How Secure is Secure?: On message and IV lengths for synchronous stream ciphers

Erik Zenner; Martin Boesgaard

How Secure is Secure? On message and IV lengths for synchronous stream ciphers

Erik Zenner, Martin Boesgaard

Research output: Working paper/Preprint › Working paper › Research › peer-review

Abstract

In this paper, we discuss security properties for synchronous stream ciphers. Let the key size and claimed security level be k. Following an initial proposal by Hawkes and Rose [6], we argue that a synchronous stream cipher should encrypt at most 2^(k/2) plaintext blocks before changing the key. We claim further that a synchronous stream cipher should ideally provide for IV sizes of both k/2 and k, with the second size being mandatory. In this context, recent results by Hong and Sarkar [3] are also briefl y discussed.

Original language	English
Publication status	Published - 2005
Externally published	Yes

Access to Document

http://www.ecrypt.eu.org/stream/papers.html

SFX availability

Full text

Cite this

@techreport{2c6fdc99d7b149fbb2018d0956540085,

title = "How Secure is Secure?: On message and IV lengths for synchronous stream ciphers",

abstract = "In this paper, we discuss security properties for synchronous stream ciphers. Let the key size and claimed security level be k. Following an initial proposal by Hawkes and Rose [6], we argue that a synchronous stream cipher should encrypt at most 2^(k/2) plaintext blocks before changing the key. We claim further that a synchronous stream cipher should ideally provide for IV sizes of both k/2 and k, with the second size being mandatory. In this context, recent results by Hong and Sarkar [3] are also briefl y discussed.",

author = "Erik Zenner and Martin Boesgaard",

year = "2005",

language = "English",

type = "WorkingPaper",

}

TY - UNPB

T1 - How Secure is Secure?

T2 - On message and IV lengths for synchronous stream ciphers

AU - Zenner, Erik

AU - Boesgaard, Martin

PY - 2005

Y1 - 2005

N2 - In this paper, we discuss security properties for synchronous stream ciphers. Let the key size and claimed security level be k. Following an initial proposal by Hawkes and Rose [6], we argue that a synchronous stream cipher should encrypt at most 2^(k/2) plaintext blocks before changing the key. We claim further that a synchronous stream cipher should ideally provide for IV sizes of both k/2 and k, with the second size being mandatory. In this context, recent results by Hong and Sarkar [3] are also briefl y discussed.

AB - In this paper, we discuss security properties for synchronous stream ciphers. Let the key size and claimed security level be k. Following an initial proposal by Hawkes and Rose [6], we argue that a synchronous stream cipher should encrypt at most 2^(k/2) plaintext blocks before changing the key. We claim further that a synchronous stream cipher should ideally provide for IV sizes of both k/2 and k, with the second size being mandatory. In this context, recent results by Hong and Sarkar [3] are also briefl y discussed.

M3 - Working paper

BT - How Secure is Secure?

ER -

How Secure is Secure? On message and IV lengths for synchronous stream ciphers

Abstract

Access to Document

SFX availability

Fingerprint

Cite this