Paper 2025/466
Algebraic Cryptanalysis of Small-Scale Variants of Stream Cipher E0
Abstract
This study explores the algebraic cryptanalysis of small-scale variants of the E0 stream cipher, a legacy cipher used in the Bluetooth protocol. By systematically reducing the size of the linear feedback shift registers (LFSRs) while preserving the cipher’s core structure, we investigate the relationship between the number of unknowns and the number of consecutive keystream bits required to recover the internal states of the LFSRs. Our work demonstrates an approximately linear relationship between the number of consecutive keystream bits and the size of small-scale E0 variants, as indicated by our experimental results. To this end, we utilize two approaches: the computation of Gröbner bases using Magma’s F4 algorithm and the application of CryptoMiniSat’s SAT solver. Our experimental results show that increasing the number of keystream bits significantly improves computational efficiency, with the F4 algorithm achieving a speedup of up to 733× when additional equations are supplied. Furthermore, we verify the non-existence of equations of degree four or lower for up to seven consecutive keystream bits, and the non-existence of equations of degree three or lower for up to eight consecutive keystream bits, extending prior results on the algebraic properties of E0.
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Preprint.
- Keywords
- E0small-scale variantsstream cipheralgebraic cryptanalysisGröbner basesSAT
- Contact author(s)
-
dolejj13 @ fit cvut cz
martin jurecek @ fit cvut cz - History
- 2025-03-13: approved
- 2025-03-12: received
- See all versions
- Short URL
- https://ia.cr/2025/466
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/466,
author = {Jan Dolejš and Martin Jureček},
title = {Algebraic Cryptanalysis of Small-Scale Variants of Stream Cipher E0},
howpublished = {Cryptology {ePrint} Archive, Paper 2025/466},
year = {2025},
url = {https://eprint.iacr.org/2025/466}
}