Cryptanalysis of Mir-1: A T-Function-Based Stream Cipher

Cryptanalysis of Mir-1: A T-Function-Based Stream Cipher

This correspondence describes the cryptanalysis of Mir-1, a T-function based stream cipher proposed at eSTREAM (the ECRYPT Stream Cipher Project) in 2005. This cipher uses a multiword T-function, with four 64-bit words, as its basic structure. Mir-1 operations process the data in every 64 bits (one...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on information theory 2007-11, Vol.53 (11), p.4377-4383
Hauptverfasser: Tsunoo, Y., Saito, T., Kubo, H., Suzaki, T.
Format: Artikel
Sprache:eng
Schlagworte:
Applied sciences
Boolean functions
Countermeasures
Cryptography
Distinguishing attack
ECRYPT
eSTREAM
Exact sciences and technology
Hardware
Information theory
Information, signal and communications theory
Laboratories
Linear feedback shift registers
Mathematical analysis
Military technology
Mir-1
National electric code
pseudorandom number generator
Random numbers
Signal and communications theory
stream cipher
Streams
Telecommunications and information theory
Vectors (mathematics)
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:This correspondence describes the cryptanalysis of Mir-1, a T-function based stream cipher proposed at eSTREAM (the ECRYPT Stream Cipher Project) in 2005. This cipher uses a multiword T-function, with four 64-bit words, as its basic structure. Mir-1 operations process the data in every 64 bits (one word) to generate a keystream. The correspondence discusses a distinguishing attack against Mir-1 that exploits the T-function characteristics and the Mir-1 initialization. With merely three or four initial vector pairs, this attack can distinguish a Mir-1 output sequence from a truly random number sequence. In this case, the amount of data theoretically needed for cryptanalysis is only 2 10 words. This correspondence also proposes a countermeasure that provides resistance against the attack described in this correspondence.
ISSN:0018-9448
1557-9654
DOI:10.1109/TIT.2007.907340