New Directions in Cryptanalysis of Self-Synchronizing Stream Ciphers
In cryptology we commonly face the problem of finding an unknown key K from the output of an easily computable keyed function F(C,K) where the attacker has the power to choose the public variable C. In this work we focus on self-synchronizing stream ciphers. First we show how to model these primitives in the above-mentioned general problem by relating appropriate functions F to the underlying ciphers. Then we apply the recently proposed framework presented at AfricaCrypt’08 by Fischer et. al. for dealing with this kind of problems to the proposed T-function based self-synchronizing stream cipher by Klimov and Shamir at FSE’05 and show how to deduce some non-trivial information about the key. We also open a new window for answering a crucial question raised by Fischer et. al. regarding the problem of finding weak IV bits which is essential for their attack.
KeywordsSelf-synchronizing Stream Ciphers T-functions Key Recovery
Unable to display preview. Download preview PDF.
- 2.Biham, E., Shamir, E.: Differential Cryptanalysis of DES-like Cryptosystems. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991)Google Scholar
- 4.Dinur, I., Shamir, A.: Cube attacks on tweakable black box polynomials. Cryptology ePrint Archive, Report 385 (2008)Google Scholar
- 6.eSTREAM - The ECRYPT Stream Cipher Project, http://www.ecrypt.eu.org/stream
- 11.O’Neil, S.: Algebraic Structure Defectoscopy. Cryptology ePrint Archive, Report 2007/378 (2007), http://www.defectoscopy.com
- 12.Vielhaber, M.: Breaking ONE.FIVIUM by AIDA an Algebraic IV Differential Attack. Cryptology ePrint Archive, Report 2007/413Google Scholar