Weaknesses of COSvd (2,128) Stream Cipher

The COSvd (2,128) cipher was proposed at the ECRYPT SASC’2004 workshop by Filiol et. al to strengthen the past COS (2,128) stream cipher. It uses clock-controlled non-linear feedback registers filtered by a highly non-linear output function and was claimed to prevent any existing attacks. However, a...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	Zhang, Bin, Wu, Hongjun, Feng, Dengguo, Wang, Hong
Format:	Tagungsbericht
Sprache:	eng
Schlagworte:	Applied sciences Computer science control theory systems Computer systems and distributed systems. User interface COS cipher Cryptography Divide-and-Conquer Exact sciences and technology Information, signal and communications theory Memory and file management (including protection and security) Memory organisation. Data processing Non- linear feedback shift register Signal and communications theory Software Stream cipher Telecommunications and information theory
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	283
container_issue
container_start_page	270
container_title
container_volume
creator	Zhang, Bin Wu, Hongjun Feng, Dengguo Wang, Hong
description	The COSvd (2,128) cipher was proposed at the ECRYPT SASC’2004 workshop by Filiol et. al to strengthen the past COS (2,128) stream cipher. It uses clock-controlled non-linear feedback registers filtered by a highly non-linear output function and was claimed to prevent any existing attacks. However, as we will show in this paper, there are some serious security weaknesses in COSvd (2,128). The poorly designed S-box generates biased keystream and the message could be restored by a ciphertext-only attack in some broadcast applications . Besides, we launch a divide-and-conquer attack to recover the secret keys from O(226)-byte known plaintext with high success rate and complexity O(2113), which is much lower than 2512, the complexity of exhaustive search.
doi_str_mv	10.1007/11734727_23
format	Conference Proceeding
fullrecord	<record><control><sourceid>pascalfrancis_sprin</sourceid><recordid>TN_cdi_pascalfrancis_primary_19689148</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>19689148</sourcerecordid><originalsourceid>FETCH-LOGICAL-p219t-2ef5ad0e12e702e8944a86d38dc69370ceebf790eaa1152010698d30395a5a7a3</originalsourceid><addsrcrecordid>eNpNkMtKA0EQRdsXmMSs_IHZCAYcrerqnu5eyuALAllE0V1TmanRmJgM00Hw741EwdVdnMNdHKVOES4RwF0hOjJOu6hpT_XJGiAia1_2VQ8LxJzIhAM1DM7_MeMPVQ8IdB6coWPVT-kdALQLuqdGz8KLlaQkKVs3WTmZftbZub5A7UfZdNMJf2TlvH2T7kQdNbxMMvzdgXq6vXks7_Px5O6hvB7nrcawybU0lmsQ1OJAiw_GsC9q8nVVBHJQicwaF0CYEa0GhCL4moCCZcuOaaDOdr8tp4qXTcerap5i280_uPuKGAof0PitN9p5aYtWr9LF2Xq9SBEh_oSK_0LRN5ZiUcY</addsrcrecordid><sourcetype>Index Database</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Weaknesses of COSvd (2,128) Stream Cipher</title><source>Springer Books</source><creator>Zhang, Bin ; Wu, Hongjun ; Feng, Dengguo ; Wang, Hong</creator><contributor>Won, Dong Ho ; Kim, Seungjoo</contributor><creatorcontrib>Zhang, Bin ; Wu, Hongjun ; Feng, Dengguo ; Wang, Hong ; Won, Dong Ho ; Kim, Seungjoo</creatorcontrib><description>The COSvd (2,128) cipher was proposed at the ECRYPT SASC’2004 workshop by Filiol et. al to strengthen the past COS (2,128) stream cipher. It uses clock-controlled non-linear feedback registers filtered by a highly non-linear output function and was claimed to prevent any existing attacks. However, as we will show in this paper, there are some serious security weaknesses in COSvd (2,128). The poorly designed S-box generates biased keystream and the message could be restored by a ciphertext-only attack in some broadcast applications . Besides, we launch a divide-and-conquer attack to recover the secret keys from O(226)-byte known plaintext with high success rate and complexity O(2113), which is much lower than 2512, the complexity of exhaustive search.