On the Data Limitation of Small-State Stream Ciphers: Correlation Attacks on Fruit-80 and Plantlet View Full Text


Ontology type: schema:Chapter     


Chapter Info

DATE

2020-01-10

AUTHORS

Yosuke Todo , Willi Meier , Kazumaro Aoki

ABSTRACT

Many cryptographers have focused on lightweight cryptography, and a huge number of lightweight block ciphers have been proposed. On the other hand, designing lightweight stream ciphers is a challenging task due to the well-known security criteria, i.e., the state size of stream ciphers must be at least twice the key size. The designers of Sprout addressed this issue by involving the secret key not only in the initialization but also in the keystream generation, and the state size of such stream ciphers can be smaller than twice the key size. After the seminal work, some small-state stream ciphers have been proposed such as Fruit, Plantlet, and LIZARD. Unlike conventional stream ciphers, these small-state stream ciphers have the limitation of keystream bits that can be generated from the same key and IV pair. In this paper, our motivation is to show whether the data limitation claimed by the designers is proper or not. The correlation attack is one of the attack methods exploiting many keystream bits generated from the same key and IV pair, and we apply it to Fruit-80 and Plantlet. As a result, we can break the full Fruit-80, i.e., the designers’ data limitation is not sufficient. We can also recover the secret key of Plantlet if it allows about \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{53}$$\end{document} keystream bits from the same key and IV pair. More... »

PAGES

365-392

Book

TITLE

Selected Areas in Cryptography – SAC 2019

ISBN

978-3-030-38470-8
978-3-030-38471-5

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-030-38471-5_15

DOI

http://dx.doi.org/10.1007/978-3-030-38471-5_15

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1123979143


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "NTT Secure Platform Laboratories, 180-8585, Tokyo, Japan", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "NTT Secure Platform Laboratories, 180-8585, Tokyo, Japan"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Todo", 
        "givenName": "Yosuke", 
        "id": "sg:person.013247762751.78", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013247762751.78"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "FHNW, Windisch, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.410380.e", 
          "name": [
            "FHNW, Windisch, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Meier", 
        "givenName": "Willi", 
        "id": "sg:person.07653531142.18", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07653531142.18"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "NTT Secure Platform Laboratories, 180-8585, Tokyo, Japan", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "NTT Secure Platform Laboratories, 180-8585, Tokyo, Japan"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Aoki", 
        "givenName": "Kazumaro", 
        "id": "sg:person.015040765627.38", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015040765627.38"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2020-01-10", 
    "datePublishedReg": "2020-01-10", 
    "description": "Many cryptographers have focused on lightweight cryptography, and a huge number of lightweight block ciphers have been proposed. On the other hand, designing lightweight stream ciphers is a challenging task due to the well-known security criteria, i.e., the state size of stream ciphers must be at least twice the key size. The designers of Sprout addressed this issue by involving the secret key not only in the initialization but also in the keystream generation, and the state size of such stream ciphers can be smaller than twice the key size. After the seminal work, some small-state stream ciphers have been proposed such as Fruit, Plantlet, and LIZARD. Unlike conventional stream ciphers, these small-state stream ciphers have the limitation of keystream bits that can be generated from the same key and IV pair. In this paper, our motivation is to show whether the data limitation claimed by the designers is proper or not. The correlation attack is one of the attack methods exploiting many keystream bits generated from the same key and IV pair, and we apply it to Fruit-80 and Plantlet. As a result, we can break the full Fruit-80, i.e., the designers\u2019 data limitation is not sufficient. We can also recover the secret key of Plantlet if it allows about \\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$2^{53}$$\\end{document} keystream bits from the same key and IV pair.", 
    "editor": [
      {
        "familyName": "Paterson", 
        "givenName": "Kenneth G.", 
        "type": "Person"
      }, 
      {
        "familyName": "Stebila", 
        "givenName": "Douglas", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-030-38471-5_15", 
    "inLanguage": "en", 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-030-38470-8", 
        "978-3-030-38471-5"
      ], 
      "name": "Selected Areas in Cryptography \u2013 SAC 2019", 
      "type": "Book"
    }, 
    "keywords": [
      "stream cipher", 
      "same key", 
      "key size", 
      "secret key", 
      "correlation attacks", 
      "conventional stream ciphers", 
      "lightweight stream cipher", 
      "lightweight block ciphers", 
      "lightweight cryptography", 
      "keystream generation", 
      "attack methods", 
      "security criteria", 
      "challenging task", 
      "keystream bits", 
      "block cipher", 
      "state size", 
      "huge number", 
      "cipher", 
      "such stream ciphers", 
      "designers", 
      "bits", 
      "key", 
      "attacks", 
      "cryptography", 
      "cryptographers", 
      "initialization", 
      "task", 
      "limitations", 
      "seminal work", 
      "issues", 
      "data limitations", 
      "work", 
      "pairs", 
      "method", 
      "generation", 
      "motivation", 
      "number", 
      "hand", 
      "size", 
      "results", 
      "criteria", 
      "fruit", 
      "sprouts", 
      "paper", 
      "lizards", 
      "plantlets", 
      "designers of Sprout", 
      "small-state stream ciphers", 
      "Fruit-80", 
      "full Fruit-80"
    ], 
    "name": "On the Data Limitation of Small-State Stream Ciphers: Correlation Attacks on Fruit-80 and Plantlet", 
    "pagination": "365-392", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1123979143"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-030-38471-5_15"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-030-38471-5_15", 
      "https://app.dimensions.ai/details/publication/pub.1123979143"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-01-01T19:22", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220101/entities/gbq_results/chapter/chapter_401.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-030-38471-5_15"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-38471-5_15'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-38471-5_15'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-38471-5_15'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-38471-5_15'


