Welcome to the resource topic for 2024/1363
Title:
Improved Key Recovery Attacks on Reduced-Round Salsa20
Authors: Sabyasachi Dey, Gregor Leander, Nitin Kumar Sharma
Abstract:In this paper, we present an improved attack on the stream cipher Salsa20. Our improvements are based on two technical contributions.
First, we make use of a distribution of a linear combination of several random variables that are derived from different differentials and explain how to exploit this in order to improve the attack complexity. Secondly, we study and exploit how to choose the actual value for so-called probabilistic neutral bits optimally. Because of the limited influence of these key bits on the computation, in the usual attack approach, these are fixed to a constant value, often zero for simplicity. As we will show, despite the fact that their influence is limited, the constant can be chosen in significantly better ways, and intriguingly, zero is the worst choice. Using this, we propose the first-ever attack on 7.5-round of 128-bit key version of Salsa20. Also, we provide improvements in the attack against the 8-round of 256-bit key version of Salsa20 and the 7-round of 128-bit key version of Salsa20.
ePrint: https://eprint.iacr.org/2024/1363
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .