A TMDTO attack against lizard

Authors

Subhamoy Maitra, Indian Statistical Institute, Kolkata
Nishant Sinha, Indian Institute of Technology Roorkee
Akhilesh Siddhanti, Birla Institute of Technology and Science, Pilani
Ravi Anand, Indian Institute of Technology Kharagpur
Sugata Gangopadhyay, Indian Institute of Technology Roorkee

Article Type

Research Article

Publication Title

IEEE Transactions on Computers

Abstract

Lizard is a very recently proposed lightweight stream cipher that claims 60 bit security against distinguishing (related to state recovery) and 80 bit security against key recovery attack. This cipher has 121 bit state size. In this paper, we first note that using c key stream bits one can recover c unknown bits of the state when t state bits are fixed to a specific pattern. This is made possible by guessing the remaining state bits. We present certain values of c; t based on the state size that helps in mounting a generic conditional TMDTO attack following the BSW sampling. For Lizard, we obtain the preprocessing complexity as 267, and the maximum of Data, Time and Memory complexity during the online phase as 254. The parameters in the online phase are significantly less than 260.

First Page

733

Last Page

739

DOI

10.1109/TC.2017.2773062

Publication Date

5-1-2018

Recommended Citation

Maitra, Subhamoy; Sinha, Nishant; Siddhanti, Akhilesh; Anand, Ravi; and Gangopadhyay, Sugata, "A TMDTO attack against lizard" (2018). Journal Articles. 1409.
https://digitalcommons.isical.ac.in/journal-articles/1409