RAKAPOSHI is a hardware oriented stream cipher designed by Carlos Cid et al. in 2009. The stream cipher is based on Dynamic Linear Feedback Shift Registers, with a simple and potentially scalable design, and is particularly suitable for hardware applications with restricted resources. The RAKAPOSHI stream cipher offers 128-bit security. In this paper, we point out some weaknesses in the cipher. Firstly, it shows that there are weak (key, IV) pairs in RAKAPOSHI stream cipher. Secondly, for weak (key, IV) pairs of RAKAPOSHI, they are vulnerable to linear distinguishing attack and algebraic attack. Finally, we propose a real time related key chosen IV attack on RAKAPOSHI. The attack on RAKAPOSHI recovers the 128-bit secret key of with a computational complexity of , requiring 47 related keys, chosen IVs and keystream bits. The success probability of this attack is 0.999, which is quite close to 1. The experimental results corroborate our assertion. 192 2
[1]
Claus Diem,et al.
The XL-Algorithm and a Conjecture from Commutative Algebra
,
2004,
ASIACRYPT.
[2]
Ron Steinfeld,et al.
Security Evaluation of Rakaposhi Stream Cipher
,
2013,
ISPEC.
[3]
Shinsaku Kiyomoto,et al.
The rakaposhi Stream Cipher
,
2009,
ICICS.
[4]
Mitsuru Matsui,et al.
Linear Cryptanalysis Method for DES Cipher
,
1994,
EUROCRYPT.
[5]
Kouichi Sakurai,et al.
K2: A Stream Cipher Algorithm using Dynamic Feedback Control
,
2007,
SECRYPT.
[6]
Thomas Beth,et al.
The Stop-and-Go Generator
,
1985,
EUROCRYPT.
[7]
Masakatu Morii,et al.
Slide Cryptanalysis of Lightweight Stream Cipher RAKAPOSHI
,
2012,
IWSEC.