Abstract
The initialisation process is a key component in modern stream cipher design. A well-designed initialisation process should not reveal any information about the secret key, or possess properties that may help to facilitate attacks. This paper analyses the initialisation processes of shift register based stream ciphers and identifies four flaws which lead to compression, state convergence, the existence of slid pairs and possible weak Key-IV combinations. These flaws are illustrated using the A5/1 stream cipher as a case study. We also provide some design recommendations for the intialisation process in stream ciphers, to overcome these and other flaws.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alhamdan, A.: A study of the initialisation process of the A5/1 stream cipher. Master’s Thesis, Queensland University of Technology, October 2008
Alhamdan, A.A.: Secure stream cipher initialisation processes. Ph.D. Thesis, Queensland University of Technology (2014)
Alhamdan, A., Bartlett, H., Simpson, L., Dawson, E., Wong, K.K.-H.: State convergence in the initialisation of the sfinks stream cipher. In: Pieprzyk, J., Thomborson, C. (eds.) 10th Australasian Information Security Conference (AISC 2012), Volume 125 of Conference in Research and Practice in Information Technology (CRPIT), pp. 27–32. Australian Computer Society, Melbourne (2012)
Alhamdan, A., Bartlett, H., Dawson, E., Simpson, L., Wong, K.K.: Slid pairs in the initialisation of the a5/1 stream cipher. In: Thomborson, C., Parampalli, U. (eds.) Information Security 2013 (AISC 2013), Volume 138 of CRPIT, pp. 3–12. ACS, Adelaide (2013)
Alhamdan, A., Bartlett, H., Dawson, E., Simpson, L., Wong, K.K.: Weak key-iv pairs in the a5/1 stream cipher. In: Parampalli, U., Welch, I. (eds.) The 12th Australasian Information Security Conference (AISC 2014), Volume 149 of CRPIT, pp. 23–36. ACS, Auckland (2014)
Arsham, H.: Performance extrapolation in discrete-event systems simulation. Int. J. Syst. Sci. 27(9), 863–869 (1996)
Babbage, S., Dodd, M.: The stream cipher MICKEY (version 1). eSTREAM, ECRYPT Stream Cipher Project, Report 2005/015. http://www.ecrypt.eu.org/stream (2005)
Babbage, S., Dodd, M.: The stream cipher MICKEY 2.0. eSTREAM, ECRYPT Stream Cipher Project. http://www.ecrypt.eu.org/stream/p3ciphers/mickey/mickey_p3.pdf (2006)
Banik, S., Maitra, S., Sarkar, S.: Some results on related key-IV pairs of grain. In: Bogdanov, A., Sanadhya, S. (eds.) Security, Privacy, and Applied Cryptography Engineering. Lecture Notes in Computer Science, pp. 94–110. Springer, Berlin/Heidelberg (2012)
Barkan, E., Biham, E., Keller, N.: Instant ciphertext-only cryptanalysis of GSM encrypted communication. In: Boneh, D. (ed.) Advances in Cryptology - CRYPTO 2003. Lecture Notes in Computer Science, vol. 2729, pp. 600–616. Springer, Berlin/Heidelberg (2003)
Bartlett, H., Al-Hamdan, A., Simpson, L., Dawson, E., Wong, K.K.-H.: Weaknesses in the initialisation process of the common scrambling algorithm stream cipher. In: Schmidt, K.-U., Winterhof, A. (eds.) Sequences and Their Applications (SETA 2014). Lecture Notes in Computer Science, vol. 8865, Melbourne. Springer, New York (2014)
Bewick., S.: Descrambling DVB data according to ETSI common scrambling standard. UK Patent GB2322995A (1998)
Biham, E., Dunkelman, O.: Cryptanalysis of the A5/1 GSM stream cipher. In: Roy, B., Okamoto, E. (eds.) Progress in Cryptology - INDOCRYPT 2000. Lecture Notes in Computer Science, vol. 1977, pp. 43–51. Springer, Berlin/Heidelberg (2000)
Biham, E., Dunkelman, O.: Differential cryptanalysis in stream ciphers. Cryptology ePrint Archive, Report 2007/218. http://www.eprint.iacr.org/ (2007)
