Achterbahn
Encyclopedia
In cryptography
, Achterbahn is the name of a synchronous stream cipher
algorithm
submitted to the eSTREAM
Project of the eCRYPT
network.
In the final specification the cipher is called ACHTERBAHN-128/80,
because it supports the key lengths of 80 bits and 128 bits, respectively
.
Achterbahn was developed by Berndt Gammel, Rainer Göttfert and Oliver Kniffler.
Achterbahn means rollercoaster (in German), though a literal translation of the term would be eight-track,
which indicates that the cipher can encrypt eight bit streams in parallel.
The parameters of the cipher are given in the following table:
ACHTERBAHN-128 is downward compatible and can produce the same keystream as ACHTERBAHN-80 if so desired.
The keystream generator of ACHTERBAHN-128/80 is based on the design principle of the nonlinear combination generator,
however it deploys primitive nonlinear feedback shift registers (NLFSR
) instead of linear ones (LFSR).
ACHTERBAHN-128/80 for the tabulated parameters
that are faster than brute force attack
.
Recent analysis showed that attacks are possible if larger
frame (packet) lengths
are used in a communication protocol
.
A recommendation for a maximum frame length of 244 bit is given in Ref.
. This value does however not imply practical limitations.
such as limited gate count and power consumption. An implementation of ACHTERBAHN-80 has a
design size of only 2188 gate equivalents (Nand-GE) in a standard CMOS
technology
and delivers a throughput of up to 400 Megabit/s. This makes it suitable for RFID tags.
A high-speed implementation with a throughput of 8 Gigabit/s has a design size of 8651 Nand-GE,
cf.
.
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
, Achterbahn is the name of a synchronous stream cipher
Stream cipher
In cryptography, a stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream . In a stream cipher the plaintext digits are encrypted one at a time, and the transformation of successive digits varies during the encryption...
algorithm
Algorithm
In mathematics and computer science, an algorithm is an effective method expressed as a finite list of well-defined instructions for calculating a function. Algorithms are used for calculation, data processing, and automated reasoning...
submitted to the eSTREAM
ESTREAM
eSTREAM is a project to "identify new stream ciphers suitable for widespread adoption", organised by the EU ECRYPT network. It was set up as a result of the failure of all six stream ciphers submitted to the NESSIE project. The call for primitives was first issued in November 2004. The project was...
Project of the eCRYPT
ECRYPT
ECRYPT is a 4-year European research initiative launched on 1 February 2004.The stated objective is to, "intensify the collaboration of European researchers in information security, and more in particular in cryptology and digital watermarking.ECRYPT list five core research areas, termed "virtual...
network.
In the final specification the cipher is called ACHTERBAHN-128/80,
because it supports the key lengths of 80 bits and 128 bits, respectively
.
Achterbahn was developed by Berndt Gammel, Rainer Göttfert and Oliver Kniffler.
Achterbahn means rollercoaster (in German), though a literal translation of the term would be eight-track,
which indicates that the cipher can encrypt eight bit streams in parallel.
The parameters of the cipher are given in the following table:
| ACHTERBAHN-80 | ACHTERBAHN-128 | |
|---|---|---|
| Max. key length | 80 bit | 128 bit |
| Max. IV length | 80 bit | 128 bit |
| Max. frame length | 244 | 244 |
| Internal state | 297 bit | 351 bit |
ACHTERBAHN-128 is downward compatible and can produce the same keystream as ACHTERBAHN-80 if so desired.
The keystream generator of ACHTERBAHN-128/80 is based on the design principle of the nonlinear combination generator,
however it deploys primitive nonlinear feedback shift registers (NLFSR
NLFSR
A NLFSR is a common component in modern stream ciphers, especially in RFID and smartcard applications. NLFSRs are known to be more resistant to cryptanalytic attacks than Linear Feedback Shift Registers , although construction of large NLFSRs with guaranteed long periods remains an open...
) instead of linear ones (LFSR).
Security
There are no known cryptanalytic attacks againstACHTERBAHN-128/80 for the tabulated parameters
that are faster than brute force attack
Brute force attack
In cryptography, a brute-force attack, or exhaustive key search, is a strategy that can, in theory, be used against any encrypted data. Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system that would make the task easier...
.
Recent analysis showed that attacks are possible if larger
frame (packet) lengths
are used in a communication protocol
.
A recommendation for a maximum frame length of 244 bit is given in Ref.
. This value does however not imply practical limitations.
Performance
The ACHTERBAHN-128/80 stream cipher is optimized for hardware applications with restricted resources,such as limited gate count and power consumption. An implementation of ACHTERBAHN-80 has a
design size of only 2188 gate equivalents (Nand-GE) in a standard CMOS
CMOS
Complementary metal–oxide–semiconductor is a technology for constructing integrated circuits. CMOS technology is used in microprocessors, microcontrollers, static RAM, and other digital logic circuits...
technology
and delivers a throughput of up to 400 Megabit/s. This makes it suitable for RFID tags.
A high-speed implementation with a throughput of 8 Gigabit/s has a design size of 8651 Nand-GE,
cf.
.