
	Where results make sense

Topic: Stream cipher attack

Related Topics

September 11, 2001 Terrorist Attacks

September 11, 2001 attacks

heart attack

attack on Pearl Harbor

September 11 terrorist attacks

11 March 2004 Madrid attacks

Massive Attack

Attack class patrol boat

2001 anthrax attacks

attack submarine

angle of attack

brute force attack

In the News (Thu 23 May 13)

EXECUTIVE POWER

Iran

ANALYSIS

Pakistan

Family compact

	Stream cipher - Wikipedia, the free encyclopedia
		In cryptography, a stream cipher is a symmetric cipher in which the input digits are encrypted one at a time, and in which the transformation of successive digits varies during the encryption.
		Stream ciphers are often used in applications where plaintext comes in quantities of unknowable lengthâ”for example, a secure wireless connection.
		Block ciphers must be used in ciphertext stealing or residual block termination mode to avoid padding, while stream ciphers eliminate this issue by naturally operating on the smallest unit that can be transmitted (usually bytes).
	en.wikipedia.org /wiki/Stream_cipher (1472 words)

	Stream cipher attack - Wikipedia, the free encyclopedia
		Stream ciphers where plaintext bits are combined with a cipher bit stream by an exclusive-or operation ( xor) can be very secure if used properly.
		Stream ciphers are vulnerable to attack if the same key is used twice (depth of two) or more.
		One way to avoid this problem is to use an initialization vector (IV), sent in the clear, that is combined with a secret master key to create a one-time key for the stream cipher.
	en.wikipedia.org /wiki/Stream_cipher_attack (685 words)

	Cryptanalysis of Alleged A5 Stream Cipher / On Random Mappings and Random Permutations
		This reversion attack then goes along the same lines as the one when the output sequence is not known, with a difference that from each level in the tree spanned, the nodes whose internal states produce the output bits different from the one known are all removed.
		Several cryptanalytic attacks on a binary stream cipher known as A5 are proposed and analyzed.
		The objective of the attacks is to reconstruct the 64-bit secret session key from one or several known keystream sequences produced by different 22-bit (randomizing) public keys, in the known plaintext scenario which is shown to be very realistic in the GSM applications.
	jya.com /a5-jdg-wgc.htm (8519 words)

	Ritter's Crypto Glossary and Dictionary of Technical Cryptography (Site not responding. Last check: 2007-11-04)
		We are to attack a cipher which enciphers plaintext into ciphertext or deciphers the opposite way, under control of a key.
		Typically, a form of stream cipher where the ciphertext output is fed back to modify the state of the random number generator producing the running key or confusion sequence.
		Stream ciphers process the plaintext in small chunks (bits or characters), usually producing a pseudo-random sequence of bits which is added modulo 2 to the bits of the plaintext.
	www.isaicai.org /Harmony/2003-03/www.ciphersbyritter.com/GLOSSARY.HTM (11419 words)

	RC4 Page (Site not responding. Last check: 2007-11-04)
		Furthermore, these patterns propagate into the generated stream and consequently their occurrences (in the secret key) can be easily isolated by simple analysis of the stream (sometimes the ciphertext itself suffice).
		The IV weakness, is related to a popular mode of operation of stream ciphers, where in order to avoid reusing the key, it is combined with a known vector (denoted the initialization vector or the IV) and this combination is used as the seed to the key stream generator.
		This paper describes a practical ciphertext only attack on this mode of operation of RC4, when the combination of the key and the IV is made in a simple method such as concatenation.
	www.wisdom.weizmann.ac.il /~itsik/RC4/rc4.html (1025 words)

	VMPC One-Way Function and Stream Cipher
		In VMPC Stream Cipher the internal state is the 256-element permutation P initialized by the VMPC KSA (Key Scheduling Algorith) The KSA algorithm transforms a secret cryptographic key and a message-unique Initialization Vector (IV) into the cipher's internal state (here the P permutation).
		This internal state is then used directly by the VMPC Stream Cipher to generate the keystream and encrypt data.
		Attacks recovering the cipher's internal state usually require the knowledge of both the plaintext and the ciphertext and a huge amount of computations.
	www.vmpcfunction.com /ksa3.htm (1392 words)

