logo

SCIENCE CHINA Information Sciences, Volume 63, Issue 3: 131101(2020) https://doi.org/10.1007/s11432-018-9929-x

Stream cipher designs: a review

More info
  • ReceivedAug 13, 2018
  • AcceptedJun 30, 2019
  • PublishedFeb 10, 2020

Abstract

Stream cipher is an important branch of symmetric cryptosystems, which takes obvious advantagesin speed and scale of hardware implementation. It is suitable for using in the cases of massive data transfer or resource constraints, and has always been a hot and central research topic in cryptography.With the rapid development of network and communication technology, cipher algorithms play more and more crucial role in information security. Simultaneously, the application environment of cipher algorithms is increasingly complex, which challenges the existing cipher algorithms and calls for novel suitable designs.To accommodate new strict requirements and provide systematic scientific basis for future designs, this paper reviews the development history of stream ciphers, classifies and summarizes the design principles of typical stream ciphers in groups, briefly discusses the advantages and weakness of various stream ciphers in terms of security and implementation. Finally, it tries to foresee the prospective design directions of stream ciphers.


Acknowledgment

This work was supported by National Natural Science Foundation of China (Grant No. 61902030).


References

[1] R Rivest. The RC4 encryption algorithm. Rsa Data Secur Inc Doc No, 1992, 20: 86--96. Google Scholar

[2] Anderson D P, Herrtwich R G. Internet communication with end-to-end performance guarantees. In: Telekommunikation und multimediale Anwendungen der Informatik. Berlin: Springer, 1991. Google Scholar

[3] ETSI/SAGE. Specification of the 3GPP confidentiality and integrity algorithms UEA2&UIA2. Document 2: SNOW 3G Specification, Version 1.1, 2006. http://www.gsmworld.com/using/algorithms/docs/etsi_sage_06_09_06.pdf. Google Scholar

[4] Feng X T. ZUC algorithm: 3GPP LTE international encryption standard. China Information Security, 2011, 19: 45--46. Google Scholar

[5] Bluetooth. Specification of the Bluetooth system. 2005. https://www.bluetooth.com/specifications/adopted-specifications. Google Scholar

[6] Ekdahl P, Johansson T. A new version of the stream cipher SNOW. In: Proceedings of International Workshop on Selected Areas in Cryptography, 2002. 47--61. Google Scholar

[7] Ekdahl P, Johansson T. SNOW-a new stream cipher. 2007. https://pdfs.semanticscholar.org/900e/081fa7ba0d0b45e36185e327e1081bf55d28.pdf. Google Scholar

[8] European Commission. First open NESSIE workshop. 2000. https://www.cosic.esat.kuleuven.be/nessie/workshop/. Google Scholar

[9] Hawkes P, Rose G G. Guess-and-determine attacks on SNOW. In: Proceedings of International Workshop on Selected Areas in Cryptography, 2002. 37--46. Google Scholar

[10] Markku-Juhani O S. A time-memory tradeoff attack against LILI-128. In: Proceedings of International Workshop on Fast Software Encryption, 2002. Google Scholar

[11] Tsunoo Y, Saito T, Shigeri M. Shorter Bit Sequence Is Enough to Break Stream Cipher LILI-128. IEEE Trans Inform Theor, 2005, 51: 4312-4319 CrossRef Google Scholar

[12] Imai H, Yamagishi A. CRYPTREC project — cryptographic evaluation project for the japanese electronic government. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, 2000. 399--400. Google Scholar

[13] Watanabe D, Furuya S, Yoshida H, et al. A new keystream generator MUGI. In: Proceedings of International Workshop on Fast Software Encryption, 2002. 179--194. Google Scholar

[14] van Tilborg H C A, Jajodia S. ECRYPT Stream Cipher Project. Berlin: Springer. 2011. Google Scholar

[15] Robshaw M. The eSTREAM project. In: New Stream Cipher Designs. Berlin: Springer, 2008. Google Scholar

[16] Hell M, Johansson T, Meier W. Grain: a stream cipher for constrained environments. IJWMC, 2007, 2: 86-93 CrossRef Google Scholar

[17] Canniere C D, Preneel B. TRIVIUM specifications. eSTREAM, ECRYPT Stream Cipher Project, 2006. http://www.ecrypt.eu.org/stream/. Google Scholar

