In April 2005, the stream cipher Polar Bear was proposed as a response to the eSTREAM Call for Primitives. Since then, a few attacks, [7] and [5], have indicated certain weaknesses in the design. In this paper we propose a new version of Polar Bear, called Polar Bear 2.0. The main difference is a key-dependent premixing of the D8 table in conjunction with the key schedule. The new version does ...

DECIM v2 is a stream cipher submitted to the ECRYPT stream cipher project (eSTREAM) and ISO/IEC 18033-4. No attack against DECIM v2 has been proposed yet. In this paper, we propose a chosen IV attack against DECIM v2 using a new equivalent key class. Our attack can recover an 80-bit key with a time complexity of 2 when all bits of the IV are zero. This result is the best one on DECIM v2.

Statistical randomness testing play an important role in analyzing the security of cryptosystems. In this study, we aim to propose a new framework of randomness testing based on the random mappings. Considering the probability distributions of coverage and ρ-lengths, we present three new distinguishers; (i) coverage test, (ii) ρ-test and (iii) DPcoverage test and applied them on Phase III Candi...

Hermes8 [4,5] is one of the stream ciphers submitted to the ECRYPT Stream Cipher Project (eSTREAM [2]). In this paper we present an attack on the latest version of the cipher (Hermes8F), which requires very few known keystream bytes and recovers the cipher secret key in less than a second on a normal PC.

In this paper, we introduce the rakaposhi stream cipher. The algorithm is based on Dynamic Linear Feedback Shift Registers, with a simple and potentially scalable design, and is particularly suitable for hardware applications with restricted resources. The rakaposhi stream cipher offers 128-bit security, and aims to complement the current eSTREAM portfolio of hardware-oriented stream ciphers.

Grain and Trivium are the hardware-oriented finalists of the eSTREAM. They are both based on nonlinear feedback shift registers. In this paper, we study their generalized classes of nonlinear feedback shift registers with time varying feedback functions, namely, Grain-like and Trivium-like structures. Some interesting results regarding their periods are obtained.

Edon80 [1] is one of the Phase 3 candidates in eSTREAM, the ECRYPT stream cipher project. This note examines the structure of the Edon80 quasigroup permutation, when viewed as an S-box or a pair of boolean functions. Although some interesting relations are found, we have not been able to apply these to attack the full cipher.

Stream cipher initialisation should ensure that the initial state or keystream is not detectably related to the key and initialisation vector. In this paper we analyse the key/IV setup of the eSTREAM Phase 2 candidates Salsa20 and TSC-4. In the case of Salsa20 we demonstrate a key recovery attack on six rounds and observe non-randomness after seven. For TSC-4, non-randomness over the full eight...

At the SASC 2006 three papers on hardware implementation of the eSTREAM candidates were presented. The workshop provided an interesting platform where hardware designers were confronted with the developers of the algorithms. The presentations were followed by a lively discussion. As hardware designers, we must admit that we have learned a lot from these discussions. In this brief document we wa...

Cipher design is a multi-faceted process. Many designers focus on security, or present novel designs, but neglect to consider the impact on their ciphers’ efficiency. This paper presents simple guidelines for ensuring efficient symmetric cipher implementations on the Intel Pentium 4 and associated architectures. The paper examines the suitability of a handful of ECRYPT eSTREAM ciphers for the p...