Cryptanalysis of Lightweight WG-8 Stream Cipher

Ding, Lin; Jin, Chenhui; Guan, Jie; Wang, Qiuyan

doi:10.1109/tifs.2014.2307202

Cited by 31 publications

(15 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In comparison with other lightweight stream ciphers, WG‐8 is 2–15 times faster while consuming 2–220 times less energy. A key recovery attack requires 253 chosen IVs to recover the key with 253.32 complexity, for specifically selected key–IV pairs . The provided security level is still adequate for wireless sensor networks (WSN) and RFID tags when these key–IV pairs are avoided.…”

Section: Stream Cipher In Lwcmentioning

confidence: 99%

A survey of lightweight stream ciphers for embedded systems

Manifavas

Hatzivasilis

Fysarakis

et al. 2015

Security Comm. Networks

View full text Add to dashboard Cite

Pervasive computing constitutes a growing trend, aiming to embed smart devices into everyday objects. The limited resources of these devices and the ever‐present need for lower production costs, lead to the research and development of lightweight cryptographic mechanisms. Block ciphers, the main symmetric key cryptosystems, perform well in this field. Nevertheless, stream ciphers are also relevant in ubiquitous computing applications, as they can be used to secure the communication in applications where the plaintext length is either unknown or continuous, like network streams. This paper provides the latest survey of stream ciphers for embedded systems. Lightweight implementations of stream ciphers in embedded hardware and software are examined as well as relevant authenticated encryption schemes. Their speed and simplicity enable compact and low‐power implementations, allow them to excel in applications pertaining to resource‐constrained devices. The outcomes of the International Organization for Standardization/International Electrotechnical Commission 29192‐3 standard and the cryptographic competitions eSTREAM and Competition for Authenticated Encryption: Security, Applicability, and Robustness are summarized along with the latest results in the field. However, cryptanalysis has proven many of these schemes are actually insecure. From the 31 designs that are examined, only six of them have been found to be secure by independent cryptanalysis. A constrained benchmark analysis is performed on low‐cost embedded hardware and software platforms. The most appropriate and secure solutions are then mapped in different types of applications. Copyright © 2015 John Wiley & Sons, Ltd.

show abstract

Section: Stream Cipher In Lwcmentioning

confidence: 99%

A survey of lightweight stream ciphers for embedded systems

Manifavas

Hatzivasilis

Fysarakis

et al. 2015

Security Comm. Networks

View full text Add to dashboard Cite

show abstract

“…A related-key attack is a cryptanalytic attack that can also be applied to a stream cipher and allows to launch a key-recovery attack. In [12], Ding et al proposed a key-recovery attack in the related key settings on WG-8 stream cipher by exploiting the slide property of WG-8 stream cipher. The key-recovery attack has a time complexity of 2 53.32 and needs 2 52 chosen IVs.…”

Section: Related-key Attackmentioning

confidence: 99%

WG-8: A Lightweight Stream Cipher for Resource-Constrained Smart Devices

Fan¹,

Mandal²,

Gong³

2015

ICST Transactions on Security and Safety

View full text Add to dashboard Cite

Lightweight cryptographic primitives are essential for securing pervasive embedded devices like RFID tags, smart cards, and wireless sensor nodes. In this paper, we present a lightweight stream cipher WG-8, which is tailored from the well-known Welch-Gong (WG) stream cipher family, for resource-constrained devices. WG-8 inherits the good randomness and cryptographic properties of the WG stream cipher family and is resistant to the most common attacks against stream ciphers. The software implementations of the WG-8 stream cipher on two popular low-power microcontrollers as well as the extensive comparison with other lightweight cryptography implementations highlight that in the context of securing lightweight embedded applications WG-8 has favorable performance and low energy consumption.

show abstract

“…Moreover, the WG stream ciphers have provable randomness properties such as long period, balance, 2-level autocorrelation, known linear complexity, and ideal -tuple distribution. Since then, a tremendous research on the other parameters, cryptanalysis and hardware implementation of WG stream ciphers are reported in the literature [34,12,13,25,36,35,42,15].…”

Section: Introductionmentioning

confidence: 99%

“…Let T 3(x) and w(x) be as defined in Eqs (11). and(12), respectively, andg(x) = T 3(x d ) with d = 2 k − 1.The Hadamard transforms of W G w (x) and W G g (x) are as follows: 1) the Hadamard transform of W G w (x) is 3-valued.2) the Hadamard transform of W G g (x) is also at most 5-valued.…”

mentioning

confidence: 99%

On ideal $ t $-tuple distribution of orthogonal functions in filtering de bruijn generators

Mandal¹,

Gong²

2022

AMC

View full text Add to dashboard Cite

Uniformity in binary tuples of various lengths in a pseudorandom sequence is an important randomness property. We consider ideal <inline-formula><tex-math id="M1">\begin{document}$ t $\end{document}</tex-math></inline-formula>-tuple distribution of a filtering de Bruijn generator consisting of a de Bruijn sequence of period <inline-formula><tex-math id="M2">\begin{document}$ 2^n $\end{document}</tex-math></inline-formula> and a filtering function in <inline-formula><tex-math id="M3">\begin{document}$ m $\end{document}</tex-math></inline-formula> variables. We restrict ourselves to the family of orthogonal functions, that correspond to binary sequences with ideal 2-level autocorrelation, used as filtering functions. After the twenty years of discovery of Welch-Gong (WG) transformations, there are no much significant results on randomness of WG transformation sequences. In this article, we present new results on uniformity of the WG transform of orthogonal functions on de Bruijn sequences. First, we introduce a new property, called invariant under the WG transform, of Boolean functions. We have found that there are only two classes of orthogonal functions whose WG transformations preserve <inline-formula><tex-math id="M4">\begin{document}$ t $\end{document}</tex-math></inline-formula>-tuple uniformity in output sequences, up to <inline-formula><tex-math id="M5">\begin{document}$ t = (n-m+1) $\end{document}</tex-math></inline-formula>. The conjecture of Mandal et al. in [<xref ref-type="bibr" rid="b29">29</xref>] about the ideal tuple distribution on the WG transformation is proved. It is also shown that the Gold functions and quadratic functions can guarantee <inline-formula><tex-math id="M6">\begin{document}$ (n-m+1) $\end{document}</tex-math></inline-formula>-tuple distributions. A connection between the ideal tuple distribution and the invariance under WG transform property is established.

show abstract

Cryptanalysis of Lightweight WG-8 Stream Cipher

Cited by 31 publications

References 34 publications

A survey of lightweight stream ciphers for embedded systems

A survey of lightweight stream ciphers for embedded systems

WG-8: A Lightweight Stream Cipher for Resource-Constrained Smart Devices

On ideal $ t $-tuple distribution of orthogonal functions in filtering de bruijn generators

Contact Info

Product

Resources

About