• DocumentCode
    569729
  • Title

    Related-Cipher Attack on Salsa20

  • Author

    Shao, Zeng-yu ; Ding, Lin

  • Author_Institution
    Inf. Sci. & Technol. Inst., Zhengzhou, China
  • fYear
    2012
  • fDate
    17-19 Aug. 2012
  • Firstpage
    1182
  • Lastpage
    1185
  • Abstract
    Salsa20 was proposed by Daniel Bernstein and is one of the finalists of eSTREAM project. Related-cipher attack was introduced by Hongjun Wu in 2002 and applied to block ciphers. The related ciphers can be considered as ciphers with the same round function, but with different round numbers. There has not been any related-cipher attack applied to Salsa20 stream cipher. In this paper, we apply related-cipher attack on stream cipher Salsa20, since Salsa20 uses flexible rounds (reduced-round versions of Salsa20) and the key schedule of Salsa20 is independent of the number of rounds. If a secret key is used in Salsa20/12 and Salsa20/8 to encrypt the same message, we can recover the 256-bit secret key with computational complexity of about 2224. The result shows that related-cipher attack may be also applied to stream ciphers.
  • Keywords
    computational complexity; cryptography; Salsa20 stream cipher; Salsa20/12; Salsa20/8; block cipher; computational complexity; eSTREAM project; encryption; flexible rounds; reduced-round version; related-cipher attack; round function; round number; secret key; word length 256 bit; Computational complexity; Encryption; Schedules; Software; Related-Cipher Attack; Salsa20; Stream Cipher; Truncated Differential Cryptanalysis;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computational and Information Sciences (ICCIS), 2012 Fourth International Conference on
  • Conference_Location
    Chongqing
  • Print_ISBN
    978-1-4673-2406-9
  • Type

    conf

  • DOI
    10.1109/ICCIS.2012.217
  • Filename
    6301326
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=569729