Rotational Cryptanalysis on ChaCha Stream Cipher

Stefano Barbero; Danilo Bazzanella; Emanuele Bellini

doi:10.3390/sym14061087

Symmetry (May 2022)

Rotational Cryptanalysis on ChaCha Stream Cipher

Stefano Barbero,
Danilo Bazzanella,
Emanuele Bellini

Affiliations

Stefano Barbero: Department of Mathematical Sciences “Giuseppe Luigi Lagrange”, Politecnico di Torino, 10129 Torino, Italy
Danilo Bazzanella: Department of Mathematical Sciences “Giuseppe Luigi Lagrange”, Politecnico di Torino, 10129 Torino, Italy
Emanuele Bellini: Cryptography Research Centre, Technology Innovation Institute, Abu Dhabi P.O. Box 9639, United Arab Emirates

DOI: https://doi.org/10.3390/sym14061087
Journal volume & issue: Vol. 14, no. 6
p. 1087

Abstract

Read online

In this paper we consider the ChaCha20 stream cipher in the related-key scenario and we study how to obtain rotational-XOR pairs with nonzero probability after the application of the first quarter round. The ChaCha20 input can be viewed as a 4×4 matrix of 32-bit words, where the first row of the matrix is fixed to a constant value, the second two rows represent the key, and the fourth some initialization values. Under some reasonable independence assumptions and a suitable selection of the input, we show that the aforementioned probability is about 2−251.7857, a value greater than 2−256, which is the one expected from a random permutation. We also investigate the existence of constants, different from the ones used in the first row of the ChaCha20 input, for which the rotational-XOR probability increases, representing a potential weakness in variants of the ChaCha20 stream cipher. So far, to our knowledge, this is the first analysis of the ChaCha20 stream cipher from a rotational-XOR perspective.

Published in Symmetry

ISSN: 2073-8994 (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Science: Mathematics
Website: http://www.mdpi.com/journal/symmetry/

About the journal

Abstract

Keywords