Abstract
In numerous modern stream ciphers, the internal state consists of a large array of pseudo-random words, while the output key-stream is a relatively simple function of the state. It has been heuristically shown in several situations [3,8-11,14] that this structure may lead to distinguishing attacks on the cipher. In this note we present a more rigorous treatment of this structural attack. First, we present a rigorous proof of the main probabilistic claim behind it in the basic cases. We then apply it concretely to the cipher sn3 [12], and demonstrate that the heuristic assumptions of the attack are remarkably precise in more complicated cases.
Original language | English |
---|---|
Pages (from-to) | 129-132 |
Number of pages | 4 |
Journal | Information Processing Letters |
Volume | 110 |
Issue number | 4 |
DOIs | |
State | Published - 16 Jan 2010 |
Externally published | Yes |
Bibliographical note
Funding Information:1 Partially supported by the Adams Fellowship Program of the Israel Academy of Sciences and Humanities.
Funding Information:
2 Partially supported by NSF grant DMS-0601009. The authors wish to thank Orr Dunkelman, Ilya Mironov, and Ramarathnam Venkatesan for their fruitful discussions, Alex Sherman for his assistance conducting the experiments on sn3, and Souradyuti Paul for his discussions on the constant c0 in footnote 6.
Funding
1 Partially supported by the Adams Fellowship Program of the Israel Academy of Sciences and Humanities. 2 Partially supported by NSF grant DMS-0601009. The authors wish to thank Orr Dunkelman, Ilya Mironov, and Ramarathnam Venkatesan for their fruitful discussions, Alex Sherman for his assistance conducting the experiments on sn3, and Souradyuti Paul for his discussions on the constant c0 in footnote 6.
Funders | Funder number |
---|---|
National Science Foundation | DMS-0601009 |
Israel Academy of Sciences and Humanities |
Keywords
- Cryptography
- Distinguishing attacks
- MV3
- SN3
- Stream ciphers