Stringology-Based Cryptanalysis for EChaCha20 Stream Cipher

Computer Science > Cryptography and Security [Submitted on 10 Apr 2026] Stringology-Based Cryptanalysis for EChaCha20 Stream Cipher Victor Kebande Stringology-Based Cryptanalysis (SBC) offers a suitable and a structurally aligned approach for uncovering structural patterns in stream ciphers that traditional statistical tests may often fail to detect. Despite \texttt{EChaCha20}'s design enhancements, no systematic investigation has been performed to determine whether its expanded 6\times6 state matrix and modified Quarter-Round Function (\texttt{QR-F}) introduce subtle keystream patterns, rotational biases, or partial collisions that could serve as statistical distinguishers. As such, addressing this gap is critical to ensure that the cipher's modifications do not unintentionally reduce its security margin. Therefore, this paper leverages Knuth-Morris-Pratt (\texttt{KMP}) and Boyer-Moore (\texttt{BM}) algorithms to analyze \texttt{EChaCha20}, which is a variant of ChaCha20 that features an expanded 6\times6 state matrix and an enhanced \texttt{QR-F}. The author has developed and optimized adaptations of the \texttt{KMP} and \texttt{BM} algorithms for 32-bit word level pattern analysis and employed them to investigate m-bit pattern frequency distributions to assess the \texttt{EChaCha20}'s resistance of rotational-differential attacks. Our experimental results on large-scale one million keystream datasets have confirmed that \texttt{EChaCha20} is able to maintain strong pseudorandomness at 16-bit and 32-bit levels with minor irregularities observed in the 8-bit domain. In addition to these, the differential tests have indicated a rapid diffusion, exhibiting an avalanche effect after two \texttt{QR-F} rounds and no statistically significant rotational collisions were observed within the evaluated bounds, consistent with expected ARX diffusion behavior beyond 3 rounds. This work puts forward SBC as a complementary tool for ARX cipher evaluation and provide new thoughts on the security properties of \texttt{EChaCha20}. Comments: 29 pages, 11 Figures, submitted to Cybersecurity Subjects: Cryptography and Security (cs.CR) Cite as: arXiv:2604.08862 [cs.CR]   (or arXiv:2604.08862v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2604.08862 Focus to learn more Submission history From: Victor Kebande [view email] [v1] Fri, 10 Apr 2026 01:49:39 UTC (1,615 KB) Access Paper: HTML (experimental) view license Current browse context: cs.CR < prev   |   next > new | recent | 2026-04 Change to browse by: cs References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)