A Comparison of Time-Memory Trade-Off Attacks on Stream Ciphers

Introduced by Hellman, Time-Memory Trade-Off (TMTO) attacks offer a generic technique to reverse one-way functions, where one can trade off time and memory costs and which are especially effective against stream ciphers. Hellman’s original idea has seen many different improvements, notably the Distinguished Points attack and the Rainbow Table attack. The trade-off curves of these approaches have been compared in literature, but never leading to a satisfying conclusion. A new TMTO attack was devised for the A5/1 cipher used in GSM, which combines both distinguished points and rainbow tables, which we refer to as the Kraken attack. This paper compares these four approaches by looking at concrete costs of these attacks instead of comparing their trade-off curves. We found that when multiple samples are available the Distinguished Points attack has the lowest costs. The Kraken attack is an alternative to save more disk space at the expense of attack time.

[1]  Emin Anarim,et al.  A New Cryptanalytic Time-Memory Trade-Off for Stream Ciphers , 2005, ISCIS.

[2]  Jovan Dj. Golic,et al.  Cryptanalysis of Alleged A5 Stream Cipher , 1997, EUROCRYPT.

[3]  Pinar Yolum,et al.  Computer and Information Sciences - ISCIS 2005, 20th International Symposium, Istanbul, Turkey, October 26-28, 2005, Proceedings , 2005, ISCIS.

[4]  Alex Biryukov,et al.  Cryptanalytic Time/Memory/Data Tradeoffs for Stream Ciphers , 2000, ASIACRYPT.

[5]  Jin Hong,et al.  Analysis of the Non-perfect Table Fuzzy Rainbow Tradeoff , 2013, ACISP.

[6]  Philippe Flajolet,et al.  Random Mapping Statistics , 1990, EUROCRYPT.

[7]  Amos Fiat,et al.  Rigorous time/space tradeoffs for inverting functions , 1991, STOC '91.

[8]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[9]  Martin E. Hellman,et al.  A cryptanalytic time-memory trade-off , 1980, IEEE Trans. Inf. Theory.

[10]  Jan Krhovják,et al.  TMTO attacks on stream ciphers – theory and practice , 2011 .

[11]  Tatsuaki Okamoto,et al.  Advances in Cryptology — ASIACRYPT 2000 , 2000, Lecture Notes in Computer Science.

[12]  Jin Hong The cost of false alarms in Hellman and rainbow tradeoffs , 2010, Des. Codes Cryptogr..

[13]  Eli Biham,et al.  Rigorous Bounds on Cryptanalytic Time/Memory Tradeoffs , 2006, CRYPTO.

[14]  Alex Biryukov,et al.  Real Time Cryptanalysis of A5/1 on a PC , 2000, FSE.

[15]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[16]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[17]  Eli Biham,et al.  Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication , 2003, CRYPTO.

[18]  Philippe Oechslin,et al.  Making a Faster Cryptanalytic Time-Memory Trade-Off , 2003, CRYPTO.

[19]  Jean-Jacques Quisquater,et al.  Advances in Cryptology — EUROCRYPT ’89 , 1991, Lecture Notes in Computer Science.

[20]  Jin Hong,et al.  A Comparison of Cryptanalytic Tradeoff Algorithms , 2012, Journal of Cryptology.

[21]  Jin Hong,et al.  Variants of the Distinguished Point Method for Cryptanalytic Time Memory Trade-offs (Full version) , 2008, IACR Cryptol. ePrint Arch..

[22]  Cynthia Dwork,et al.  Advances in Cryptology – CRYPTO 2020: 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17–21, 2020, Proceedings, Part III , 2020, Annual International Cryptology Conference.