Advertisement

A MAC Forgery Attack on SOBER-128

  • Dai Watanabe
  • Soichi Furuya
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3017)

Abstract

SOBER-128 is a stream cipher designed by Rose and Hawkes in 2003. It can be also uses for generating Message Authentication Codes (MACs). The developers claimed that it is difficult to forge the MAC generated by SOBER-128, though, the security model defined in the proposal paper is not realistic. In this paper, we examine the security of the MAC generation function of SOBER-128 under the security notion given by Bellare and Namprempre. As a result, we show the MAC generation function of SOBER-128 is vulnerable against differential cryptanalysis. The success probability of this attack is estimated at 2− − 6.

Keywords

Stream cipher Message Authentication Code Differential cryptanalysis SOBER 

References

  1. 1.
    Anderson, R., Biham, E.: The Practical and Provably Secure Block Ciphers: BEAR and LION. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 113–120. Springer, Heidelberg (1996)Google Scholar
  2. 2.
    Bellare, M., Namprempre, C.: Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  3. 3.
    Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, Heidelberg (1993)zbMATHGoogle Scholar
  4. 4.
    Babbage, S., Lano, J.: Probabilistic Factors in the Sober-t Stream Ciphers. In: Proceedings Third Open NESSIE Workshop (2002)Google Scholar
  5. 5.
    De Cannière, C., Lano, J., Preneel, B., Vandewalle, J.: Distinguishing Attacks on Sober-t32. In: Proceedings Third Open NESSIE Workshop (2002)Google Scholar
  6. 6.
    Daemen, J.: Cipher and hash function design strategies based on linear and differential cryptanalysis. Doctoral Dissertation, K.U.Leuven (1995)Google Scholar
  7. 7.
    Daemen, J., Clapp, C.S.K.: Fast Hashing and Stream Encryption with Panama. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 60–74. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  8. 8.
    Ekdahl, P., Johansson, T.: SNOW – a new stream cipher, NESSIE project submission (2000), available at http://www.cryptonessie.org/
  9. 9.
    Ekdahl, P., Johansson, T.: Distinguishing Attacks on SOBER-t16 and t32. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 210–224. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  10. 10.
    Ekdahl, P., Johansson, T.: A new version of the stream cipher SNOW. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 47–61. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. 11.
    Ferguson, N., Whiting, D., Schneier, B., Kelsey, J., Lucks, S., Kohno, T.: Helix, Fast Encryption and Authentication in a Single Cryptographic Primitive. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 345–362. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. 12.
    Hawkes, P., Rose, G.: Primitive Specification and Supporting Documentation for SOBER-t16 Submission to NESSIE. In: Proceedings First Open NESSIE Workshop (2000)Google Scholar
  13. 13.
    Hawkes, P., Rose, G.: Primitive Specification and Supporting Documentation for SOBER-t32 Submission to NESSIE. In: Proceedings First Open NESSIE Workshop(2000)Google Scholar
  14. 14.
    Rose, G., Hawkes, P.: Turing, A Fast Stream Cipher. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 307–324. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  15. 15.
    Hawkes, P., Rose, G.: Primitive Specification for SOBER-128. IACR ePrint Archive (2003), http://eprint.iacr.org/2003/81/
  16. 16.
    Joux, A., Muller, F.: A Chosen IV Attack against Turing. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006. Springer, Heidelberg (2003)Google Scholar
  17. 17.
    Lipmaa, H., Moriai, S.: Efficient Algorithms for Computing Differential Properties of Addition. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 336–350. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  18. 18.
    Rose, G.G.: A Stream Cipher based on Linear Feedback over GF(28). In: Boyd, C., Dawson, E. (eds.) ACISP 1998. LNCS, vol. 1438, p. 135. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  19. 19.
    Rueppel, R.: Analysis and Design of Stream Ciphers. Springer, Heidelberg (1986)zbMATHGoogle Scholar
  20. 20.
    Zhang, M., Carroll, C., Chan, A.H.: The Software-Oriented Stream Cipher SSC2. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 31–48. Springer, Heidelberg (2000)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Dai Watanabe
    • 1
  • Soichi Furuya
    • 1
  1. 1.Systems Development Laboratory, Hitachi, Ltd.YokohamaJapan

Personalised recommendations