On the Data Limitation of Small-State Stream Ciphers: Correlation Attacks on Fruit-80 and Plantlet View Full Text


Ontology type: schema:Chapter     


Chapter Info

DATE

2020-01-10

AUTHORS

Yosuke Todo , Willi Meier , Kazumaro Aoki

ABSTRACT

Many cryptographers have focused on lightweight cryptography, and a huge number of lightweight block ciphers have been proposed. On the other hand, designing lightweight stream ciphers is a challenging task due to the well-known security criteria, i.e., the state size of stream ciphers must be at least twice the key size. The designers of Sprout addressed this issue by involving the secret key not only in the initialization but also in the keystream generation, and the state size of such stream ciphers can be smaller than twice the key size. After the seminal work, some small-state stream ciphers have been proposed such as Fruit, Plantlet, and LIZARD. Unlike conventional stream ciphers, these small-state stream ciphers have the limitation of keystream bits that can be generated from the same key and IV pair. In this paper, our motivation is to show whether the data limitation claimed by the designers is proper or not. The correlation attack is one of the attack methods exploiting many keystream bits generated from the same key and IV pair, and we apply it to Fruit-80 and Plantlet. As a result, we can break the full Fruit-80, i.e., the designers’ data limitation is not sufficient. We can also recover the secret key of Plantlet if it allows about \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{53}$$\end{document} keystream bits from the same key and IV pair. More... »

PAGES

365-392

Book

TITLE

Selected Areas in Cryptography – SAC 2019

ISBN

978-3-030-38470-8
978-3-030-38471-5

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-030-38471-5_15

DOI

http://dx.doi.org/10.1007/978-3-030-38471-5_15

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1123979143


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "NTT Secure Platform Laboratories, 180-8585, Tokyo, Japan", 
          "id": "http://www.grid.ac/institutes/grid.419819.c", 
          "name": [
            "NTT Secure Platform Laboratories, 180-8585, Tokyo, Japan"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Todo", 
        "givenName": "Yosuke", 
        "id": "sg:person.013247762751.78", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013247762751.78"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "FHNW, Windisch, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.410380.e", 
          "name": [
            "FHNW, Windisch, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Meier", 
        "givenName": "Willi", 
        "id": "sg:person.07653531142.18", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07653531142.18"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "NTT Secure Platform Laboratories, 180-8585, Tokyo, Japan", 
          "id": "http://www.grid.ac/institutes/grid.419819.c", 
          "name": [
            "NTT Secure Platform Laboratories, 180-8585, Tokyo, Japan"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Aoki", 
        "givenName": "Kazumaro", 
        "id": "sg:person.015040765627.38", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015040765627.38"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2020-01-10", 
    "datePublishedReg": "2020-01-10", 
    "description": "Many cryptographers have focused on lightweight cryptography, and a huge number of lightweight block ciphers have been proposed. On the other hand, designing lightweight stream ciphers is a challenging task due to the well-known security criteria, i.e., the state size of stream ciphers must be at least twice the key size. The designers of Sprout addressed this issue by involving the secret key not only in the initialization but also in the keystream generation, and the state size of such stream ciphers can be smaller than twice the key size. After the seminal work, some small-state stream ciphers have been proposed such as Fruit, Plantlet, and LIZARD. Unlike conventional stream ciphers, these small-state stream ciphers have the limitation of keystream bits that can be generated from the same key and IV pair. In this paper, our motivation is to show whether the data limitation claimed by the designers is proper or not. The correlation attack is one of the attack methods exploiting many keystream bits generated from the same key and IV pair, and we apply it to Fruit-80 and Plantlet. As a result, we can break the full Fruit-80, i.e., the designers\u2019 data limitation is not sufficient. We can also recover the secret key of Plantlet if it allows about \\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$2^{53}$$\\end{document} keystream bits from the same key and IV pair.", 
    "editor": [
      {
        "familyName": "Paterson", 
        "givenName": "Kenneth G.", 
        "type": "Person"
      }, 
      {
        "familyName": "Stebila", 
        "givenName": "Douglas", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-030-38471-5_15", 
    "inLanguage": "en", 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-030-38470-8", 
        "978-3-030-38471-5"
      ], 
      "name": "Selected Areas in Cryptography \u2013 SAC 2019", 
      "type": "Book"
    }, 
    "keywords": [
      "stream cipher", 
      "same key", 
      "key size", 
      "secret key", 
      "correlation attacks", 
      "conventional stream ciphers", 
      "lightweight stream cipher", 
      "lightweight block ciphers", 
      "lightweight cryptography", 
      "attack methods", 
      "keystream generation", 
      "security criteria", 
      "state size", 
      "keystream bits", 
      "challenging task", 
      "block cipher", 
      "cipher", 
      "huge number", 
      "such stream ciphers", 
      "designers", 
      "bits", 
      "attacks", 
      "key", 
      "cryptography", 
      "cryptographers", 
      "initialization", 
      "task", 
      "limitations", 
      "data limitations", 
      "seminal work", 
      "issues", 
      "work", 
      "pairs", 
      "method", 
      "generation", 
      "motivation", 
      "number", 
      "hand", 
      "size", 
      "results", 
      "criteria", 
      "fruit", 
      "sprouts", 
      "paper", 
      "lizards", 
      "plantlets"
    ], 
    "name": "On the Data Limitation of Small-State Stream Ciphers: Correlation Attacks on Fruit-80 and Plantlet", 
    "pagination": "365-392", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1123979143"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-030-38471-5_15"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-030-38471-5_15", 
      "https://app.dimensions.ai/details/publication/pub.1123979143"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-20T07:43", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_189.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-030-38471-5_15"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-38471-5_15'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-38471-5_15'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-38471-5_15'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-030-38471-5_15'


