B–3001, Leuven-Heverlee, Belgium

    Gautham Sekar, Souradyuti Paul & Bart Preneel

Authors
  1. Gautham Sekar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Souradyuti Paul
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bart Preneel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

K. Srinathan C. Pandu Rangan Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sekar, G., Paul, S., Preneel, B. (2007). Related-Key Attacks on the Py-Family of Ciphers and an Approach to Repair the Weaknesses. In: Srinathan, K., Rangan, C.P., Yung, M. (eds) Progress in Cryptology – INDOCRYPT 2007. INDOCRYPT 2007. Lecture Notes in Computer Science, vol 4859. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77026-8_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77026-8_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77025-1

  • Online ISBN: 978-3-540-77026-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics