A Related-Key Chosen-IV Distinguishing Attack on Full Sprout Stream Cipher. - Citegraph

Paper Info

Title
A Related-Key Chosen-IV Distinguishing Attack on Full Sprout Stream Cipher.

Abstract
Sprout is a new lightweight stream cipher proposed at FSE 2015. According to its designers, Sprout can resist time-memory-data trade-o (TMDTO) attacks with small internal state size. However, we nd a weakness in the updating functions of Sprout and propose a related-key chosen-IV distinguishing attacks on full Sprout. Under the related-key setting, our attacks enable the adversary to detect non-randomness on full 320-round Sprout with a practical complexity of ~ O(2 4 ) and nd collisions in 256 output bits of full Sprout with a complexity of ~ O(2 7 ). Furthermore, when considering possible remedies, we nd that only by modifying the up- dating functions and output function seems unlikely to equip Sprout with better resistance against this kind of distinguisher. Therefore, it is necessary for designers to give structural modications.

Year	Venue	Field
2015	IACR Cryptology ePrint Archive	Computer security,Computer science,Theoretical computer science,Stream cipher,Adversary,Distinguishing attack
DocType	Volume	Citations
Journal	2015	4
PageRank	References	Authors
0.50	12	1

Authors (1 rows)

Cited by (4 rows)

References (12 rows)

Name	Order	Citations	PageRank
Yonglin Hao	1	5	1.87

1