• Publications
  • Influence
Algebraic Attacks on Stream Ciphers with Linear Feedback
This paper shows how to substantially lower the degree of these equations by multiplying them by well-chosen multivariate polynomials, and is able to break Toyocrypt in 2 CPU clocks, with only 20 Kbytes of keystream, the fastest attack proposed so far. Expand
Grain: a stream cipher for constrained environments
A new stream cipher, Grain, is proposed, which targets hardware environments where gate count, power consumption and memory is very limited and has the additional feature that the speed can be increased at the expense of extra hardware. Expand
Algebraic Attacks and Decomposition of Boolean Functions
Algebraic attacks on LFSR-based stream ciphers recover the secret key by solving an overdefined system of multivariate algebraic equations and become very efficient if such relations of low degrees may be found. Expand
SHA-3 proposal BLAKE
BLAKE is the proposal for SHA-3 that uses the HAIFA iteration mode and builds its compression function on the ChaCha core function, and resists generic second-preimage attacks, length extension, and sidechannel attacks. Expand
Quark: A Lightweight Hash
This paper proposes a novel design philosophy for lightweight hash functions, based on the sponge construction in order to minimize memory requirements, and presents the hash function family Quark, composed of three instances: u-Quark, d- quark, and s-Quarks, which can be used for message authentication, stream encryption, or authenticated encryption. Expand
Fast correlation attacks on certain stream ciphers
Two new correlation attacks are presented to determine the initial digits of a, provided that the numbert of feedback taps is small, and are demonstrated to be successful against shift registers of considerable lengthk (typically,k=1000). Expand
Nonlinearity Criteria for Cryptographic Functions
Nonlinearity criteria for Boolean functions are classified in view of their suitability for cryptographic design and two criteria turn out to be of special interest, the distance to linear structures and the Distance to affine functions, which are shown to be invariant under all affine transformations. Expand
A Stream Cipher Proposal: Grain-128
A new stream cipher, Grain-128, is proposed. The design is very small in hardware and it targets environments with very limited resources in gate count, power consumption, and chip area. Grain-128Expand
The Self-Shrinking Generator
A construction of a pseudo random generator based on a single linear feedback shift register is investigated, related to the so-called shrinking generator and is attractive by its conceptual simplicity. Expand
Grain-128a: a new version of Grain-128 with optional authentication
A new version of the stream cipher Grain-128 is proposed, strengthened against all known attacks and observations on the original Grain- 128, and has built-in support for optional authentication. Expand