 

This table displays all metadata directly associated to this object as RDF triples.

132 TRIPLES      23 PREDICATES      75 URIs      68 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-030-38471-5_15 schema:about anzsrc-for:08
2 anzsrc-for:0804
3 schema:author N7bc38c7eee4548df83d90ea45b5a3ed3
4 schema:datePublished 2020-01-10
5 schema:datePublishedReg 2020-01-10
6 schema:description Many cryptographers have focused on lightweight cryptography, and a huge number of lightweight block ciphers have been proposed. On the other hand, designing lightweight stream ciphers is a challenging task due to the well-known security criteria, i.e., the state size of stream ciphers must be at least twice the key size. The designers of Sprout addressed this issue by involving the secret key not only in the initialization but also in the keystream generation, and the state size of such stream ciphers can be smaller than twice the key size. After the seminal work, some small-state stream ciphers have been proposed such as Fruit, Plantlet, and LIZARD. Unlike conventional stream ciphers, these small-state stream ciphers have the limitation of keystream bits that can be generated from the same key and IV pair. In this paper, our motivation is to show whether the data limitation claimed by the designers is proper or not. The correlation attack is one of the attack methods exploiting many keystream bits generated from the same key and IV pair, and we apply it to Fruit-80 and Plantlet. As a result, we can break the full Fruit-80, i.e., the designers’ data limitation is not sufficient. We can also recover the secret key of Plantlet if it allows about \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{53}$$\end{document} keystream bits from the same key and IV pair.
7 schema:editor N860d3550664f4cbf9c8f7244e353e0e2
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree false
11 schema:isPartOf N7dc4c07ed84d43b281ead3d6f8712e24
12 schema:keywords Fruit-80
13 attack methods
14 attacks
15 bits
16 block cipher
17 challenging task
18 cipher
19 conventional stream ciphers
20 correlation attacks
21 criteria
22 cryptographers
23 cryptography
24 data limitations
25 designers
26 designers of Sprout
27 fruit
28 full Fruit-80
29 generation
30 hand
31 huge number
32 initialization
33 issues
34 key
35 key size
36 keystream bits
37 keystream generation
38 lightweight block ciphers
39 lightweight cryptography
40 lightweight stream cipher
41 limitations
42 lizards
43 method
44 motivation
45 number
46 pairs
47 paper
48 plantlets
49 results
50 same key
51 secret key
52 security criteria
53 seminal work
54 size
55 small-state stream ciphers
56 sprouts
57 state size
58 stream cipher
59 such stream ciphers
60 task
61 work
62 schema:name On the Data Limitation of Small-State Stream Ciphers: Correlation Attacks on Fruit-80 and Plantlet
63 schema:pagination 365-392
64 schema:productId N79adcbfd513c401297b681373c0ad35b
65 Ne9419b1824934082a2f2fe8a65b67927
66 schema:publisher N9ae26cf5f8ef48ebac1ce784737fd7c0
67 schema:sameAs https://app.dimensions.ai/details/publication/pub.1123979143
68 https://doi.org/10.1007/978-3-030-38471-5_15
