Related-key Attacks On Chaotic Ciphers

Chaotic cipher is a new kind of cipher, which is widely used in the areas such as data encryption, image encryption, information-hiding and etc. To analyze the security of chaotic ciphers is important.In this paper the author present a new type of attack on chaotic ciphers via related keys. Based on the fact that the initial signals of a chaotic sequence are not sensitive to the less significant bits of initial conditions and parameters, a divide-and-conquer attack method on chaotic stream ciphers was presented, which reduced the computing complexity of attacks to chaotic ciphers greatly. However, if the information leaked by the distribution of the coincidence degrees, a concept presented in [11] to describe the information leak laws of chaotic ciphers, is little, or the size of the key is large, it is difficult for the divide-and-conquer attacks to reduce its computing complexity into a realizable range. The related-key attack presented in this paper uses simultaneously the information leaked by different chaotic sequences generated by related keys and combines the ideas of linear cryptanalysis [18] and divide-and-conquer attacks together, hence enhances the efficiency of divide-and-conquer attacks greatly.The chaotic encryption scheme ZLL[7], which is based on a piecewise linear chaotic map (PWLCM for short), is a typical chaotic stream cipher. As an example, we realized the related-key attack on the ZLL chaotic cipher that initial conditions is used as keys, and the size of key is set as 64 bits. On a Pentium IV-2.5 GHz PC, it took 1 minutes and 58 seconds to recover all bits of the key at a success rate 0.89. Morever, we realized the related-key attack on the ZLL chaotic cipher that parameters and initial condition are used as keys successfully. The theories and trials both show that the method proposed in this paper is also applied even if the addition in a session key is addition modulo 2" or addition modulo 2" word wisely for n≥1.It is found that the composite superiority of output signals between the key and the testing key is bigger as the number of the same high bits between the key and the testing key increases. As an example, we realized the divide-and-conquer attack on the self-synchronous chaotic cipher with 64 bits key which composites the iterations of the ZLL chaotic map for 8 times and the scalar map. It took about 16 hours and 22 minutes to recover key at a success rate 0.86 on a Pentium IV-2.5 GHz PC.The problem to compute the successful probability is resolved; the relationship among the successful probability, the number of known plaintexts and the related superiority is proved with multiple candidates; and the manner of dividing the key in the divide-and-conquer attack is analyzed which assists us to choose parameters in the attack.