Spectral analysis of ZUC-256
(2020) In IACR Transactions on Symmetric Cryptology 2020(1). p.266-288- Abstract
In this paper we develop a number of generic techniques and algorithms in spectral analysis of large linear approximations for use in cryptanalysis. We apply the developed tools for cryptanalysis of ZUC-256 and give a distinguishing attack with complexity around 2236 . Although the attack is only 220 times faster than exhaustive key search, the result indicates that ZUC-256 does not provide a source with full 256-bit entropy in the generated keystream, which would be expected from a 256-bit key. To the best of our knowledge, this is the first known academic attack on full ZUC-256 with a computational complexity that is below exhaustive key search.
Please use this url to cite or link to this publication:
https://lup.lub.lu.se/record/e9e2f4d4-638a-4d07-9c0b-f0b050c3d92e
- author
- Yang, Jing LU ; Johansson, Thomas LU and Maximov, Alexander LU
- organization
- publishing date
- 2020-05-07
- type
- Contribution to journal
- publication status
- published
- subject
- keywords
- 5G Mobile System Security, Stream Cipher, ZUC-256
- in
- IACR Transactions on Symmetric Cryptology
- volume
- 2020
- issue
- 1
- pages
- 23 pages
- publisher
- Ruhr-Universität Bochum
- external identifiers
-
- scopus:85084736039
- ISSN
- 2519-173X
- DOI
- 10.13154/tosc.v2020.i1.266-288
- language
- English
- LU publication?
- yes
- id
- e9e2f4d4-638a-4d07-9c0b-f0b050c3d92e
- date added to LUP
- 2020-06-10 15:44:51
- date last changed
- 2023-09-10 04:25:23
@article{e9e2f4d4-638a-4d07-9c0b-f0b050c3d92e, abstract = {{<p>In this paper we develop a number of generic techniques and algorithms in spectral analysis of large linear approximations for use in cryptanalysis. We apply the developed tools for cryptanalysis of ZUC-256 and give a distinguishing attack with complexity around 2<sup>236</sup> . Although the attack is only 2<sup>20</sup> times faster than exhaustive key search, the result indicates that ZUC-256 does not provide a source with full 256-bit entropy in the generated keystream, which would be expected from a 256-bit key. To the best of our knowledge, this is the first known academic attack on full ZUC-256 with a computational complexity that is below exhaustive key search.</p>}}, author = {{Yang, Jing and Johansson, Thomas and Maximov, Alexander}}, issn = {{2519-173X}}, keywords = {{5G Mobile System Security; Stream Cipher; ZUC-256}}, language = {{eng}}, month = {{05}}, number = {{1}}, pages = {{266--288}}, publisher = {{Ruhr-Universität Bochum}}, series = {{IACR Transactions on Symmetric Cryptology}}, title = {{Spectral analysis of ZUC-256}}, url = {{http://dx.doi.org/10.13154/tosc.v2020.i1.266-288}}, doi = {{10.13154/tosc.v2020.i1.266-288}}, volume = {{2020}}, year = {{2020}}, }