69 schema:sdDatePublished 2022-01-01T19:22
70 schema:sdLicense https://scigraph.springernature.com/explorer/license/
71 schema:sdPublisher N920021d88f764df58709b00317f0bf6c
72 schema:url https://doi.org/10.1007/978-3-030-38471-5_15
73 sgo:license sg:explorer/license/
74 sgo:sdDataset chapters
75 rdf:type schema:Chapter
76 N1a95a8fd47b849d6a06443ef126d9791 schema:familyName Paterson
77 schema:givenName Kenneth G.
78 rdf:type schema:Person
79 N79adcbfd513c401297b681373c0ad35b schema:name doi
80 schema:value 10.1007/978-3-030-38471-5_15
81 rdf:type schema:PropertyValue
82 N7bc38c7eee4548df83d90ea45b5a3ed3 rdf:first sg:person.013247762751.78
83 rdf:rest Neb25651a5ddc4117bd331538aa579b47
84 N7dc4c07ed84d43b281ead3d6f8712e24 schema:isbn 978-3-030-38470-8
85 978-3-030-38471-5
86 schema:name Selected Areas in Cryptography – SAC 2019
87 rdf:type schema:Book
88 N860d3550664f4cbf9c8f7244e353e0e2 rdf:first N1a95a8fd47b849d6a06443ef126d9791
89 rdf:rest Nf563e8bdc42641a7b77966ea0bf47784
90 N920021d88f764df58709b00317f0bf6c schema:name Springer Nature - SN SciGraph project
91 rdf:type schema:Organization
92 N9ae26cf5f8ef48ebac1ce784737fd7c0 schema:name Springer Nature
93 rdf:type schema:Organisation
94 Na7dad655105f4e45b8828be5aa9484d4 schema:familyName Stebila
95 schema:givenName Douglas
96 rdf:type schema:Person
97 Nc302539ac3bd410ea00713e8f0a521a6 rdf:first sg:person.015040765627.38
98 rdf:rest rdf:nil
99 Ne9419b1824934082a2f2fe8a65b67927 schema:name dimensions_id
100 schema:value pub.1123979143
101 rdf:type schema:PropertyValue
102 Neb25651a5ddc4117bd331538aa579b47 rdf:first sg:person.07653531142.18
103 rdf:rest Nc302539ac3bd410ea00713e8f0a521a6
104 Nf563e8bdc42641a7b77966ea0bf47784 rdf:first Na7dad655105f4e45b8828be5aa9484d4
105 rdf:rest rdf:nil
106 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
107 schema:name Information and Computing Sciences
108 rdf:type schema:DefinedTerm
109 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
110 schema:name Data Format
111 rdf:type schema:DefinedTerm
112 sg:person.013247762751.78 schema:affiliation grid-institutes:None
113 schema:familyName Todo
114 schema:givenName Yosuke
115 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013247762751.78
116 rdf:type schema:Person
117 sg:person.015040765627.38 schema:affiliation grid-institutes:None
118 schema:familyName Aoki
119 schema:givenName Kazumaro
120 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015040765627.38
121 rdf:type schema:Person
122 sg:person.07653531142.18 schema:affiliation grid-institutes:grid.410380.e
123 schema:familyName Meier
124 schema:givenName Willi
125 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07653531142.18
126 rdf:type schema:Person
127 grid-institutes:None schema:alternateName NTT Secure Platform Laboratories, 180-8585, Tokyo, Japan
128 schema:name NTT Secure Platform Laboratories, 180-8585, Tokyo, Japan
129 rdf:type schema:Organization
130 grid-institutes:grid.410380.e schema:alternateName FHNW, Windisch, Switzerland
131 schema:name FHNW, Windisch, Switzerland
132 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...