Cryptanalysis of MICKEY family of stream ciphers

MICKEY 2.0 is a synchronous hardware-oriented stream cipher designed by Steve Babbage and Matthew Dodd in 2006. It was submitted to eSTREAM and became one of the seven eSTREAM finalists. MICKEY-128 2.0 is a variant version with 128-bit secret key. In this paper, we present a weakness in the initialization of MICKEY family of stream ciphers (i.e., MICKEY 2.0 and MICKEY-128 2.0). With this weakness, we apply a slide resynchronization attack to them, which finds for any K with k0 = d and for any IV with ivn = d, there is a (K′, IV′) pair with probability 2− 1 that generates 1-bit shifted keystream, where d ∈ {0, 1} is a constant. Furthermore, we propose related key attacks on MICKEY family of stream ciphers. Our attacks can break these two ciphers in real time on a PC when 65 and 113 related (K, IV) pairs for MICKEY 2.0 and MICKEY-128 2.0 are obtained, respectively. The success probabilities of our attacks on MICKEY 2.0 and MICKEY-1282.0 are 0.9835 and 0.9714, respectively. This is the first paper presenting a weakness in MICKEY family of stream ciphers, and the results show that MICKEY family of stream ciphers are extremely weak against related key attacks. Copyright © 2012 John Wiley & Sons, Ltd.

[1]  Woo-Hwan Kim,et al.  TMD-Tradeoff and State Entropy Loss Considerations of Streamcipher MICKEY , 2005, INDOCRYPT.

[2]  Bart Preneel,et al.  Analysis of Grain's Initialization Algorithm , 2008, AFRICACRYPT.

[3]  Elmar Tischhauser,et al.  Nonsmooth cryptanalysis, with an application to the stream cipher MICKEY , 2011, J. Math. Cryptol..

[4]  Stefan Lucks Ciphers Secure against Related-Key Attacks , 2004, FSE.

[5]  Guan,et al.  Related-Key Chosen IV Attack on K2 , 2011 .

[6]  Bruce Schneier,et al.  Related-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA , 1997, ICICS.

[7]  Mihir Bellare,et al.  A theoretical treatment of related-key attacks , 2003 .

[8]  Vincent Rijmen,et al.  The eSTREAM Portfolio , 2008 .

[9]  Bruce Schneier,et al.  Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES , 1996, CRYPTO.

[10]  Yvo Desmedt,et al.  Related-Key Differential Cryptanalysis of 192-bit Key AES Variants , 2003, Selected Areas in Cryptography.

[11]  Bart Preneel,et al.  Related-Key Attacks on the Py-Family of Ciphers and an Approach to Repair the Weaknesses , 2007, INDOCRYPT.

[12]  Eli Biham,et al.  New types of cryptanalytic attacks using related keys , 1994, Journal of Cryptology.

[13]  Lin Ding,et al.  Related key chosen IV attacks on Decim v2 and Decim-128 , 2012, Math. Comput. Model..

[14]  Seokhie Hong,et al.  Related-Key Chosen IV Attacks on Grain-v1 and Grain-128 , 2008, ACISP.

[15]  Amr M. Youssef,et al.  On the sliding property of SNOW 3 G and SNOW 2.0 , 2011, IET Inf. Secur..