A Byte-Based Guess and Determine Attack on SOSEMANUK

  • Xiutao Feng
  • Jun Liu
  • Zhaocun Zhou
  • Chuankun Wu
  • Dengguo Feng
Conference paper

DOI: 10.1007/978-3-642-17373-8_9

Part of the Lecture Notes in Computer Science book series (LNCS, volume 6477)
Cite this paper as:
Feng X., Liu J., Zhou Z., Wu C., Feng D. (2010) A Byte-Based Guess and Determine Attack on SOSEMANUK. In: Abe M. (eds) Advances in Cryptology - ASIACRYPT 2010. ASIACRYPT 2010. Lecture Notes in Computer Science, vol 6477. Springer, Berlin, Heidelberg

Abstract

SOSEMANUK is a software-oriented stream cipher proposed by C. Berbain et al for the eSTREAM project and has been selected into the final portfolio. It is noticed that most components of SOSEMANUK can be calculated byte-oriented. Hence an attacker can observe SOSEMANUK from the view of byte units instead of the original 32-bit word units. Based on the above idea, in this work we present a new byte-based guess and determine attack on SOSEMANUK, where we view a byte as a basic data unit and guess some certain bytes of the internal states instead of the whole 32-bit words during the execution of the attack. Surprisingly, our attack only needs a few words of known key stream to recover all the internal states of SOSEMANUK, and the time complexity can be dramatically reduced to O(2176). Since SOSEMANUK has a key with the length varying from 128 to 256 bits, our results show that when the length of an encryption key is larger than 176 bits, our guess and determine attack is more efficient than an exhaustive key search.

Keywords

eSTREAM SOSEMANUK Guess and Determine Attack 
Download to read the full conference paper text

Copyright information

© International Association for Cryptologic Research 2010

Authors and Affiliations

  • Xiutao Feng
    • 1
  • Jun Liu
    • 1
  • Zhaocun Zhou
    • 1
  • Chuankun Wu
    • 1
  • Dengguo Feng
    • 1
  1. 1.State Key Laboratory of Information SecurityInstitute of Software, Chinese Academy of SciencesBeijingChina

Personalised recommendations