Skip to Main content Skip to Navigation
Conference papers

Improving Key Recovery to 784 and 799 Rounds of Trivium Using Optimized Cube Attacks

Abstract : Dinur and Shamir have described cube attacks at EUROCRYPT '09 and they have shown how efficient they are on the stream cipher Trivium up to 767 rounds. These attacks have been extended to distinguishers but since this seminal work, no better results on the complexity of key recovery attacks on Trivium have been presented. It appears that the time complexity to compute cubes is expensive and the discovery of linear superpoly also requires the computation of many cubes. In this paper, we increase the number of attacked initialization rounds by improving the time complexity of computing cube and we show attacks that go beyond this bound. We were able to find linear superpoly up to 784 rounds, which leads to an attack requiring 2 39 queries. Using quadratic superpoly, we were also able to provide another attack up to 799 rounds which complexity is 2 40 queries and 2 62 for the exhaustive search part. To achieve such results, we find a way to reduce the density of the polynomials, we look for quadratic relations and we extensively use the Moebius transform to speed up computations for various purposes.
Document type :
Conference papers
Complete list of metadata

Cited literature [7 references]  Display  Hide  Download

https://hal.inria.fr/hal-01094308
Contributor : Pierre-Alain Fouque <>
Submitted on : Friday, December 12, 2014 - 9:45:57 AM
Last modification on : Thursday, April 4, 2019 - 10:18:05 AM
Long-term archiving on: : Friday, March 13, 2015 - 10:25:42 AM

File

FV13.pdf
Files produced by the author(s)

Identifiers

Citation

Pierre-Alain Fouque, Thomas Vannet. Improving Key Recovery to 784 and 799 Rounds of Trivium Using Optimized Cube Attacks. Fast Software Encryption - 20th International Workshop, 2013, Mar 2013, Singapore, Singapore. pp.16, ⟨10.1007/978-3-662-43933-3_26⟩. ⟨hal-01094308⟩

Share

Metrics

Record views

98

Files downloads

311