Paper 2017/412

Improved Attack on Full-round Grain-128

Ximing Fu, Xiaoyun Wang, Jiazhe Chen, Marc Stevens, and Xiaoyang Dong

Abstract

In this paper, we propose a series of techniques that can be used to determine the missing IV terms of a complex multivariable Boolean polynomial. Using these techniques, we revisit the dynamic cube attack on Grain-128. Based on choosing one more nullified state bit and one more dynamic bit, we are able to obtain the IV terms of degree 43, combined with various of reduction techniques, fast discarding monomial techniques and IV representation technique for polynomials, so that the missing IV terms can be determined. As a result, we improve the time complexity of the best previous attack on Grain-128 by a factor of . Moreover, our attack applies to all keys.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
Stream ciphersGrain-128Polynomial reductionIV representationDynamic cube attack
Contact author(s)
fxm15 @ mails tsinghua edu cn
History
2018-05-16: last of 2 revisions
2017-05-13: received
See all versions
Short URL
https://ia.cr/2017/412
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2017/412,
      author = {Ximing Fu and Xiaoyun Wang and Jiazhe Chen and Marc Stevens and Xiaoyang Dong},
      title = {Improved Attack on Full-round Grain-128},
      howpublished = {Cryptology {ePrint} Archive, Paper 2017/412},
      year = {2017},
      url = {https://eprint.iacr.org/2017/412}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.