Showing papers by "Jean-Philippe Aumasson published in 2006"

On the pseudo-random generator ISAAC.

Abstract: This paper presents some properties of he deterministic random bit generator ISAAC (FSE’96), contradicting several statements of its introducing article. In particular, it characterizes huge subsets of internal states which induce a strongly non-uniform distribution in the 8 192 first bits produced. A previous attack on ISAAC presented at Asiacrypt’06 by Paul and Preneel is demonstrated to be non relevant, since relies on an erroneous algorithm. Finally, a modification of the algorithm is proposed to fix the weaknesses discovered. ISAAC [2] is a deterministic random bits generator presented at FSE’96 by Jenkins, who claims that it has “no bad initial states, not even the state of all zeros”. We contradict this affirmation, presenting more than 28 167 weak states, in Section 2, after a short description of ISAAC and the observation of some minor weaknesses, in Section 1. Recall that, as a source of non-uniform randomness, weak states might distort simulations, and harm cryptographic applications, and so generators with many such states should not be used. Sections 3 and 4 respectively propose a modification of ISAAC’s algorithm to avoid the design flaws presented, and point out an error in a previous analysis of ISAAC.

On the cost of cryptanalytic attacks.

Abstract: This note discusses the complexity evaluation of cryptanalytic attacks, with the example of exhaustive key search, illustrated with several ciphers from the eSTREAM project. A measure is proposed to evaluate the effective computational cost of cryptanalytic algorithms, based on the observation that the standard one is not precise enough.