Biryukov, A., Shamir, A.: Cryptanalytic time/memory/data tradeoffs for stream ciphers. In: Okamoto, T. (ed.) Advances in Cryptology - ASIACRYPT 2000. Lecture Notes in Computer Science, vol. 1976, pp. 1–13. Springer, Berlin/Heidelberg (2000)
Biryukov, A., Wagner, D.: Slide attacks. In: Knudsen, L. (ed.) Fast Software Encryption. Lecture Notes in Computer Science, vol. 1636, pp. 245–259. Springer, Berlin/Heidelberg (1999)
Biryukov, A., Shamir, A., Wagner, D.: Real time cryptanalysis of A5/1 on a PC. In: Goos, G., Hartmanis, J., Leeuwen, J., Schneier, B. (eds.) Fast Software Encryption. Lecture Notes in Computer Science, vol. 1978, pp. 1–18. Springer, Berlin/Heidelberg (2001)
Braeken, A., Lano, J., Mentens, N., Preneel, B., Verbauwhede, I.: SFINKS: a synchronous stream cipher for restricted hardware environments. eSTREAM, ECRYPT Stream Cipher Project, Report 2005/026. www.ecrypt.eu.org/stream/ciphers/sfinks/sfinks.ps (2005)
Briceno, M., Goldberg, I., Wagner, D.: A pedagogical implementation of A5/1. http://www.cryptome.org/jya/a51-pi.htm (1999)
Chen, K., Henricksen, M., Millan, W., Fuller, J., Simpson, L., Dawson, E., Lee, H.J., Moon, S.J.: Dragon: a fast word based stream cipher. In: Park, C., Chee, S. (eds.) Information Security and Cryptology - ICISC 2004. Lecture Notes in Computer Science, vol. 3506, pp. 33–50. Springer, Berlin/Heidelberg (2005)
Clark, A., Dawson, E., Fuller, J., Golić, J., Lee, H.-J., Millan, W., Moon, S.-J., Simpson, L.: The LILI-II keystream generator. In: Batten, L., Seberry, J. (eds.) Information Security and Privacy. Lecture Notes in Computer Science, vol. 2384, pp. 25–39. Springer, Berlin/Heidelberg (2002)
Dawson, E., Nielsen, L.: Automated cryptanalysis of XOR plaintext strings. Cryptologia 20(2), 165–181 (1996)
De Cannière, C., Preneel, B.: Trivium - a stream cipher construction inspired by block cipher design principles. eSTREAM, ECRYPT Stream Cipher Project, Report 2005/030 and 2006/021. http://www.ecrypt.eu.org/stream (2005)
De Cannière, C., Kücük, Ö., Preneel, B.: Analysis of Grain’s initialization algorithm. In: Vaudenay, S. (ed.) Progress in Cryptology - AFRICACRYPT 2008. Lecture Notes in Computer Science, vol. 5023, pp. 276–289. Springer, Berlin/Heidelberg (2008)
Dunkelman, O., Keller, N.: Treatment of the initial value in time-memory-data tradeoff attacks on stream ciphers. Inf. Process. Lett. 107(5), 133–137 (2008)
European Network of Excellence for Cryptology: The eSTREAM project. (2004) http://www.ecrypt.eu.org/stream/
Fluhrer, S., Mantin, I., Shamir, A.: Weaknesses in the key scheduling algorithm of RC4. In: Vaudenay, S., Youssef, A. (eds.) Selected Areas in Cryptography. Lecture Notes in Computer Science, vol. 2259, pp. 1–24. Springer, Berlin/Heidelberg (2001)
Gendrullis, T., Novotnỳ, M., Rupp, A.: A real-world attack breaking A5/1 within hours. In: Oswald, E., Rohatgi, P. (eds.) Cryptographic Hardware and Embedded Systems - CHES 2008. Lecture Notes in Computer Science, vol. 5154, pp. 266–282. Springer, Berlin/Heidelberg (2008)
Golić, J.: Cryptanalysis of alleged A5 stream cipher. In: Fumy, W. (ed.) Advances in Cryptology - EUROCRYPT ’97. Lecture Notes in Computer Science, vol. 1233, pp. 239–255. Springer, Berlin/Heidelberg (1997)
Golić, J.: Cryptanalysis of three mutually clock-controlled stop/go shift registers. IEEE Trans. Inf. Theory 46(3), 1081–1090 (2000)
Hell, M., Johansson, T., Meier, W.: Grain: a stream cipher for constrained environments. Int. J. Wirel. Mob. Comput. 2(1), 86–93 (2007). http://www.ecrypt.eu.org/stream
Hong, J., Kim, W.-H.: Tmd-tradeoff and state entropy loss considerations of streamcipher mickey. In: Proceedings of the 6th International Conference on Cryptology in India, INDOCRYPT’05, pp. 169–182. Springer, Berlin/Heidelberg (2005)
