A state bit recovery algorithm with TMDTO attack on Lizard and Grain-128a
We propose a deterministic algorithm to recover some state bits of any FSR-based stream cipher knowing some keystream bits by fixing some state bits. This algorithm searches for the number of fixing bits as minimum as possible. Applying the algorithm, we could recover 10 , 11 , … , 24 state bits by...
Gespeichert in:
| Veröffentlicht in: | Designs, codes, and cryptography codes, and cryptography, 2022-03, Vol.90 (3), p.489-521 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 521 |
|---|---|
| container_issue | 3 |
| container_start_page | 489 |
| container_title | Designs, codes, and cryptography |
| container_volume | 90 |
| creator | Dalai, Deepak Kumar Pal, Santu Sarkar, Santanu |
| description | We propose a deterministic algorithm to recover some state bits of any FSR-based stream cipher knowing some keystream bits by fixing some state bits. This algorithm searches for the number of fixing bits as minimum as possible. Applying the algorithm, we could recover
10
,
11
,
…
,
24
state bits by fixing 10, 12, 14, 16, 18, 20, 22, 24, 38, 40, 42, 44, 46, 48, 50 state bits respectively for Lizard and 35, 48 state bits by fixing 34, 54 state bits respectively for Grain-128a. The result on Lizard beats the previous result, which can recover 14 state bits by fixing 30 state bits and the result on Grain-128a is the first one in this direction. Further, we present the Time-Memory-Data Trade-Off (TMDTO) curve by using the number of recovering and fixing state bits. Then we use the obtained results on the number of recovering and fixing state bits of Lizard and Grain 128a to implement the TMDTO attack to recover other state bits of these two ciphers. Our results supersede the previous result by Maitra et al. (IEEE Trans Comput 67(5):733–739, 2018) (i.e.,
T
=
M
=
D
=
2
54
) on TMDTO attack on Lizard. The best results for Lizard are
T
=
M
=
2
54
,
D
=
2
48
which requires 64 times lesser data than in Maitra et al. (IEEE Trans Comput 67(5):733–739, 2018);
T
=
2
52
,
M
=
D
=
2
53
or,
D
=
2
52
,
M
=
T
=
2
53
which improves the minimization of
max
{
T
,
M
,
D
}
;
T
=
2
50
,
M
=
D
=
2
54
, which reduces the time complexity by 16 times than in Maitra et al. (IEEE Trans Comput 67(5):733–739, 2018);
T
=
2
42
,
M
=
D
=
2
60
which reduces the time complexity by
2
18
times with respect to overall complexity of Lizard claimed by Hamann et al. in FSE 2017. |
| doi_str_mv | 10.1007/s10623-021-00984-3 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2637576462</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2637576462</sourcerecordid><originalsourceid>FETCH-LOGICAL-c319t-5bf23f515eb8236256eb1e0456bae119f139e90d705ce17ee0c0cda7f3c7edce3</originalsourceid><addsrcrecordid>eNp9kDFPwzAQhS0EEqXwB5gsMRvu7DpOxqpAqVTUpcyW41xKSpsU24DKrydQJDaWe8v73kkfY5cI1whgbiJCJpUAiQKgyEdCHbEBaqOE0Xl2zAZQSC0QpDxlZzGuAQAVyAGbjXlMLhEvm8QD-e6dwp67zaoLTXre8o_-8uXj7XLBXUrOv_Cu5fPm04WKu7bi0-CaVqDM3Tk7qd0m0sVvDtnT_d1y8iDmi-lsMp4Lr7BIQpe1VLVGTWUuVSZ1RiUSjHRWOkIsalQFFVAZ0J7QEIEHXzlTK2-o8qSG7Oqwuwvd6xvFZNfdW2j7l1ZmymiTjXoVQyYPLR-6GAPVdhearQt7i2C_ldmDMtsrsz_KrOohdYBiX25XFP6m_6G-ALA6bQc</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2637576462</pqid></control><display><type>article</type><title>A state bit recovery algorithm with TMDTO attack on Lizard and Grain-128a</title><source>SpringerLink Journals - AutoHoldings</source><creator>Dalai, Deepak Kumar ; Pal, Santu ; Sarkar, Santanu</creator><creatorcontrib>Dalai, Deepak Kumar ; Pal, Santu ; Sarkar, Santanu</creatorcontrib><description>We propose a deterministic algorithm to recover some state bits of any FSR-based stream cipher knowing some keystream bits by fixing some state bits. This algorithm searches for the number of fixing bits as minimum as possible. Applying the algorithm, we could recover
