New Features of Latin Dances: Analysis of Salsa, ChaCha, and Rumba View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2008-01-01

AUTHORS

Jean-Philippe Aumasson , Simon Fischer , Shahram Khazaei , Willi Meier , Christian Rechberger

ABSTRACT

The stream cipher Salsa20 was introduced by Bernstein in 2005 as a candidate in the eSTREAM project, accompanied by the reduced versions Salsa20/8 and Salsa20/12. ChaCha is a variant of Salsa20 aiming at bringing better diffusion for similar performance. Variants of Salsa20 with up to 7 rounds (instead of 20) have been broken by differential cryptanalysis, while ChaCha has not been analyzed yet. We introduce a novel method for differential cryptanalysis of Salsa20 and ChaCha, inspired by correlation attacks and related to the notion of neutral bits. This is the first application of neutral bits in stream cipher cryptanalysis. It allows us to break the 256-bit version of Salsa20/8, to bring faster attacks on the 7-round variant, and to break 6- and 7-round ChaCha. In a second part, we analyze the compression function Rumba, built as the XOR of four Salsa20 instances and returning a 512-bit output. We find collision and preimage attacks for two simplified variants, then we discuss differential attacks on the original version, and exploit a high-probability differential to reduce complexity of collision search from 2256 to 279 for 3-round Rumba. To prove the correctness of our approach we provide examples of collisions and near-collisions on simplified versions. More... »

PAGES

470-488

Book

TITLE

Fast Software Encryption

ISBN

978-3-540-71038-7
978-3-540-71039-4

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-540-71039-4_30

DOI

http://dx.doi.org/10.1007/978-3-540-71039-4_30

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1044638467


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "FHNW, Windisch, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.410380.e", 
          "name": [
            "FHNW, Windisch, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Aumasson", 
        "givenName": "Jean-Philippe", 
        "id": "sg:person.012606440341.66", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012606440341.66"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "FHNW, Windisch, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.410380.e", 
          "name": [
            "FHNW, Windisch, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Fischer", 
        "givenName": "Simon", 
        "id": "sg:person.07452042017.40", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07452042017.40"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "EPFL, Lausanne, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.5333.6", 
          "name": [
            "EPFL, Lausanne, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Khazaei", 
        "givenName": "Shahram", 
        "id": "sg:person.012276436167.96", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012276436167.96"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "FHNW, Windisch, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.410380.e", 
          "name": [
            "FHNW, Windisch, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Meier", 
        "givenName": "Willi", 
        "id": "sg:person.07653531142.18", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07653531142.18"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "IAIK, Graz, Austria", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "IAIK, Graz, Austria"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Rechberger", 
        "givenName": "Christian", 
        "id": "sg:person.013632630546.55", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013632630546.55"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2008-01-01", 
    "datePublishedReg": "2008-01-01", 
    "description": "The stream cipher Salsa20 was introduced by Bernstein in 2005 as a candidate in the eSTREAM project, accompanied by the reduced versions Salsa20/8 and Salsa20/12. ChaCha is a variant of Salsa20 aiming at bringing better diffusion for similar performance. Variants of Salsa20 with up to 7 rounds (instead of 20) have been broken by differential cryptanalysis, while ChaCha has not been analyzed yet. We introduce a novel method for differential cryptanalysis of Salsa20 and ChaCha, inspired by correlation attacks and related to the notion of neutral bits. This is the first application of neutral bits in stream cipher cryptanalysis. It allows us to break the 256-bit version of Salsa20/8, to bring faster attacks on the 7-round variant, and to break 6- and 7-round ChaCha. In a second part, we analyze the compression function Rumba, built as the XOR of four Salsa20 instances and returning a 512-bit output. We find collision and preimage attacks for two simplified variants, then we discuss differential attacks on the original version, and exploit a high-probability differential to reduce complexity of collision search from 2256 to 279 for 3-round Rumba. To prove the correctness of our approach we provide examples of collisions and near-collisions on simplified versions.", 
    "editor": [
      {
        "familyName": "Nyberg", 
        "givenName": "Kaisa", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-540-71039-4_30", 
    "inLanguage": "en", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-540-71038-7", 
        "978-3-540-71039-4"
      ], 
      "name": "Fast Software Encryption", 
      "type": "Book"
    }, 
    "keywords": [
      "Latin dance", 
      "variants", 
      "original version", 
      "attacks", 
      "better diffusion", 
      "search", 
      "candidates", 
      "rounds", 
      "high probability differentials", 
      "neutral bits", 
      "analysis", 
      "differential", 
      "features", 
      "stream cipher Salsa20", 
      "version", 
      "part", 
      "method", 
      "Rumba", 
      "similar performance", 
      "output", 
      "instances", 
      "Salsa20/8", 
      "approach", 
      "novel method", 
      "first application", 
      "second part", 
      "fast attack", 
      "salsa", 
      "project", 
      "simplified variant", 
      "collision search", 
      "differential cryptanalysis", 
      "Salsa20/12", 
      "correlation attacks", 
      "Salsa20", 
      "examples of collisions", 
      "simplified version", 
      "differential attacks", 
      "dance", 
      "cryptanalysis", 
      "notion", 
      "applications", 
      "complexity", 
      "eSTREAM project", 
      "ChaCha", 
      "new features", 
      "performance", 
      "preimage attack", 
      "bits", 
      "diffusion", 
      "example", 
      "correctness", 
      "XOR", 
      "Bernstein", 
      "collisions"
    ], 
    "name": "New Features of Latin Dances: Analysis of Salsa, ChaCha, and Rumba", 
    "pagination": "470-488", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1044638467"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-540-71039-4_30"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-540-71039-4_30", 
      "https://app.dimensions.ai/details/publication/pub.1044638467"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-06-01T22:28", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220601/entities/gbq_results/chapter/chapter_148.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-540-71039-4_30"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-540-71039-4_30'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-540-71039-4_30'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-540-71039-4_30'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-540-71039-4_30'


