Cryptanalysis of the Stream Cipher LEX
نویسندگان
چکیده
In [6], Biryukov presented a new methodology of stream cipher design called leak extraction. The stream cipher LEX, based on this methodology and on the AES block cipher, was selected to phase 3 of the eSTREAM competition. The suggested methodology seemed promising, and LEX, due to its elegance, simplicity, and performance, was expected to be selected to the eSTREAM portfolio. In this paper we present a key recovery attack on LEX. The attack requires about 2 bytes of key-stream produced by the same key (possibly under many different IVs), and retrieves the secret key in time of about 2 AES encryptions. Following a preliminary version of our attack, LEX was discarded from the final portfolio of eSTREAM.
منابع مشابه
Related Key Cryptanalysis of the LEX Stream Cipher
LEX is a stream cipher proposed by Alex Biryukov. It was selected to phase 3 of the eSTREAM competition. LEX is based on the Advanced Encryption Standard (AES) block cipher and uses a methodology called ”Leak Extraction”, proposed by Biryukov himself. In this paper, we cryptanalyze LEX using two related keys. We have mounted a key recovery attack on LEX, which using 2 key streams yields a compl...
متن کاملAlgebraic cryptanalysis of a small-scale version of stream cipher Lex
In this paper we analyse with respect to algebraic attacks a small-scale version of the stream cipher Lex. We base it on a small-scale version of the block cipher AES with 16-bit state and 16-bit key. We represent the small-scale Lex and its key schedule in two alternative ways: as a system of cubic boolean equations and as a system of quadratic boolean equations. We use Gröbner bases to solve ...
متن کاملCryptanalysis of Ciphers Based on AES Structure
AES is the best known and most widely used block cipher. Its three versions (AES-128, AES-192, and AES-256) differ in their key sizes (128 bits, 192 bits and 256 bits) and in their number of rounds (10, 12, and 14, respectively). Our present work investigates the recently reported attacks on AES 256 and AES 192. Instead of concentrating on the actual algorithms of these attacks we shall be more...
متن کاملResynchronization Attacks on WG and LEX
WG and LEX are two stream ciphers submitted to eStream – the ECRYPT stream cipher project. In this paper, we point out security flaws in the resynchronization of these two ciphers. The resynchronization of WG is vulnerable to a differential attack. For WG with 80-bit key and 80-bit IV, 48 bits of the secret key can be recovered with about 2 chosen IVs . For each chosen IV, only the first four k...
متن کاملCryptanalysis and Design of Stream Ciphers
This thesis presents some novel results on the cryptanalysis and design of stream ciphers. The first part of the thesis introduces various stream ciphers design and cryptanalysis techniques. The second part of the thesis gives the cryptanalysis of seven stream ciphers. The properties of addition are exploited in the cryptanalysis of two stream ciphers: the differential-linear cryptanalysis agai...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Des. Codes Cryptography
دوره 67 شماره
صفحات -
تاریخ انتشار 2013