Abstract
A new distinguishing attack scenario for stream ciphers, allowing a resynchronization collision attack, is presented. The attack can succeed if the part of the state that depends on both the key and the IV is smaller than twice the key size. It is shown that the attack is applicable to block ciphers in OFB mode. For OFB mode, the attack is more powerful than the previously known generic distinguishing attack since it will directly recover a part of the plaintext while having the same asymptotic complexity as the generic distinguishing attack. The attack is also demonstrated on the eSTREAM candidate LEX. LEX is not vulnerable to any of the previously known generic distinguishing attack but is vulnerable to the new attack. It is shown that if approximately 265.7 resynchronizations using LEX are performed for the same key, some plaintext might be recovered.
| Original language | English |
|---|---|
| Title of host publication | [Host publication title missing] |
| Publisher | IEEE - Institute of Electrical and Electronics Engineers Inc. |
| Pages | 87-90 |
| ISBN (Print) | 978-1-4244-1200-6 |
| DOIs | |
| Publication status | Published - 2007 |
| Event | IEEE Information Theory Workshop on Information Theory for Wireless Networks - Bergen, Norway Duration: 2007 Jul 1 → 2007 Jul 6 |
Conference
| Conference | IEEE Information Theory Workshop on Information Theory for Wireless Networks |
|---|---|
| Country/Territory | Norway |
| City | Bergen |
| Period | 2007/07/01 → 2007/07/06 |
Subject classification (UKÄ)
- Electrical Engineering, Electronic Engineering, Information Engineering