[18] Babbage S, Dodd M. The stream cipher MICKEY 2.0. eSTREAM, ECRYPT Stream Cipher Project, 2006. http://www.ecrypt.eu.org/stream/. Google Scholar

[19] Robshaw M, Billet O. New Stream Cipher Designs. Berlin: Springer, 2008. Google Scholar

[20] Berbain C, Billet O, Canteaut A, et al. SOSEMANUK, a fast software-oriented stream cipher. In: New Stream Cipher Designs. Berlin: Springer, 2008. 98--118. Google Scholar

[21] Boesgaard M, Vesterager M, Pedersen T, et al. Rabbit: a new high-performance stream cipher. In: Proceedings of International Workshop on Fast Software Encryption, 2003. 307--329. Google Scholar

[22] Wu H J. The stream cipher HC-128. In: New Stream Cipher Designs. Berlin: Springer, 2008. 39--47. Google Scholar

[23] Cruz J R C. Keccak: the new SHA-3 encryption standard. 2014. Google Scholar

[24] Chakraborti A, Chattopadhyay A, Hassan M, et al. TriviA: a fast and secure authenticated encryption scheme. In: Proceedings of International Workshop on Cryptographic Hardware and Embedded Systems, 2015. 330--353. Google Scholar

[25] Wu H J. ACORN: a lightweight authenticated cipher (v3). CAESAR Submission, 2016. http://competitions.cr.yp.to/caesar-submissions.html. Google Scholar

[26] Shannon C E. A Mathematical Theory of Communication. Bell Syst Technical J, 1948, 27: 379-423 CrossRef Google Scholar

[27] Fontaine C. Synchronous stream cipher. In: Encyclopedia of Cryptography and Security. Beilin: Springer, 2005. 1274--1275. Google Scholar

[28] Millan W, Dawson E. On the security of self-synchronous ciphers. In: Proceedings of Australasian Conference on Information Security and Privacy, 1997. 159--170. Google Scholar

[29] Massey J. Shift-register synthesis and BCH decoding. IEEE Trans Inform Theor, 1969, 15: 122-127 CrossRef Google Scholar

[30] Ere C D, Johansson T, Preneel B. Cryptanalysis of the Bluetooth stream cipher. Cosic Internal Report, 2001. Google Scholar

[31] Lu Y, Vaudenay S. Cryptanalysis of an E0-like Combiner with Memory. J Cryptol, 2008, 21: 430-457 CrossRef Google Scholar

[32] Armknecht F, Mikhalev V. On lightweight stream ciphers with shorter internal states. In: Proceedings of International Workshop on Fast Software Encryption, 2015. 451--470. Google Scholar

[33] Ghafari V A, Hu H G, Chen Y. Fruit-v2: ultra-lightweight stream cipher with shorter internal state. 2016. https://eprint.iacr.org/2016/355. Google Scholar

[34] Ghafari V A, Hu H G. Fruit-80: A Secure Ultra-Lightweight Stream Cipher for Constrained Environments. Entropy, 2018, 20: 180 CrossRef ADS Google Scholar

[35] Mikhalev V, Armknecht F, Müller C. On ciphers that continuously access the non-volatile key. IACR Trans Symmetric Cryptol, 2016, 2016: 52--79. Google Scholar

[36] Zhang B, Gong X X. Another tradeoff attack on Sprout-like stream ciphers. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, 2014. 561--585. Google Scholar

[37] Lallemand V, Naya-Plasencia M. Cryptanalysis of full Sprout. In: Proceedings of Annual Cryptology Conference, 2015. 663--682. Google Scholar

[38] Esgin M F, Kara O. Practical cryptanalysis of full Sprout with TMD tradeoff attacks. In: Proceedings of International Conference on Selected Areas in Cryptography, 2015. 67--85. Google Scholar

[39] Méaux P, Journault A, Standaert F X, et al. Towards stream ciphers for efficient FHE with low-noise ciphertexts. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2016. 311--343. Google Scholar

[40] Duval S, Lallemand V, Rotella Y. Cryptanalysis of the FLIP family of stream ciphers. In: Proceedings of Annual International Cryptology Conference, 2016. 457--475. Google Scholar

[41] Yu Y, Pereira O, Yung M. Practical leakage-resilient pseudorandom generators. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010. 141--151. Google Scholar

