You are looking at a specific version 20171109:163204 of this paper. See the latest version.

Paper 2017/1063

Improved Division Property Based Cube Attacks Exploiting Low Degree Property of Superpoly

Qingju Wang and Yonglin Hao and Yosuke Todo and Chaoyun Li and Takanori Isobe and Willi Meier

Abstract

In this paper we investigate the sparse structure of the superpoly in cube attack, and further reduce the complexity of superpoly recovery. We apply our technique to stream cipher TRIVIUM and KREYVIUM. For TRIVIUM, benefited from our techniques, we, for the first time, can recover the superpoly of 833-rounds with cube dimension 73, and complexity $2^{76.91}$. Furthermore, for 833-rounds, we can find a new cube of dimension 74, with only one secret key bit involved, thus the complexity is $2^{75}$. For 839-rounds, we find a cube of dimension 78, with only one secret key bit involved in the superpoly. For KREYVIUM, the lower complexity evaluation enables us to recover the superpoly of 849-rounds with time complexity of $2^{81.7}$. Moreover, we find a new cube of dimension 102, which can achieve 888-rounds with complexity $2^{111.38}$. So far as we know, all of our results are the best.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Cube attackDivision propertyMILPTRIVIUMKREYVIUM
Contact author(s)
quwg @ dtu dk,haoyonglin @ yeah net,todo yosuke @ lab ntt co jp,chaoyun li @ esat kuleuven be,takanori isobe1 @ gmail com,willi meier @ fhnw ch
History
2018-05-23: last of 2 revisions
2017-11-09: received
See all versions
Short URL
https://ia.cr/2017/1063
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.