</description><identifier>ISSN: 0302-9743</identifier><identifier>ISBN: 9783540333548</identifier><identifier>ISBN: 3540333541</identifier><identifier>EISSN: 1611-3349</identifier><identifier>EISBN: 354033355X</identifier><identifier>EISBN: 9783540333555</identifier><identifier>DOI: 10.1007/11734727_23</identifier><language>eng</language><publisher>Berlin, Heidelberg: Springer Berlin Heidelberg</publisher><subject>Applied sciences ; Computer science; control theory; systems ; Computer systems and distributed systems. User interface ; COS cipher ; Cryptography ; Divide-and-Conquer ; Exact sciences and technology ; Information, signal and communications theory ; Memory and file management (including protection and security) ; Memory organisation. Data processing ; Non- linear feedback shift register ; Signal and communications theory ; Software ; Stream cipher ; Telecommunications and information theory</subject><ispartof>Information Security and Cryptology - ICISC 2005, 2006, p.270-283</ispartof><rights>Springer-Verlag Berlin Heidelberg 2006</rights><rights>2007 INIST-CNRS</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/11734727_23$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/11734727_23$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>309,310,779,780,784,789,790,793,4050,4051,27925,38255,41442,42511</link.rule.ids><backlink>$$Uhttp://pascal-francis.inist.fr/vibad/index.php?action=getRecordDetail&idt=19689148$$DView record in Pascal Francis$$Hfree_for_read</backlink></links><search><contributor>Won, Dong Ho</contributor><contributor>Kim, Seungjoo</contributor><creatorcontrib>Zhang, Bin</creatorcontrib><creatorcontrib>Wu, Hongjun</creatorcontrib><creatorcontrib>Feng, Dengguo</creatorcontrib><creatorcontrib>Wang, Hong</creatorcontrib><title>Weaknesses of COSvd (2,128) Stream Cipher</title><title>Information Security and Cryptology - ICISC 2005</title><description>The COSvd (2,128) cipher was proposed at the ECRYPT SASC’2004 workshop by Filiol et. al to strengthen the past COS (2,128) stream cipher. It uses clock-controlled non-linear feedback registers filtered by a highly non-linear output function and was claimed to prevent any existing attacks. However, as we will show in this paper, there are some serious security weaknesses in COSvd (2,128). The poorly designed S-box generates biased keystream and the message could be restored by a ciphertext-only attack in some broadcast applications . Besides, we launch a divide-and-conquer attack to recover the secret keys from O(226)-byte known plaintext with high success rate and complexity O(2113), which is much lower than 2512, the complexity of exhaustive search.</description><subject>Applied sciences</subject><subject>Computer science; control theory; systems</subject><subject>Computer systems and distributed systems. User interface</subject><subject>COS cipher</subject><subject>Cryptography</subject><subject>Divide-and-Conquer</subject><subject>Exact sciences and technology</subject><subject>Information, signal and communications theory</subject><subject>Memory and file management (including protection and security)</subject><subject>Memory organisation. Data processing</subject><subject>Non- linear feedback shift register</subject><subject>Signal and communications theory</subject><subject>Software</subject><subject>Stream cipher</subject><subject>Telecommunications and information theory</subject><issn>0302-9743</issn><issn>1611-3349</issn><isbn>9783540333548</isbn><isbn>3540333541</isbn><isbn>354033355X</isbn><isbn>9783540333555</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2006</creationdate><recordtype>conference_proceeding</recordtype><recordid>eNpNkMtKA0EQRdsXmMSs_IHZCAYcrerqnu5eyuALAllE0V1TmanRmJgM00Hw741EwdVdnMNdHKVOES4RwF0hOjJOu6hpT_XJGiAia1_2VQ8LxJzIhAM1DM7_MeMPVQ8IdB6coWPVT-kdALQLuqdGz8KLlaQkKVs3WTmZftbZub5A7UfZdNMJf2TlvH2T7kQdNbxMMvzdgXq6vXks7_Px5O6hvB7nrcawybU0lmsQ1OJAiw_GsC9q8nVVBHJQicwaF0CYEa0GhCL4moCCZcuOaaDOdr8tp4qXTcerap5i280_uPuKGAof0PitN9p5aYtWr9LF2Xq9SBEh_oSK_0LRN5ZiUcY</recordid><startdate>2006</startdate><enddate>2006</enddate><creator>Zhang, Bin</creator><creator>Wu, Hongjun</creator><creator>Feng, Dengguo</creator><creator>Wang, Hong</creator><general>Springer Berlin Heidelberg</general><general>Springer</general><scope>IQODW</scope></search><sort><creationdate>2006</creationdate><title>Weaknesses of COSvd (2,128) Stream