Movatterモバイル変換

[0]ホーム

Jump to content

SNOW

Edit links

From Wikipedia, the free encyclopedia

Family of stream ciphers

This article is about the stream cipher. For the MI5 agent, seeArthur Owens. For other uses, seeSnow (disambiguation).

SNOW is a family of word-based synchronousstream ciphers developed by Thomas Johansson and Patrik Ekdahl atLund University.

They have a 512-bitlinear feedback shift register at their core, followed by a non-linear output state machine with a few additional words of state.

SNOW 1.0,SNOW 2.0, andSNOW 3G use a shift register of 16 32-bit words, and a 32-bitadd-rotate-XOR (ARX) output transformation with 2 or 3 words of state. Each iteration advances the shift register by 32 bits and produces 32 bits of output.

SNOW-V andSNOW-Vi use a shift register of 32 16-bit words (designed to be implemented as 4 128-bitSIMD registers) which is advanced by 16 bits per iteration. 8 LFSR iterations can be performed simultaneously using SIMD operations, after which one output transformation step is performed, producing 128 bits of output. The output transformation uses theAdvanced Encryption Standard (AES) round function (commonlyimplemented in hardware on recent processors), and maintains 2 additional 128-bit words of state.

History

[edit]

SNOW 1.0, originally simply SNOW, was submitted to theNESSIE project.^[1] The cipher has no known intellectual property or other restrictions. The cipher works on 32-bit words and supports both 128- and 256-bit keys. The cipher consists of a combination of aLFSR and afinite-state machine (FSM) where the LFSR also feeds the next state function of the FSM. The cipher has a short initialization phase and very good performance on both 32-bit processors and in hardware.

During the evaluation, weaknesses were discovered and as a result, SNOW was not included in the NESSIE suite of algorithms. The authors have developed a new version, version 2.0 of the cipher, that solves the weaknesses and improves the performance.^[2]

DuringETSI SAGE evaluation, the design was further modified to increase its resistance against algebraic attacks with the result named SNOW 3G.^[3]

It has been found that related keys exist both for SNOW 2.0 and SNOW 3G,^[4] allowing attacks against SNOW 2.0 in the related-key model.

Use

[edit]

SNOW has been used in theESTREAM project as a reference cipher for the performance evaluation.

SNOW 2.0 is one out of stream ciphers chosen forISO/IEC standard ISO/IEC 18033-4.^[5]

SNOW 3G^[6] is chosen as the stream cipher for the3GPP encryption algorithms UEA2 and UIA2.^[7]

SNOW-V was an extensive redesign published in 2019,^[8] designed to match5G cellular network speeds by generating 128 bits of output per iteration. SNOW-Vi^[9] was tweaked for even higher speed using small changes to the LFSR; the output transformation is identical.

Sources

[edit]

^Ekdahl, Patrik; Johansson, Thomas (2000).SNOW - a new stream cipher(PDF). First NESSIE Workshop.Heverlee, Belgium. Retrieved2024-05-15.
^Ekdahl, Patrik; Johansson, Thomas (August 2002).A New Version of the Stream Cipher SNOW(PDF). Selected Areas in Cryptography: 9th Annual International Workshop.St. John's, Newfoundland.CiteSeerX 10.1.1.7.4280.doi:10.1007/3-540-36492-7_5. Retrieved2024-05-15.
^UEA2 Design and Evaluation Report
^Kircanski, Aleksandar; Youssef, Amr (15 April 2012)."On the Sliding Property of SNOW 3G and SNOW 2.0"(PDF). Retrieved19 October 2021.
^"ISO/IEC 18033-4:2011 Information technology — Security techniques — Encryption algorithms — Part 4: Stream ciphers". ISO. Retrieved30 October 2020.
^"Specification of the 3GPP Confidentiality and Integrity Algorithms UEA2 & UIA2. Document 2: SNOW 3G Specification"(PDF).www.gsma.com. 6 September 2006. Retrieved13 October 2017.
^"Specification of the 3GPP Confidentiality and Integrity Algorithms UEA2 & UIA2. Document 1: UEA2 and UIA2 Specification"(PDF).www.quintillion.co.jp. Archived fromthe original(PDF) on 19 March 2012. Retrieved30 October 2020.
^Ekdahl, Patrik; Johansson, Thomas; Maximov, Alexander; Yang, Jing (September 2019)."A new SNOW stream cipher called SNOW-V".IACR Transactions on Symmetric Cryptology.2019 (3):1–42.doi:10.13154/tosc.v2019.i3.1-42.
^Ekdahl, Patrik; Johansson, Thomas; Maximov, Alexander; Yang, Jing (June 2021).SNOW-Vi: an extreme performance variant of SNOW-V for lower grade CPUs. 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks.doi:10.1145/3448300.3467829.

External links

[edit]

The Lund Crypto and Security group website Archived 2021-09-20 at theWayback Machine

Stream ciphers

Widely used ciphers

eSTREAM Portfolio

Software	HC-128 Rabbit Salsa20 SOSEMANUK
Hardware	Grain MICKEY Trivium

Other ciphers

Generators

Theory

Attacks

v t e Cryptography
General	History of cryptography Outline of cryptography Classical cipher Cryptographic protocol Authentication protocol Cryptographic primitive Cryptanalysis Cryptocurrency Cryptosystem Cryptographic nonce Cryptovirology Hash function Cryptographic hash function Key derivation function Secure Hash Algorithms Digital signature Kleptography Key (cryptography) Key exchange Key generator Key schedule Key stretching Keygen Machines Ransomware Random number generation Cryptographically secure pseudorandom number generator (CSPRNG) Pseudorandom noise (PRN) Secure channel Insecure channel Subliminal channel Encryption Decryption End-to-end encryption Harvest now, decrypt later Information-theoretic security Plaintext Codetext Ciphertext Shared secret Trapdoor function Trusted timestamping Key-based routing Onion routing Garlic routing Kademlia Mix network
Mathematics	Cryptographic hash function Block cipher Stream cipher Symmetric-key algorithm Authenticated encryption Public-key cryptography Quantum key distribution Quantum cryptography Post-quantum cryptography Message authentication code Random numbers Steganography
Category

Retrieved from "https://en.wikipedia.org/w/index.php?title=SNOW&oldid=1301407474"

Category:

Stream ciphers

Hidden categories:

[8]ページ先頭