**Linear Sequential Circuit Approximation of Acterbahn Stream Cipher**

*Shazia Afreen*

**Abstract: **Achterbahn stream cipher is proposed as a candidate for ECRYPT eSTREAM project which deals with key of length 80-bit. The linear distinguishing attack,which aims at distinguishing the keystream from purely random keystream,is employed to Achterbahn stream cipher. A linear distinguishing attack is based on linear sequential circuit approximation technique which distinguishes statistical bias in the keystream. In order to build the distinguisher, linear approximations of both non-linear feedback shift register (NLFSR) and the non-linear Boolean combining function R:F_2^8→F_2 are used. The keystream sequence generated by this algorithm consist a distinguisher with its probability bias〖 2〗^(-1809). Thus, to distinguish the Achterbahn, we only need 1/ε^2 =〖〖(2〗^1809)〗^2=2^3618 keystream bits and the time complexity is about 10/ε^2 =2^3621.3 which is much higher than the exhaustive key search O(2^80).

**Category / Keywords: **secret-key cryptography / Linear Distinguishing Attack, Linear Sequential Circuit Approximation, Achterbahn Stream Cipher

**Date: **received 1 Apr 2014

**Contact author: **shazaf21 at gmail com

**Available format(s): **PDF | BibTeX Citation

**Version: **20140405:174205 (All versions of this report)

**Short URL: **ia.cr/2014/236

**Discussion forum: **Show discussion | Start new discussion

[ Cryptology ePrint archive ]