A New Method for Searching Cubes and Its Application to 815-Round Trivium | Journal of Systems Science and Complexity Skip to main content
Log in

A New Method for Searching Cubes and Its Application to 815-Round Trivium

  • Published:
Journal of Systems Science and Complexity Aims and scope Submit manuscript

Abstract

The cube attack proposed by Dinur and Shamir is one of the most important key-recovery attacks against Trivium. Recently division property based cube attacks have been extensively studied and significantly improved. In particular, the MILP modeling technique for the three-subset division property without unknown subset proposed by Hao, et al. at EUROCRYPT 2020 and the new technique with nested monomial predictions proposed by Hu, et al. at ASIACRYPT 2021 are best techniques to recover exact superpolies in division property based cube attacks. Consequently, at this state of the art, whether a superpoly can be recovered in division property based cube attacks is mainly decided by the scale of the superpoly, that is, the number of terms. Hence the choice for proper cubes corresponding to low-complexity superpolies is more critical now. Some effective cube construction methods were proposed for experimental cube attacks, but not applicable to division property based cube attacks. In this paper, the authors propose a heuristic cube criterion and a cube sieve algorithm, which can be combined with the three-subset division property to recover a number of superpolies. Applied to 815-round Trivium, the authors recovered 417 superpolies from 441 cubes obtained by our algorithm of sizes between 41 and 48. The success rate is 94.56%. There are 165 non-constant superpolies with degree less than 14. In order to demonstrate the significance of the new algorithm, the authors tested the best superpoly recovery technique at EUROCRYPT 2020 using random cubes of similar sizes on 815-round Trivium. The experimental result shows that no cube could be completely recovered within a given period of time because the superpolies for random cubes are too complex.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (Japan)

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Cannière C D and Preneel B, Trivium, New Stream Cipher Designs — The eSTREAM Finalists, LNCS, Springer, 2008, 4986: 244–266.

  2. Dinur I and Shamir A, Cube attacks on tweakable black box polynomials, Proc. Advances in Cryptology — EUROCRYPT 2009, Germany, 2009, 2009(LNCS 5479): 278–299.

  3. Fouque P and Vannet T, Improving key recovery to 784 and 799 rounds of trivium using optimized cube attacks, Proc. 20th Int. Workshop, FSE 2013, Singapore, 2013, 2013 (LNCS 8424): 502–517.

  4. Ye C and Tian T, A practical key-recovery attack on 805-round trivium, Proc. Advances in Cryptology — ASIACRYPT 2021, Singapore, 2021, 2021(LNCS 13090): 187–213.

  5. Todo Y, Isobe T, Hao Y, et al., Cube attacks on non-blackbox polynomials based on division property, Proc. Advances in Cryptology — CRYPTO 2017, USA, 2017, 2017(LNCS 10403): 250–279.

  6. Todo Y, Isobe T, Hao Y, et al., Cube attacks on non-blackbox polynomials based on division property, IEEE Trans. Computers, 2018, 67(12): 1720–1736.

    Article  MathSciNet  MATH  Google Scholar 

  7. Hao Y, Isobe T, Jiao L, et al., Improved division property based cube attacks exploiting algebraic properties of superpoly, IEEE Trans. Computers, 2019, 68(10): 1470–1486.

    Article  MathSciNet  MATH  Google Scholar 

  8. Wang S, Hu B, Guan J, et al., Milp-aided method of searching division property using three subsets and applications, Proc. Advances in Cryptology — ASIACRYPT 2019, Japan, 2019, 2019(LNCS 11923): 399–427.

  9. Ye C and Tian T, Revisit division property based cube attacks: Key-recovery or distinguishing attacks? IACR Trans. Symmetric Cryptol., 2019, (3): 81–102.

    Article  Google Scholar 

  10. Hao Y, Leander G, Meier W, et al., Modeling for three-subset division property without unknown subset - improved cube attacks against trivium and grain-128aead, Proc. Advances in Cryptology — EUROCRYPT 2020, Croatia, 2020, 2020(LNCS 12105): 466–495.

  11. Hu K, Sun S, Wang M, et al., An algebraic formulation of the division property: Revisiting degree evaluations, cube attacks, and key-independent sums, Proc. Advances in Cryptology — ASIACRYPT 2020, South Korea, 2020, 2020(LNCS 12491): 446–476.

