Stream ciphers expand a short key and diversifier to an arbitrary-length keystream. Often they consist of two phases: a scrambling phase that computes a compact secret state from the key and diversifier and a keystream generator that expands the state to an arbitrary-length keystream. This keystream should have the following property: for an adversary that does not know the secret state, it is hard to distinguish it from a sequence of independent uniformly distributed bits. In this thesis we will explore building efficient keystream generators specified in terms of the dedicated AES instructions available on many CPUs. The type of work includes pen-and-paper analysis, writing and running code and making use of tools such as SAT solvers and mixed integer linear programming (MILP) for experiments and interpretation of their results.
If you are interested in this topic, please send an email to Joan Daemen via joan@cs.ru.nl .