A New Chosen IV Statistical Attack on Grain-128a cipher
Grain-128a is a well-known stream cipher which has resisted against all types of single-key attacks since its introduction in 2011.A chosen IV conditional differential attack was applied on Grain-128a with 177 initial rounds.It was a distinguishing attack.Another conditional differential attack was recovered 18 secret key expressions of Grain-128a with 169 initial rounds.We propose a new chosen IV statistical attack on Grain-128a upon d-monomial tests and cube testers.Our attack enables us to distinguish between random sequences and keystreams of Grain-128a up to 169 initial rounds with the 2^26 computational complexity.Better results can be achieved by more computational complexity.The proposed attack is applicable to all symmetric ciphers and hash functions,and it can reveal the weaknesses that are not possible to be found by d-monomial tests.The attack was practically verified.
Grain-128a distinguishing attack chosen Ⅳ attack d-monomial test cube testers statistical attack
Vahid Amin Ghafari Honggang Hu
Key Laboratory of Electromagnetic Space Information,Chinese Academy of Sciences,University of Science and Technology of China Hefei,China
国际会议
南京
英文
58-62
2017-10-12(万方平台首次上网日期,不代表论文的发表时间)