An Efficient State Recovery Attack on the X-FCSR Family of Stream Ciphers
Author
Summary, in English
We describe a state recovery attack on the X-FCSR family of stream ciphers. In this attack we analyse each block of output keystream and try to solve for the state. The solver will succeed when a number of state conditions are satisfied.
For X-FCSR-256, our best attack has a computational complexity of only 2^{4.7} table lookups per block of keystream, with an expected 2^{44.3} such blocks before the attack is successful. The precomputational storage requirement is 2^{33}.
For X-FCSR-128, the computational complexity of our best attack is 2^{16.3} table lookups per block of keystream, where we expect 2^{55.2} output blocks before the attack comes through. The precomputational storage requirement for X-FCSR-128 is 2^{67}.
For X-FCSR-256, our best attack has a computational complexity of only 2^{4.7} table lookups per block of keystream, with an expected 2^{44.3} such blocks before the attack is successful. The precomputational storage requirement is 2^{33}.
For X-FCSR-128, the computational complexity of our best attack is 2^{16.3} table lookups per block of keystream, where we expect 2^{55.2} output blocks before the attack comes through. The precomputational storage requirement for X-FCSR-128 is 2^{67}.
Department/s
Publishing year
2014
Language
English
Pages
1-22
Publication/Series
Journal of Cryptology
Volume
27
Issue
1
Full text
- Available as PDF - 372 kB
- Download statistics
Document type
Journal article
Publisher
Springer
Topic
- Electrical Engineering, Electronic Engineering, Information Engineering
Keywords
- stream cipher
- FCSR
- X-FCSR
- cryptanalysis
- state recovery
Status
Published
ISBN/ISSN/Other
- ISSN: 1432-1378