Hong, J., Sarkar, P.: New applications of time memory data tradeoffs. In: Roy, B. (ed.) Advances in Cryptology - ASIACRYPT 2005. Lecture Notes in Computer Science, vol. 3788, pp. 353–372. Springer, Berlin/Heidelberg (2005)
Hong, J., Sarkar, P.: Rediscovery of time memory tradeoffs. Cryptology ePrint Archive, Report 2005/090. http://www.eprint.iacr.org/ (2005)
Information Society Technologies (IST) Programme: NESSIE. http://www.cosic.esat.kuleuven.be/nessie/. Accessed 20 May 2010
Kiselev, S.A., Tokareva, N.N.: Reduction of the key space of the cipher A5/1 and invertibility of the next-state function for a stream generator. J. Appl. Ind. Math. 6(2), 194–202 (2012)
Küçük, Ö.: Slide resynchronization attack on the initialization of Grain 1.0. eSTREAM, ECRYPT Stream Cipher Project, Report 2006/044. http://www.ecrypt.eu.org/stream (2006)
Lee, Y., Jeong, K., Sung, J., Hong, S.: Related-key chosen IV attacks on Grain-v1 and Grain-128. In: Mu, Y., Susilo, W., Seberry, J. (eds.) Information Security and Privacy. Lecture Notes in Computer Science, vol. 5107, pp. 321–335. Springer, Berlin/Heidelberg (2008)
Lidl, R., Niederreiter, H.: Finite Fields, vol. 20. Cambridge University Press, Cambridge (1997)
Priemuth-Schmid, D., Biryukov, A.: Slid Pairs in Salsa20 and trivium. In: Chowdhury, D., Rijmen, V., Das, A. (eds.) Progress in Cryptology - INDOCRYPT 2008. Lecture Notes in Computer Science, vol. 5365, pp. 1–14. Springer, Berlin/Heidelberg (2008)
Rose, G., Hawkes, P.: On the applicability of distinguishing attacks against stream ciphers. Cryptology ePrint Archive, Report 2002/142. http://www.eprint.iacr.org/ (2002)
Stallings, W.: Cryptography and Network Security, 4th edn. Pearson Prentice Hall, Upper Saddle River (2006)
Stubblefield, A., Ioannidis, J., Rubin, A.D.: Using the Fluhrer, Mantin, and Shamir attack to break WEP. In: Network and Distributed Systems Security Symposium (NDSS), vol. 1722. Citeseer (2002)
Teo, S.: Analysis of nonlinear sequences and stream ciphers. Ph.D. Thesis, Queensland University of Technology (2013)
Teo, S.-G., Al-Hamdan, A., Bartlett, H., Simpson, L., Wong, K.K.-H., Dawson, E.: State convergence in the initialisation of stream ciphers. In: Parampalli, U., Hawkes, P. (eds.) Information Security and Privacy. Lecture Notes in Computer Science, vol. 6812, pp. 75–88. Springer, Berlin/Heidelberg (2011)
Wardlaw, W.P.: A matrix model for the linear feedback shift register. Dtic Document, Naval Research Lab, Washington, DC (1989)
Weinmann, R., Wirt, K.: Analysis of the DVB common scrambling algorithm. In: Chadwick, D., Preneel, B. (eds.) Communications and Multimedia Security. IFIP - The International Federation for Information Processing, vol. 175, pp. 195–207. Springer, New York (2005)
Wu, H., Preneel, B.: Resynchronization attacks on WG and LEX. In: Robshaw, M. (ed.) Fast Software Encryption. Lecture Notes in Computer Science, vol. 4047, pp. 422–432. Springer, Berlin/Heidelberg (2006)
Zhang, H., Wang, X.: Cryptanalysis of stream cipher grain family. Cryptology ePrint Archive, Report 2009/109. http://www.eprint.iacr.org/ (2009)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Alhamdan, A., Bartlett, H., Dawson, E., Simpson, L., Wong, K.KH. (2015). Flaws in the Initialisation Process of Stream Ciphers. In: Daras, N., Rassias, M. (eds) Computation, Cryptography, and Network Security. Springer, Cham. https://doi.org/10.1007/978-3-319-18275-9_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-18275-9_2
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-18274-2
Online ISBN: 978-3-319-18275-9
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)