论文信息 - Distinguishing Attack Against TPypy

Distinguishing Attack Against TPypy

TPypy is a tweaked version of the Py stream cipher algorithm submitted to eSTREAM. Py uses a kind of processing referred to as a 'rolling array', the mixing of two types of array and one variable, to generate the keystream. TPypy is proposed as a highly secure stream cipher that fixes all of the previously identified weaknesses of Py. This paper reports a significant bias in the pseudo-random generation algorithm of TPypy that can be exploited to distinguish the keystream obtained from multiple arbitrary secret key and initial vector pairs from a truly random number sequence using about 2&sup:199&esup: words.

Takeshi Kawabata | Yukiyasu Tsunoo | Hiroki Nakashima | Teruo Saito

[1] Bart Preneel,et al. Differential Cryptanalysis of the Stream Ciphers Py, Py6 and Pypy , 2007, EUROCRYPT.

[2] Bart Preneel,et al. Weaknesses in the Pseudorandom Bit Generation Algorithms of the Stream Ciphers TPypy and TPy , 2007, IACR Cryptol. ePrint Arch..

[3] Serge Vaudenay,et al. How Far Can We Go Beyond Linear Cryptanalysis? , 2004, ASIACRYPT.

[4] Paul Crowley. Improved cryptanalysis of Py , 2006, IACR Cryptol. ePrint Arch..

[5] Bart Preneel,et al. Distinguishing Attacks on the Stream Cipher Py , 2006, FSE.

[6] Gerhard Goos,et al. Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[7] Bart Preneel,et al. On the (In)security of Stream Ciphers Based on Arrays and Modular Addition , 2006, ASIACRYPT.

[8] Eli Biham,et al. Py (Roo): A Fast and Secure Stream Cipher using Rolling Arrays , 2005, IACR Cryptol. ePrint Arch..