Cryptanalysis of Loiss Stream Cipher-Revisited

Loiss is a novel byte-oriented stream cipher proposed in 2011. In this paper, based on solving systems of linear equations, we propose an improved Guess and Determine attack on Loiss with a time complexity of 2231 and a data complexity of 268, which reduces the time complexity of the Guess and Determine attack proposed by the designers by a factor of 216. Furthermore, a related key chosen IV attack on a scaled-down version of Loiss is presented. The attack recovers the 128-bit secret key of the scaled-down Loiss with a time complexity of 280, requiring 264 chosen IVs. The related key attack is minimal in the sense that it only requires one related key. The result shows that our key recovery attack on the scaled-down Loiss is much better than an exhaustive key search in the related key setting.

[1]  Lin Ding,et al.  Cryptanalysis of Loiss Stream Cipher , 2012, Comput. J..

[2]  Martin Boesgaard,et al.  The Rabbit Stream Cipher , 2008, The eSTREAM Finalists.

[3]  Joos Vandewalle,et al.  Cryptanalysis of SOBER-t32 , 2003, FSE.

[4]  Anne Canteaut,et al.  Sosemanuk, a Fast Software-Oriented Stream Cipher , 2008, The eSTREAM Finalists.

[5]  Jovan Dj. Golic,et al.  Cryptanalysis of Alleged A5 Stream Cipher , 1997, EUROCRYPT.

[6]  Amr M. Youssef,et al.  Cryptanalysis of the Loiss Stream Cipher , 2012, Selected Areas in Cryptography.

[7]  Daniel J. Bernstein,et al.  The Salsa20 Family of Stream Ciphers , 2008, The eSTREAM Finalists.

[8]  Dengguo Feng,et al.  A Byte-Based Guess and Determine Attack on SOSEMANUK , 2010, ASIACRYPT.

[9]  Dengguo Feng,et al.  Loiss: A Byte-Oriented Stream Cipher , 2011, IWCC.

[10]  Philip Hawkes,et al.  Guess-and-Determine Attacks on SNOW , 2002, Selected Areas in Cryptography.

[11]  Hongjun Wu,et al.  The Stream Cipher HC-128 , 2008, The eSTREAM Finalists.

[12]  Chuankun Wu,et al.  On Guess and Determine Analysis of Rabbit , 2011, Int. J. Found. Comput. Sci..