Abstract
Self-Synchronizing Stream Ciphers (SSSC) are a particular class of symmetric encryption algorithms, such that the resynchronization is automatic, in case of error during the transmission of the ciphertext.
In this paper, we extend the scope of chosen-ciphertext attacks against SSSC. Previous work in this area include the cryptanalysis of dedicated constructions, like KNOT, HBB or SSS. We go further to break the last standing dedicated design of SSSC, i.e. the ECRYPT proposal MOSQUITO. Our attack costs about 270 computation steps, while a 96-bit security level was expected. It also applies to ΓΥ (an ancestor of MOSQUITO) therefore the only secure remaining SSSC are block-cipher-based constructions.
Chapter PDF
Similar content being viewed by others
Keywords
- Block Cipher
- Stream Cipher
- Linear Feedback Shift Register
- Choose Ciphertext Attack
- Choose Plaintext Attack
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Alkassar, A., Geraldy, A., Pfitzmann, B., Sadeghi, A.-R.: Optimized Self- Synchronizing Mode of Operation. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 78–91. Springer, Heidelberg (2002)
Arnault, F., Berger, T.: A new class of stream ciphers combining LFSR and FCSR architectures. In: Menezes, A., Sarkar, P. (eds.) INDOCRYPT 2002. LNCS, vol. 2551, pp. 22–33. Springer, Heidelberg (2002)
Babbage, S.: Stream Ciphers: What Does the Industry Want. In: State of the Art of Stream Ciphers workshop, SASC 2004 (2004)
Daemen, J.: Cipher and Hash Function Design. Strategies based on Linear and Differential Cryptanalysis. PhD thesis, ch. 9, Katholieke Universiteit Leuven (March 1995)
Daemen, J., Govaerts, R., Vandewalle, J.: A Practical Approach to the Design of High Speed Self-Synchronizing Stream Ciphers. In: Singapore ICCS/ISITA 1992, pp. 279–283. IEEE, Los Alamitos (1992)
Daemen, J., Kitsos, P.: Submission to ECRYPT call for stream ciphers: the self-synchronizing stream cipher Mosquito. eSTREAM, ECRYPT Stream Cipher Project, Report 2005/018 (2005), http://www.ecrypt.eu.org/stream
Daemen, J., Lano, J., Preneel, B.: Chosen Ciphertext Attack on SSS. eSTREAM, ECRYPT Stream Cipher Project, Report 2005/044 (2005), http://www.ecrypt.eu.org/stream
eSTREAM - The ECRYPT Stream Cipher Project, http://www.ecrypt.eu.org/stream/
FIPS PUB 81. DES Modes of Operation (1980)
Fouque, P.-A., Martinet, G., Poupard, G.: Practical Symmetric On-Line Encryption. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 362–375. Springer, Heidelberg (2003)
Hawkes, P., Rose, G.: Primitive Specification and Supporting Documentation for SOBER-t32. In: First Open NESSIE Workshop, Submission to NESSIE (2000)
Joux, A., Muller, F.: Loosening the KNOT. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 87–99. Springer, Heidelberg (2003)
Joux, A., Muller, F.: Two Attacks Against the HBB Stream Cipher. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 330–341. Springer, Heidelberg (2005)
Maurer, U.: New Approaches to the Design of Self-Synchronizing Stream Ciphers. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 458–471. Springer, Heidelberg (1991)
Mitra, J.: A near-practical attack against B mode of HBB. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 412–424. Springer, Heidelberg (2005)
Muller, F.: Differential Attacks and Stream Ciphers. In: State of the Art in Stream Ciphers. ECRYPT Network of Excellence in Cryptology, Workshop Record (2004)
National Institute of Standards and Technology (NIST). Advanced Encryption Standard (AES) FIPS Publication 197 (November 2001), Available at, http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
Preneel, B., Nuttin, M., Rijmen, R., Buelens, J.: Cryptanalysis of the CFB Mode of the DES with a Reduced Number of Rounds. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 212–223. Springer, Heidelberg (1994)
Rose, G., Hawkes, P., Paddon, G., Wiggers de Vries, M.: Primitive Specifications for SSS. eSTREAM, ECRYPT Stream Cipher Project, Report 2005/028 (2005), http://www.ecrypt.eu.org/stream
Sarkar, P.: Hiji-Bij-Bij: A New Stream Cipher with a Self-Synchronizing Mode of Operation. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 36–51. Springer, Heidelberg (2003)
Wang, X., Yin, Y., Yu, H.: Finding Collisions in the Full SHA1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)
Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)
Wang, X., Yu, H., Yin, Y.: Efficient Collision Search Attacks on SHA0. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 1–16. Springer, Heidelberg (2005)
Watanabe, D., Furuya, S.: A MAC Forgery Attack on SOBER-128. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 472–482. Springer, Heidelberg (2004)
Zhang, B., Wu, H., Feng, D., Bao, F.: Chosen Ciphertext Attack on a New Class of Self-Synchronizing Stream Ciphers. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 73–83. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Joux, A., Muller, F. (2006). Chosen-Ciphertext Attacks Against MOSQUITO. In: Robshaw, M. (eds) Fast Software Encryption. FSE 2006. Lecture Notes in Computer Science, vol 4047. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11799313_25
Download citation
DOI: https://doi.org/10.1007/11799313_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36597-6
Online ISBN: 978-3-540-36598-3
eBook Packages: Computer ScienceComputer Science (R0)