Cipher</title><author>Zhang, Bin ; Wu, Hongjun ; Feng, Dengguo ; Wang, Hong</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-p219t-2ef5ad0e12e702e8944a86d38dc69370ceebf790eaa1152010698d30395a5a7a3</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2006</creationdate><topic>Applied sciences</topic><topic>Computer science; control theory; systems</topic><topic>Computer systems and distributed systems. User interface</topic><topic>COS cipher</topic><topic>Cryptography</topic><topic>Divide-and-Conquer</topic><topic>Exact sciences and technology</topic><topic>Information, signal and communications theory</topic><topic>Memory and file management (including protection and security)</topic><topic>Memory organisation. Data processing</topic><topic>Non- linear feedback shift register</topic><topic>Signal and communications theory</topic><topic>Software</topic><topic>Stream cipher</topic><topic>Telecommunications and information theory</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Zhang, Bin</creatorcontrib><creatorcontrib>Wu, Hongjun</creatorcontrib><creatorcontrib>Feng, Dengguo</creatorcontrib><creatorcontrib>Wang, Hong</creatorcontrib><collection>Pascal-Francis</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Zhang, Bin</au><au>Wu, Hongjun</au><au>Feng, Dengguo</au><au>Wang, Hong</au><au>Won, Dong Ho</au><au>Kim, Seungjoo</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Weaknesses of COSvd (2,128) Stream Cipher</atitle><btitle>Information Security and Cryptology - ICISC 2005</btitle><date>2006</date><risdate>2006</risdate><spage>270</spage><epage>283</epage><pages>270-283</pages><issn>0302-9743</issn><eissn>1611-3349</eissn><isbn>9783540333548</isbn><isbn>3540333541</isbn><eisbn>354033355X</eisbn><eisbn>9783540333555</eisbn><abstract>The COSvd (2,128) cipher was proposed at the ECRYPT SASC’2004 workshop by Filiol et. al to strengthen the past COS (2,128) stream cipher. It uses clock-controlled non-linear feedback registers filtered by a highly non-linear output function and was claimed to prevent any existing attacks. However, as we will show in this paper, there are some serious security weaknesses in COSvd (2,128). The poorly designed S-box generates biased keystream and the message could be restored by a ciphertext-only attack in some broadcast applications . Besides, we launch a divide-and-conquer attack to recover the secret keys from O(226)-byte known plaintext with high success rate and complexity O(2113), which is much lower than 2512, the complexity of exhaustive search.</abstract><cop>Berlin, Heidelberg</cop><pub>Springer Berlin Heidelberg</pub><doi>10.1007/11734727_23</doi><tpages>14</tpages></addata></record>
fulltext	fulltext
identifier	ISSN: 0302-9743
ispartof	Information Security and Cryptology - ICISC 2005, 2006, p.270-283
issn	0302-9743 1611-3349
language	eng
recordid	cdi_pascalfrancis_primary_19689148
source	Springer Books
subjects	Applied sciences Computer science control theory systems Computer systems and distributed systems. User interface COS cipher Cryptography Divide-and-Conquer Exact sciences and technology Information, signal and communications theory Memory and file management (including protection and security) Memory organisation. Data processing Non- linear feedback shift register Signal and communications theory Software Stream cipher Telecommunications and information theory
title	Weaknesses of COSvd (2,128) Stream Cipher
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-07T14%3A49%3A15IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-pascalfrancis_sprin&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Weaknesses%20of%20COSvd%20(2,128)%20Stream%20Cipher&rft.btitle=Information%20Security%20and%20Cryptology%20-%20ICISC%202005&rft.au=Zhang,%20Bin&rft.date=2006&rft.spage=270&rft.epage=283&rft.pages=270-283&rft.issn=0302-9743&rft.eissn=1611-3349&rft.isbn=9783540333548&rft.isbn_list=3540333541&rft_id=info:doi/10.1007/11734727_23&rft_dat=%3Cpascalfrancis_sprin%3E19689148%3C/pascalfrancis_sprin%3E%3Curl%3E%3C/url%3E&rft.eisbn=354033355X&rft.eisbn_list=9783540333555&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true