In Europe and North America, the most widely used stream cipher to ensure privacy and confidentiality of conversations in GSM mobile phones is the A5/1. In this paper, we present a new attack on the A5/1 stream cipher with an average time complexity of 2, which is much less than the brute-force attack with a complexity of 2. The attack has a 100% success rate and requires about 5.65GB storage. ...

In Europe and North America, the most widely used stream cipher to ensure privacy and confidentiality of conversations in GSM mobile phones is the A5/1. In this paper, we present an improved guess-and-determine attack on the A5/1 stream cipher with an average time complexity of 248.5, which is much less than any known guessand-determine attack. The attack has a 100% success rate and requires a ...

Side-channel attacks on block ciphers and public key algorithms have been discussed extensively. However, there is only sparse literature about side-cannel attacks on stream ciphers. The few existing references mainly treat timing [8] and template attacks [10], or provide a theoretical analysis [6], [7] of weaknesses of stream cipher constructions. In this paper we present attacks on two focus ...

In this article, it is discussed how to construct a compression function with 2n-bit output using a component function with n-bit output. The component function is either a smaller compression function or a block cipher. Some constructions are presented which compose collision-resistant hash functions: Any collision-finding attack on them is at most as efficient as a birthday attack in the rand...

Since the proposal of differential cryptanalysis and linear cryptanalysis in 1991 and 1993, respectively, the resistance to these cryptanalysis has been studied. In FSE2, Knudsen proposed a method of attacking block ciphers that used the higher order differential, and in FSE4, Jakobsen and Knudsen applied it to a cipher proposed by Nyberg and Knudsen. Their approach, however, requires large com...

In this paper we present the first biclique cryptanalysis of MIBS block cipher and a new biclique cryptanalysis of PRESENT block cipher. These attacks are performed on full-round MIBS-80 and full-round PRESENT-80. Attack on MIBS80 uses matching without matrix method and has a data complexity upper bounded by 252 chosen plaintext where it reduced security of this cipher about 1 bit. Attack on PR...

The rapid growth of usage of Digital technology leads to storage of all categories and types of data in digital media. As the technology is very fast in maintenance and also in data theft. We require providing security for the data stored in the digital media various data security techniques have introduced for the last 5 decades, but all those techniques are only key based techniques. All the ...

Given a block cipher of length L Cook’s elastic cipher allows to encrypt messages of variable length from L to 2L. Given some conditions on the key schedule, Cook’s elastic cipher is secure against any key recovery attack if the underlying block cipher is, and it achieves complete diffusion in at most q+1 rounds if the underlying block cipher achieves it in q rounds. We extend Cook’s constructi...

We present a new encryption mode for block ciphers. The mode is efficient and is secure against chosen-plaintext attack (CPA) already if the underlying symmetric cipher is secure against known-plaintext attack (KPA). We prove that known (and widely used) encryption modes as CBC mode and counter mode do not have this property. In particular, we prove that CBC mode using a KPA secure cipher is KP...

In this paper we present a distinguisher targeting towards irregularly clocked filter generators. The attack is applied on the irregularly clocked stream cipher called LILI-II. LILI-II is the successor of the cipher LILI-128 and its design was published in [1]. There have been no known attacks better than exhaustive key search on LILI-II. Our attack is the first of this kind that distinguishes ...