Paper 2009/402

AIDA Breaks BIVIUM (A&B) in 1 Minute Dual Core CPU Time

Michael Vielhaber

Abstract

The stream cipher BIVIUM (both BIVIUM-A and BIVIUM-B), a modification of the eSTREAM finalist TRIVIUM, can be broken completely by the Algebraic IV Differential Attack, AIDA, using $2^{27.5}$ simulations or one minute of dual core processing. AIDA uses the subspaces of two 32-dimensional vector spaces over subsets of IV bits to recover 56 of the 80 key bits. The remaining 24 key bits are most easily determined by brute force search. We applied the Fast Reed-Muller Transform to speed up the search for linear equations in the key bits and the Wavefront Model to rule out nonlinear relations in the key bits early on.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
vielhaber @ gmail com
History
2009-08-17: received
Short URL
https://ia.cr/2009/402
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/402,
      author = {Michael Vielhaber},
      title = {AIDA Breaks BIVIUM (A&B)  in 1 Minute Dual Core CPU Time},
      howpublished = {Cryptology ePrint Archive, Paper 2009/402},
      year = {2009},
      note = {\url{https://eprint.iacr.org/2009/402}},
      url = {https://eprint.iacr.org/2009/402}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.