Improving the Performance of the SYND Stream Cipher

In 2007, Gaborit et al. proposed the stream cipher SYND as an improvement of the pseudo random number generator due to Fischer and Stern. This work shows how to improve considerably the efficiency the SYND cipher without using the so-called regular encoding and without compromising the security of the modified SYND stream cipher. Our proposal, called XSYND, uses a generic state transformation which is reducible to the Regular Syndrome Decoding problem (RSD), but has better computational characteristics than the regular encoding. A first implementation shows that XSYND runs much faster than SYND for a comparative security level (being more than three times faster for a security level of 128 bits, and more than 6 times faster for 400-bit security), though it is still only half as fast as AES in counter mode. Parallel computation may yet improve the speed of our proposal, and we leave it as future research to improve the efficiency of our implementation.

[1]  Martin E. Hellman,et al.  A cryptanalytic time-memory trade-off , 1980, IEEE Trans. Inf. Theory.

[2]  Ueli Maurer,et al.  Advances in Cryptology — EUROCRYPT ’96 , 2001, Lecture Notes in Computer Science.

[3]  Palash Sarkar,et al.  Rediscovery of Time Memory Tradeoffs , 2005, IACR Cryptol. ePrint Arch..

[4]  Sultan Weatherspoon,et al.  Overview of IEEE 802.11b Security , 2000 .

[5]  Bernd Meyer About the NESSIE Submission BMGL: Synchronous Key-stream Generator with Provable Security z , 2001 .

[6]  Oded Goldreich,et al.  RSA and Rabin Functions: Certain Parts are as Hard as the Whole , 1988, SIAM J. Comput..

[7]  Cédric Lauradoux,et al.  SYND: a Fast Code-Based Stream Cipher with a Security Reduction , 2007, 2007 IEEE International Symposium on Information Theory.

[8]  Enrico Thomae,et al.  Decoding Random Linear Codes in Õ(20.054n) , 2012 .

[9]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[10]  Markku-Juhani O. Saarinen Linearization Attacks Against Syndrome Based Hashes , 2007, INDOCRYPT.

[11]  Gilles Zémor,et al.  Asymptotic improvement of the Gilbert-Varshamov bound for binary linear codes , 2006, 2006 IEEE International Symposium on Information Theory.

[12]  Elwyn R. Berlekamp,et al.  On the inherent intractability of certain coding problems (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[13]  Tanja Lange,et al.  Really Fast Syndrome-Based Hashing , 2011, AFRICACRYPT.

[14]  Peter Schwabe,et al.  Faster and Timing-Attack Resistant AES-GCM , 2009, CHES.

[15]  Peter W. Shor,et al.  Algorithms for quantum computation: discrete logarithms and factoring , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[16]  D. Bernstein Better price-performance ratios for generalized birthday attacks , 2007 .

[17]  David A. Wagner,et al.  A Generalized Birthday Problem , 2002, CRYPTO.

[18]  David P. Wagner,et al.  A Generalized Birthday Problem (Extended Abstract) , 2002, CRYPTO 2002.

[19]  Benny Pinkas,et al.  Secure Two-Party Computation is Practical , 2009, IACR Cryptol. ePrint Arch..

[20]  Gilles Zémor,et al.  Asymptotic Improvement of the Gilbert–Varshamov Bound for Linear Codes , 2007, IEEE Transactions on Information Theory.

[21]  Alistair Sinclair,et al.  The Extended k-tree Algorithm , 2011, Journal of Cryptology.

[22]  C. Pandu Rangan,et al.  Progress in Cryptology - INDOCRYPT 2007, 8th International Conference on Cryptology in India, Chennai, India, December 9-13, 2007, Proceedings , 2007, INDOCRYPT.

[23]  Alexander Meurer,et al.  Decoding Random Linear Codes in $\tilde{\mathcal{O}}(2^{0.054n})$ , 2011, ASIACRYPT.

[24]  Christophe Clavier,et al.  Cryptographic Hardware and Embedded Systems - CHES 2009, 11th International Workshop, Lausanne, Switzerland, September 6-9, 2009, Proceedings , 2009, CHES.

[25]  Mihir Bellare,et al.  Incremental cryptography and application to virus protection , 1995, STOC '95.

[26]  Matthieu Finiasz,et al.  Security Bounds for the Design of Code-Based Cryptosystems , 2009, ASIACRYPT.

[27]  Manuel Blum,et al.  A Simple Unpredictable Pseudo-Random Number Generator , 1986, SIAM J. Comput..

[28]  Mihir Bellare,et al.  A New Paradigm for Collision-Free Hashing: Incrementality at Reduced Cost , 1997, EUROCRYPT.

[29]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[30]  J. Buchmann,et al.  Improving the efficiency of Generalized Birthday Attacks against certain structured cryptosystems , 2011 .

[31]  Daniel Augot,et al.  A Family of Fast Syndrome Based Cryptographic Hash Functions , 2005, Mycrypt.

[32]  Aggelos Kiayias,et al.  Efficient Secure Group Signatures with Dynamic Joins and Keeping Anonymity Against Group Managers , 2005, Mycrypt.

[33]  Jovan Dj. Golic,et al.  Cryptanalysis of Alleged A5 Stream Cipher , 1997, EUROCRYPT.

[34]  Walter Fumy,et al.  Advances in Cryptology — EUROCRYPT ’97 , 2001, Lecture Notes in Computer Science.

[35]  Sidi Mohamed El Yousfi Alaoui,et al.  2SC: An Efficient Code-Based Stream Cipher , 2011, ISA.

[36]  Moni Naor,et al.  Efficient cryptographic schemes provably as secure as subset sum , 2004, Journal of Cryptology.

[37]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[38]  David Pointcheval,et al.  Progress in Cryptology - AFRICACRYPT 2011 - 4th International Conference on Cryptology in Africa, Dakar, Senegal, July 5-7, 2011. Proceedings , 2011, AFRICACRYPT.

[39]  Burton S. Kaliski,et al.  Elliptic curves and cryptography: a pseudorandom bit generator and other tools , 1988 .

[40]  Moti Yung,et al.  Advances in Cryptology — CRYPTO 2002 , 2002, Lecture Notes in Computer Science.

[41]  Jacques Stern,et al.  An Efficient Pseudo-Random Generator Provably as Secure as Syndrome Decoding , 1996, EUROCRYPT.

[42]  Jacques Patarin,et al.  QUAD: A multivariate stream cipher with provable security , 2009, J. Symb. Comput..

[43]  Alistair Sinclair,et al.  The extendedk-tree algorithm , 2009 .

[44]  Mihir Bellare,et al.  Incremental Cryptography: The Case of Hashing and Signing , 1994, CRYPTO.