MAG is a synchronous stream cipher submitted to the E-CRYPT eSTREAM project. The design criterion for the cipher is cellular automata, although it can be modelled as a word-based shift-register with a single word of memory. Cryptanalysis of MAG reveals serious structural weaknesses within the cipher. This paper presents simple distinguishing attacks against MAG with an 80-bit or 128-bit key that can, under certain circumstances, be carried out by hand. The approach is extended to a partial-key recovery attack. For the 80-bit and 128-bit keys, we recover- 40 key bits and 32 key bits respectively from about 32 bytes keystream. A proposed modification to MAG, intended to prevent an earlier distinguishing attack, has no effect upon our distinguisher but instead allows a full key recovery attack for both 80-bit and 128-bit keys using around thirty-two bytes of keystream and a practical precomputation. Therefore the modification actually weakens an already insecure cipher. © Springer-Verlag Berlin Heidelberg 2006.
CITATION STYLE
Simpson, L., & Henricksen, M. (2006). Improved cryptanalysis of MAG. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4058 LNCS, pp. 64–75). Springer Verlag. https://doi.org/10.1007/11780656_6
Mendeley helps you to discover research relevant for your work.