 

This table displays all metadata directly associated to this object as RDF triples.

149 TRIPLES      23 PREDICATES      80 URIs      73 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-540-71039-4_30 schema:about anzsrc-for:08
2 anzsrc-for:0804
3 schema:author N6f687c59f69844878498508932621ddc
4 schema:datePublished 2008-01-01
5 schema:datePublishedReg 2008-01-01
6 schema:description The stream cipher Salsa20 was introduced by Bernstein in 2005 as a candidate in the eSTREAM project, accompanied by the reduced versions Salsa20/8 and Salsa20/12. ChaCha is a variant of Salsa20 aiming at bringing better diffusion for similar performance. Variants of Salsa20 with up to 7 rounds (instead of 20) have been broken by differential cryptanalysis, while ChaCha has not been analyzed yet. We introduce a novel method for differential cryptanalysis of Salsa20 and ChaCha, inspired by correlation attacks and related to the notion of neutral bits. This is the first application of neutral bits in stream cipher cryptanalysis. It allows us to break the 256-bit version of Salsa20/8, to bring faster attacks on the 7-round variant, and to break 6- and 7-round ChaCha. In a second part, we analyze the compression function Rumba, built as the XOR of four Salsa20 instances and returning a 512-bit output. We find collision and preimage attacks for two simplified variants, then we discuss differential attacks on the original version, and exploit a high-probability differential to reduce complexity of collision search from 2256 to 279 for 3-round Rumba. To prove the correctness of our approach we provide examples of collisions and near-collisions on simplified versions.
7 schema:editor Nb7f44ec948444c7c805cbe8d667714f0
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree true
11 schema:isPartOf N8ca4c03805bd40bca271393b120140a6
12 schema:keywords Bernstein
13 ChaCha
14 Latin dance
15 Rumba
16 Salsa20
17 Salsa20/12
18 Salsa20/8
19 XOR
20 analysis
21 applications
22 approach
23 attacks
24 better diffusion
25 bits
26 candidates
27 collision search
28 collisions
29 complexity
30 correctness
31 correlation attacks
32 cryptanalysis
33 dance
34 differential
35 differential attacks
36 differential cryptanalysis
37 diffusion
38 eSTREAM project
39 example
40 examples of collisions
41 fast attack
42 features
43 first application
44 high probability differentials
45 instances
46 method
47 neutral bits
48 new features
49 notion
50 novel method
51 original version
52 output
53 part
54 performance
55 preimage attack
56 project
57 rounds
58 salsa
59 search
60 second part
61 similar performance
62 simplified variant
63 simplified version
64 stream cipher Salsa20
65 variants
66 version
67 schema:name New Features of Latin Dances: Analysis of Salsa, ChaCha, and Rumba
68 schema:pagination 470-488
69 schema:productId N08933700515346bba568c261888cbc89
70 N82a9cb88087d48dc98281e05723cfb4d
71 schema:publisher N132d5c58f4ac417ea572bb7f56c03a89
72 schema:sameAs https://app.dimensions.ai/details/publication/pub.1044638467
73 https://doi.org/10.1007/978-3-540-71039-4_30
74 schema:sdDatePublished 2022-06-01T22:28
75 schema:sdLicense https://scigraph.springernature.com/explorer/license/
76 schema:sdPublisher N6058dbfe608b4c0dad9e714ba3c541ab
77 schema:url https://doi.org/10.1007/978-3-540-71039-4_30
78 sgo:license sg:explorer/license/
79 sgo:sdDataset chapters
