Security Evaluation of Rakaposhi Stream Cipher

  • Mohammad Ali Orumiehchiha
  • Josef Pieprzyk
  • Elham Shakour
  • Ron Steinfeld
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7863)


Rakaposhi is a synchronous stream cipher, which uses three main components: a non-linear feedback shift register (NLFSR), a dynamic linear feedback shift register (DLFSR) and a non-linear filtering function (NLF). NLFSR consists of 128 bits and is initialised by the secret key K. DLFSR holds 192 bits and is initialised by an initial vector (IV). NLF takes 8-bit inputs and returns a single output bit. The work identifies weaknesses and properties of the cipher. The main observation is that the initialisation procedure has the so-called sliding property. The property can be used to launch distinguishing and key recovery attacks. The distinguisher needs four observations of the related (K,IV) pairs. The key recovery algorithm allows to discover the secret key K after observing 29 pairs of (K,IV). Based on the proposed related-key attack, the number of related (K,IV) pairs is 2(128 + 192)/4 pairs.

Further the cipher is studied when the registers enter short cycles. When NLFSR is set to all ones, then the cipher degenerates to a linear feedback shift register with a non-linear filter. Consequently, the initial state (and Secret Key and IV) can be recovered with complexity 263.87.

If DLFSR is set to all zeros, then NLF reduces to a low non-linearity filter function. As the result, the cipher is insecure allowing the adversary to distinguish it from a random cipher after 217 observations of keystream bits. There is also the key recovery algorithm that allows to find the secret key with complexity 254.


Rakaposhi Stream Cipher Related Key Attack Weak State Cryptanalysis Distinguishing Attack Key Recovery Attack 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Cid, C., Kiyomoto, S., Kurihara, J.: The rakaposhi stream cipher. In: Qing, S., Mitchell, C.J., Wang, G. (eds.) ICICS 2009. LNCS, vol. 5927, pp. 32–46. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  2. 2.
    De Cannière, C., Küçük, Ö., Preneel, B.: Analysis of grain’s initialization algorithm. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 276–289. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  3. 3.
    Englund, H., Johansson, T., Sönmez Turan, M.: A framework for chosen IV statistical analysis of stream ciphers. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 268–281. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  4. 4.
    Filiol, É.: A new statistical testing for symmetric ciphers and hash functions. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 342–353. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  5. 5.
    Hell, M., Johansson, T., Meier, W.: Grain - a stream cipher for constrained environments. ECRYPT Stream Cipher Project (2005)Google Scholar
  6. 6.
    Hell, M., Johansson, T., Meier, W.: Grain - a stream cipher for constrained environments. Int. J. Wire. Mob. Comput. 2, 86–93 (2007)CrossRefGoogle Scholar
  7. 7.
    Isobe, T., Ohigashi, T., Morii, M.: Slide cryptanalysis of lightweight stream cipher RAKAPOSHI. In: Hanaoka, G., Yamauchi, T. (eds.) IWSEC 2012. LNCS, vol. 7631, pp. 138–155. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  8. 8.
    Saarinen, M.-J.O.: Chosen-iv statistical attacks on estream stream ciphers. In: eSTREAM, ECRYPT Stream Cipher Project, Report 2006/013, pp. 5–19 (2006)Google Scholar
  9. 9.
    Zhang, H., Wang, X.: Cryptanalysis of stream cipher grain family. In: Cryptology ePrint Archive, Report 2009/109 (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Mohammad Ali Orumiehchiha
    • 1
  • Josef Pieprzyk
    • 1
  • Elham Shakour
    • 2
  • Ron Steinfeld
    • 3
  1. 1.Center for Advanced Computing, Algorithms and Cryptography, Department of Computing, Faculty of ScienceMacquarie UniversitySydneyAustralia
  2. 2.Faculty of MathematicsAmirkabir UniversityTehranIran
  3. 3.Clayton School of Information TechnologyMonash UniversityClaytonAustralia

Personalised recommendations