 |  | cryptolabs | ||
| | projects | ||
|  | research | ||
GSM | ||||
|
ARCfour | ||||
Leviathan | ||||
|
PGP | ||||
|
WEP | ||||
|
conferences | ||||
| | contact | ||
Bias in the LEVIATHAN stream cipher
- Paul Crowley, cryptolabs Amsterdam
- Stefan Lucks, Univ. Mannheim
Final proceedings version of paper presented at FSE 2001.
Abstract: We show two methods of distinguishing the LEVIATHAN stream cipher from a random stream usingbytes of output and proportional effort; both arise from compression within the cipher. The first models the cipher as two random functions in sequence, and shows that the probability of a collision in 64-bit output blocks is doubled as a result; the second shows artifacts where the same inputs are presented to the key-dependent S-boxes in the final stage of the cipher for two successive outputs. Both distinguishers are demonstrated with experiments on a reduced variant of the cipher.
- HTML. automatically converted from LaTeX by LaTeX2HTML.
- PDF (121583 bytes - suitable for printing and viewing online)
Related resources
Leviathan is a new stream cipher developed by David McGrew and Scott Fluhrer of Cisco for the Nessie project, which uses an innovative structure based on a forest of binary trees to map a key onto a stream of 2^48 32-bit word outputs, in such a way that it is efficient to seek in the stream, or to produce many consecutive outputs.