Evaluation of SOSEMANUK With Regard to Guess-and-Determine Attacks


This paper describes the attack on SOSEMANUK, one of the stream ciphers proposed at eSTREAM (the ECRYPT Stream Cipher Project) in 2005. The cipher features the variable secret key length from 128-bit up to 256-bit and 128-bit initial vector. The basic operation of the cipher is performed in a unit of 32 bits i.e. “word”, and each word generates keystream. This paper shows the result of guess-and-determine attack made on SOSEMANUK. The attack method enables to determine all of 384-bit internal state just after the initialization, using only 2-word keystream. This attack needs about 2 computations. Thus, when secret key length is longer than 224-bit, it needs less computational effort than an exhaustive key search, to break SOSEMANUK. The results show that the cipher has still the 128-bit security as claimed by its designers.

4 Figures and Tables

Cite this paper

@inproceedings{TsunooEvaluationOS, title={Evaluation of SOSEMANUK With Regard to Guess-and-Determine Attacks}, author={Yukiyasu Tsunoo and Teruo Saito and Maki Shigeri and Tomoyasu Suzaki and Hadi Ahmadi and Taraneh Eghlidos and Shahram Khazaei} }