A new distinguishing and key recovery attack on NGG stream cipher

Aleksandar Kircanski; Rabeah Al-Zaidy; Amr M. Youssef

doi:10.1007/s12095-009-0012-4

A new distinguishing and key recovery attack on NGG stream cipher

Aleksandar Kircanski
, Rabeah Al-Zaidy
, Amr M. Youssef

Research output: Contribution to journal › Article › peer-review

3 Scopus citations

Abstract

NGG is an RC4-like stream cipher designed to make use of today's common 32-bit processors. It is 3-5 times faster than RC4. In this paper, we show that the NGG stream can be distinguished, with success probability ≈ 97%, from a random stream using only the first keystream word. We also show that the first few kilobytes of the keystream may leak information about the secret key which allows the cryptanalyst to recover the secret key in a very efficient way.

Original language	English
Pages (from-to)	269-282
Number of pages	14
Journal	Cryptography and Communications
Volume	1
Issue number	2
DOIs	https://doi.org/10.1007/s12095-009-0012-4
State	Published - Sep 2009
Externally published	Yes

Bibliographical note

Funding Information:
Acknowledgements This work was supported in part by the Natural Sciences and Engineering Research Council of Canada under Grant N00930. The authors would like to thank the anonymous reviewers for their comments that helped improve the presentation of the paper.

ASJC Scopus subject areas

Computer Networks and Communications
Computational Theory and Mathematics
Applied Mathematics

Access to Document

10.1007/s12095-009-0012-4

Cite this

@article{797b7baa516b4e59a2502f3404ac15d7,

title = "A new distinguishing and key recovery attack on NGG stream cipher",

abstract = "NGG is an RC4-like stream cipher designed to make use of today's common 32-bit processors. It is 3-5 times faster than RC4. In this paper, we show that the NGG stream can be distinguished, with success probability ≈ 97\%, from a random stream using only the first keystream word. We also show that the first few kilobytes of the keystream may leak information about the secret key which allows the cryptanalyst to recover the secret key in a very efficient way.",

author = "Aleksandar Kircanski and Rabeah Al-Zaidy and Youssef, \{Amr M.\}",

note = "Funding Information: Acknowledgements This work was supported in part by the Natural Sciences and Engineering Research Council of Canada under Grant N00930. The authors would like to thank the anonymous reviewers for their comments that helped improve the presentation of the paper.",

year = "2009",

month = sep,

doi = "10.1007/s12095-009-0012-4",

language = "English",

volume = "1",

pages = "269--282",

journal = "Cryptography and Communications",

issn = "1936-2447",

publisher = "Springer Publishing Company",

number = "2",

}

TY - JOUR

T1 - A new distinguishing and key recovery attack on NGG stream cipher

AU - Kircanski, Aleksandar

AU - Al-Zaidy, Rabeah

AU - Youssef, Amr M.

N1 - Funding Information: Acknowledgements This work was supported in part by the Natural Sciences and Engineering Research Council of Canada under Grant N00930. The authors would like to thank the anonymous reviewers for their comments that helped improve the presentation of the paper.

PY - 2009/9

Y1 - 2009/9

N2 - NGG is an RC4-like stream cipher designed to make use of today's common 32-bit processors. It is 3-5 times faster than RC4. In this paper, we show that the NGG stream can be distinguished, with success probability ≈ 97%, from a random stream using only the first keystream word. We also show that the first few kilobytes of the keystream may leak information about the secret key which allows the cryptanalyst to recover the secret key in a very efficient way.

AB - NGG is an RC4-like stream cipher designed to make use of today's common 32-bit processors. It is 3-5 times faster than RC4. In this paper, we show that the NGG stream can be distinguished, with success probability ≈ 97%, from a random stream using only the first keystream word. We also show that the first few kilobytes of the keystream may leak information about the secret key which allows the cryptanalyst to recover the secret key in a very efficient way.

UR - https://www.scopus.com/pages/publications/84859755009

U2 - 10.1007/s12095-009-0012-4

DO - 10.1007/s12095-009-0012-4

M3 - Article

AN - SCOPUS:84859755009

SN - 1936-2447

VL - 1

SP - 269

EP - 282

JO - Cryptography and Communications

JF - Cryptography and Communications

IS - 2

ER -

A new distinguishing and key recovery attack on NGG stream cipher

Abstract

Bibliographical note

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this