Abstract
The Australian stream cipher NLSv2 [Hawkes, P.-Paddon, M.-Rose, G. G.-De Vries, M. W.: Primitive specification for NLSv2, Project eSTREAM web page, 2007, 1-25] is a 32-bit word oriented stream cipher that was quite successful in the stream ciphers competition-the project eSTREAM. The cipher achieved Phase 3 and successfully accomplished one of the main requirements for candidates in Profile 1 (software oriented proposals)-to have a better performance than AES in counter mode. However the cipher was not chosen into the final portfolio [Babbage, S.-De Canni`ere, Ch.-Canteaut, A.-Cid, C.-Gilbert, H.-Johansson, T.-Parker, M.-Preneel, B.-Rijmen, V.-Robshaw, M.: The eSTREAM Portfolio, Project eSTREAM web page, 2008], because its performance was not so perfect when comparing with other finalist. Also there is a security issue with a high correlation in the used S-Box, which some effective distinguishers exploit. In this paper, a practical demonstration of the distinguishing attack against the smaller version of the cipher is introduced. In our experiments, we have at disposal a machine with four cores (Intel® CoreTM Quad @ 2.66 GHz) and single attack lasts about 6 days. We performed successful practical experiments and our results demonstrate that the distingushing attack against the smaller version is working.