Paper 2014/245
A practical state recovery attack on the stream cipher Sablier v1
Xiutao FENG and Fan ZHANG
Abstract
Sablier is an authenticated encryption cipher submitted to the CAESAR competition, which is composed of the encryption Sablier v1 and the authentication \textup{Au}. In this work we present a state recovery attack against the encryption Sablier v1 with time complexity about $2^{44}$ operations and data complexity about 24 of 16-bit keywords. Our attack is practical in the workstation. It is noticed that the update of the internal state of Sablier v1 is invertible, thus our attack can further deduce a key recovery attack and a forgery attack against the authenticated encryption Sablier. The result shows that Sablier v1 is far from the goal of its security design (80-bit level).
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- CAESERstream ciphersSablierstate recovery attack
- Contact author(s)
- fengxt @ amss ac cn
- History
- 2014-04-18: received
- Short URL
- https://ia.cr/2014/245
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2014/245, author = {Xiutao FENG and Fan ZHANG}, title = {A practical state recovery attack on the stream cipher Sablier v1}, howpublished = {Cryptology {ePrint} Archive, Paper 2014/245}, year = {2014}, url = {https://eprint.iacr.org/2014/245} }