[42] Faust S, Pietrzak K, Schipper J. Practical leakage-resilient symmetric cryptography. In: Proceedings of International Conference on Cryptographic Hardware and Embedded Systems, 2012. 213--232. Google Scholar

[43] Yu Y, Standaert F X. Practical leakage-resilient pseudorandom objects with minimum public randomness. In: Proceedings of Cryptographers' Track at the RSA Conference, 2013. Google Scholar

[44] Qu L, Feng K, Liu F. Constructing Symmetric Boolean Functions With Maximum Algebraic Immunity. IEEE Trans Inform Theor, 2009, 55: 2406-2412 CrossRef Google Scholar

[45] Peng J, Wu Q, Kan H. On Symmetric Boolean Functions With High Algebraic Immunity on Even Number of Variables. IEEE Trans Inform Theor, 2011, 57: 7205-7220 CrossRef Google Scholar

[46] Wang H, Peng J, Li Y. On $2k$-Variable Symmetric Boolean Functions With Maximum Algebraic Immunity $k$. IEEE Trans Inform Theor, 2012, 58: 5612-5624 CrossRef Google Scholar

[47] Li N, Qi W F. Symmetric Boolean function with maximum algebraic immunity on odd number of variables. 2005. arXiv:cs/0511099. Google Scholar

[48] Rueppel R A. Analysis and Design of Stream Ciphers. Berlin: Springer, 1986. Google Scholar

[49] Simpson L R, Dawson E, Golic J D, et al. LILI keystream generator. In: Proceedings of International Workshop on Selected Areas in Cryptography, 2000. 248--261. Google Scholar

[50] Ekdahl P, Johansson T, Maximov A, et al. A new SNOW stream cipher called SNOW-V. 2018. https://eprint.iacr.org/2018/1143.pdf. Google Scholar

[51] Hell M, Johansson T, Maximov A, et al. A stream cipher proposal: Grain-128. In: Proceedings of IEEE International Symposium on Information Theory, 2006. 1614--1618. Google Scholar

[52] ?gren M, Hell M, Johansson T. Grain-128a: a new version of Grain-128 with optional authentication. IJWMC, 2011, 5: 48-59 CrossRef Google Scholar

[53] M Hamann, M Krause, and W Meier. LIZARD - a lightweight stream cipher for power-constrained devices. IACR Trans Symmetric Cryptol, 2017, 2017: 45--79. Google Scholar

[54] Hamann M, Krause M. On stream ciphers with provable beyond-the-birthday-bound security against time-memory-data tradeoff attacks. Cryptogr Commun, 2018, 10: 959-1012 CrossRef Google Scholar

[55] Canteaut A, Carpov S, Fontaine C, et al. Stream ciphers: a practical solution for efficient homomorphic-ciphertext compression. In: Proceedings of International Conference on Fast Software Encryption, 2016. Google Scholar

[56] Arnault F, Berger T P. F-FCSR: Design of a new class of stream ciphers. In: Proceedings of International Workshop on Fast Software Encryption, 2005, 83--97. Google Scholar

[57] Hell M, Johansson T. Breaking the F-FCSR-H stream cipher in real time. In: Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, 2008. 557--569. Google Scholar

[58] Daemen J, Clapp C. Fast hashing and stream encryption with PANAMA. In: Proceedings of the 5th International Workshop on Fast Software Encryption, Paris, 1998. 60--74. Google Scholar

[59] Rivest R L, Schuldt J C N. Spritz — a spongy RC4-like stream cipher and hash function. 2016. https://eprint.iacr.org/2016/856. Google Scholar

[60] Banik S, Isobe T, Morii M. Analysis and Improvements of the Full Spritz Stream Cipher. IEICE Trans Fundamentals, 2017, E100.A: 1296-1305 CrossRef ADS Google Scholar

[61] Wu H J. A new stream cipher HC-256. In: Proceedigns of International Workshop on Fast Software Encryption, 2004. 226--244. Google Scholar

[62] Bernstein D J. ChaCha, a variant of Salsa20. 2009. http://cr.yp.to/chacha/chacha-20080120.pdf. Google Scholar

[63] Mileva A, Dimitrova V, Velichkov V. Analysis of the authenticated cipher MORUS (v1). In: Proceedings of International Conference on Cryptography and Information Security in the Balkans, 2016. 45--59. Google Scholar

