Improved distinguishers for HC-128
(2012) In Designs, Codes and Cryptography 63(2). p.225-240- Abstract
- HC-128 is an eSTREAM final portfolio stream cipher. Several authors have investigated its security and, in particular, distinguishing attacks have been considered. Still, no one has been able to provide a distinguisher stronger than the one presented by Wu in the original HC-128 paper. In this paper we first argue that the keystream requirement in Wu’s original attack is underestimated by a factor of almost 2^8. Our revised analysis shows that the keystream complexity of Wu’s original attack is 2^160.471 32-bit keystream blocks. We then go on to investigate two new types of distinguishers on HC-128. One of them, a distinguisher counting the number of zeros in created blocks of bits, gives a biased distribution that requires 2^143.537 such... (More)
- HC-128 is an eSTREAM final portfolio stream cipher. Several authors have investigated its security and, in particular, distinguishing attacks have been considered. Still, no one has been able to provide a distinguisher stronger than the one presented by Wu in the original HC-128 paper. In this paper we first argue that the keystream requirement in Wu’s original attack is underestimated by a factor of almost 2^8. Our revised analysis shows that the keystream complexity of Wu’s original attack is 2^160.471 32-bit keystream blocks. We then go on to investigate two new types of distinguishers on HC-128. One of them, a distinguisher counting the number of zeros in created blocks of bits, gives a biased distribution that requires 2^143.537 such constructed block samples (2^152.537 32-bit keystream blocks). For fairness, the same metric is used to compare our attack to Wu’s, and our improvement is significant compared to Wu’s original result. Furthermore, the vector-based methodology used is general and can be applied to any cryptographic primitive that reveals a suitable probability distribution. (Less)
Please use this url to cite or link to this publication:
https://lup.lub.lu.se/record/2094631
- author
- Stankovski, Paul LU ; Ruj, Sushmita ; Hell, Martin LU and Johansson, Thomas LU
- organization
- publishing date
- 2012
- type
- Contribution to journal
- publication status
- published
- subject
- keywords
- Stream cipher HC-128 Cryptanalysis Distinguisher
- in
- Designs, Codes and Cryptography
- volume
- 63
- issue
- 2
- pages
- 225 - 240
- publisher
- Springer
- external identifiers
-
- wos:000300847300007
- scopus:84868369443
- ISSN
- 1573-7586
- DOI
- 10.1007/s10623-011-9550-9
- language
- English
- LU publication?
- yes
- id
- d2c3a077-edaa-4cde-80e2-dafca9ec4ae9 (old id 2094631)
- date added to LUP
- 2016-04-01 09:54:06
- date last changed
- 2023-08-30 12:40:35
@article{d2c3a077-edaa-4cde-80e2-dafca9ec4ae9, abstract = {{HC-128 is an eSTREAM final portfolio stream cipher. Several authors have investigated its security and, in particular, distinguishing attacks have been considered. Still, no one has been able to provide a distinguisher stronger than the one presented by Wu in the original HC-128 paper. In this paper we first argue that the keystream requirement in Wu’s original attack is underestimated by a factor of almost 2^8. Our revised analysis shows that the keystream complexity of Wu’s original attack is 2^160.471 32-bit keystream blocks. We then go on to investigate two new types of distinguishers on HC-128. One of them, a distinguisher counting the number of zeros in created blocks of bits, gives a biased distribution that requires 2^143.537 such constructed block samples (2^152.537 32-bit keystream blocks). For fairness, the same metric is used to compare our attack to Wu’s, and our improvement is significant compared to Wu’s original result. Furthermore, the vector-based methodology used is general and can be applied to any cryptographic primitive that reveals a suitable probability distribution.}}, author = {{Stankovski, Paul and Ruj, Sushmita and Hell, Martin and Johansson, Thomas}}, issn = {{1573-7586}}, keywords = {{Stream cipher HC-128 Cryptanalysis Distinguisher}}, language = {{eng}}, number = {{2}}, pages = {{225--240}}, publisher = {{Springer}}, series = {{Designs, Codes and Cryptography}}, title = {{Improved distinguishers for HC-128}}, url = {{https://lup.lub.lu.se/search/files/1369595/2094636.pdf}}, doi = {{10.1007/s10623-011-9550-9}}, volume = {{63}}, year = {{2012}}, }