10
,
11
,
…
,
24
state bits by fixing 10, 12, 14, 16, 18, 20, 22, 24, 38, 40, 42, 44, 46, 48, 50 state bits respectively for Lizard and 35, 48 state bits by fixing 34, 54 state bits respectively for Grain-128a. The result on Lizard beats the previous result, which can recover 14 state bits by fixing 30 state bits and the result on Grain-128a is the first one in this direction. Further, we present the Time-Memory-Data Trade-Off (TMDTO) curve by using the number of recovering and fixing state bits. Then we use the obtained results on the number of recovering and fixing state bits of Lizard and Grain 128a to implement the TMDTO attack to recover other state bits of these two ciphers. Our results supersede the previous result by Maitra et al. (IEEE Trans Comput 67(5):733–739, 2018) (i.e.,
T
=
M
=
D
=
2
54
) on TMDTO attack on Lizard. The best results for Lizard are
T
=
M
=
2
54
,
D
=
2
48
which requires 64 times lesser data than in Maitra et al. (IEEE Trans Comput 67(5):733–739, 2018);
T
=
2
52
,
M
=
D
=
2
53
or,
D
=
2
52
,
M
=
T
=
2
53
which improves the minimization of
max
{
T
,
M
,
D
}
;
T
=
2
50
,
M
=
D
=
2
54
, which reduces the time complexity by 16 times than in Maitra et al. (IEEE Trans Comput 67(5):733–739, 2018);
T
=
2
42
,
M
=
D
=
2
60
which reduces the time complexity by
2
18
times with respect to overall complexity of Lizard claimed by Hamann et al. in FSE 2017.</description><identifier>ISSN: 0925-1022</identifier><identifier>EISSN: 1573-7586</identifier><identifier>DOI: 10.1007/s10623-021-00984-3</identifier><language>eng</language><publisher>New York: Springer US</publisher><subject>Algorithms ; Coding and Information Theory ; Complexity ; Computer Science ; Cryptology ; Discrete Mathematics in Computer Science ; Encryption ; Fixing ; Lizards</subject><ispartof>Designs, codes, and cryptography, 2022-03, Vol.90 (3), p.489-521</ispartof><rights>The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2021</rights><rights>The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2021.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c319t-5bf23f515eb8236256eb1e0456bae119f139e90d705ce17ee0c0cda7f3c7edce3</citedby><cites>FETCH-LOGICAL-c319t-5bf23f515eb8236256eb1e0456bae119f139e90d705ce17ee0c0cda7f3c7edce3</cites><orcidid>0000-0001-6821-920X</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s10623-021-00984-3$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/s10623-021-00984-3$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>314,780,784,27923,27924,41487,42556,51318</link.rule.ids></links><search><creatorcontrib>Dalai, Deepak Kumar</creatorcontrib><creatorcontrib>Pal, Santu</creatorcontrib><creatorcontrib>Sarkar, Santanu</creatorcontrib><title>A state bit recovery algorithm with TMDTO attack on Lizard and Grain-128a</title><title>Designs, codes, and cryptography</title><addtitle>Des. Codes Cryptogr</addtitle><description>We propose a deterministic algorithm to recover some state bits of any FSR-based stream cipher knowing some keystream bits by fixing some state bits. This algorithm searches for the number of fixing bits as minimum as possible. Applying the algorithm, we could recover
