A TMDTO Attack Against Lizard

Subhamoy Maitra, Nishant Sinha, Akhilesh Siddhanti, Ravi Anand, and Sugata Gangopadhyay

Abstract

Lizard is a very recently proposed lightweight stream cipher that claims 60 bit security against distinguishing (related to state recovery) and 80 bit security against key recovery attack. This cipher has 121 bit state size. In this paper, we first note that using $\psi$ key stream bits one can recover $\psi$ unknown bits of the state when $\tau$ state bits are fixed to a specific pattern. This is made possible by guessing the remaining state bits. This helps us in mounting a TMDTO attack with preprocessing complexity $2^{67}$, and the maximum of Data, Time and Memory complexity during the online phase as $2^{54}$. The parameters in the online phase are significantly less than $2^{60}$.

Note: Editorial revisions on the initial draft.

Available format(s)
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
CryptanalysisLizardLightweight Stream CipherTime Memory Data Trade-Off (TMDTO) Attack
Contact author(s)
subho @ isical ac in
History
Short URL
https://ia.cr/2017/647

CC BY

BibTeX

@misc{cryptoeprint:2017/647,
author = {Subhamoy Maitra and Nishant Sinha and Akhilesh Siddhanti and Ravi Anand and Sugata Gangopadhyay},
title = {A TMDTO Attack Against Lizard},
howpublished = {Cryptology ePrint Archive, Paper 2017/647},
year = {2017},
note = {\url{https://eprint.iacr.org/2017/647}},
url = {https://eprint.iacr.org/2017/647}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.