## Cryptology ePrint Archive: Report 2017/647

A TMDTO Attack Against Lizard

Subhamoy Maitra and Nishant Sinha and Akhilesh Siddhanti and Ravi Anand and Sugata Gangopadhyay

Abstract: Lizard is a very recently proposed lightweight stream cipher that claims 60 bit security against distinguishing (related to state recovery) and 80 bit security against key recovery attack. This cipher has 121 bit state size. In this paper, we first note that using $\psi$ key stream bits one can recover $\psi$ unknown bits of the state when $\tau$ state bits are fixed to a specific pattern. This is made possible by guessing the remaining state bits. This helps us in mounting a TMDTO attack with preprocessing complexity $2^{67}$, and the maximum of Data, Time and Memory complexity during the online phase as $2^{54}$. The parameters in the online phase are significantly less than $2^{60}$.

Category / Keywords: secret-key cryptography / Cryptanalysis, Lizard, Lightweight Stream Cipher, Time Memory Data Trade-Off (TMDTO) Attack

Date: received 29 Jun 2017, last revised 5 Jul 2017

Contact author: subho at isical ac in

Available format(s): PDF | BibTeX Citation

Note: Editorial revisions on the initial draft.

Short URL: ia.cr/2017/647

[ Cryptology ePrint archive ]