 

This table displays all metadata directly associated to this object as RDF triples.

128 TRIPLES      23 PREDICATES      71 URIs      64 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-030-38471-5_15 schema:about anzsrc-for:08
2 anzsrc-for:0804
3 schema:author Nc0668943b7ee4d759268d50f209f92b6
4 schema:datePublished 2020-01-10
5 schema:datePublishedReg 2020-01-10
6 schema:description Many cryptographers have focused on lightweight cryptography, and a huge number of lightweight block ciphers have been proposed. On the other hand, designing lightweight stream ciphers is a challenging task due to the well-known security criteria, i.e., the state size of stream ciphers must be at least twice the key size. The designers of Sprout addressed this issue by involving the secret key not only in the initialization but also in the keystream generation, and the state size of such stream ciphers can be smaller than twice the key size. After the seminal work, some small-state stream ciphers have been proposed such as Fruit, Plantlet, and LIZARD. Unlike conventional stream ciphers, these small-state stream ciphers have the limitation of keystream bits that can be generated from the same key and IV pair. In this paper, our motivation is to show whether the data limitation claimed by the designers is proper or not. The correlation attack is one of the attack methods exploiting many keystream bits generated from the same key and IV pair, and we apply it to Fruit-80 and Plantlet. As a result, we can break the full Fruit-80, i.e., the designers’ data limitation is not sufficient. We can also recover the secret key of Plantlet if it allows about \documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{53}$$\end{document} keystream bits from the same key and IV pair.
7 schema:editor N03d830ab2c144108b71d1d88d6c0f822
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree false
11 schema:isPartOf N5ca02472989b409aa66de750559f63a7
12 schema:keywords attack methods
13 attacks
14 bits
15 block cipher
16 challenging task
17 cipher
18 conventional stream ciphers
19 correlation attacks
20 criteria
21 cryptographers
22 cryptography
23 data limitations
24 designers
25 fruit
26 generation
27 hand
28 huge number
29 initialization
30 issues
31 key
32 key size
33 keystream bits
34 keystream generation
35 lightweight block ciphers
36 lightweight cryptography
37 lightweight stream cipher
38 limitations
39 lizards
40 method
41 motivation
42 number
43 pairs
44 paper
45 plantlets
46 results
47 same key
48 secret key
49 security criteria
50 seminal work
51 size
52 sprouts
53 state size
54 stream cipher
55 such stream ciphers
56 task
57 work
58 schema:name On the Data Limitation of Small-State Stream Ciphers: Correlation Attacks on Fruit-80 and Plantlet
59 schema:pagination 365-392
60 schema:productId N59108cf8a5a4482fb21a5f0fa2f41d0e
61 Nde3ccc2c82584662a66233f9f045a591
62 schema:publisher N2a74e4e557354620852b74c7078e0c0d
63 schema:sameAs https://app.dimensions.ai/details/publication/pub.1123979143
64 https://doi.org/10.1007/978-3-030-38471-5_15
65 schema:sdDatePublished 2022-05-20T07:43
