文摘
RAKAPOSHI is a hardware oriented stream cipher designed by Cid et al. in 2009. It is based on Dynamic Linear Feedback Shift Registers, with a simple and potentially scalable design, and is particularly suitable for hardware applications with restricted resources. The RAKAPOSHI stream cipher offers 128-bit security. In this paper, we point out some mistakes existing in the related key attack on RAKAPOSHI by Isobe et al., and propose a new related key attack on RAKAPOSHI, which recovers the 128-bit secret key with a time complexity of 256, requiring one related key and 255 chosen IVs. Furthermore, an improved key recovery attack on RAKAPOSHI in the multiple related key setting is proposed with a time complexity of 233, requiring 212.58 chosen IVs. As confirmed by the experimental results, our new attack can recover all 128 key bits of RAKAPOSHI in less than 1.5 hours on a PC.