The Small-state Stream Cipher Algorithm Draco-F Based on State-bit Indexing Method

ZHANG Runlian; FAN Xin; ZHAO Hao; WU Xiaonian; WEI Yongzhuang

doi:10.11999/JEIT240524

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2025 >

ZHANG Runlian, FAN Xin, ZHAO Hao, WU Xiaonian, WEI Yongzhuang. The Small-state Stream Cipher Algorithm Draco-F Based on State-bit Indexing Method[J]. Journal of Electronics & Information Technology. doi: 10.11999/JEIT240524

Citation:

ZHANG Runlian, FAN Xin, ZHAO Hao, WU Xiaonian, WEI Yongzhuang. The Small-state Stream Cipher Algorithm Draco-F Based on State-bit Indexing Method[J]. Journal of Electronics & Information Technology. doi: 10.11999/JEIT240524

Citation:

PDF( 968 KB)

The Small-state Stream Cipher Algorithm Draco-F Based on State-bit Indexing Method

doi: 10.11999/JEIT240524

School of Computer Science and Information Security, Guilin University of Electronic Technology, Guilin 541000, China

Funds: The National Natural Science Foundation of China (62062026), The Key Research and Development Program of Guangxi (guike AB23026131), The Innovation Project of Guangxi Graduate Education (YCSW2024347)

Received Date: 2024-06-25
Rev Recd Date: 2024-09-12

Available Online: 2024-09-19

Abstract

Abstract

The Draco algorithm is an example of a stream cipher based on the Consisting of the Initial Value and Key-prefix (CIVK) scheme, claiming to have provable security against Time Memory Data TradeOff (TMDTO) attacks. However, its selection function has structural flaws, which have been exploited attackers to provide analyses that break its security boundaries. Addressing the security vulnerabilities and other issues in the Draco algorithm, an improved algorithm called Draco-F is proposed in this paper, which is based on state bit indexing and dynamic initialization. Firstly, the Draco-F algorithm extends the period of the selection function and reduces its hardware cost by employing the method of state bit indexing. Secondly, while ensuring the uniform usage of Nonlinear Feedback Shift Register (NFSR) state bits, the Draco-F algorithm further reduces the hardware cost of the algorithm by simplifying the output function. Finally, Draco-F introduces dynamic initialization techniques to prevent key backtracking. Security analysis and software-hardware testing results on the Draco-F algorithm show that, compared to the Draco algorithm, Draco-F avoids the security vulnerabilities in Draco, providing a 128 bit security level with an actual 128 bit internal state. Furthermore, the Draco-F algorithm has higher key stream throughput and a smaller circuit area.
- Stream cipher,
- Consisting of the Initial Value and Key-prefix (CIVK),
- Draco,
- State bit indexing,
- Dynamic initialization

FullText(HTML)

References(17)

References

[1]	ÅGREN M, HELL M, JOHANSSON T, et al. Grain-128a: A new version of Grain-128 with optional authentication[J]. International Journal of Wireless and Mobile Computing, 2011, 5(1): 48–59. doi: 10.1504/IJWMC.2011.044106.
[2]	EKDAHL P, JOHANSSON T, MAXIMOV A, et al. A new SNOW stream cipher called SNOW-V[J]. IACR Transactions on Symmetric Cryptology, 2019, 2019(3): 1–42. doi: 10.13154/tosc.v2019.i3.1-42.
[3]	AMIN GHAFARI V and HU Honggang. Fruit-80: A secure ultra-lightweight stream cipher for constrained environments[J]. Entropy, 2018, 20(3): 180. doi: 10.3390/e20030180.
[4]	ZIDARIČ N, MANDAL K, GONG G, et al. The welch-gong stream cipher-evolutionary path[J]. Cryptography and Communications, 2024, 16(1): 129–165. doi: 10.1007/s12095-023-00656-0.
[5]	冯秀涛. 3GPP LTE国际加密标准ZUC算法[J]. 信息安全与通信保密, 2011, 9(12): 45–46. doi: 10.3969/j.issn.1009-8054.2011.12.033. FENG Xiutao. ZUC algorithm: 3GPP LTE international encryption standard[J]. Information Security and Communications Privacy, 2011, 9(12): 45–46. doi: 10.3969/j.issn.1009-8054.2011.12.033.
[6]	KUMAR S and SARKAR S. Conditional TMDTO as a MILP instance[J]. IEEE Transactions on Information Theory, 2023, 69(5): 3330–3346. doi: 10.1109/TIT.2022.3230910.
[7]	ARMKNECHT F and MIKHALEV V. On lightweight stream ciphers with shorter internal states[C]. The 22nd International Workshop on Fast Software Encryption, Istanbul, Turkey, 2015: 451–470. doi: 10.1007/978-3-662-48116-5_22.
[8]	HAMANN M, KRAUSE M, and MEIER W. LIZARD-A lightweight stream cipher for power-constrained devices[J]. IACR Transactions on Symmetric Cryptology, 2017, 2017(1): 45–79. doi: 10.13154/tosc.v2017.i1.45-79.
[9]	MIKHALEV V, ARMKNECHT F, and MÜLLER C. On ciphers that continuously access the non-volatile key[J]. IACR Transactions on Symmetric Cryptology, 2017, 2017(2): 52–79. doi: 10.13154/tosc.v2016.i2.52-79.
[10]	BANIK S, CAFORIO A, ISOBE T, et al. Atom: A stream cipher with double key filter[J]. IACR Transactions on Symmetric Cryptology, 2021, 2021(1): 5–36. doi: 10.46586/tosc.v2021.i1.5-36.
[11]	HAMANN M, MOCH A, KRAUSE M, et al. The DRACO stream cipher: A power-efficient small-state stream cipher with full provable security against TMDTO attacks[J]. IACR Transactions on Symmetric Cryptology, 2022, 2022(2): 1–42. doi: 10.46586/tosc.v2022.i2.1-42.
[12]	HAMANN M and KRAUSE M. On stream ciphers with provable beyond-the-birthday-bound security against time-memory-data tradeoff attacks[J]. Cryptography and Communications, 2018, 10(5): 959–1012. doi: 10.1007/s12095-018-0294-5.
[13]	HAMANN M, KRAUSE M, MEIER W, et al. Design and analysis of small-state grain-like stream ciphers[J]. Cryptography and Communications, 2018, 10(5): 803–834. doi: 10.1007/s12095-017-0261-6.
[14]	HAMANN M, KRAUSE M, and MOCH A. Tight security bounds for generic stream cipher constructions[C]. The Selected Areas in Cryptography–SAC 2019: 26th International Conference, Waterloo, Canada, 2020: 335–364. doi: 10.1007/978-3-030-38471-5_14.
[15]	GÜL Ç and KARA O. A new construction method for keystream generators[J]. IEEE Transactions on Information Forensics and Security, 2023, 18: 3735–3744. doi: 10.1109/TIFS.2023.3287412.
[16]	BANIK S. Cryptanalysis of Draco[J]. IACR Transactions on Symmetric Cryptology, 2022, 2022(4): 92–104. doi: 10.46586/tosc.v2022.i4.92-104.
[17]	GAMMEL B, GÖTTFERT R, and KNIFFLER O. Achterbahn-128/80: Design and analysis[C]. ECRYPT Network of Excellence-SASC Workshop Record, Bochum, Germany, 2007: 152–165.