Summary: SSC2 is a stream cipher that operates by XORing the output of two “half-ciphers". The first half-cipher is constructed from a linear feedback shift register (LFSR) with a non-linear filter. The second half-cipher is constructed from a lagged Fibonacci generator (LFG) and a multiplexor that chooses values from the Fibonacci register. The second half-cipher has a small cycle length $π\approx 2^{52}$. The initial state of the LFSR is derived by performing a fast correlation attack on the sequence resulting when XORing the key-stream at an interval of $π$ words (thus cancelling the effect of the LFG). This attack requires around $2^{25}$ words of this sequence and a few hours of computation. The initial state of the LFG is then derived from around 15300 outputs using around one second of computation.