Differential Attacks by Algebraic Solving on a Series of HE‐Friendly Stream Ciphers.

Saved in:
Bibliographic Details
Title: Differential Attacks by Algebraic Solving on a Series of HE‐Friendly Stream Ciphers.
Authors: Hu, Xichao1 (AUTHOR), Jiao, Lin1 (AUTHOR) jiaolin_jl@126.com, Li, Yongqiang2,3 (AUTHOR), Hao, Yonglin1 (AUTHOR), Gong, Xinxin1 (AUTHOR), Deepali (AUTHOR) dedeepali@wiley.com
Source: IET Information Security (Wiley-Blackwell). 5/6/2026, Vol. 2026, p1-17. 17p.
Subjects: Stream ciphers, Satisfiability (Computer science), Cryptography, Data encryption, Algebraic equations
Abstract: In recent years, many symmetric encryption ciphers have been proposed for homomorphic encryption (HE) applications. Rasta and its variants Masta and Pasta have gradually become a self‐contained series of HE‐friendly stream ciphers. The feature of these ciphers is that a fresh affine layer is randomly generated for each encryption. Although Rasta explicitly stated that it does not consider related‐key attacks in its specification and it is difficult to find exploitable good differential characteristics even if considered, Masta and Pasta do not mention related‐key attacks. Therefore, in this paper, we aim to comprehensively study the impact of related‐key attacks on the security of these ciphers and determine whether the round requirement for satisfying the security bound is effective even in the multi‐client scenario. Based on the general key structure and specific key differential patterns, we propose two practical related‐key attacks based on linearization attacks and one based on SAT solving method. These attacks successfully break Pasta's both instances (2/2), Masta and Rasta's most instances (9/16 and 5/9). Furthermore, we theoretically discuss the validity conditions of the trivial linearization attack and experimentally verify it. [ABSTRACT FROM AUTHOR]
Copyright of IET Information Security (Wiley-Blackwell) is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
FullText Text:
  Availability: 0
Header DbId: egs
DbLabel: Engineering Source
An: 193520813
AccessLevel: 6
PubType: Academic Journal
PubTypeId: academicJournal
PreciseRelevancyScore: 0
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: Differential Attacks by Algebraic Solving on a Series of HE‐Friendly Stream Ciphers.
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Hu%2C+Xichao%22">Hu, Xichao</searchLink><relatesTo>1</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Jiao%2C+Lin%22">Jiao, Lin</searchLink><relatesTo>1</relatesTo> (AUTHOR)<i> jiaolin_jl@126.com</i><br /><searchLink fieldCode="AR" term="%22Li%2C+Yongqiang%22">Li, Yongqiang</searchLink><relatesTo>2,3</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Hao%2C+Yonglin%22">Hao, Yonglin</searchLink><relatesTo>1</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Gong%2C+Xinxin%22">Gong, Xinxin</searchLink><relatesTo>1</relatesTo> (AUTHOR)<br /><searchLink fieldCode="AR" term="%22Deepali%22">Deepali</searchLink> (AUTHOR)<i> dedeepali@wiley.com</i>
– Name: TitleSource
  Label: Source
  Group: Src
  Data: <searchLink fieldCode="JN" term="%22IET+Information+Security+%28Wiley-Blackwell%29%22">IET Information Security (Wiley-Blackwell)</searchLink>. 5/6/2026, Vol. 2026, p1-17. 17p.
– Name: Subject
  Label: Subjects
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22Stream+ciphers%22">Stream ciphers</searchLink><br /><searchLink fieldCode="DE" term="%22Satisfiability+%28Computer+science%29%22">Satisfiability (Computer science)</searchLink><br /><searchLink fieldCode="DE" term="%22Cryptography%22">Cryptography</searchLink><br /><searchLink fieldCode="DE" term="%22Data+encryption%22">Data encryption</searchLink><br /><searchLink fieldCode="DE" term="%22Algebraic+equations%22">Algebraic equations</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: In recent years, many symmetric encryption ciphers have been proposed for homomorphic encryption (HE) applications. Rasta and its variants Masta and Pasta have gradually become a self‐contained series of HE‐friendly stream ciphers. The feature of these ciphers is that a fresh affine layer is randomly generated for each encryption. Although Rasta explicitly stated that it does not consider related‐key attacks in its specification and it is difficult to find exploitable good differential characteristics even if considered, Masta and Pasta do not mention related‐key attacks. Therefore, in this paper, we aim to comprehensively study the impact of related‐key attacks on the security of these ciphers and determine whether the round requirement for satisfying the security bound is effective even in the multi‐client scenario. Based on the general key structure and specific key differential patterns, we propose two practical related‐key attacks based on linearization attacks and one based on SAT solving method. These attacks successfully break Pasta's both instances (2/2), Masta and Rasta's most instances (9/16 and 5/9). Furthermore, we theoretically discuss the validity conditions of the trivial linearization attack and experimentally verify it. [ABSTRACT FROM AUTHOR]
– Name: AbstractSuppliedCopyright
  Label:
  Group: Ab
  Data: <i>Copyright of IET Information Security (Wiley-Blackwell) is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=193520813
RecordInfo BibRecord:
  BibEntity:
    Identifiers:
      – Type: doi
        Value: 10.1049/ise2/5820924
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 17
        StartPage: 1
    Subjects:
      – SubjectFull: Stream ciphers
        Type: general
      – SubjectFull: Satisfiability (Computer science)
        Type: general
      – SubjectFull: Cryptography
        Type: general
      – SubjectFull: Data encryption
        Type: general
      – SubjectFull: Algebraic equations
        Type: general
    Titles:
      – TitleFull: Differential Attacks by Algebraic Solving on a Series of HE‐Friendly Stream Ciphers.
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Hu, Xichao
      – PersonEntity:
          Name:
            NameFull: Jiao, Lin
      – PersonEntity:
          Name:
            NameFull: Li, Yongqiang
      – PersonEntity:
          Name:
            NameFull: Hao, Yonglin
      – PersonEntity:
          Name:
            NameFull: Gong, Xinxin
      – PersonEntity:
          Name:
            NameFull: Deepali
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 06
              M: 05
              Text: 5/6/2026
              Type: published
              Y: 2026
          Identifiers:
            – Type: issn-print
              Value: 17518709
          Numbering:
            – Type: volume
              Value: 2026
          Titles:
            – TitleFull: IET Information Security (Wiley-Blackwell)
              Type: main
ResultId 1