Advertisement

Analysis of the Non-linear Part of Mugi

  • Alex Biryukov
  • Adi Shamir
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3557)

Abstract

This paper presents the results of a preliminary analysis of the stream cipher Mugi. We study the nonlinear component of this cipher and identify several potential weaknesses in its design. While we can not break the full Mugi design, we show that it is extremely sensitive to small variations. For example, it is possible to recover the full 1216-bit state of the cipher and the original 128-bit secret key using just 56 words of known stream and in 214 steps of analysis if the cipher outputs any state word which is different than the one used in the actual design. If the linear part is eliminated from the design, then the secret non-linear 192-bit state can be recovered given only three output words and in just 232 steps. If it is kept in the design but in a simplified form, then the scheme can be broken by an attack which is slightly faster than exhaustive search.

Keywords

Cryptanalysis Stream ciphers Mugi 

References

  1. 1.
    MUGI pseudorandom number generator, self-evaluation report, Technical report, Hitachi (December 18, 2001)Google Scholar
  2. 2.
    Daemen, J., Clapp, C.S.K.: Fast hashing and stream encryption with PANAMA. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 60–74. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  3. 3.
    Golić, J.D.: A weakness of the linear part of stream cipher MUGI. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 178–192. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Watanabe, D., Furuya, S., Yoshida, H., Takaragi, K., Preneel, B.: A new keystream generator MUGI. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 179–194. Springer, Heidelberg (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Alex Biryukov
    • 1
  • Adi Shamir
    • 2
  1. 1.Dept. ESAT/SCD-COSICKatholieke Universiteit LeuvenHeverleeBelgium
  2. 2.Department of Applied Mathematics and Computer ScienceWeizmann Institute of ScienceRehovotIsrael

Personalised recommendations