State recovery attack on ACORN v3 in nonce-reuse setting
Based on differential-algebraic method and guess-and-determine technique,the state recovery attack of ACORN v3 was presented when one pair of key and Nonce was used to encrypt two messages.The time complexity of the attack was 2<sup>122.5</sup>c,where c was the time complexity of solving...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2020-08-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/thesisDetails#10.11959/j.issn.1000-436x.2020164 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850211322640203776 |
|---|---|
| author | Guoshuang ZHANG Xiao CHEN Dongdai LIN Fengmei LIU |
| author_facet | Guoshuang ZHANG Xiao CHEN Dongdai LIN Fengmei LIU |
| author_sort | Guoshuang ZHANG |
| collection | DOAJ |
| description | Based on differential-algebraic method and guess-and-determine technique,the state recovery attack of ACORN v3 was presented when one pair of key and Nonce was used to encrypt two messages.The time complexity of the attack was 2<sup>122.5</sup>c,where c was the time complexity of solving linear equations.The data complexity and the storage complexity were negligible.Furthermore,according to the analysis on the sense of multiple nonce reuse,it is found that relatively complicated filter function of ACORN v3 makes it infeasible to extract the linear equations about the internal state directly from key streams.Thus,the risk of significantly reducing the attack complexity by increasing the times of nonce reuse can be effectively avoided. |
| format | Article |
| id | doaj-art-e7203dee8a0b4db0950b79352d172432 |
| institution | OA Journals |
| issn | 1000-436X |
| language | zho |
| publishDate | 2020-08-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-e7203dee8a0b4db0950b79352d1724322025-08-20T02:09:34ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2020-08-0141112159735868State recovery attack on ACORN v3 in nonce-reuse settingGuoshuang ZHANGXiao CHENDongdai LINFengmei LIUBased on differential-algebraic method and guess-and-determine technique,the state recovery attack of ACORN v3 was presented when one pair of key and Nonce was used to encrypt two messages.The time complexity of the attack was 2<sup>122.5</sup>c,where c was the time complexity of solving linear equations.The data complexity and the storage complexity were negligible.Furthermore,according to the analysis on the sense of multiple nonce reuse,it is found that relatively complicated filter function of ACORN v3 makes it infeasible to extract the linear equations about the internal state directly from key streams.Thus,the risk of significantly reducing the attack complexity by increasing the times of nonce reuse can be effectively avoided.http://www.joconline.com.cn/thesisDetails#10.11959/j.issn.1000-436x.2020164authenticated cipher;cryptanalysis;ACORN;state recovery attack |
| spellingShingle | Guoshuang ZHANG Xiao CHEN Dongdai LIN Fengmei LIU State recovery attack on ACORN v3 in nonce-reuse setting Tongxin xuebao authenticated cipher;cryptanalysis;ACORN;state recovery attack |
| title | State recovery attack on ACORN v3 in nonce-reuse setting |
| title_full | State recovery attack on ACORN v3 in nonce-reuse setting |
| title_fullStr | State recovery attack on ACORN v3 in nonce-reuse setting |
| title_full_unstemmed | State recovery attack on ACORN v3 in nonce-reuse setting |
| title_short | State recovery attack on ACORN v3 in nonce-reuse setting |
| title_sort | state recovery attack on acorn v3 in nonce reuse setting |
| topic | authenticated cipher;cryptanalysis;ACORN;state recovery attack |
| url | http://www.joconline.com.cn/thesisDetails#10.11959/j.issn.1000-436x.2020164 |
| work_keys_str_mv | AT guoshuangzhang staterecoveryattackonacornv3innoncereusesetting AT xiaochen staterecoveryattackonacornv3innoncereusesetting AT dongdailin staterecoveryattackonacornv3innoncereusesetting AT fengmeiliu staterecoveryattackonacornv3innoncereusesetting |