Loiss流密码体制的安全分析

Loiss^1]是一个面向字节的流密码，它使用一个128比特的初始向量和一个128比特的初始密钥作为输入，而它的输出则是一个字节的密钥流．Loiss算法一共由三部分组成：线性反馈移位寄存器（LFSR），非线性函数F和BOMM．我们的分析思想是在算法未经初始化的情况下，先猜测算法中的一部分单元，再根据猜测的单元和算法的输出来推导出密钥生成所用的其他内部单元．经过4轮的分析，我们可以计算出在此情况下的搜索复杂度，这与其穷尽搜索复杂度比起来在很大程度上得到了改善．为了使算法能够更安全，设计者为算法添加了64轮的初始化，初始化过程并不输出密钥流．经过了初始化，以上的攻击分析对算法就不适用，从而达到了算法所需求的安全性．

SECURITY ANALYSIS ON LOISS STREAM CIPHER

Loiss is a byte - oriented stream cipher, it takes a 128 - bit initial key and a 128 - bit initial vector as inputs, and outputs a key stream of bytes. The algorithm of Loiss consists of three parts： linear feedback shift register, a nonlinear function F and BOMM. In the case of uninitialized, we guess some of the internal states at first and deduce the others. After four wheels＇ analyses we can calculated the time complexity of the algorithm in this case. It has great improvement compared the complexity of the exhaustive key search. In order to make the algorithm securer, the designer adds 64 wheels＇ initialization for the algorithm. But it does not output any byte in the initialization process. If the algorithm passes the initialization process, previous attacks are not applicable for this algorithm. So we can achieve the security of the algorithm needs.