Related-Key Chosen IV Attack on K2
-
Graphical Abstract
-
Abstract
K2 is a secure and high-performance clock controlled stream cipher developed by the Information Security Laboratory of the KDDI R&D Laboratories Inc., Japan. Its initial key length is 128-bit or 256-bit. In this paper, a related-key chosen IV attack on K2 is presented. The computational complexity of our attack is 2128, requiring 297 chosens IV s, 2101 keystream words and 2100 words of memory. The result shows that when the initial key length is 256-bit, our attack needs much less computational effort than an exhaustive key search to break K2. Thus, K2 does not have 256-bit security claimed by its designers.
-
-