10
,
11
,
…
,
24
state bits by fixing 10, 12, 14, 16, 18, 20, 22, 24, 38, 40, 42, 44, 46, 48, 50 state bits respectively for Lizard and 35, 48 state bits by fixing 34, 54 state bits respectively for Grain-128a. The result on Lizard beats the previous result, which can recover 14 state bits by fixing 30 state bits and the result on Grain-128a is the first one in this direction. Further, we present the Time-Memory-Data Trade-Off (TMDTO) curve by using the number of recovering and fixing state bits. Then we use the obtained results on the number of recovering and fixing state bits of Lizard and Grain 128a to implement the TMDTO attack to recover other state bits of these two ciphers. Our results supersede the previous result by Maitra et al. (IEEE Trans Comput 67(5):733–739, 2018) (i.e.,
T
=
M
=
D
=
2
54
) on TMDTO attack on Lizard. The best results for Lizard are
T
=
M
=
2
54
,
D
=
2
48
which requires 64 times lesser data than in Maitra et al. (IEEE Trans Comput 67(5):733–739, 2018);
T
=
2
52
,
M
=
D
=
2
53
or,
D
=
2
52
,
M
=
T
=
2
53
which improves the minimization of
max
{
T
,
M
,
D
}
;
T
=
2
50
,
M
=
D
=
2
54
, which reduces the time complexity by 16 times than in Maitra et al. (IEEE Trans Comput 67(5):733–739, 2018);
T
=
2
42
,
M
=
D
=
2
60
which reduces the time complexity by
2
18
times with respect to overall complexity of Lizard claimed by Hamann et al. in FSE 2017.</description><subject>Algorithms</subject><subject>Coding and Information Theory</subject><subject>Complexity</subject><subject>Computer Science</subject><subject>Cryptology</subject><subject>Discrete Mathematics in Computer Science</subject><subject>Encryption</subject><subject>Fixing</subject><subject>Lizards</subject><issn>0925-1022</issn><issn>1573-7586</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><recordid>eNp9kDFPwzAQhS0EEqXwB5gsMRvu7DpOxqpAqVTUpcyW41xKSpsU24DKrydQJDaWe8v73kkfY5cI1whgbiJCJpUAiQKgyEdCHbEBaqOE0Xl2zAZQSC0QpDxlZzGuAQAVyAGbjXlMLhEvm8QD-e6dwp67zaoLTXre8o_-8uXj7XLBXUrOv_Cu5fPm04WKu7bi0-CaVqDM3Tk7qd0m0sVvDtnT_d1y8iDmi-lsMp4Lr7BIQpe1VLVGTWUuVSZ1RiUSjHRWOkIsalQFFVAZ0J7QEIEHXzlTK2-o8qSG7Oqwuwvd6xvFZNfdW2j7l1ZmymiTjXoVQyYPLR-6GAPVdhearQt7i2C_ldmDMtsrsz_KrOohdYBiX25XFP6m_6G-ALA6bQc</recordid><startdate>20220301</startdate><enddate>20220301</enddate><creator>Dalai, Deepak Kumar</creator><creator>Pal, Santu</creator><creator>Sarkar, Santanu</creator><general>Springer US</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0001-6821-920X</orcidid></search><sort><creationdate>20220301</creationdate><title>A state bit recovery algorithm with TMDTO attack on Lizard and Grain-128a</title><author>Dalai, Deepak Kumar ; Pal, Santu ; Sarkar, Santanu</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c319t-5bf23f515eb8236256eb1e0456bae119f139e90d705ce17ee0c0cda7f3c7edce3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Algorithms</topic><topic>Coding and Information Theory</topic><topic>Complexity</topic><topic>Computer Science</topic><topic>Cryptology</topic><topic>Discrete Mathematics in Computer Science</topic><topic>Encryption</topic><topic>Fixing</topic><topic>Lizards</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Dalai, Deepak Kumar</creatorcontrib><creatorcontrib>Pal, Santu</creatorcontrib><creatorcontrib>Sarkar, Santanu</creatorcontrib><collection>CrossRef</collection><jtitle>Designs, codes, and cryptography</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Dalai, Deepak