**Some Randomness Experiments on TRIVIUM**

*Subhabrata Samajder and Palash Sarkar*

**Abstract: **The first output bit of TRIVIUM can be considered to be a boolean function of 80 key and 80 IV variables. Choose $n$ ($n\leq 30$) of the key variables and set the other variables to constant values. This gives an $n$-variable boolean function. In this work, we experimentally find examples of such boolean functions which deviate
from a uniform random $n$-variable boolean function in a statistically significant manner. This improves upon the previously reported experimental `non-randomness' result using the cube testing methodology by Aumasson et al in 2009 for TRIVIUM restricted to 885 rounds. In contrast, we work with full TRIVIUM and instead of using the cube methodology we directly find the algebraic normal form of the restricted version of the first output bit of TRIVIUM. We note, however, that our work does not indicate any weakness of TRIVIUM. On the other hand, the kind of experiments that we conduct for TRIVIUM can also be conducted for other ciphers.

**Category / Keywords: **Multivariate Polynomial Multiplication, Boolean Functions, Algebraic Normal Form (ANF), Stream Ciphers, TRIVIUM

**Date: **received 22 Mar 2014, last revised 22 Jul 2014

**Contact author: **subhabrata samajder at gmail com

**Available format(s): **PDF | BibTeX Citation

**Version: **20140722:133103 (All versions of this report)

**Short URL: **ia.cr/2014/211

[ Cryptology ePrint archive ]