Distinguishing Attack on Grain
نویسندگان
چکیده
Abstract Grain is one of the simplest ECRYPT Stream Cipher project Candidates which deals with key and IV of length 80 and 64 respectively. Using the linear sequential circuit approximation method, introduced by Golic in 1994, we derive a linear function of consecutive keystream bits which is held with correlation coefficient of about 2. Then using the concept of so-called generating function, we turn it into a linear function with correlation coefficient of 2 which shows that the output sequence of Grain can be distinguished from a purely random sequence using about O(2) bits of the output sequence with the same time complexity. A preprocessing phase for computing a trinomial multiple of a certain primitive polynomial with degree 80 is needed which can be performed using time and memory complexities of O(2).
منابع مشابه
Dynamic cube attack on Grain-v1
This article aims to present dynamic cube attack on Grain-v1. Dynamic cube attack finds the secret key by using distinguishers gained from structural weakness. The main idea of dynamic cube attack lies in simplifying the output function. After making it simpler, dynamic cube attack will be able to exploit distinguishing attack for recovering the secret key. In this paper, we investigate Grain-v...
متن کاملCryptanalysis of Stream Cipher Grain Family
Grain v1 is one of the 7 final candidates of ECRYPT eStream project, which involves in the 80-bit secret key. Grain-128 is a variant version with 128-bit secret key, and Grain v0 is the original version in the first evaluation phase. Firstly, we describe a distinguishing attack against the Grain family with weak Key-IVs. Utilizing the second Walsh spectra of the nonlinear functions, we show tha...
متن کاملEfficient FPGA Implementations of High-Dimensional Cube Testers on the Stream Cipher Grain-128
Cube testers are a generic class of methods for building distinguishers, based on cube attacks and on algebraic property-testers. In this paper, we report on an efficient FPGA implementation of cube testers on the stream cipher Grain-128. Our best result (a distinguisher on Grain-128 reduced to 237 rounds, out of 256) was achieved after a computation involving 2 clockings of Grain-128, with a 2...
متن کاملSome Results on Distinguishing Attacks on Stream Ciphers
Stream ciphers are cryptographic primitives that are used to ensure the privacy of a message that is sent over a digital communication channel. In this thesis we will present new cryptanalytic results for several stream ciphers. The thesis provides a general introduction to cryptology, explains the basic concepts, gives an overview of various cryptographic primitives and discusses a number of d...
متن کاملSecurity analysis of linearly filtered NLFSRs
Our contributions are applying distinguishing attack on Linearly Filtered NLFSR as a primitive or associated with filter generators. We extend the attack on linear combinations of Linearly Filtered NLFSRs as well. Generally, these structures can be examined by the proposed techniques and the criteria will be achieved to design secure primitive. The attacks allow attacker to mount linear attack ...
متن کاملLinear Sequential Circuit Approximation of Grain and Trivium Stream Ciphers
Grain and Trivium are two hardware oriented synchronous stream ciphers proposed as the simplest candidates to the ECRYPT Stream Cipher Project, both dealing with 80-bit secret keys. In this paper we apply the linear sequential circuit approximation method to evaluate the strength of these stream ciphers against distinguishing attack. In this approximation method which was initially introduced b...
متن کامل