Sciweavers

INDOCRYPT
2005
Springer

Attack the Dragon

14 years 4 months ago
Attack the Dragon
1 Dragon is a word oriented stream cipher submitted to the ECRYPT project, it operates on key sizes of 128 and 256 bits. The original idea of the design is to use a nonlinear feedback shift register (NLFSR) and a linear part (counter), combined by a filter function to generate a new state of the NLFSR and produce the keystream. The internal state of the cipher is 1088 bits, i.e., any kinds of TMD attacks are not applicable. In this paper we present two statistical distinguishers that distinguish Dragon from a random source both requiring around O(2155 ) words of the keystream. In the first scenario the time complexity is around O(2155+32 ) with the memory complexity O(232 ), whereas the second scenario needs only O(2155 ) of time, but O(296 ) of memory. The attack is based on a statistical weakness introduced into the keystream by the filter function F. This is the first paper presenting an attack on Dragon, and it shows that the cipher does not provide full security when the key o...
Håkan Englund, Alexander Maximov
Added 27 Jun 2010
Updated 27 Jun 2010
Type Conference
Year 2005
Where INDOCRYPT
Authors Håkan Englund, Alexander Maximov
Comments (0)