Paper 2023/1571
Key Filtering in Cube Attacks from the Implementation Aspect
Abstract
In cube attacks, key filtering is a basic step of identifying the correct key candidates by referring to the truth tables of superpolies. When terms of superpolies get massive, the truth table lookup complexity of key filtering increases significantly. In this paper, we propose the concept of implementation dependency dividing all cube attacks into two categories: implementation dependent and implementation independent. The implementation dependent cube attacks can only be feasible when the assumption that one encryption oracle query is more complicated than one table lookup holds. On the contrary, implementation independent cube attacks remain feasible in the extreme case where encryption oracles are implemented in the full codebook manner making one encryption query equivalent to one table lookup. From this point of view, we scrutinize existing cube attack results of stream ciphers Trivium, Grain-128AEAD, Acorn and Kreyvium. As a result, many of them turn out to be implementation dependent. Combining with the degree evaluation and divide-and-conquer techniques used for superpoly recovery, we further propose new cube attack results on Kreyvium reduced to 898, 899 and 900 rounds. Such new results not only mount to the maximal number of rounds so far but also are implementation independent.
Metadata
- Available format(s)
- Category
- Attacks and cryptanalysis
- Publication info
- Published elsewhere. Minor revision. CANS 2023
- Keywords
- Stream ciphersCube attacksDivision propertySuperpolyKey filtering
- Contact author(s)
-
yykdszniao @ gmail com
haoyonglin @ yeah net
qjuwang @ gmail com
xinxgong @ 126 com
jiaolin_jl @ 126 com - History
- 2023-10-13: approved
- 2023-10-11: received
- See all versions
- Short URL
- https://ia.cr/2023/1571
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/1571, author = {Hao Fan and Yonglin Hao and Qingju Wang and Xinxin Gong and Lin Jiao}, title = {Key Filtering in Cube Attacks from the Implementation Aspect}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/1571}, year = {2023}, url = {https://eprint.iacr.org/2023/1571} }