000232020 001__ 232020
000232020 005__ 20181203024840.0
000232020 037__ $$aARTICLE
000232020 245__ $$aSome Cryptanalytic Results on Lizard
000232020 269__ $$a2017
000232020 260__ $$c2017
000232020 336__ $$aJournal Articles
000232020 520__ $$aLizard is a lightweight stream cipher proposed by Hamann, Krause and Meier in IACR ToSC 2017. It has a Grain-like structure with two state registers of size 90 and 31 bits. The cipher uses a 120 bit secret key and a 64 bit IV. The authors claim that Lizard provides 80-bit security against key recovery attacks and a 60-bit security against distinguishing attacks. In this paper, we present an assortment of results and observations on Lizard. First, we show that by doing $2^58$ random trials it is possible to find a set of 2 64 triplets (K, IV 0 , IV 1 ) such that the Key-IV pairs (K, IV 0 ) and (K, IV 1 ) produce identical keystream bits. Second, we show that by performing only around 2 28 random trials it is possible to obtain $2^64$ Key-IV pairs (K 0 , IV 0 ) and (K 1 , IV 1 ) that produce identical keystream bits. Thereafter, we show that one can construct a distinguisher for Lizard based on IVs that produce shifted keystream sequences. The process takes around $2^{51.5}$ random IV encryptions (with encryption required to produce $2^{18}$ keystream bits) and around $2^{76.6}$ bits of memory. Next, we propose a key recovery attack on a version of Lizard with the number of initialization rounds reduced to 223 (out of 256) based on IV collisions. We then outline a method to extend our attack to 226 rounds. Our results do not affect the security claims of the designers.
000232020 700__ $$0250951$$aBanik, Subhadeep$$g283270
000232020 700__ $$aIsobe, Takanori
000232020 700__ $$aCui, Tingting
000232020 700__ $$aGuo, Jian
000232020 773__ $$j4$$tIACR ToSC
000232020 909C0 $$0252183$$pLASEC$$xU10433
000232020 909CO $$ooai:infoscience.tind.io:232020$$pIC$$particle
000232020 917Z8 $$x266837
000232020 937__ $$aEPFL-ARTICLE-232020
000232020 973__ $$aEPFL$$rREVIEWED$$sACCEPTED
000232020 980__ $$aARTICLE