[64] Dobraunig C, Eichlseder M, Mendel F, et al. Ascon — submission to the CAESAR competition. 2016. Google Scholar

[65] Wu H J, Preneel B. AEGIS: a fast authenticated encryption algorithm. In: Proceedings of International Conference on Selected Areas in Cryptography, 2013. 185--201. Google Scholar

[66] Ivica N. Tiaoxin-346, version 2.1. CAESAR Submission, 2016. Google Scholar

[67] Biryukov A. A New 128-bit Key Stream Cipher LEX. Estream Ecrypt Stream Cipher Project Report, 2008. Google Scholar

[68] Halevi S, Coppersmith D, Jutla C S. Scream: A software-efficient stream cipher. In: Proceedings of International Workshop on Fast Software Encryption, 2002. 195--209. Google Scholar

[69] Jean J, Nikolić I, Peyrin T, et al. Deoxys v1.41. 2016. http://competitions.cr.yp.to/round3/deoxysv141.pdf. Google Scholar

[70] Krovetz T, Rogaway P. OCB (v1.1). 2016. https://competitions.cr.yp.to/round3/ocbv11.pdf. Google Scholar

[71] Andreea E, Bogdanov A, Datta N, et al. COLM v1. 2016. http://competitions.cr.yp.to/caesar-submissions.html. Google Scholar

[72] Wu H J, Huang T. The JAMBU lightweight authentication encryption mode (v2.1). 2016. http://competitions.cr.yp.to/caesar-submissions.html. Google Scholar

[73] Albrecht M R, Rechberger C, Schneider T, et al. Ciphers for MPC and FHE. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2015. Google Scholar

[74] Shamir A. The generation of cryptographically strong pseudo-random sequences. In: Proceedings of IEEE Workshop on Communications Security, Santa Barbara, 1981. Google Scholar

[75] Blum M, Micali S. How to generate cryptographically strong sequences of pseudo-random bits. SIAM J Comput, 1984, 13: 850--864. Google Scholar

[76] Yao A C. Theory and applications of trapdoor functions (extended abstract). In: Proceedings of the 23rd Annual Symposium on Foundations of Computer Science, Chicago, 1982. 80--91. Google Scholar

[77] Goldreich O, Levin L A. A hard-core predicate for all one-way functions. In: Proceedings of the 21st Annual ACM Symposium on Theory of Computing, Seattle, 1989. 25--32. Google Scholar

[78] Berbain C, Gilbert H, Patarin J. QUAD: A multivariate stream cipher with provable security. J Symbolic Computation, 2009, 44: 1703-1723 CrossRef Google Scholar

[79] Biryukov A, Shamir A. Cryptanalytic time/memory/data tradeoffs for stream ciphers. In: Proceedigns of International Conference on the Theory and Application of Cryptology and Information Security, 2000. Google Scholar

[80] Courtois N T, Meier W. Algebraic attacks on stream ciphers with linear feedback. In: Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques, 2003. 345--359. Google Scholar

[81] Courtois N T. Fast algebraic attacks on stream ciphers with linear feedback. In: Proceedings of Annual International Cryptology Conference, 2003. 176--194. Google Scholar

[82] Meier W, Staffelbach O. Fast correlation attacks on certain stream ciphers. J Cryptology, 1989, 1: 159-176 CrossRef Google Scholar

[83] Berbain C, Gilbert H, Maximov A. Cryptanalysis of grain. In: Proceedings of International Workshop on Fast Software Encryption, 2006. Google Scholar

[84] Biham E, Dunkelman O. Differential Cryptanalysis in Stream Ciphers. Technical Report CS-2007-10, 2007. Google Scholar

[85] Biryukov A, Wagner D. Slide attacks. In: Proceedings of International Workshop on Fast Software Encryption, 1999. 245--259. Google Scholar

[86] Dinur I, Shamir A. Cube attacks on tweakable black box polynomials. In: Proceedigns of Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2009. 278--299. Google Scholar

[87] Barenghi A, Breveglieri L, Koren I. Fault Injection Attacks on Cryptographic Devices: Theory, Practice, and Countermeasures. Proc IEEE, 2012, 100: 3056-3076 CrossRef Google Scholar

Copyright 2020 Science China Press Co., Ltd. 《中国科学》杂志社有限责任公司 版权所有

京ICP备18024590号-1