Abstract
In this paper we propose conditional differential cryptanalysis of 105 round Grain v1. This improves the attack proposed on 97 round Grain v1 by Knellwolf et al at Asiacrypt 2010. We take the help of the tool ΔGrain KSA, to track the differential trails introduced in the internal state of Grain v1 by any difference in the IV bits. We prove that a suitably introduced difference in the IV leads to a distinguisher for the output bit produced in the 105th round. This helps determine the values of 6 expressions in the Secret Key bits. Using the above attack as a subroutine, we propose a method that determines 9 Secret Key bits explicitly. Thus, the complexity for the Key recovery is proportional to 271 operations, which is faster than exhaustive search by 29.
Original language | English |
---|---|
Journal | Cryptography and Communications |
Volume | 8 |
Issue number | 1 |
Pages (from-to) | 113-137 |
ISSN | 1936-2447 |
DOIs | |
Publication status | Published - 2016 |
Keywords
- EStream
- Differential cryptanalysis
- Dynamic cube attack
- Grain v1
- Stream cipher