Sciweavers

AFRICACRYPT
2008
Springer

Correlated Keystreams in Moustique

14 years 6 months ago
Correlated Keystreams in Moustique
Moustique is one of the sixteen finalists in the eSTREAM stream cipher project. Unlike the other finalists it is a self-synchronising cipher and therefore offers very different functional properties, compared to the other candidates. We present simple related-key phenomena in Moustique that lead to the generation of strongly correlated keystreams and to powerful key-recovery attacks. Our best key-recovery attack requires only 238 steps in the related-key scenario. Since the relevance of related-key properties is sometimes called into question, we also show how the described effects can help speed up exhaustive search (without related keys), thereby reducing the effective key length of Moustique from 96 bits to 90 bits.
Emilia Käsper, Vincent Rijmen, Tor E. Bj&osla
Added 01 Jun 2010
Updated 01 Jun 2010
Type Conference
Year 2008
Where AFRICACRYPT
Authors Emilia Käsper, Vincent Rijmen, Tor E. Bjørstad, Christian Rechberger, Matthew J. B. Robshaw, Gautham Sekar
Comments (0)