zbMATH — the first resource for mathematics

A byte-based guess and determine attack on SOSEMANUK. (English) Zbl 1253.94046
Abe, Masayuki (ed.), Advances in cryptology – ASIACRYPT 2010. 16th international conference on the theory and application of cryptology and information security, Singapore, December 5–9, 2010. Proceedings. Berlin: Springer (ISBN 978-3-642-17372-1/pbk). Lecture Notes in Computer Science 6477, 146-157 (2010).
Summary: SOSEMANUK is a software-oriented stream cipher proposed by C. Berbain et al. for the eSTREAM project and has been selected into the final portfolio. It is noticed that most components of SOSEMANUK can be calculated byte-oriented. Hence an attacker can observe SOSEMANUK from the view of byte units instead of the original 32-bit word units. Based on the above idea, in this work we present a new byte-based guess and determine attack on SOSEMANUK, where we view a byte as a basic data unit and guess some certain bytes of the internal states instead of the whole 32-bit words during the execution of the attack. Surprisingly, our attack only needs a few words of known key stream to recover all the internal states of SOSEMANUK, and the time complexity can be dramatically reduced to \(O(2^{176})\). Since SOSEMANUK has a key with the length varying from 128 to 256 bits, our results show that when the length of an encryption key is larger than 176 bits, our guess and determine attack is more efficient than an exhaustive key search.
For the entire collection see [Zbl 1202.94006].

94A60 Cryptography
Full Text: DOI