Some observations on HC-128

12 years 28 days ago
Some observations on HC-128
In this paper, we use linear approximations of the addition modulo 2n of three n-bit integers to identify linear approximations of g1, g2, the feedback functions of HC-128. This, in turn, shows that the process of keystream output generation of HC-128 can be well approximated by linear functions. In this direction, we show that the “least significant bit” based distinguisher (presented by the designer himself) of HC-128 works for the complete 32-bit word. In a different note, in the line of Dunkelman’s observation, we also study how HC-128 keystream words leak secret state information of the cipher due to the properties of the functions h1, h2 and present improved results.
Subhamoy Maitra, Goutam Paul, Shashwat Raizada, Su
Added 14 May 2011
Updated 14 May 2011
Type Journal
Year 2011
Where DCC
Authors Subhamoy Maitra, Goutam Paul, Shashwat Raizada, Subhabrata Sen, Rudradev Sengupta
Comments (0)