The F-FCSR stream cipher family has been presented a few years ago. Apart from some aws in the initial propositions, corrected in a later stage, there are no known weaknesses of the core of these algorithms. The hardware oriented version, called FCSR-H, is one of the ciphers selected for the eSTREAM portfolio. In this paper we present a new and severe cryptanalytic attack on the F-FCSR stream c...

In this paper, we present Decim, a stream cipher hardwareoriented selected for the phase 3 of the ECRYPT stream cipher project eSTREAM. As required by the initial call for hardware-oriented stream cipher contribution, Decim manages 80-bit secret keys and 64-bit public initialization vectors. The design of Decim combines two filtering mechanisms: a nonlinear Boolean filter over a LFSR, followed ...

A new approach to the cryptanalysis of symmetric algorithms based on nonsmooth optimisation is presented. We develop this technique as a novel way of dealing with nonlinearity over F2 by modeling the equations corresponding to the algorithm as a continuous optimisation problem that avoids terms of higher degree. The resulting problems are not continuously differentiable, but can be approached w...

This paper demonstrates the existence of a non-null bias in the keystream generated by the synchronous stream cipher Rabbit, a candidate to the eSTREAM project, from the observation that the core function is strongly unbalanced. The keystream bias is greater than 2−124.5 for certain bits, and this leads to a distinguisher requiring about 2 128-bit samples of keystream derived from random keys a...

The stream ciphers Py, Py6 designed by Biham and Seberry were promising candidates in the ECRYPT-eSTREAM project because of their impressive speed. Since their publication in April 2005, a number of cryptanalytic weaknesses of the ciphers have been discovered. As a result, a strengthened version Pypy was developed to repair these weaknesses; it was included in the category of ‘Focus ciphers’ of...

In this paper, we present fault attack on Grain family of stream ciphers, an eStream finalist. The earlier fault attacks on Grain work on LFSR whereas our target for fault induction is the NFSR. Our attack requires a small number of faults to be injected; 150 only for Grain v1 and only 312 and 384 for Grain-128 and Grain-128a, respectively. The number of faults are much lesser than the earlier ...

LEX is a stream cipher based on the round transformation of the AES block cipher, and it was selected for the final phase evaluation of the eSTREAM project. LEX is 2.5 times faster than AES both in software and in hardware. In this paper, we present a differential fault attack on LEX. The fault model assumes that the attacker is able to flip a random bit of the internal state of the cipher but ...

In this paper we show how the synchronous stream cipher Edon80 proposed as a candidate stream cipher in Profile 2 of the eSTREAM project, can be efficiently upgraded to synchronous stream cipher with authentication. We are achieving that by simple addition of two-bit registers into the e-transformers of Edon80 core, an additional 160-bit shift register and by putting additional communication lo...

We present an attack on Salsa20 reduced to five of its twenty rounds. This attack uses many clusters of truncated differentials and requires 2 work and 2 plaintexts. 1 Definition of Salsa20 Salsa20 [1] is a candidate in the eSTREAM project to identify new stream ciphers that might be suitable for widespread adoption. For convenience, we recap here the parameterized family of variants Salsa20-w/...

The stream ciphers Py, Py6 were designed by Biham and Seberry for the ECRYPT-eSTREAM project in 2005. However, due to several recent cryptanalytic attacks on them, a strengthened version Pypy was proposed to rule out those attacks. The ciphers have been promoted to the ‘Focus’ ciphers of the Phase II of the eSTREAM project. The impressive speed of the ciphers make them the forerunners in the co...