Abstract
Stream cipher is one of the basic cryptographic primitives that provide the confidentiality of communication through insecure channel. EU ECRYPT network has organized a project for identifying new stream suitable for widespread adoption where the ciphers can provide a more security levels. Finally the result of the project has identified new stream ciphers referred as eSTREAM. Salsa20 is one of the eSTREAM cipher built on a pseudorandom function. In this paper our contribution is two phases. First phase have two parts. In WCC 2015, Maitra et al. [9] explained characterization of valid states by reversing one round of Salsa20. In first part, we have revisited the Maitra et al. [9] characterization of valid states by reversing one round of Salsa20. We found there is a mistake in one bit change in \(8^{th}\) and \(9^{th}\) word in first round will result in valid initial state. In second part, Maitra et al. [9] as mentioned that it would be an interesting combinatorial problem to characterize all such states. We have characterized nine more values which lead to valid initial states. The combinations \((s_4,s_7)\), \((s_2,s_3)\), \((s_{13},s_{14})\), \((s_1,s_6)\), \((s_1,s_{11})\), \((s_1,s_{12})\), \((s_6,s_{11})\), \((s_6,s_{12})\) and \((s_{11}, s_{12})\) which characterized as valid states.
In second phase, FSE 2008 Aumasson et al. [1] attacked 128-key bit of Salsa20/7 within \(2^{111}\) time and ChaCha6 in within \(2^{107}\) time. After this with best of our knowledge there does not exist any improvement on this attack. In this paper we have attacked 128-key bit of Salsa20/7 within \(2^{107}\) time and ChaCha6 within \(2^{102}\) time. Maitra [8] improved the attack on Salsa20/8 and ChaCha7 by choosing proper IVs corresponding to the 256-key bit. Applying the same concept we have attacked 128-key bit of Salsa20/7 within time \(2^{104}\) and ChaCha7 within time \(2^{101}\).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aumasson, J.-P., Fischer, S., Khazaei, S., Meier, W., Rechberger, C.: New features of Latin dances: analysis of Salsa, ChaCha, and Rumba. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 470–488. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-71039-4_30
Bernstein, D.J.: Chacha, a variant of Salsa20. In: Workshop Record of SASC, vol. 8, pp. 3–5 (2008)
Bernstein, D.J.: Snuffle 2005: the Salsa20 encryption function (2015)
Choudhuri, A.R., Maitra, S.: Significantly improved multi-bit differentials for reduced round Salsa and Chacha. IACR Trans. Symmetric Cryptol. 2016(2), 261–287 (2017)
Crowley, P.: Truncated differential cryptanalysis of five rounds of Salsa20. In: The State of the Art of Stream Ciphers SASC, vol. 2006, pp. 198–202 (2006)
Dey, S., Sarkar, S.: Improved analysis for reduced round Salsa and Chacha. Discret. Appl. Math. 227, 58–69 (2017)
Fischer, S., Meier, W., Berbain, C., Biasse, J.-F., Robshaw, M.J.B.: Non-randomness in eSTREAM candidates Salsa20 and TSC-4. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 2–16. Springer, Heidelberg (2006). https://doi.org/10.1007/11941378_2
Maitra, S.: Chosen IV cryptanalysis on reduced round Chacha and Salsa. Discret. Appl. Math. 208, 88–97 (2016)
Maitra, S., Paul, G., Meier, W.: Salsa20 cryptanalysis: new moves and revisiting old styles. In: 9th International Workshop on Coding and Cryptography, WCC 2015 (2015)
Mouha, N., Preneel, B.: Towards finding optimal differential characteristics for ARX: application to Salsa20. Technical report, Cryptology ePrint Archive, Report 2013/328 (2013)
Shi, Z., Zhang, B., Feng, D., Wu, W.: Improved key recovery attacks on reduced-round Salsa20 and ChaCha. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 337–351. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37682-5_24
Tsunoo, Y., Saito, T., Kubo, H., Suzaki, T., Nakashima, H.: Differential cryptanalysis of Salsa20/8. In: Workshop Record of SASC, p. 12 (2007)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Deepthi, K.K.C., Singh, K. (2018). Cryptanalysis of Salsa and ChaCha: Revisited. In: Hu, J., Khalil, I., Tari, Z., Wen, S. (eds) Mobile Networks and Management. MONAMI 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 235. Springer, Cham. https://doi.org/10.1007/978-3-319-90775-8_26
Download citation
DOI: https://doi.org/10.1007/978-3-319-90775-8_26
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-90774-1
Online ISBN: 978-3-319-90775-8
eBook Packages: Computer ScienceComputer Science (R0)