Title :
Related-Cipher Attack on Salsa20
Author :
Shao, Zeng-yu ; Ding, Lin
Author_Institution :
Inf. Sci. & Technol. Inst., Zhengzhou, China
Abstract :
Salsa20 was proposed by Daniel Bernstein and is one of the finalists of eSTREAM project. Related-cipher attack was introduced by Hongjun Wu in 2002 and applied to block ciphers. The related ciphers can be considered as ciphers with the same round function, but with different round numbers. There has not been any related-cipher attack applied to Salsa20 stream cipher. In this paper, we apply related-cipher attack on stream cipher Salsa20, since Salsa20 uses flexible rounds (reduced-round versions of Salsa20) and the key schedule of Salsa20 is independent of the number of rounds. If a secret key is used in Salsa20/12 and Salsa20/8 to encrypt the same message, we can recover the 256-bit secret key with computational complexity of about 2224. The result shows that related-cipher attack may be also applied to stream ciphers.
Keywords :
computational complexity; cryptography; Salsa20 stream cipher; Salsa20/12; Salsa20/8; block cipher; computational complexity; eSTREAM project; encryption; flexible rounds; reduced-round version; related-cipher attack; round function; round number; secret key; word length 256 bit; Computational complexity; Encryption; Schedules; Software; Related-Cipher Attack; Salsa20; Stream Cipher; Truncated Differential Cryptanalysis;
Conference_Titel :
Computational and Information Sciences (ICCIS), 2012 Fourth International Conference on
Conference_Location :
Chongqing
Print_ISBN :
978-1-4673-2406-9
DOI :
10.1109/ICCIS.2012.217