	[No title] (Site not responding. Last check: 2007-11-04)
		By continual reorigination of a fl box containing a keyed version of the Sapphire Stream Cipher, it is possible to find a set of input strings that differ only in the first two (or possibly three) bytes that have identical output after the first three (or possibly four) bytes.
		To generate a sequence that restores the state of the cipher to what it was before the alteration probably requires at least 256 bytes, since the index "rotor" marches steadily on its cycle, one by one.
		This departure from the statistics expected from an ideal stream cipher with feedback doesn't seem to be useful for determining any key bytes or permutation vector bytes, but it is the reason why post-conditioning is required when computing a cryptographic hash with the Sapphire Stream Cipher.
	vmsone.com /~decuslib/decus/secure/sapphire.txt (3420 words)

	Encipher Corp. - Cybrix Encryption Software (Site not responding. Last check: 2007-11-04)
		In case the security of a cipher system is referred to pseudorandom number generation algorithm, the subject of the study is not the implementation method of LFSR, but LFSR itself.
		Stream ciphers are signified by processing plaintext or cipher text one–after-another.
		It's strong against the brute force attack method: is uses a variable-length key (for example 8 bits to over 4096 bits), allowing any random bit string of the required length to be a possible key.
	encipher.us /p-specifications.shtml (1138 words)

	Cryptanalysis of the Worm's Stream Cipher (Site not responding. Last check: 2007-11-04)
		The cipher is subject to a trivial known-plaintext attack whereby a portion of the keystream used to encrypt a message can be recovered easily.
		The cipher state is then used to produce a sequence of bytes, which forms the keystream.
		The modified cipher has the advantage that certain sets of keys which produce "nearly" the same effect on the keystream will be numerically close to each other.
	projects.honeynet.org /scans/scan25/sol/bobmathews/crypt.html (1130 words)

	SecuriTeam.com ™ - An Analysis of the RADIUS Authentication Protocol
		This dictionary attack can be further refined by noting the length of the two passwords and the trailing portion of the longer password, and then only trying passwords with this length and ending.
		For instance the cipher could be keyed from the output of an HMAC of the Request Authenticator (where the HMAC is keyed by the shared secret) or by seeding a cryptographic PRNG with the shared secret and the request authenticator.
		Attacks Replay of Server Responses through Repeated Request Authenticators and DOS Arising from the Prediction of the Request Authenticator are likely the attacks referred to in the RADIUS RFC.
	www.securiteam.com /securitynews/6L00B0U35S.html (4059 words)

	SecurityDocs: Analysis of Different Types of Attacks on Stream Ciphers and Evaluation and Security of Stream Ciphers
		However while considering the attack on the technique, various factors need to be considered, namely the overall complexity (both time and space) of the attack and the volume and type of attack required to mount such an attack.
		Strength of Modified Primitives: One common technique to assess the strength of a stream cipher is to assess a modified one, obtained by changing or removing a component of the considered stream cipher.
		Conclusions about the original stream cipher based on assessment of the modified one have to be carefully considered as the influence may or may not be straightforward.
	www.securitydocs.com /library/3235 (1189 words)

	Re: Missing requirements
		A differential attack relies on gathering statistics from injecting related pairs of plaintext blocks for a block cipher and examining the resultant pair of ciphertext.
		Thus, the xor of a pair of those ciphertext streams result in the cancelling of the cipher output stream and would get you the xor of two plaintext streams, which would presumably have relatively low entropy and can be easily analyzed.
		This latter attack is a rather old, intro textbook attack and is quite different from differential cryptanalysis.
	lists.w3.org /Archives/Public/ietf-tls/msg00175.html (1602 words)

	Bias in the LEVIATHAN Stream Cipher
		The first models the cipher as two random functions in sequence, and shows that the probability of a collision in 64-bit output blocks is doubled as a result; the second shows artifacts where the same inputs are presented to the key-dependent S-boxes in the final stage of the cipher for two successive outputs.
		Like most stream ciphers, it maps a key onto a pseudorandom keystream that can be XORed with the plaintext to generate the ciphertext.
		This shows that this model identifies a substantial bias in the cipher, but there is a further bias in the collision probability of roughly 0.38% yet to be accounted for.
	www.ciphergoth.org /crypto/leviathan/html (1655 words)

	Konton2
		Konton 2.1 is a stream cipher based on a cipher I developed called Konton 2.0, which was based on a cipher called Konton.
		The ciphers discussed in "Mod n Cryptanalysis, with Applications Against RC5P and M6" by Kelsey, Schneier, and Wagner are vulnerable because they expose the lower-order bits of the result of pseudo-random bit rotation and modular addition.
		Every stream cipher PRNG must produce a keystream which is apparently random, though apparent randomness, alone, doesn't guarantee strength.
	www.geocities.com /da5id65536 (5419 words)

