Abstract
WG-5 is a lightweight stream cipher proposed for usage in the resource-constrained devices, e.g., passive RFID tags, industrial controllers, contactless smart cards and sensors. In this paper, a weakness called slide property of WG-5 which has not been discovered in previous works is for the first time explored and analyzed. The result shows that the probability that two related key-IV pairs of WG-5 generate the shifted keystreams can be up to 2−20, which is significantly high compared with an ideal stream cipher that generates the random keystreams. The correctness and accuracy of this theoretical probability is confirmed experimentally. Based on the slide property of WG-5, some key recovery attacks on WG-5 in the related key setting are proposed. The cryptanalytic result shows that the 80-bit secret key of WG-5 can be recovered with a time complexity of 225.615, requiring 6 related keys and 80 keystream bits for each of 224.585 chosen IVs. The experimental result validates our attack and shows that WG-5 can be broken within about 92.054 seconds on a common PC in the related key setting. These results imply that the design of WG-5 is far from optimal and needs to be strengthened to provide enough security for the lightweight constrained applications.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
