Paper 2019/1352
Spectral analysis of ZUC-256
Jing Yang, Thomas Johansson, and Alexander Maximov
Abstract
In this paper we develop a number of generic techniques and algorithms in spectral analysis of large linear approximations for use in cryptanalysis. We apply the developed tools for cryptanalysis of ZUC-256 and give a distinguishing attack with complexity around $2^{236}$. Although the attack is only $2^{20}$ times faster than exhaustive key search, the result indicates that ZUC-256 does not provide a source with full 256-bit entropy in the generated keystream, which would be expected from a 256-bit key. To the best of our knowledge, this is the first known academic attack on full ZUC-256 with a computational complexity that is below exhaustive key search.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published by the IACR in FSE 2020
- Keywords
- ZUC-256Stream Cipher5G Mobile System Security
- Contact author(s)
- alexander maximov @ ericsson com
- History
- 2020-02-19: revised
- 2019-11-27: received
- See all versions
- Short URL
- https://ia.cr/2019/1352
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/1352, author = {Jing Yang and Thomas Johansson and Alexander Maximov}, title = {Spectral analysis of {ZUC}-256}, howpublished = {Cryptology {ePrint} Archive, Paper 2019/1352}, year = {2019}, url = {https://eprint.iacr.org/2019/1352} }