A method is proposed for evaluation of the security of SNOW 2.0-like ciphers against correlation attacks that are generated by analogy with the well-known attacks on the SNOW 2.0 cipher. Unlike the available methods, the proposed one focuses on proving the security and allows obtaining lower bounds of effectiveness of attacks of the considered class directly by the parameters of stream ciphers components in the same way as it proves the security of block ciphers against linear cryptanalysis. Application of the method to SNOW 2.0 and Strumok ciphers shows that any of the considered correlation attacks on them over the field of order 256 has an average time complexity no less than 2146 . 20 and 2249. 40 , respectively, and requires no less than 2142.77 and 2249. 38 keystream symbols, respectively.
This is a preview of subscription content, log in to check access.
Buy single article
Instant access to the full article PDF.
Price includes VAT for USA
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
This is the net price. Taxes to be calculated in checkout.
P. Ekdahl and T. Johansson, “A new version of the stream cipher SNOW,” in: K. Nyberg and H. Heys (eds.), Selected Areas in Cryptography, SAC 2002; Lecture Notes in Computer Science, Springer, Berlin–Heidelberg, Vol. 2595, 47–61 (2003).
ISO/IEC 18033-4: 2011(E), Information technology — Security techniques — Encryption algorithm, Part 4: Stream ciphers (2011).
D. Watanabe, A. Biryukov, and C. De Cannière, “A distinguishing attack of SNOW 2.0 with linear masking method,” in: M. Matsui and R. Zuccherato (eds.), Selected Arreas in Cryptography, SAC 2003; Lecture Notes in Computer Science, Springer-Verlag, Berlin–Heidelberg, Vol. 3006, 222–233 (2004).
K. Nyberg and J. Wallén, “Improved linear distinguishers for SNOW 2.0,” in: M. J. B. Robshow (ed.), Fast Software Encryption, FSE 2006; Lecture Notes in Computer Science, Springer-Verlag, Heidelberg, Vol. 4047, 144–162 (2006).
A. Maximov and Th. Johansson, “Fast computation for large distribution and its cryptographic application,” in: B. Roy (ed.), Advances in Cryptology, ASIACRYPT 2005; Lecture Notes in Computer Science, Springer, Berlin–Heidelberg, Vol. 3788, 313–332 (2005).
J.-K. Lee, D. H. Lee, and S. Park, “Cryptanalysis of SOSEMANUC and SNOW 2.0 using linear masks,” in: J. Pieprzyk (ed.), Advances in Cryptology — ASIACRYPT 2008; Lecture Notes in Computer Science, Springer, Berlin–Heidelberg, Vol 5350, 524–538 (2008).
B. Zhang, C. Xu, and W. Meier, “Fast correlation attacks over extension fields, large-unit linear approximation and cryptanalysis of SNOW 2.0,” Cryptology ePrint Archive. Report 2016/311. URL: http://eprint.iacr.org/2016/311.
I. Gorbenko, A. Kuznetsov, Yu. Gorbenko, A. Alekseychuk, and V. Timchenko, “Strumok keystream generator,” in: 9th IEEE Intern. Conf. on Dependable Systems, Services and Technologies (DESSERT’2018), Kyiv, Ukraine (2018), pp. 292–299.
A. N. Alekseychuk, S. M. Koniushok, and M. V. Poremskyi, “Upper bounds on the imbalance of discrete functions implemented by sequences of finite automata,” Cybern. Syst. Analysis, Vol. 55, No. 5, 752–759 (2019).
A. Alekseychuk, “ Sufficient condition for SNOW-2.0-like stream ciphers’ to be secure against some related key attacks,” Ukrainian Information Security Research Journal, Vol. 18, No. 3, 261–268 (2016).
R. Oliynykov, I. Gorbenko, O. Kazymyrov, V. Ruzhentsev, O. Kuznetsov, Yu. Gorbenko, O. Dyrda, V. Dolgov, A. Pushkaryov, R. Mordvinov, and D. Kaidalov, “A new encryption standard of Ukraine: The Kalyna block cipher,” Cryptology ePrint Archive: Report 2015/650. URL: http://eprint.iacr.org/2015/650.
A. N. Alekseychuk, L. V. Kovalchuk, A. S. Shevtsov, and S. V. Yakovliev, “Cryptographic properties of a new National encryption standard of Ukraine,” Cybern. Syst. Analysis, Vol. 52, No. 3, 351–364 (2016).
R. Lidl and H. Niederreiter, Finite Fields [Russian translation], Vols. 1 and 2, Mir, Moscow (1988).
A. Blum, A. Kalai, and H. Wasserman, “Noise-tolerant learning, the parity problem, and the statistical query model,” J. ACM, Vol. 50, No. 3, 506–519 (2003).
À. N. Àlekseichuk, “Sub-exponential algorithms for solving systems of linear Boolean equations with noised right-hand side,” Applied Radio Electronics, Vol. 11, No. 2, 3–11 (2012).
S. Bogos, F. Tram_r, and S. Vaudenay, “On solving LPN using BKW and variants. Implementation and analysis,” Cryptology ePrint Archive, Report 2015/049. URL: http://eprint.iacr.org/2015/049.
A. N. Alekseychuk, S. M. Ignatenko, and M. V. Poremskyi, “Systems of linear equations corrupted by noise over arbitrary finite rings,” Mathematical and Computer Modelling, Ser. Technical Sciences, Issue 15, 150–155 (2017).
D. Wagner, “A generalized birthday problem,” in: M. Yung (ed.), Advances in Cryptology — CRYPTO 2002; Lecture Notes in Computer Science, Springer, Berlin–Heidelberg, Vol. 2442, 288–303 (2002).
A. Alekseychuk and M. Poremskyi, “Lover bound for the data complexity of correlation attacks on stream ciphers over fields of order 2r,” Ukrainian Information Security Research Journal, Vol. 19, No. 2, 119–124 (2017).
C. Carlet, “Boolean functions for cryptography and error correcting codes,” in: Y. Crama and P. Hammer (eds.), Boolean Methods and Models, Cambridge Univ. Press, Cambridge (2006).
J. Daemen, “Cipher and hash function design strategies based on linear and differential cryptanalysis,” Doct. Dis., Katholieke Universiteit Leuven (1995).
O. A. Logachev, A. A. Salnikov, and V. V. Yashchenko, Boolean Functions in Coding Theory and Cryptology [in Russian], MCCME, Moscow (2004).
Translated from Kibernetika i Sistemnyi Analiz, No. 1, January–February, 2020, pp. 49–63.
About this article
Cite this article
Alekseychuk, A.N., Koniushok, S.M. & Poremskyi, M.V. A Method of Evaluating the Security of Snow 2.0-Like Ciphers Against Correlation Attacks Over the Finite Extensions of Two Element Field. Cybern Syst Anal (2020). https://doi.org/10.1007/s10559-020-00220-1
- correlation cryptanalysis
- finite-state machine
- discrete Fourier transform
- proof of security
- SNOW 2.0
- Strumok cipher