Paper 2010/580

The Cube Attack on Stream Cipher Trivium and Quadraticity Tests

Piotr Mroczkowski and Janusz Szmidt


In 2008 I. Dinur and A. Shamir presented a new type of algebraic attack on symmetric ciphers named cube attack. The method has been applied to reduced variants of stream ciphers Trivium and Grain- 128, reduced variants of the block ciphers Serpent and CTC and to a reduced version of the keyed hash function MD6. Independently a very similar attack named AIDA was introduced by M. Vielhaber. In this paper we develop quadraticity tests within the cube attack and apply them to a variant of stream cipher Trivium reduced to 709 initialization rounds. Using this method we obtain the full 80-bit secret key. In this way it eliminates the stage of brute force search of some secret key bits which occured in previous cube attacks.

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
p mroczkowski @ wil waw pl
2010-11-18: received
Short URL
Creative Commons Attribution


      author = {Piotr Mroczkowski and Janusz Szmidt},
      title = {The Cube Attack on Stream Cipher Trivium and Quadraticity Tests},
      howpublished = {Cryptology ePrint Archive, Paper 2010/580},
      year = {2010},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.