Paper 2023/884

Near Collision Attack Against Grain v1

Subhadeep Banik, Universita della Svizzera Italiana
Daniel Collins, École Polytechnique Fédérale de Lausanne
Willi Meier, FHNW
Abstract

A near collision attack against the Grain v1 stream cipher was proposed by Zhang et al. in Eurocrypt 18. The attack uses the fact that two internal states of the stream cipher with very low hamming distance between them, produce similar keystream sequences which can be identified by simple statistical tests. Such internal states once found in the stream cipher simplify the task of cryptanalysis for the attacker. However this attack has recently come under heavy criticism from Derbez et al. at ToSC 2020:4, who claim that some of the assumptions made in the above paper were not correct. As a result they concluded that the attack presented by Zhang et al. when implemented would take time more than required for a brute force search. In this paper, we take another look at the near collision attack against the Grain v1 stream cipher. We avoid the techniques of the above Eurocrypt paper that have come under criticism, and independently show that a near collision attack can still be applied to Grain v1.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Published elsewhere. ACNS 2023
DOI
10.1007/978-3-031-33488-7_7
Keywords
grain v1near collision attackcryptanalysisgrain 128grain 128astream cipher
Contact author(s)
subhadeep banik @ usi ch
daniel collins @ epfl ch
willimeier48 @ gmail com
History
2023-06-12: approved
2023-06-08: received
See all versions
Short URL
https://ia.cr/2023/884
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/884,
      author = {Subhadeep Banik and Daniel Collins and Willi Meier},
      title = {Near Collision Attack Against Grain v1},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/884},
      year = {2023},
      doi = {10.1007/978-3-031-33488-7_7},
      url = {https://eprint.iacr.org/2023/884}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.