66 schema:sdLicense https://scigraph.springernature.com/explorer/license/
67 schema:sdPublisher N8b9e18b116c04149a7d6efe1d5ed2adc
68 schema:url https://doi.org/10.1007/978-3-030-38471-5_15
69 sgo:license sg:explorer/license/
70 sgo:sdDataset chapters
71 rdf:type schema:Chapter
72 N03d830ab2c144108b71d1d88d6c0f822 rdf:first N069c41258fa045c086c5cc347ee06758
73 rdf:rest N88fb1c9126194877889ba1d0fd6f036f
74 N069c41258fa045c086c5cc347ee06758 schema:familyName Paterson
75 schema:givenName Kenneth G.
76 rdf:type schema:Person
77 N07896f8e8d5f46f6bf096a479d7f70c4 rdf:first sg:person.07653531142.18
78 rdf:rest Nc96c6f140d6444f0bafa7d83ee8223aa
79 N2a74e4e557354620852b74c7078e0c0d schema:name Springer Nature
80 rdf:type schema:Organisation
81 N59108cf8a5a4482fb21a5f0fa2f41d0e schema:name doi
82 schema:value 10.1007/978-3-030-38471-5_15
83 rdf:type schema:PropertyValue
84 N5ca02472989b409aa66de750559f63a7 schema:isbn 978-3-030-38470-8
85 978-3-030-38471-5
86 schema:name Selected Areas in Cryptography – SAC 2019
87 rdf:type schema:Book
88 N88fb1c9126194877889ba1d0fd6f036f rdf:first N91ca0b98e9834f7d9d88d54c7247d2c3
89 rdf:rest rdf:nil
90 N8b9e18b116c04149a7d6efe1d5ed2adc schema:name Springer Nature - SN SciGraph project
91 rdf:type schema:Organization
92 N91ca0b98e9834f7d9d88d54c7247d2c3 schema:familyName Stebila
93 schema:givenName Douglas
94 rdf:type schema:Person
95 Nc0668943b7ee4d759268d50f209f92b6 rdf:first sg:person.013247762751.78
96 rdf:rest N07896f8e8d5f46f6bf096a479d7f70c4
97 Nc96c6f140d6444f0bafa7d83ee8223aa rdf:first sg:person.015040765627.38
98 rdf:rest rdf:nil
99 Nde3ccc2c82584662a66233f9f045a591 schema:name dimensions_id
100 schema:value pub.1123979143
101 rdf:type schema:PropertyValue
102 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
103 schema:name Information and Computing Sciences
104 rdf:type schema:DefinedTerm
105 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
106 schema:name Data Format
107 rdf:type schema:DefinedTerm
108 sg:person.013247762751.78 schema:affiliation grid-institutes:grid.419819.c
109 schema:familyName Todo
110 schema:givenName Yosuke
111 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013247762751.78
112 rdf:type schema:Person
113 sg:person.015040765627.38 schema:affiliation grid-institutes:grid.419819.c
114 schema:familyName Aoki
115 schema:givenName Kazumaro
116 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015040765627.38
117 rdf:type schema:Person
118 sg:person.07653531142.18 schema:affiliation grid-institutes:grid.410380.e
119 schema:familyName Meier
120 schema:givenName Willi
121 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07653531142.18
122 rdf:type schema:Person
123 grid-institutes:grid.410380.e schema:alternateName FHNW, Windisch, Switzerland
124 schema:name FHNW, Windisch, Switzerland
125 rdf:type schema:Organization
126 grid-institutes:grid.419819.c schema:alternateName NTT Secure Platform Laboratories, 180-8585, Tokyo, Japan
127 schema:name NTT Secure Platform Laboratories, 180-8585, Tokyo, Japan
128 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...