#### Filter Results:

- Full text PDF available (28)

#### Publication Year

2005

2016

- This year (0)
- Last five years (7)

#### Publication Type

#### Co-author

#### Publication Venue

#### Key Phrases

Learn More

- Shahram Khazaei, Douglas Wikström
- CT-RSA
- 2012

We study mix-nets with randomized partial checking (RPC) as proposed by Jakobsson, Juels, and Rivest (2002). RPC is a technique to verify the correctness of an execution both for Chaumian and homomorphic mix-nets. The idea is to relax the correctness and privacy requirements to achieve a more efficient mix-net. We identify serious issues in the original… (More)

- Simon Fischer, Shahram Khazaei, Willi Meier
- AFRICACRYPT
- 2008

A recent framework for chosen IV statistical distinguishing analysis of stream ciphers is exploited and formalized to provide new methods for key recovery attacks. As an application, a key recovery attack on simplified versions of two eSTREAM Phase 3 candidates is given: For Grain-128 with IV initialization reduced to up to 180 of its 256 iterations, and… (More)

- Shahram Khazaei
- 2005

ABC is a synchronous stream proposed as a candidate to ECRYPT Project. ABC gets a 128-bit key and a 128-bit IV and produces 1195 bits as the internal state of the cipher. Using some statistical simulations we show that one of the ABC components, a key-IV dependent function over GF(2 32) called C which is chosen randomly from a family of functions, is… (More)

- Shahram Khazaei, Simon Fischer, Willi Meier
- Selected Areas in Cryptography
- 2007

In this paper, we present some reduced complexity attacks on the Alternating Step Generator (ASG). The attacks are based on a quite general framework and mostly benefit from the low sampling resistance of the ASG, and of an abnormal behavior related to the distribution of the initial states of the stop/go LFSR's which produce a given segment of the output… (More)

- Jean-Philippe Aumasson, Simon Fischer, Shahram Khazaei, Willi Meier, Christian Rechberger
- IACR Cryptology ePrint Archive
- 2007

The stream cipher Salsa20 was introduced by Bernstein in 2005 as a candidate in the eSTREAM project, accompanied by the reduced versions Salsa20/8 and Salsa20/12. ChaCha is a variant of Salsa20 aiming at bringing better diffusion for similar performance. Variants of Salsa20 with up to 7 rounds (instead of 20) have been broken by differential cryptanalysis,… (More)

- Eric Brier, Shahram Khazaei, Willi Meier, Thomas Peyrin
- ASIACRYPT
- 2009

In this paper, an improved differential cryptanalysis framework for finding collisions in hash functions is provided. Its principle is based on lineariza-tion of compression functions in order to find low weight differential characteristics as initiated by Chabaud and Joux. This is formalized and refined however in several ways: for the problem of finding a… (More)

Grain is one of the simplest ECRYPT Stream Cipher project Candidates which deals with key and IV of length 80 and 64 respectively. Using the linear sequential circuit approximation method, introduced by Golic in 1994, we derive a linear function of consecutive keystream bits which is held with correlation coefficient of about 2-63.7. Then using the concept… (More)

- Shahram Khazaei, Tal Moran, Douglas Wikström
- ASIACRYPT
- 2012

We construct a provably secure mix-net from any CCA2 secure cryp-tosystem. The mix-net is secure against active adversaries that statically corrupt less than λ out of k mix-servers, where λ is a threshold parameter, and it is robust provided that at most min(λ − 1, k − λ) mix-servers are corrupted. The main component of our construction is a mix-net that… (More)

- Shahram Khazaei, Mahdi M. Hasanzadeh, Mohammad S. Kiaei
- IACR Cryptology ePrint Archive
- 2006

Grain and Trivium are two hardware oriented synchronous stream ciphers proposed as the simplest candidates to the ECRYPT Stream Cipher Project , both dealing with 80-bit secret keys. In this paper we apply the linear sequential circuit approximation method to evaluate the strength of these stream ciphers against distinguishing attack. In this approximation… (More)