Jump to content

Achterbahn (stream cipher)

Add links
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by JCW-CleanerBot (talk | contribs) at 04:18, 2 December 2017 (→‎Security: task, replaced: Lecture Notes In → Lecture Notes in (2) using AWB). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

In cryptography, Achterbahn is the name of a synchronous stream cipher algorithm submitted to the eSTREAM Project of the eCRYPT network. In the final specification the cipher is called ACHTERBAHN-128/80, because it supports the key lengths of 80 bits and 128 bits, respectively.[1] Achterbahn was developed by Berndt Gammel, Rainer Göttfert and Oliver Kniffler. Achterbahn means rollercoaster (in German), though a literal translation of the term would be eight-track, which indicates that the cipher can encrypt eight bit streams in parallel.

The parameters of the cipher are given in the following table:

ACHTERBAHN-80 ACHTERBAHN-128
Max. key length 80 bit 128 bit
Max. IV length 80 bit 128 bit
Max. frame length 244 244
Internal state 297 bit 351 bit

ACHTERBAHN-128 is downward compatible and can produce the same keystream as ACHTERBAHN-80 if so desired. The keystream generator of ACHTERBAHN-128/80 is based on the design principle of the nonlinear combination generator, however it deploys primitive nonlinear feedback shift registers (NLFSR) instead of linear ones (LFSR).

Security

There are no known cryptanalytic attacks against ACHTERBAHN-128/80 for the tabulated parameters that are faster than brute force attack. Recent analysis showed that attacks are possible if larger frame (packet) lengths are used in a communication protocol.[2][3][4] The cipher's authors recommend a maximum frame length of 244 bits.[5] This value does however not imply practical limitations.

Performance

The ACHTERBAHN-128/80 stream cipher is optimized for hardware applications with restricted resources, such as limited gate count and power consumption. An implementation of ACHTERBAHN-80 has a design size of only 2188 gate equivalents (Nand-GE) in a standard CMOS technology and delivers a throughput of up to 400 Megabit/s. This makes it suitable for RFID tags.[citation needed] A high-speed implementation with a throughput of 8 Gigabit/s has a design size of 8651 Nand-GE.[6]

References

  1. ^ Berndt M. Gammel; Rainer Göttfert; Oliver Kniffler, (30 June 2006). "ACHTERBAHN-128/80" (PDF). ECRYPT Stream Cipher Project Report. {{cite journal}}: Cite journal requires |journal= (help)CS1 maint: extra punctuation (link)
  2. ^ María Naya-Plasencia. "Cryptanalysis of Achterbahn-128/80" (PDF). Fast Software Encryption, 14th International Workshop, FSE 2007, Luxembourg, March 26–28, 2007, Revised Selected Papers, Lecture Notes in Computer Science, Vol. 4593, pp. 73-86, ISBN 978-3-540-74617-1, Springer 2007. {{cite journal}}: Cite journal requires |journal= (help); templatestyles stripmarker in |publisher= at position 179 (help)
  3. ^ María Naya-Plasencia. "Cryptanalysis of Achterbahn-128/80 with a New Keystream Limitation" (PDF). Research in Cryptology: Second Western European Workshop, WEWoRC 2007, Bochum, Germany, July 4–6, 2007, Revised Selected Papers, Lecture Notes in Computer Science, Vol. 4945, pp. 142-152, ISBN 978-3-540-88352-4, Springer 2008. {{cite journal}}: Cite journal requires |journal= (help); templatestyles stripmarker in |publisher= at position 189 (help)
  4. ^ Berndt M. Gammel; Rainer Göttfert; Oliver Kniffler. "Achterbahn-128/80: Design and Analysis". In: Workshop Record of The State of the Art of Stream Ciphers - SASC 2007, (Ruhr University Bochum, Germany, Jan 31 - Feb 1, 2007), pp. 152-165. Archived from the original on 2007-07-24. {{cite journal}}: Cite journal requires |journal= (help); Unknown parameter |deadurl= ignored (|url-status= suggested) (help)
  5. ^ Rainer Göttfert; Berndt M. Gammel. "On the frame length of Achterbahn-128/80" (PDF). In: Proceedings of the 2007 IEEE Information Theory Workshop on Information Theory for Wireless Networks, July 1–6, 2007, Solstrand, Norway, (T. Helleseth, V. Kumar, and Ø. Ytrehus, eds.), pp. 91-95, ISBN 1-4244-1199-8, IEEE 2007. {{cite journal}}: Cite journal requires |journal= (help); templatestyles stripmarker in |publisher= at position 201 (help)
  6. ^ Berndt M. Gammel; Rainer Göttfert; Oliver Kniffler, (30 June 2006). "ACHTERBAHN-128/80" (PDF). Achterbahn home page. {{cite journal}}: Cite journal requires |journal= (help)CS1 maint: extra punctuation (link)
Retrieved from "https://en.wikipedia.org/w/index.php?title=Achterbahn_(stream_cipher)&oldid=813162039"