Improved Key Recovery Attack on the BEAN Stream Cipher
Summary :
BEAN is a newly proposed lightweight stream cipher adopting Fibonacci FCSRs. It is designed for very constrained environments and aims at providing a balance between security, efficiency and cost. A weakness in BEAN was first found by Å gren and Hell in 2011, resulting in a key recovery attack slightly better than brute force. In this paper, we present new correlations between state and keystream with large statistical advantage, leading to a much more efficient key recovery attack. The time and data complexities of this attack are 257.53 and 259.94, respectively. Moreover, two new output functions are provided as alternatives, which are more efficent than the function used in BEAN and are immune to all attacks proposed on the cipher. Also, suggestions for improving the FCSRs are given.
- Publication
- IEICE TRANSACTIONS on Fundamentals Vol.E96-A No.6 pp.1437-1444
- Publication Date
- 2013/06/01
- Publicized
- Online ISSN
- 1745-1337
- DOI
- 10.1587/transfun.E96.A.1437
- Type of Manuscript
- PAPER
- Category
- Cryptography and Information Security
Authors
Hui WANG
Fudan University,Lund University
Martin HELL
Lund University
Thomas JOHANSSON
Lund University
Martin ÅGREN
Lund University
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Hui WANG, Martin HELL, Thomas JOHANSSON, Martin ÅGREN, "Improved Key Recovery Attack on the BEAN Stream Cipher" in IEICE TRANSACTIONS on Fundamentals,
vol. E96-A, no. 6, pp. 1437-1444, June 2013, doi: 10.1587/transfun.E96.A.1437.
Abstract: BEAN is a newly proposed lightweight stream cipher adopting Fibonacci FCSRs. It is designed for very constrained environments and aims at providing a balance between security, efficiency and cost. A weakness in BEAN was first found by Å gren and Hell in 2011, resulting in a key recovery attack slightly better than brute force. In this paper, we present new correlations between state and keystream with large statistical advantage, leading to a much more efficient key recovery attack. The time and data complexities of this attack are 257.53 and 259.94, respectively. Moreover, two new output functions are provided as alternatives, which are more efficent than the function used in BEAN and are immune to all attacks proposed on the cipher. Also, suggestions for improving the FCSRs are given.
URL: https://globals.ieice.org/en_transactions/fundamentals/10.1587/transfun.E96.A.1437/_p
Copy
@ARTICLE{e96-a_6_1437,
author={Hui WANG, Martin HELL, Thomas JOHANSSON, Martin ÅGREN, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Improved Key Recovery Attack on the BEAN Stream Cipher},
year={2013},
volume={E96-A},
number={6},
pages={1437-1444},
abstract={BEAN is a newly proposed lightweight stream cipher adopting Fibonacci FCSRs. It is designed for very constrained environments and aims at providing a balance between security, efficiency and cost. A weakness in BEAN was first found by Å gren and Hell in 2011, resulting in a key recovery attack slightly better than brute force. In this paper, we present new correlations between state and keystream with large statistical advantage, leading to a much more efficient key recovery attack. The time and data complexities of this attack are 257.53 and 259.94, respectively. Moreover, two new output functions are provided as alternatives, which are more efficent than the function used in BEAN and are immune to all attacks proposed on the cipher. Also, suggestions for improving the FCSRs are given.},
keywords={},
doi={10.1587/transfun.E96.A.1437},
ISSN={1745-1337},
month={June},}
Copy
TY - JOUR
TI - Improved Key Recovery Attack on the BEAN Stream Cipher
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 1437
EP - 1444
AU - Hui WANG
AU - Martin HELL
AU - Thomas JOHANSSON
AU - Martin ÅGREN
PY - 2013
DO - 10.1587/transfun.E96.A.1437
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E96-A
IS - 6
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - June 2013
AB - BEAN is a newly proposed lightweight stream cipher adopting Fibonacci FCSRs. It is designed for very constrained environments and aims at providing a balance between security, efficiency and cost. A weakness in BEAN was first found by Å gren and Hell in 2011, resulting in a key recovery attack slightly better than brute force. In this paper, we present new correlations between state and keystream with large statistical advantage, leading to a much more efficient key recovery attack. The time and data complexities of this attack are 257.53 and 259.94, respectively. Moreover, two new output functions are provided as alternatives, which are more efficent than the function used in BEAN and are immune to all attacks proposed on the cipher. Also, suggestions for improving the FCSRs are given.
ER -
FlyerIEICE has prepared a flyer regarding multilingual services. Please use the one in your native language.
English
