Cryptanalysis of Achterbahn
We present several attacks against the Achterbahn stream cipher, which was proposed to the eSTREAM competition. We can break the reduced and the full version with complexity of 255 and 261 steps.
Extensions of our attacks are also described to break modified versions of the Achterbahn stream cipher, which were proposed following the publication of preliminary cryptanalysis results.
These attacks highlight some problems in the design principle of Achterbahn, i.e., combining the outputs of several nonlinear (but small) shift registers using a nonlinear (but rather sparse) output function.
KeywordsOutput Function Linear Complexity Parity Check Stream Cipher Output Sequence
- 1.Bluetooth. Bluetooth Specification (November 2003), http://www.bluetooth.org
- 3.eSTREAM - The ECRYPT Stream Cipher Project, http://www.ecrypt.eu.org/stream/
- 4.Gammel, B., Göttfert, R., Kniffler, O.: Improved Boolean Combining Functions for Achterbahn. eSTREAM, ECRYPT Stream Cipher Project, Report 2005/072 (2005), http://www.ecrypt.eu.org/stream
- 5.Gammel, B., Göttfert, R., Kniffler, O.: The Achterbahn Stream Cipher. eSTREAM, ECRYPT Stream Cipher Project, Report 2005/002 (2005), http://www.ecrypt.eu.org/stream
- 6.Johansson, T., Meier, W., Muller, F.: Cryptanalysis of Achterbahn. eSTREAM, ECRYPT Stream Cipher Project, Report 2005/064 (2005), http://www.ecrypt.eu.org/stream
- 8.Meier, W., Staffelbach, O.: Fast Correlations Attacks on Certain Stream Ciphers. Journal of Cryptology, 159–176 (1989)Google Scholar