Advanced

Cryptanalysis of the Stream cipher BEAN

Ågren, Martin LU and Hell, Martin LU (2011) The 4th International Conference on Security of Information and Networks In [Host publication title missing] p.21-28
Abstract
BEAN is a recent stream cipher proposal that uses Feedback with Carry Shift Registers (FCSRs) and an output function. There is a sound motivation behind the use of FCSRs in BEAN as they provide several cryptographically interesting properties. In this paper, we show that the output function is not optimal. We give an efficient distinguisher and a key recovery attack that is slightly better than brute force, requiring no significant memory. We then show how this

attack can be made better with access to more keystream. Already with access to 6 KiB, the 80-bit key is recovered in time 2^73.
Please use this url to cite or link to this publication:
author
organization
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
published
subject
keywords
Stream cipher, combiner, cryptanalysis, FCSR
in
[Host publication title missing]
pages
8 pages
publisher
ACM
conference name
The 4th International Conference on Security of Information and Networks
external identifiers
  • scopus:83455237059
ISBN
978-1-4503-1020-8
DOI
10.1145/2070425.2070432
project
EIT_HSWC:Coding Coding, modulation, security and their implementation
language
English
LU publication?
yes
id
1d38186e-a372-4b05-8a9f-4c34abc7cc49 (old id 2296299)
alternative location
http://www.acm.org/publications/policies/copyright_policy
date added to LUP
2012-01-19 14:42:50
date last changed
2017-06-11 04:59:07
@inproceedings{1d38186e-a372-4b05-8a9f-4c34abc7cc49,
  abstract     = {BEAN is a recent stream cipher proposal that uses Feedback with Carry Shift Registers (FCSRs) and an output function. There is a sound motivation behind the use of FCSRs in BEAN as they provide several cryptographically interesting properties. In this paper, we show that the output function is not optimal. We give an efficient distinguisher and a key recovery attack that is slightly better than brute force, requiring no significant memory. We then show how this<br/><br>
attack can be made better with access to more keystream. Already with access to 6 KiB, the 80-bit key is recovered in time 2^73.},
  author       = {Ågren, Martin and Hell, Martin},
  booktitle    = {[Host publication title missing]},
  isbn         = {978-1-4503-1020-8},
  keyword      = {Stream cipher,combiner,cryptanalysis,FCSR},
  language     = {eng},
  pages        = {21--28},
  publisher    = {ACM},
  title        = {Cryptanalysis of the Stream cipher BEAN},
  url          = {http://dx.doi.org/10.1145/2070425.2070432},
  year         = {2011},
}