Cryptology ePrint Archive: Report 2009/497
Cube Attack on Courtois Toy Cipher
Piotr Mroczkowski and Janusz Szmidt
Abstract: Abstract. The cube attack has been introduced by Itai Dinur and Adi
Shamir [8] as a known plaintext attack on symmetric primitives. The
attack has been applied to reduced variants of the stream ciphers Trivium
[3, 8] and Grain-128 [2], reduced to three rounds variant of the block
cipher Serpent [9] and reduced version of the hash function MD6 [3].
In the special case the attack has appeared in the M. Vielhaber ePrint
articles [13, 14], where it has been named AIDA (Algebraic Initial Value
Differential Attack ) and applied to the modified versions of Trivium.
In this paper, we present the experimental results of application the cube
attack to four rounds of the Courtois Toy Cipher (CTC) with the full
recovery of 120-bit key. After that we extend the attack to five rounds
by applying the meet-in-the-middle principle.
Key words: Cube attack, symmetric primitives, Boolean polynomials,
CTC, the meet-in-the-middle method
Category / Keywords: secret-key cryptography / Cube attack, symmetric primimitives, Boolean polynomials, CTC, the meet-in-the-middle-attack.
Date: received 11 Oct 2009, last revised 11 Oct 2009
Contact author: j szmidt at neostrada pl
Available format(s): PDF | BibTeX Citation
Version: 20091014:190716 (All versions of this report)
Short URL: ia.cr/2009/497
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]