Key Filtering in Cube Attacks from the Implementation Aspect

Hao Fan; Yonglin Hao; Qingju Wang; Xinxin Gong; Lin Jiao

Paper 2023/1571

Key Filtering in Cube Attacks from the Implementation Aspect

Hao Fan, School of Cyber Science and Technology, Shandong University, Qingdao, China

Yonglin Hao, State Key Laboratory of Cryptology, Beijing, 100878, China

Qingju Wang, Telecom Paris, Institut Polytechnique de Paris, France

Xinxin Gong, State Key Laboratory of Cryptology, Beijing, 100878, China

Lin Jiao, State Key Laboratory of Cryptology, Beijing, 100878, China

Abstract

In cube attacks, key filtering is a basic step of identifying the correct key candidates by referring to the truth tables of superpolies. When terms of superpolies get massive, the truth table lookup complexity of key filtering increases significantly. In this paper, we propose the concept of implementation dependency dividing all cube attacks into two categories: implementation dependent and implementation independent. The implementation dependent cube attacks can only be feasible when the assumption that one encryption oracle query is more complicated than one table lookup holds. On the contrary, implementation independent cube attacks remain feasible in the extreme case where encryption oracles are implemented in the full codebook manner making one encryption query equivalent to one table lookup. From this point of view, we scrutinize existing cube attack results of stream ciphers Trivium, Grain-128AEAD, Acorn and Kreyvium. As a result, many of them turn out to be implementation dependent. Combining with the degree evaluation and divide-and-conquer techniques used for superpoly recovery, we further propose new cube attack results on Kreyvium reduced to 898, 899 and 900 rounds. Such new results not only mount to the maximal number of rounds so far but also are implementation independent.

Metadata

Available format(s): PDF
Category: Attacks and cryptanalysis
Publication info: Published elsewhere. Minor revision. CANS 2023
Keywords: Stream ciphers Cube attacks Division property Superpoly Key filtering
Contact author(s): yykdszniao @ gmail com
haoyonglin @ yeah net
qjuwang @ gmail com
xinxgong @ 126 com
jiaolin_jl @ 126 com
History: 2023-10-13: approved; 2023-10-11: received; See all versions
Short URL: https://ia.cr/2023/1571
License: CC BY

BibTeX

@misc{cryptoeprint:2023/1571,
      author = {Hao Fan and Yonglin Hao and Qingju Wang and Xinxin Gong and Lin Jiao},
      title = {Key Filtering in Cube Attacks from the Implementation Aspect},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1571},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/1571}},
      url = {https://eprint.iacr.org/2023/1571}
}