	[No title]
		A stream cipher in which the keystream is generated as a function of the key and a fixed number of previous ciphertext digits.
		One way to mount such an attack is for the adversary to gain access to the equipment used for decryption (but not the decryption key itself, which may be embeded in the equipment).
		STREAM CIPHER - Let A be an alphabet of q symbols and let Ee be a simple substitution cipher with block length 1 where e in K. Let m1m2m3...
	crypto-net.com /crypto/cryptodef.php (2940 words)

	Definition of Ciphertext-only attack
		In cryptography, a ciphertext-only attack is a form of cryptanalysis where the attacker is assumed to have access only to a set of ciphertexts.
		Nonetheless poor cipher usage or reliance on home-grown proprietary algorithms that have not be subject to thorough scrutiny has resulted in many computer-age encryption systems that are still subject to ciphertext-only attack.
		A cipher whose key space is too small is subject to brute force attack with access to nothing but ciphertext by simply trying all possible keys.
	www.wordiq.com /definition/Ciphertext-only_attack (549 words)

	- mjidor - (Site not responding. Last check: 2007-11-04)
		Other than simple transposition ciphers, this seems to be the province of ciphers designed to emulate a keyed simple substitution with a table of size far too large to realize.
		A block cipher operates on a block of data (for example, multiple bytes) in a single ciphering, as opposed to a stream cipher, which can operate on bytes or even bits as they occur.
		Ciphering raw plaintext data can be dangerous when the cipher has a relatively small block size.
	www.mjidor.com /kryptoord.shtml (7579 words)

	Challenge to break a stream cipher (Site not responding. Last check: 2007-11-04)
		This cipher, codenamed HMX TEST, is a byte stream cipher requiring only three lines of code to implement.
		The sample stream allows you to make what is, in effect, a "Known Plaintext Attack", which is the nearest thing to a free gift any sender of an encrypted message can provide.
		Bear in mind, however, that Chantilley’s commercial ciphers use MF sequences as components only and employ a minimum of 32 prime modulators.
	www.chantilley.com /html/paper4_challenge.htm (457 words)

	Case Study
		When the CSS Stream Cipher is being used in either "Decryption of the Disk Key" or "Decryption of the Title Key" modes, the input data is mangled in a further step using a mangling function (Figure 3: CSS Mangling Function) before being exclusive ORed with the output of the Stream Cipher.
		In this section I’ll outline the attacks that have been used on the CSS Stream Cipher thus far, and attempt to build an Attack Tree, which could be used to cryptanalyse and evaluate other such proprietary systems, and hence be added to a cryptanalyst’s tool.
		Once the CSS Stream Cipher had been uncovered and it was realised that 40 bit keys were in use (due to export restrictions in the US), a "Brute Force" Attack on the Disk Key Kd was possible.
	www-2.cs.cmu.edu /~dst/DeCSS/Cherry (4116 words)

	Chosen ciphertext attack - Art History Online Reference and Guide (Site not responding. Last check: 2007-11-04)
		A chosen ciphertext attack is an attack on a cryptosystem in which the cryptanalyst chooses ciphertext and causes it to be decrypted with an unknown key.
		For a self-synchronizing stream cipher, a chosen ciphertext attack can be useful as the key used to encipher each byte depends on the previous ciphertext.
		An adaptive chosen ciphertext attack sends a large number of ciphertexts to be decrypted, using the results of these decryptions to select subsequent ciphertexts, and gradually reveal information about an encrypted message, or about the encryption key itself.
	www.arthistoryclub.com /art_history/Chosen_ciphertext_attack (166 words)

	[No title]
		However, it can be used to gauge whether a small number of alphabets were used, and to test a subtext to see if it may have been enciphered with a monoalphabetic substitution.
		Attack: guessing number of ciphers (in round robin) This approach can use the FH or the IC approach to test a series of hypotheses regarding the number of alphabets used (or the periodicity) to encrypt the plaintext.
		Attack: Kasiski attack - uses repeated polygrams (multiple symbol sequences) in the ciphertext to guide guessing of the period of a periodic encipherment.
	www.cise.ufl.edu /~nemo/security/notes.5 (550 words)