  12. Hu K, Sun S, Todo Y, et al., Massive superpoly recovery with nested monomial predictions, Proc. Advances in Cryptology — ASIACRYPT 2021, Singapore, 2021, 2021(LNCS 13090): 392–421.

  13. Sun Y, Automatic search of cubes for attacking stream ciphers, IACR Trans. Symmetric Cryptol., 2021(4): 100–123.

  14. Liu M, Yang J, Wang W, et al., Correlation cube attacks: From weak-key distinguisher to key recovery, Proc. Advances in Cryptology — EUROCRYPT 2018, Israel, 2018, 2018(LNCS 10821): 715–744.

  15. Dinur I, Guneysu T, Paar C, et al., An experimentally verified attack on full grain-128 using dedicated reconfigurable hardware, Proc. Advances in Cryptology — ASIACRYPT 2011, South Korea, 2011, 2011(LNCS 7073): 327–343.

  16. Dinur I and Shamir A, Breaking grain-128 with dynamic cube attacks, Proc. 18th Int. Workshop, FSE 2011, Denmark, 2011, 2011(LNCS 6733): 167–187.

  17. Rahimi M, Barmshory M, Mansouri M H, et al., Dynamic cube attack on grain-v1. IET Inf. Secur., 2016, 10(4): 165–172.

    Article  Google Scholar 

  18. Sarkar S, Maitra S and Baksi A, Observing biases in the state: Case studies with trivium and trivia-sc, Des. Codes Cryptogr., 2017, 82(1–2): 351–375.

    Article  MathSciNet  MATH  Google Scholar 

  19. Stankovski P, Greedy distinguishers and nonrandomness detectors, Proc. Progress in Cryptology — INDOCRYPT 2010, India, 2010, 2010(LNCS 6498): 210–226.

  20. Aumasson J, Dinur I, Meier W, et al., Cube testers and key recovery attacks on reduced-round MD6 and trivium, Proc. 16th Int. Workshop, FSE 2009, Belgium, 2009, 2009(LNCS 5665): 1–22.

  21. Kesarwani A, Roy D, Sarkar S, et al., New cube distinguishers on nfsr-based stream ciphers, Des. Codes Cryptogr., 2020, 88(1): 173–199.

    Article  MathSciNet  MATH  Google Scholar 

  22. Liu M, Degree evaluation of nfsr-based cryptosystems, Proc. Advances in Cryptology — CRYPTO 2017, USA, 2017, 2017(LNCS 10403): 227–249.

  23. Liu M, Lin D, and Wang W, Searching cubes for testing boolean functions and its application to trivium, Proc. IEEE International Symposium on Information Theory, ISIT 2015, China, 2015, 2015(IEEE): 496–500.

  24. Ye C and Tian T, Algebraic method to recover superpolies in cube attacks, IET Inf. Secur., 14(4): 430–441.

  25. Mroczkowski P and Szmidt J, The cube attack on stream cipher trivium and quadraticity tests, Fundamenta Informaticae, 2012, 114: 309–318.

    Article  MathSciNet  MATH  Google Scholar 

  26. Ye C and Tian T, A new framework for finding nonlinear superpolies in cube attacks against trivium-like ciphers, Proc. Information Security and Privacy — 23rd Australasian Conf., ACISP, 2018, 2018LNCS 10946: 172–187.

  27. Todo Y, Structural evaluation by generalized integral property, Proc. Advances in Cryptology — EUROCRYPT 2015, Bulgaria, 2015, 2015(LNCS 9056): 287–314.

  28. Todo Y and Morii M, Bit-based division property and application to simon family, Proc. 23rd Int. Conference, FSE 2016, Germany, 2016, 2016(LNCS 9783): 357–377.

  29. Xiang Z, Zhang W, Bao Z, et al., Applying MILP method to searching integral distinguishers based on division property for 6 lightweight block ciphers, Proc. Advances in Cryptology — ASIACRYPT 2016, Vietnam, 2016, 2016(LNCS 13090): 648–678.

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Tian Tian.

Ethics declarations

The authors declare no conflict of interest.

Additional information

This research was supported by the National Natural Science Foundation of China under Grant No. 61672533.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Liu, C., Tian, T. & Qi, W. A New Method for Searching Cubes and Its Application to 815-Round Trivium. J Syst Sci Complex 36, 2234–2254 (2023). https://doi.org/10.1007/s11424-023-1497-1

Download citation

  • Received:

  • Revised:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11424-023-1497-1

Keywords

Navigation