Cryptology ePrint Archive: Report 2018/999

A Refinement of ``A Key-recovery Attack on 855-round Trivium" From CRYPTO 2018

Ximing Fu and Xiaoyun Wang and Xiaoyang Dong and Willi Meier and Yonglin Hao and Boxin Zhao

Abstract: At CRYPTO 2018, we proposed a method to reduce the Boolean polynomial of 855-round Trivium. By multiplying a polynomial reduction factor, the output Boolean polynomial is simplified. Based on this method, a 855-round key-recovery attack on Trivium is introduced. In addition, we also give a practical attack on 721-round Trivium to show some rationality and evidence.

However, Yonglin Hao et al. find some errors in the 721-round attack recently. As a correction, we propose some new right 721-round example attacks based on our method proposed at CRYPTO 2018.

Category / Keywords: secret-key cryptography / Trivium, Nullification Technique, Polynomial Reduction, IV representation

Date: received 16 Oct 2018

Contact author: fuxm07 at foxmail com, xiaoyunwang@tsinghua edu cn, xiaoyangdong@tsinghua edu cn, willi meier@fhnw ch, haoyonglin@yeah net

Available format(s): PDF | BibTeX Citation

Version: 20181022:154753 (All versions of this report)

Short URL: ia.cr/2018/999


[ Cryptology ePrint archive ]