Klimov and Shamir proposed a new class of simple crypto-graphic primitives named T-functions. For two concrete proposals based on the squaring operation, a single word T-function and a previously unbroken multi-word T-function with a 256-bit state, we describe an efficient distinguishing attack having a 2 32 data complexity. Furthermore, Hong et al. recently proposed two fully specified stream ciphers, consisting of multi-word T-functions with 128-bit states and filtering functions. We describe distinguishing attacks having a 222 and a 234 data complexity, respectively. The attacks have been implemented. © Springer-Verlag Berlin Heidelberg 2005.
CITATION STYLE
Künzli, S., Junod, P., & Meier, W. (2005). Distinguishing attacks on T-functions. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3715 LNCS, pp. 2–15). Springer Verlag. https://doi.org/10.1007/11554868_2
Mendeley helps you to discover research relevant for your work.