Paper 2017/647

A TMDTO Attack Against Lizard

Subhamoy Maitra, Nishant Sinha, Akhilesh Siddhanti, Ravi Anand, and Sugata Gangopadhyay


Lizard is a very recently proposed lightweight stream cipher that claims 60 bit security against distinguishing (related to state recovery) and 80 bit security against key recovery attack. This cipher has 121 bit state size. In this paper, we first note that using $\psi$ key stream bits one can recover $\psi$ unknown bits of the state when $\tau$ state bits are fixed to a specific pattern. This is made possible by guessing the remaining state bits. This helps us in mounting a TMDTO attack with preprocessing complexity $2^{67}$, and the maximum of Data, Time and Memory complexity during the online phase as $2^{54}$. The parameters in the online phase are significantly less than $2^{60}$.

Note: Editorial revisions on the initial draft.

Available format(s)
Secret-key cryptography
Publication info
Preprint. MINOR revision.
CryptanalysisLizardLightweight Stream CipherTime Memory Data Trade-Off (TMDTO) Attack
Contact author(s)
subho @ isical ac in
2017-07-05: received
Short URL
Creative Commons Attribution


      author = {Subhamoy Maitra and Nishant Sinha and Akhilesh Siddhanti and Ravi Anand and Sugata Gangopadhyay},
      title = {A TMDTO Attack Against Lizard},
      howpublished = {Cryptology ePrint Archive, Paper 2017/647},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.