Slide attack on standard stream cipher Enocoro-80 in the related-key chosen IV setting

Enocoro-80 is a lightweight stream cipher proposed in 2007. Several attacks on it have been published, although none have violated the claimed 80-bit security of Enocoro-80. The cipher had been adopted as an ISO/IEC29192 standard in 2012. This paper exploits the slide property of Enocoro-80, and shows that it is vulnerable to a related-key chosen IV attack when the key belongs to a large subset of 2 72 of all 2 80 keys. This attack has a time complexity of 2 48 , requiring 2 17 chosen IVs. This is the first paper pointing out a potential weakness in the Enocoro-80 stream cipher.

[1]  Ron Steinfeld,et al.  Security Evaluation of Rakaposhi Stream Cipher , 2013, ISPEC.

[2]  María Naya-Plasencia,et al.  Quark: A Lightweight Hash , 2010, CHES.

[3]  Steve Babbage,et al.  The MICKEY Stream Ciphers , 2008, The eSTREAM Finalists.

[4]  Kritika Jain,et al.  TWIS - A Lightweight Block Cipher , 2009, ICISS.

[5]  Guan,et al.  Related-Key Chosen IV Attack on K2 , 2011 .

[6]  Alex Biryukov,et al.  Advanced Slide Attacks , 2000, EUROCRYPT.

[7]  Anne Canteaut,et al.  PRINCE - A Low-Latency Block Cipher for Pervasive Computing Applications - Extended Abstract , 2012, ASIACRYPT.

[8]  Toshinobu Kaneko,et al.  Update on Enocoro stream cipher , 2010, 2010 International Symposium On Information Theory & Its Applications.

[9]  Alex Biryukov,et al.  Slid Pairs in Salsa20 and Trivium , 2008, INDOCRYPT.

[10]  Thomas Peyrin,et al.  The LED Block Cipher , 2011, IACR Cryptol. ePrint Arch..

[11]  Toshinobu Kaneko,et al.  Enocoro-80: A Hardware Oriented Stream Cipher , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[12]  Alex Biryukov,et al.  Slide Attacks , 1999, FSE.

[13]  Lin Ding,et al.  Related key chosen IV attacks on Decim v2 and Decim-128 , 2012, Math. Comput. Model..

[14]  Chae Hoon Lim,et al.  mCrypton - A Lightweight Block Cipher for Security of Low-Cost RFID Tags and Sensors , 2005, WISA.

[15]  Seokhie Hong,et al.  Related-Key Chosen IV Attacks on Grain-v1 and Grain-128 , 2008, ACISP.

[16]  Lin Ding,et al.  Cryptanalysis of Lightweight WG-8 Stream Cipher , 2014, IEEE Transactions on Information Forensics and Security.

[17]  Andrey Bogdanov,et al.  spongent: A Lightweight Hash Function , 2011, CHES.

[18]  Matthew J. B. Robshaw,et al.  PRINTcipher: A Block Cipher for IC-Printing , 2010, CHES.

[19]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[20]  Thomas Peyrin,et al.  The PHOTON Family of Lightweight Hash Functions , 2011, IACR Cryptol. ePrint Arch..

[21]  Kazuhiko Minematsu,et al.  $\textnormal{\textsc{TWINE}}$ : A Lightweight Block Cipher for Multiple Platforms , 2012, Selected Areas in Cryptography.

[22]  Wei Zhao,et al.  New Related Key Attacks on the RAKAPOSHI Stream Cipher , 2015, ISPEC.

[23]  Bart Preneel,et al.  A New Keystream Generator MUGI , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[24]  Yee Wei Law,et al.  KLEIN: A New Family of Lightweight Block Ciphers , 2010, RFIDSec.

[25]  Babak Sadeghiyan,et al.  MIBS: A New Lightweight Block Cipher , 2009, CANS.

[26]  Joan Daemen,et al.  Fast Hashing and Stream Encryption with PANAMA , 1998, FSE.

[27]  Lin Ding,et al.  Cryptanalysis of MICKEY family of stream ciphers , 2013, Secur. Commun. Networks.

[28]  Shinsaku Kiyomoto,et al.  The rakaposhi Stream Cipher , 2009, ICICS.

[29]  Bart Preneel,et al.  Analysis of Grain's Initialization Algorithm , 2008, AFRICACRYPT.

[30]  Santanu Sarkar,et al.  A Chosen IV Related Key Attack on Grain-128a , 2013, ACISP.

[31]  Wenling Wu,et al.  LBlock: A Lightweight Block Cipher , 2011, ACNS.

[32]  Amr M. Youssef,et al.  On the sliding property of SNOW 3 G and SNOW 2.0 , 2011, IET Inf. Secur..

[33]  Christophe De Cannière,et al.  KATAN and KTANTAN - A Family of Small and Efficient Hardware-Oriented Block Ciphers , 2009, CHES.

[34]  Jongsung Kim,et al.  HIGHT: A New Block Cipher Suitable for Low-Resource Device , 2006, CHES.

[35]  Martin Hell,et al.  The Grain Family of Stream Ciphers , 2008, The eSTREAM Finalists.

[36]  Kyoji Shibutani,et al.  Piccolo: An Ultra-Lightweight Blockcipher , 2011, CHES.

[37]  Lin Ding,et al.  Related Key Chosen IV Attack on Grain-128a Stream Cipher , 2013, IEEE Transactions on Information Forensics and Security.

[38]  Masakatu Morii,et al.  Slide Cryptanalysis of Lightweight Stream Cipher RAKAPOSHI , 2012, IWSEC.

[39]  Kaneko Toshinobu,et al.  A construction of light weight Panama-like keystream generator , 2007 .