[Resource Topic] 2014/245: A practical state recovery attack on the stream cipher Sablier v1

Welcome to the resource topic for 2014/245

Title:
A practical state recovery attack on the stream cipher Sablier v1

Authors: Xiutao FENG, Fan ZHANG

Abstract:

Sablier is an authenticated encryption cipher submitted to the CAESAR competition, which is composed of the encryption Sablier v1 and the authentication \textup{Au}. In this work we present a state recovery attack against the encryption Sablier v1 with time complexity about 2^{44} operations and data complexity about 24 of 16-bit keywords. Our attack is practical in the workstation. It is noticed that the update of the internal state of Sablier v1 is invertible, thus our attack can further deduce a key recovery attack and a forgery attack against the authenticated encryption Sablier. The result shows that Sablier v1 is far from the goal of its security design (80-bit level).

ePrint: https://eprint.iacr.org/2014/245

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .