@inproceedings{47e3ba61ac6149bc82dc1a70b06cb907,

title = "Distinguishing attack on SOBER-128 with linear masking",

abstract = "We present a distinguishing attack against SOBER-128 with linear masking. We found a linear approximation which has a bias of 2-8.8 for the non-linear filter. The attack applies the observation made by Ekdahl and Johansson that there is a sequence of clocks for which the linear combination of some states vanishes. This linear dependency allows that the linear masking method can be applied. We also show that the bias of the distinguisher can be improved (or estimated more precisely) by considering quadratic terms of the approximation. The probability bias of the quadratic approximation used in the distinguisher is estimated to be equal to O(2-51.8), so that we claim that SOBER-128 is distinguishable from truly random cipher by observing O(2103.6) keystream words.",

author = "Cho, {Joo Yeon} and Josef Pieprzyk",

year = "2006",

language = "English",

isbn = "3540354581",

series = "Lecture Notes in Computer Science",

publisher = "Springer, Springer Nature",

pages = "29--39",

editor = "Batten, {Lynn Margaret} and Reihaneh Safavi-Naini",

booktitle = "Information Security and Privacy",

address = "United States",

note = "11th Australasian Conference on Information Security and Privacy, ACISP 2006 ; Conference date: 03-07-2006 Through 05-07-2006",

}