Paper 2017/412

Improved Attack on Full-round Grain-128

Ximing Fu, Xiaoyun Wang, Jiazhe Chen, Marc Stevens, and Xiaoyang Dong

Abstract

In this paper, we propose a series of techniques that can be used to determine the missing IV terms of a complex multivariable Boolean polynomial. Using these techniques, we revisit the dynamic cube attack on Grain-128. Based on choosing one more nullified state bit and one more dynamic bit, we are able to obtain the IV terms of degree $43$, combined with various of reduction techniques, fast discarding monomial techniques and IV representation technique for polynomials, so that the missing IV terms can be determined. As a result, we improve the time complexity of the best previous attack on Grain-128 by a factor of $2^{16}$. Moreover, our attack applies to all keys.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
Stream ciphersGrain-128Polynomial reductionIV representationDynamic cube attack
Contact author(s)
fxm15 @ mails tsinghua edu cn
History
2018-05-16: last of 2 revisions
2017-05-13: received
See all versions
Short URL
https://ia.cr/2017/412
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2017/412,
      author = {Ximing Fu and Xiaoyun Wang and Jiazhe Chen and Marc Stevens and Xiaoyang Dong},
      title = {Improved Attack on Full-round Grain-128},
      howpublished = {Cryptology {ePrint} Archive, Paper 2017/412},
      year = {2017},
      url = {https://eprint.iacr.org/2017/412}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.