Security Research Of The Stream Cipher Salsa20

ECRYPT initiated stream cipher project eSTREAM in 2004, Salsa20 is one of the seven final winner algorithms. Salsa20, presented by Daniel J.Bernstein, is a stream cipher based on hash function, its core part is a hash function with 64 bytes input and 64 bytes output. The existing analytical methods include linear cryptanalysis, differential cryptanalysis, non-randomness cryptanalysis, related key attack and slide attack.This paper discusses the method for slide attack on even rounds of Salsa20, and then proposes a generalized related key attack on Salsa20 based on the thought of slid pair. Last but not least, the method for slide attack on odd rounds of Salsa20 is introduced.Odd rounds of Salsa20 is ended with a columnround, according to this characteristics, a slide attack model is established. Then divided into three kinds of situations, the starting state is recovered according to the known words by guessing, with complexity far superior to random oracle. When the diagonal constants are known, the attack method described in this paper reduces the complexity to O (2⁹⁶), compared with the random oracle of O (2²⁵⁵).