Paper 2007/108

An Improved Distinguisher for Dragon

Joo Yeon Cho and Josef Pieprzyk

Abstract

Dragon stream cipher is one of the focus ciphers which have reached Phase 2 of the eSTREAM project. In this paper, we present a new method of building a linear distinguisher for Dragon. The distinguisher is constructed by exploiting the biases of two S-boxes and the modular addition which are basic components of the nonlinear function F. The bias of the distinguisher is estimated to be around which is better than the bias of the distinguisher presented by Englund and Maximov. We have shown that Dragon is distinguishable from a random cipher by using around keystream words and memory. In addition, we present a very efficient algorithm for computing the bias of linear approximation of modular addition.

Note: A new attack method is described in chapter 4.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Keywords
Stream CipherseSTREAMDragonModular Addition
Contact author(s)
jooyeon cho @ gmail com
History
2007-07-10: last of 2 revisions
2007-03-26: received
See all versions
Short URL
https://ia.cr/2007/108
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2007/108,
      author = {Joo Yeon Cho and Josef Pieprzyk},
      title = {An Improved Distinguisher for Dragon},
      howpublished = {Cryptology {ePrint} Archive, Paper 2007/108},
      year = {2007},
      url = {https://eprint.iacr.org/2007/108}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.