80 rdf:type schema:Chapter
81 N08933700515346bba568c261888cbc89 schema:name doi
82 schema:value 10.1007/978-3-540-71039-4_30
83 rdf:type schema:PropertyValue
84 N132d5c58f4ac417ea572bb7f56c03a89 schema:name Springer Nature
85 rdf:type schema:Organisation
86 N1b2ba7fbe5e0479f869d81fa259eeaea schema:familyName Nyberg
87 schema:givenName Kaisa
88 rdf:type schema:Person
89 N316cc2c8b30d4b859208441cb171444f rdf:first sg:person.013632630546.55
90 rdf:rest rdf:nil
91 N6058dbfe608b4c0dad9e714ba3c541ab schema:name Springer Nature - SN SciGraph project
92 rdf:type schema:Organization
93 N6f687c59f69844878498508932621ddc rdf:first sg:person.012606440341.66
94 rdf:rest N76db254a4d2f4ce08a2b829e859ea66a
95 N76db254a4d2f4ce08a2b829e859ea66a rdf:first sg:person.07452042017.40
96 rdf:rest Nfe75fd35186b4c91be7f41f98f6198ee
97 N82a9cb88087d48dc98281e05723cfb4d schema:name dimensions_id
98 schema:value pub.1044638467
99 rdf:type schema:PropertyValue
100 N8390e451fbad4b9b80552dd05319391d rdf:first sg:person.07653531142.18
101 rdf:rest N316cc2c8b30d4b859208441cb171444f
102 N8ca4c03805bd40bca271393b120140a6 schema:isbn 978-3-540-71038-7
103 978-3-540-71039-4
104 schema:name Fast Software Encryption
105 rdf:type schema:Book
106 Nb7f44ec948444c7c805cbe8d667714f0 rdf:first N1b2ba7fbe5e0479f869d81fa259eeaea
107 rdf:rest rdf:nil
108 Nfe75fd35186b4c91be7f41f98f6198ee rdf:first sg:person.012276436167.96
109 rdf:rest N8390e451fbad4b9b80552dd05319391d
110 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
111 schema:name Information and Computing Sciences
112 rdf:type schema:DefinedTerm
113 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
114 schema:name Data Format
115 rdf:type schema:DefinedTerm
116 sg:person.012276436167.96 schema:affiliation grid-institutes:grid.5333.6
117 schema:familyName Khazaei
118 schema:givenName Shahram
119 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012276436167.96
120 rdf:type schema:Person
121 sg:person.012606440341.66 schema:affiliation grid-institutes:grid.410380.e
122 schema:familyName Aumasson
123 schema:givenName Jean-Philippe
124 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012606440341.66
125 rdf:type schema:Person
126 sg:person.013632630546.55 schema:affiliation grid-institutes:None
127 schema:familyName Rechberger
128 schema:givenName Christian
129 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013632630546.55
130 rdf:type schema:Person
131 sg:person.07452042017.40 schema:affiliation grid-institutes:grid.410380.e
132 schema:familyName Fischer
133 schema:givenName Simon
134 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07452042017.40
135 rdf:type schema:Person
136 sg:person.07653531142.18 schema:affiliation grid-institutes:grid.410380.e
137 schema:familyName Meier
138 schema:givenName Willi
139 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07653531142.18
140 rdf:type schema:Person
141 grid-institutes:None schema:alternateName IAIK, Graz, Austria
142 schema:name IAIK, Graz, Austria
143 rdf:type schema:Organization
144 grid-institutes:grid.410380.e schema:alternateName FHNW, Windisch, Switzerland
145 schema:name FHNW, Windisch, Switzerland
146 rdf:type schema:Organization
147 grid-institutes:grid.5333.6 schema:alternateName EPFL, Lausanne, Switzerland
148 schema:name EPFL, Lausanne, Switzerland
149 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...