Paper 2014/652

A Dynamic Cube Attack on $105$ round Grain v1

Subhadeep Banik


As far as the Differential Cryptanalysis of reduced round Grain v1 is concerned, the best results were those published by Knellwolf et al. in Asiacrypt $2011$. In an extended version of the paper, it was shown that it was possible to retrieve {\bf (i)} $5$ expressions in the Secret Key bits for a variant of Grain v1 that employs $97$ rounds (in place of $160$) in its Key Scheduling process using $2^{27}$ chosen IVs and {\bf (ii)} $1$ expression in Secret Key bits for a variant that employs $104$ rounds in its Key Scheduling using $2^{35}$ chosen IVs. However, the second attack on $104$ rounds, had a success probability of around $50$\%, which is to say that the attack worked for only around one half of the Secret Keys. In this paper we propose a dynamic cube attack on $105$ round Grain v1, that has a success probability of $100$\%, and thus we report an improvement of $8$ rounds over the previous best attack on Grain v1 that attacks the entire Keyspace. We take the help of the tool $\Delta${\sf Grain}$_{\sf KSA}$, proposed by Banik at ACISP 2014, to track the differential trails induced in the internal state of Grain v1 by any difference in the IV bits, and we prove that a suitably introduced difference in the IV leads to a distinguisher for the output bit produced in the $105^{th}$ round. This, in turn, helps determine the values of $6$ expressions in the Secret Key bits.

Available format(s)
Secret-key cryptography
Publication info
Preprint. MINOR revision.
eStreamDifferential CryptanalysisDynamic Cube AttackGrain v1Stream Cipher.
Contact author(s)
subb @ dtu dk
2014-11-26: revised
2014-08-27: received
See all versions
Short URL
Creative Commons Attribution


      author = {Subhadeep Banik},
      title = {A Dynamic Cube Attack on $105$ round Grain v1},
      howpublished = {Cryptology ePrint Archive, Paper 2014/652},
      year = {2014},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.