Security analysis of a new stream cipher

作     者：ZHANG Bin FENG Dengguo 

作者机构：State Key Laboratory of Information Security Institute of Software Chinese Academy of Sciences Beijing 100080 China 

出 版 物：《Science in China(Series F)》 (中国科学（F辑英文版）)

年 卷 期：2006年第49卷第3期

页      面：286-301页

核心收录：

学科分类：11[军事学] 1105[军事学-军队指挥学] 0839[工学-网络空间安全] 08[工学] 110505[军事学-密码学] 081201[工学-计算机系统结构] 110503[军事学-军事通信学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：supported by the National Natural Science Foundation of China(Grant Nos.60273027,60373047) the National Grand Fundamental Research 973 Program of China(Grant No.2004CB318004) 

主　　题：stream cipher divide-and-conquer attack non-linear feedback shift registers (NLFSR) chaotic sequence. 

摘      要：In this paper, we analyze the security of a new stream cipher-COSvd（2,128）. This cipher was proposed by E. Filiol et al. at the ECRYPT SASC＇2004 （The State of the Art of Stream Ciphers）. It uses clock-controlled non-linear feedback registers together with an S-box controlled by a chaotic sequence and was claimed to prevent any existing attacks. However, our analysis shows that there are some serious security flaws in the design of the S-box, resulting in heavy biased byte distribution in the keystream. In some broadcast applications, this flaw will cause a ciphertext-only attack with high success rate. Besides, there are also many security flaws in other parts of the cipher. We point out these flaws one by one and develop a divide-and-conquer attack to recover the secret keys from O（2^26）-byte known plaintext with success rate 93.4597% and complexity O（2^113）, which is much lower than 2^512, the complexity of exhaustive search.