Some Results on Sprout

Subhadeep Banik

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

Sprout is a lightweight stream cipher proposed by Armknecht and Mikhalev at FSE 2015. It has a Grain-like structure with two state Registers of size 40 bits each, which is exactly half the state size of Grain v1. In spite of this, the cipher does not appear to lose in security against generic Time-Memory-Data Tradeoff attacks due to the novelty of its design. In this paper, we first present improved results on Key Recovery with partial knowledge of the internal state. We show that if 50 of the 80 bits of the internal state are guessed then the remaining bits along with the secret key can be found in a reasonable time using a SAT solver. Thereafter, we show that it is possible to perform a distinguishing attack on the full Sprout stream cipher in the multiple IV setting using around 240 randomly chosen IVs on an average. The attack requires around 248 bits of memory. Thereafter, we will show that for every secret key, there exist around 230 IVs for which the LFSR used in Sprout enters the all zero state during the keystream generating phase. Using this observation, we will first show that it is possible to enumerate Key-IV pairs that produce keystream bits with period as small as 80. We will then outline a simple key recovery attack that takes time equivalent to 266.7 encryptions with negligible memory requirement. This although is not the best attack reported against this cipher in termncryptions with negligible memory requirement. This although is not the best attack reported against this cipher in terms of the time complexity, it is the best in terms of the memory required to perform the attack.
Original languageEnglish
Title of host publicationProgress in Cryptology – INDOCRYPT 2015 : Proceedings of the 16th International Conference on Cryptology in India
EditorsAlex Biryukov, Vipul Goyal
PublisherSpringer
Publication date2015
Pages124-139
ISBN (Print)978-3-319-26616-9
ISBN (Electronic)978-3-319-26617-6
DOIs
Publication statusPublished - 2015
Event16th International Conference on Cryptology in India - Bangalore, India
Duration: 6 Dec 20159 Dec 2015
Conference number: 16
http://www.indocrypt2015.org/

Conference

Conference16th International Conference on Cryptology in India
Number16
CountryIndia
CityBangalore
Period06/12/201509/12/2015
Internet address
SeriesLecture Notes in Computer Science
Volume9462
ISSN0302-9743

Keywords

  • Grain v1
  • Sprout
  • Stream cipher

Fingerprint Dive into the research topics of 'Some Results on Sprout'. Together they form a unique fingerprint.

Cite this