|Table of Contents|

Linear distinguishing attack analysis on ZUC stream cipher


Research Field:
Publishing date:


Linear distinguishing attack analysis on ZUC stream cipher
Tang Yongli1Han Di1Yan Xixi1Ye Qing1Li Zichen2
1.School of Computer Science and Technology,Henan Polytechnic University,Jiaozuo 454003,China; 2.School of Information Engineering,Beijing Institute of Graphic Communication,Beijing 102600,China
ZUC linear distinguishing attack linear approximation distinguisher linear masking
In order to probe into the security of the ZUC algorithm,linear distinguishing attack on the ZUC algorithm is proposed.In this paper,we first consider the linear approximation of 2-round nonlinear function F and get linear approximation equation,and the best advantage of the linear approximation equation is 2-22.6.By combining those linear approximations,we establish a distinguisher only depending on the keystream.In order to get the best advantage of distinguisher,we search the best linear masking and the best advantage of the distinguisher is about 2-65.5.The result shows that the key stream generated by ZUC is distinguishable from a random sequence after observing approximately O(2131)bits,and it proves that the ZUC algorithm is safe.By comparison,the result of the linear distinguishing attack is superior to other attacks.


[1] ETSI/SAGE.Specification of the 3GPP confidentiality and integrity algorithms 128-EEA3&128-EIA3.Document2:ZUC Specification[S].
Zhou Wei,Wang Bo,Pan Weitao.ZUC hardware implementation research[J].Measurement & Control Technology Abroad,2015,34(7):66-71.
[3]Ding L,Liu S K,Zhang Z Y,et al.Guess and determine atack on ZUC based on solving nonlinear equations[J].Proc of the Record of the 1st Int'l Workshop on ZUC Algorithm,2010,26(6-7):1-8.
Guan Jie,Ding Lin,Liu Shukai.Guess and determine attack on SNOW3G and ZUC[J].Journal of Software,2013,24(6):1324-1333.
Tang Ming,Gao Jian,Sun Lehao.Side channel attacks in frequency domain for ZUC algorithm in embedded platform[J].Journal of Shandong University,2014,49(9):29-34.
Li Shunbo,Hu Yupu,Wang Yan.Distinguishing attack on the stream cipher Sosemanuk[J].Journal of Harbin Engineering University,2012,33(2):259-262.
[9]Naya-Plasencia M.Cryptanalysis of achterbahn-128/80[C]//Fast Software Encryption-FSE2007.Luxem-bourg:Springer-Verlag,2007:73-86.
[10]Hakala R M,NyberyK.Linear distinguishing attack on Shannon[C]//Information Security and Privacy.Wollongong,Australia:Springer,2008:297-305.
Liu Yan,Pan Feng.Controller design for linear discrete-time system in delta-domain[J].Journal of Nanjing University of Science and Technology,2015,39(5):571-577.
[13]Cid C,Murphy S,Piper F,et al.ZUC algorithm evaluation report[R].London:Codes & Ciphers Ltd.,2010.


Last Update: 2016-06-30