Practical demonstration of the distinguishing attack against the stream cipher NLSv2
Abstract
The Australian stream cipher NLSv2 [6] is a 32-bit word oriented
stream cipher that was quite successful in the stream ciphers competition - the
project eSTREAM. The cipher achieved Phase 3 and successfully accomplished
one of the main requirements for candidates in Prole 1 (software oriented pro-
posals) - to have a better performance than AES in counter mode. However the
cipher was not chosen into the nal portfolio [1], because its performance was not
so perfect when comparing with other nalist. Also there is a security issue with
a high correlation in the used S-Box, which some eective distinguishers exploit.
In this paper, a practical demonstration of the distinguishing attack against the
smaller version of the cipher is introduced. In our experiments, we have at disposal
a machine with four cores (Intel R
CoreTM Quad @ 2.66 GHz) and single attack
lasts about 6 days. Our results conrmed the assumption and we got 50.0473%
zeros in distinguisher.
stream cipher that was quite successful in the stream ciphers competition - the
project eSTREAM. The cipher achieved Phase 3 and successfully accomplished
one of the main requirements for candidates in Prole 1 (software oriented pro-
posals) - to have a better performance than AES in counter mode. However the
cipher was not chosen into the nal portfolio [1], because its performance was not
so perfect when comparing with other nalist. Also there is a security issue with
a high correlation in the used S-Box, which some eective distinguishers exploit.
In this paper, a practical demonstration of the distinguishing attack against the
smaller version of the cipher is introduced. In our experiments, we have at disposal
a machine with four cores (Intel R
CoreTM Quad @ 2.66 GHz) and single attack
lasts about 6 days. Our results conrmed the assumption and we got 50.0473%
zeros in distinguisher.
Full Text:
PDFDOI: https://doi.org/10.2478/tatra.v53i0.192