Kumar</au><au>Pal, Santu</au><au>Sarkar, Santanu</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A state bit recovery algorithm with TMDTO attack on Lizard and Grain-128a</atitle><jtitle>Designs, codes, and cryptography</jtitle><stitle>Des. Codes Cryptogr</stitle><date>2022-03-01</date><risdate>2022</risdate><volume>90</volume><issue>3</issue><spage>489</spage><epage>521</epage><pages>489-521</pages><issn>0925-1022</issn><eissn>1573-7586</eissn><abstract>We propose a deterministic algorithm to recover some state bits of any FSR-based stream cipher knowing some keystream bits by fixing some state bits. This algorithm searches for the number of fixing bits as minimum as possible. Applying the algorithm, we could recover
10
,
11
,
…
,
24
state bits by fixing 10, 12, 14, 16, 18, 20, 22, 24, 38, 40, 42, 44, 46, 48, 50 state bits respectively for Lizard and 35, 48 state bits by fixing 34, 54 state bits respectively for Grain-128a. The result on Lizard beats the previous result, which can recover 14 state bits by fixing 30 state bits and the result on Grain-128a is the first one in this direction. Further, we present the Time-Memory-Data Trade-Off (TMDTO) curve by using the number of recovering and fixing state bits. Then we use the obtained results on the number of recovering and fixing state bits of Lizard and Grain 128a to implement the TMDTO attack to recover other state bits of these two ciphers. Our results supersede the previous result by Maitra et al. (IEEE Trans Comput 67(5):733–739, 2018) (i.e.,
T
=
M
=
D
=
2
54
) on TMDTO attack on Lizard. The best results for Lizard are
T
=
M
=
2
54
,
D
=
2
48
which requires 64 times lesser data than in Maitra et al. (IEEE Trans Comput 67(5):733–739, 2018);
T
=
2
52
,
M
=
D
=
2
53
or,
D
=
2
52
,
M
=
T
=
2
53
which improves the minimization of
max
{
T
,
M
,
D
}
;
T
=
2
50
,
M
=
D
=
2
54
, which reduces the time complexity by 16 times than in Maitra et al. (IEEE Trans Comput 67(5):733–739, 2018);
T
=
2
42
,
M
=
D
=
2
60
which reduces the time complexity by
2
18
times with respect to overall complexity of Lizard claimed by Hamann et al. in FSE 2017.</abstract><cop>New York</cop><pub>Springer US</pub><doi>10.1007/s10623-021-00984-3</doi><tpages>33</tpages><orcidid>https://orcid.org/0000-0001-6821-920X</orcidid></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 0925-1022 |
| ispartof | Designs, codes, and cryptography, 2022-03, Vol.90 (3), p.489-521 |
| issn | 0925-1022 1573-7586 |
| language | eng |
| recordid | cdi_proquest_journals_2637576462 |
| source | SpringerLink Journals - AutoHoldings |
| subjects | Algorithms Coding and Information Theory Complexity Computer Science Cryptology Discrete Mathematics in Computer Science Encryption Fixing Lizards |
| title | A state bit recovery algorithm with TMDTO attack on Lizard and Grain-128a |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-12T12%3A47%3A28IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20state%20bit%20recovery%20algorithm%20with%20TMDTO%20attack%20on%20Lizard%20and%20Grain-128a&rft.jtitle=Designs,%20codes,%20and%20cryptography&rft.au=Dalai,%20Deepak%20Kumar&rft.date=2022-03-01&rft.volume=90&rft.issue=3&rft.spage=489&rft.epage=521&rft.pages=489-521&rft.issn=0925-1022&rft.eissn=1573-7586&rft_id=info:doi/10.1007/s10623-021-00984-3&rft_dat=%3Cproquest_cross%3E2637576462%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2637576462&rft_id=info:pmid/&rfr_iscdi=true |