Cryptology ePrint Archive: Report 2018/123

Distributed Time-Memory Tradeoff Attacks on Ciphers (with Application to Stream Ciphers and Counter Mode)

Howard M. Heys

Abstract: In this paper, we consider the implications of parallelizing time-memory tradeoff attacks using a large number of distributed processors. It is shown that Hellman’s original tradeoff method and the Biryukov-Shamir attack on stream ciphers, which incorporates data into the tradeoff, can be effectively distributed to reduce both time and memory, while other approaches are less advantaged in a distributed approach. Distributed tradeoff attacks are specifically discussed as applied to stream ciphers and the counter mode operation of block ciphers, where their feasibility is considered in relation to distributed exhaustive key search. In particular, for counter mode with an unpredictable initial count, we show that distributed tradeoff attacks are applicable, but can be made infeasible if the entropy of the initial count is at least as large as the key. In general, the analyses of this paper illustrate the effectiveness of a distributed tradeoff approach and show that, when enough processors are involved in the attack, it is possible some systems, such as lightweight cipher implementations, may be practically susceptible to attack.

Category / Keywords: secret-key cryptography / cryptanalysis, time-memory tradeoff attacks, block ciphers, stream ciphers, counter mode

Date: received 1 Feb 2018

Contact author: hheys at mun ca

Available format(s): PDF | BibTeX Citation

Version: 20180202:133211 (All versions of this report)

Short URL: ia.cr/2018/123

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]