Paper 2018/1127

Freestyle, a randomized version of ChaCha for resisting offline brute-force and dictionary attacks

P. Arun Babu and Jithin Jose Thomas

Abstract

This paper introduces Freestyle, a randomized, and variable round version of the ChaCha cipher. Freestyle demonstrates the concept of hash based halting condition, where a decryption attempt with an incorrect key is likely to take longer time to halt. This makes it resistant to key-guessing attacks i.e. brute-force and dictionary based attacks. Freestyle uses a novel approach for ciphertext randomization by using random number of rounds for each block of message, where the exact number of rounds are unknown to the receiver in advance. Due to its inherent random behavior, Freestyle provides the possibility of generating up to $2^{256}$ different ciphertexts for a given key, nonce, and message; thus resisting key and nonce reuse attacks. This also makes cryptanalysis through known-plaintext, chosen-plaintext, and chosen-ciphertext attacks difficult in practice. Freestyle is highly customizable, which makes it suitable for both low-powered devices as well as security-critical applications. It is ideal for: (i) applications that favor ciphertext randomization and resistance to key-guessing and key reuse attacks; and (ii) situations where ciphertext is in full control of an adversary for carrying out an offline key-guessing attack.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
Brute-force resistant ciphersDictionary based attacksKey-guessing penaltyProbabilistic encryptionFreestyleChaCha
Contact author(s)
arun hbni @ gmail com
History
2018-11-29: received
Short URL
https://ia.cr/2018/1127
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/1127,
      author = {P.  Arun Babu and Jithin Jose Thomas},
      title = {Freestyle, a randomized version of {ChaCha} for resisting offline brute-force and dictionary attacks},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/1127},
      year = {2018},
      url = {https://eprint.iacr.org/2018/1127}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.