	Cryptology ePrint Archive (Site not responding. Last check: 2007-11-04)
		Roughly, the ciphers to which this method applies consist of a ``non-linear process'' (say, akin to a round function in block ciphers), and a ``linear process'' such as an LFSR (or even fixed tables).
		To attack such ciphers, we look for any property of the ``non-linear process'' that can be distinguished from random.
		One is a linear approximation of the non-linear process, which we demonstrate on the stream cipher SNOW.
	eprint.iacr.org /2002/020 (216 words)

	Cryptanalytic Time/Memory/Data tradeoffs for Stream Ciphers - Cryptanalytic, Data, Stream, ASIACRYPT (ResearchIndex)
		Recently, Babbage and Golic pointed out that a different TM = N tradeoff attack for 1 T D is applicable to stream ciphers, where D is the amount of output data available to the attacker.
		0.1 : Cryptanalysis of the A5/1 GSM Stream Cipher - Eli Biham Orr
		10 Cryptanalysis of Alleged A5 Stream Cipher (context) - Golic - 1997
	citeseer.ist.psu.edu /474364.html (393 words)

	A Known Plaintext Attack on the PKZIP Stream Cipher - Biham, Kocher (ResearchIndex) (Site not responding. Last check: 2007-11-04)
		PKZIP provides a stream cipher which allows users to scramble files with variable length keys (passwords).
		In this paper we describe a known plaintext attack on this cipher, which can find the internal representation of the key within a few hours on a personal computer...
		Known Plaintext Attack on the PKZIP Stream Cipher, 2002.
	citeseer.ist.psu.edu /122586.html (269 words)

	SecuriTeam.com ™ - Yet another Plaintext Attack on ZIP's Encryption Scheme (WinZIP)
		Getting plaintext is even more difficult because the plaintext is in its compressed form and a minimal change on the data would represent a great alteration, so if we did not know the full file content included on zip file we could not do anything.
		Attacking this encryption scheme using this 12 prepended random bytes is not a new idea, [2] describes this kind of attack but a minimum of five files in a zip are needed in order to succeed.
		Attacks to ZIPs with less than 3 files might be also possible because in WinZIP the two CRC most important bytes are stored within the 12 "random" numbers.
	www.securiteam.com /securitynews/5LP0A0096O.html (958 words)

	Stream cipher - Enpsychlopedia (Site not responding. Last check: 2007-11-04)
		2.1 Synchronous stream ciphers 2.2 Self-synchronising stream ciphers
		The idea of self-synchronization was patented in 1946 ( U.S. Patent 2,405,400 ( http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1andSect2=HITOFFandd=PALLandp=1andu=/netahtml/srchnum.htmandr=1andf=Gandl=50ands1=2,405,400.WKU.andOS=PN/2,405,400andRS=PN/2,405,400)), and has the advantage that the receiver will automatically synchronise with the keystream generator after receiving N ciphertext digits, making it easier to recover if digits are dropped or added to the message stream.
		Matt J. Robshaw, Stream Ciphers Technical Report TR-701, version 2.0, RSA Laboratories, 1995 (PDF) ( http://security.ece.orst.edu/koc/ece575/rsalabs/tr-701.pdf).
	www.grohol.com /psypsych/wiki/Key_stream (1572 words)

	How can I recover a Zip password?
		PKZip utilizes a proprietary stream cipher which is vulnerable to a known plaintext attack, as described by Eli Biham and Paul C. Kocher in A Known Plaintext Attack on the PKZIP Stream Cipher.
		In addition to these two attacks, it is also possible to recover a Zip password utilizing a brute force attack or a dictionary attack.
		Ultimate Zip Cracker, by VDG Software, is a commercial program which implements the Biham-Kocher attack, a dictionary attack, and a brute-force attack.
	www.tech-faq.com /recover-zip-password.shtml (482 words)

	[No title]
		Description: A5/1 is an LFSR-based stream cipher used to encrypt GSM communication in Europe, the weaker A5/2 is used in a number of other countries.
		Description: E0 is the stream cipher used in Bluetooth.
		Description: ISAAC is a stream cipher similar to RC4.
	www.esat.kuleuven.ac.be /~jlano/stream/designs.htm (924 words)

	Punkroy - Who is?
		Cypher is a file encryption program created to demonstrate some basic concepts of file encryption.
		The primary methods include key expantion using salt values and a message digest algorithms and file encryption using a stream cipher.
		Cypher is also designed to attack it's own files with three modes of attack: session key brute force, pass phrase bute force and dictionary attacking.
	punkroy.drque.net /Cypher.html (165 words)

Try your search on: Qwika (all wikis)