Advanced

A note on distinguishing attacks

Englund, Håkan LU ; Hell, Martin LU and Johansson, Thomas LU (2007) IEEE Information Theory Workshop on Information Theory for Wireless Networks In [Host publication title missing] p.87-90
Abstract
A new distinguishing attack scenario for stream ciphers, allowing a resynchronization collision attack, is presented. The attack can succeed if the part of the state that depends on both the key and the IV is smaller than twice the key size. It is shown that the attack is applicable to block ciphers in OFB mode. For OFB mode, the attack is more powerful than the previously known generic distinguishing attack since it will directly recover a part of the plaintext while having the same asymptotic complexity as the generic distinguishing attack. The attack is also demonstrated on the eSTREAM candidate LEX. LEX is not vulnerable to any of the previously known generic distinguishing attack but is vulnerable to the new attack. It is shown that... (More)
A new distinguishing attack scenario for stream ciphers, allowing a resynchronization collision attack, is presented. The attack can succeed if the part of the state that depends on both the key and the IV is smaller than twice the key size. It is shown that the attack is applicable to block ciphers in OFB mode. For OFB mode, the attack is more powerful than the previously known generic distinguishing attack since it will directly recover a part of the plaintext while having the same asymptotic complexity as the generic distinguishing attack. The attack is also demonstrated on the eSTREAM candidate LEX. LEX is not vulnerable to any of the previously known generic distinguishing attack but is vulnerable to the new attack. It is shown that if approximately 265.7 resynchronizations using LEX are performed for the same key, some plaintext might be recovered. (Less)
Please use this url to cite or link to this publication:
author
organization
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
published
subject
in
[Host publication title missing]
pages
87 - 90
publisher
IEEE--Institute of Electrical and Electronics Engineers Inc.
conference name
IEEE Information Theory Workshop on Information Theory for Wireless Networks
external identifiers
  • WOS:000250957300018
  • Scopus:47849094098
ISBN
978-1-4244-1200-6
DOI
10.1109/ITWITWN.2007.4318038
language
English
LU publication?
yes
id
c6ff073f-72c3-4a82-9369-5006532484d7 (old id 603347)
date added to LUP
2007-11-21 10:47:47
date last changed
2016-10-13 04:47:42
@misc{c6ff073f-72c3-4a82-9369-5006532484d7,
  abstract     = {A new distinguishing attack scenario for stream ciphers, allowing a resynchronization collision attack, is presented. The attack can succeed if the part of the state that depends on both the key and the IV is smaller than twice the key size. It is shown that the attack is applicable to block ciphers in OFB mode. For OFB mode, the attack is more powerful than the previously known generic distinguishing attack since it will directly recover a part of the plaintext while having the same asymptotic complexity as the generic distinguishing attack. The attack is also demonstrated on the eSTREAM candidate LEX. LEX is not vulnerable to any of the previously known generic distinguishing attack but is vulnerable to the new attack. It is shown that if approximately 265.7 resynchronizations using LEX are performed for the same key, some plaintext might be recovered.},
  author       = {Englund, Håkan and Hell, Martin and Johansson, Thomas},
  isbn         = {978-1-4244-1200-6},
  language     = {eng},
  pages        = {87--90},
  publisher    = {ARRAY(0x987a7d8)},
  series       = {[Host publication title missing]},
  title        = {A note on distinguishing attacks},
  url          = {http://dx.doi.org/10.1109/ITWITWN.2007.4318038},
  year         = {2007},
}