Search Results

Competitions are widely viewed as the safest way to select cryptographic algorithms. This paper surveys procedures that have been used in cryptographic competitions, and analyzes the extent to which those procedures reduce security risks.

Many modern stream ciphers combine linear and nonlinear operations with a certain amount of initial clock steps without producing keystream bits for encryption. As a result of this behaviour, the resulting system of equations get more and more complex ...

We present RunStream, a rapid prototyping framework for realizing stream cipher implementations based on algorithmic specifications and architectural customizations desired by the users. In the dynamic world of cryptography where newer recommendations ...

As today’s high performance embedded systems are heterogeneous platforms, a crisp boundary between the software and the hardware ciphers is fast getting murky. This work takes up the design of a dedicated hardware accelerator for HC-128, one of ...

In this paper we introduce a general framework for automatic construction of empirical tests of randomness. Our new framework generalises and improves a previous approach (Å venda et al., 2013) and it also provides a clear statistical interpretation of ...

The ease of programming offered by the CUDA programming model attracted a lot of programmers to try the platform for acceleration of many non-graphics applications. Cryptography, being no exception, also found its share of exploration efforts, ...

Side channel attacks are extremely implementation specific. An attack is tailor-made for a specific cipher algorithm implemented in a specific model. A natural question is: what is the effect of a side channel technique on a variant of the cipher ...

In this paper, we propose new attacks on 9-round Salsa20 and 8-round ChaCha. We constructed a distinguisher of double-bit differentials to improve Aumasson's single-bit differential cryptanalysis. We searched for correlations using a PC, and found ...

In this paper, we propose new attacks on 9-round Salsa20 and 8-round ChaCha. We constructed a distinguisher of double-bit differentials to improve Aumasson’s single-bit differential cryptanalysis. We searched for correlations using a PC, and found ...

HC-128 is an eSTREAM finalist and no practical attack on this cipher is known. We show that the knowledge of any one of the two internal state arrays of HC-128 along with the knowledge of 2048 keystream words is sufficient to construct the other state ...

In this paper, we study HC-128 in detail from cryptanalytic point of view. First, we use linear approximation of the addition modulo 2 ⁿ of three n-bit integers to identify linear approximations of g ...

Rabbit is a stream cipher using a 128-bit key. It outputs one keystream block of 128 bits each time, which consists of eight sub-blocks of 16 bits. It is among the finalists of ECRYPT Stream Cipher Project (eSTREAM). Rabbit has also been published as ...

Bivium is a simplified version of Trivium, a hardware profile finalist of eSTREAM project. Bivium has an internal state of size 177 bits and a key length of 80 bits. In this paper we introduce a distinguishing attack on this cipher. In this method we ...

Rabbit is a software-oriented synchronous stream cipher with very strong security properties and support for 128-bit keys. Rabbit is part of the European Union's eSTREAM portfolio of stream ciphers addressing the need for strong and computationally ...

SOSEMANUK is a new synchronous software-oriented stream cipher with a variable-length key between 128 and 256 bits. In this paper, a Guess and Determine (GD) attack on the cipher is introduced with a computational complexity of 2^192 , requiring only 7 ...

The stream ciphers Salsa20 and Trivium are two of the finalists of the eSTREAM project which are in the final portfolio of new promising stream ciphers. In this paper we show that initialization and key-stream generation of these ciphers is <em>slidable<...

Mir-1 is a stream cipher proposed for Profile 1 at the ECRYPT Stream Cipher Project (eSTREAM). The Mir-1 designer claims a security level of at least 2¹²⁸, meaning that the secret key cannot be recovered or that the Mir-1 output sequence cannot be ...

Moustique is one of the sixteen finalists in the eSTREAM stream cipher project. Unlike the other finalists it is a self-synchronising cipher and therefore offers very different functional properties, compared to the other candidates. We present simple ...

A recent framework for chosen IV statistical distinguishing analysis of stream ciphers is exploited and formalized to provide new methods for key recovery attacks. As an application, a key recovery attack on simplified versions of two eSTREAM Phase 3 ...

In this paper we present experimental results of an application of SAT solvers in current cryptography. Trivium is a very promising stream cipher candidate in the final phase of the eSTREAM project. We use the fastest industrial SAT solvers to attack a ...