SOBER: A Stream Cipher based on Linear Feedback over GF(2 g )
ثبت نشده
چکیده
case 0: /* just waste a cycle and loop */ break; case 1: /* use the first output from two cycles */ *buf++ ^= nltap(R, r) ^ 0x69; r = cycle(R, r); break; case 2: /* use the second output from two cycles */ r = cycle(R, r); *buf++ ^= nltap(R, r); break; case 3: /* return from one cycle */ *buf++ ^= nltap(R, r) ^ 0x96; break; } } } /* encrypt/decrypt a frame of data */ void sober_genbytes(unsigned long frame, unsigned char *buf, int nbytes) { sober_setframe(frame); sober_gen(buf, nbytes); } 22 sober_setframe(unsigned long frame) { register int i;
منابع مشابه
Turing: A Fast Stream Cipher
This paper proposes the Turing stream cipher. Turing offers up to 256-bit key strength, and is designed for extremely efficient software implementation.It combines an LFSR generator based on that of SOBER [21] with a keyed mixing function reminiscent of a block cipher round. Aspects of the block mixer round have been derived from Rijndael [6], Twofish [23], tc24 [24] and SAFER++ [17].
متن کاملThe Mundja Streaming MAC
Mundja is a MAC generation algorithm that has been designed for use together with a stream cipher. Mundja accumulates the message onto two independent registers: the first is a Cyclic Redundancy Checksum (CRC) that uses linear feedback; the second is a strengthened version of the SHA-256 register [5] that uses nonlinear feedback. Mundja is fast (asymptotically about 4 times the speed of HMAC-SH...
متن کاملHigh Efficiency Feedback Shift Register: σ−LFSR?
We introduce a new kind of word-oriented linear feedback shift register called σ−LFSR which is constructed with the instructions of the modern processor and have fast software implementation. We offer an algorithm to search for good primitive σ−LFSR. In particular, we give two examples HHZ-1 and HHZ-2 and compare their efficiency and security with those of the LFSRs appearing in stream ciphers ...
متن کاملDivide and Conquer Attack on ABC Stream Cipher
Abstract ABC is a synchronous stream proposed as a candidate to ECRYPT Project. ABC gets a 128-bit key and a 128-bit IV and produces 1195 bits as the internal state of the cipher. Using some statistical simulations we show that one of the ABC components, a key-IV dependent function over GF(2) called C which is chosen randomly from a family of functions, is slightly better than a randomly chosen...
متن کاملA Key-Recovery Attack on SOBER-128
In this paper, we consider how an unknown constant within a state update function or output function a ects biases of linear approximations. This allows us to obtain information from an unknown constant within a T-function. We use this knowledge for mounting an attack against stream cipher SOBER-128 where we gain information from the key dependent secret constant using multiple linear approxima...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 1999