By combining the time-memory-data tradeoff (TMDTO) attack independently proposed by Babbage and Golić (BG) with the BSW sampling technique, this paper explores to mount a new TMDTO attack on stream ciphers. The new attack gives a wider variety of trade-offs, compared with original BG-TMDTO attack. It is efficient when multiple data is allowed for the attacker from the same key with different IV...

Abstract. The GMR-1 and GMR-2 stream ciphers, which are used in the satellite phones, have been reconstructed by Driessen et al. recently. The GMR-1 cipher is shown to be a proprietary variant of the GSM A5/2 algorithm, thus it could be cracked using the previous known method. For the newly designed GMR-2 cipher, by observing a non-uniform behavior of its component, Driessen et al. proposed an ...

Propositional satisfiability (SAT) is at the nucleus of state-ofthe-art approaches to a variety of computationally hard problems, one of which is cryptanalysis. Moreover, a number of practical applications of SAT can only be tackled efficiently by identifying and exploiting a subset of formula’s variables called backdoor set (or simply backdoors). This paper proposes a new class of backdoor set...

Stream cipher Hiji-Bij-Bij (HBB) was proposed by Sarkar at Indocrypt’03. This cipher uses cellular automata (CA). The algorithm has two modes: a basic mode (B) and a self-synchronizing mode (SS). This article presents the first attack on B mode of HBB using 128 bit secret key. This is a known-pliantext guess-then-determine attack. The main step in the attack guesses 512 bits of unknown out of t...

Guess-and-determine attacks are based on guessing a subset of internal state bits and subsequently using these guesses together with the cipher’s output function to determine the value of the remaining state. These attacks have been successfully employed to break NFSRbased stream ciphers. The complexity of a guess-and-determine attack is directly related to the number of state bits used in the ...