Two Generic Methods of Analyzing Stream Ciphers [chapter]

Lin Jiao, Bin Zhang, Mingsheng Wang
2015 Lecture Notes in Computer Science  
Since the security analysis against stream ciphers becomes more difficult nowadays, it is urgent and significant to propose new generic methods. In this work, we introduce guess-and-determine techniques to two traditional analysis methods and make the new approaches methodological for generalization. We show the power of the new methods by analyzing two stream ciphers: Grain-v1 and ACORN. Grain-v1 is one of the finalists selected in the eSTREAM project. We present a timememory-data tradeoff
more » ... ck against Grain-v1 by importing the idea of conditional sampling resistance based on the k-linear-normality and a specific guessing path, with the parameters of 2 61 time online employing a memory of 2 71 assuming available keystream of 2 79 and 2 81 preprocessing time, which are much better than the best tradeoffs in the single key and IV pair setting so far. We transform the parameters into cipher ticks, and all the complexities are lower than 2 87.4 cipher ticks, which is the actual complexity of the brute force attack. We also evaluate the security of another lightweight authenticated cipher ACORN, since there is few security analysis of the recently submitted cipher to CAESAR competition. The analysis against this cipher emphasizes on finding the linear approximations of the output function and the efficiently guessed combination information of the upstate function, and exploiting the integer linear programming problem as a tool to search the optimal complexity. Our attack calls for 2 157 tests, which estimate the security margin of ACORN.
doi:10.1007/978-3-319-23318-5_21 fatcat:5bwwwikswvfprgime2bfai3g4m