http://iet.metastore.ingenta.com
1887

Conditional differential attacks on Grain-128a stream cipher

Conditional differential attacks on Grain-128a stream cipher

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

The well-known stream cipher Grain-128a is the new version of Grain-128. While Grain-128 is vulnerable against several introduced attacks, Grain-128a is claimed to be secure against all known attacks and observations on Grain-128. So far the only published single-key attack on Grain-128a is the conditional differential cryptanalysis proposed by Michael Lehmann et al. at CANS 2012. In their analysis, a distinguishing attack on 189-round Grain-128a in a weak-key setting was proposed. In this study, the authors present two new conditional differential attacks on Grain-128a, i.e. attack A and attack B. In attack A, the authors successfully retrieve 18 secret key expressions for 169-round Grain-128a. To the best of our knowledge, attack A is the first attack to retrieve secret key expressions for reduced Grain-128a. In attack B, the authors extend the distinguishing attack against Grain-128a up to 195 rounds in a weak-key setting. Thus far, attack B is the best known attack for reduced Grain-128a as far as the number of rounds attacked is concerned. Hopefully, the authors’ reflections on the design of Grain-128a provide insights on such compact stream ciphers.

References

    1. 1)
      • S. Knellwolf , W. Meier , M. Naya-Plasencia .
        1. Knellwolf, S., Meier, W., Naya-Plasencia, M.: ‘Conditional differential cryptanalysis of NLFSR-based cryptosystems’. Proc. 16th Conf. Theory and Application of Cryptology and Inform. Security (ASIACRYPT 2010), Singapore, 2010, pp. 130145.
        . Proc. 16th Conf. Theory and Application of Cryptology and Inform. Security (ASIACRYPT 2010) , 130 - 145
    2. 2)
      • X. Wang , H. Yu .
        2. Wang, X., Yu, H.: ‘How to break MD5 and other hash functions’. Proc. 24th Conf. Theory and Application of Cryptographic Techniques (EUROCRYPT 2005), Aarhus, Denmark, 2005, pp. 1935.
        . Proc. 24th Conf. Theory and Application of Cryptographic Techniques (EUROCRYPT 2005) , 19 - 35
    3. 3)
      • S. Knellwolf .
        3. Knellwolf, S.: ‘Cryptanalysis of hardware-oriented ciphers, The Knapsack Generator, and SHA-1’. PhD thesis, ETH Zurich University, 2012.
        . PhD thesis
    4. 4)
      • S. Banik .
        4. Banik, S.: ‘Some insights into differential cryptanalysis of Grain v1’. Proc. Information Security and Privacy – 19th Australasian Conf. (ACISP 2014), Wollongong, NSW, Australia, 2014, pp. 3449.
        . Proc. Information Security and Privacy – 19th Australasian Conf. (ACISP 2014) , 34 - 49
    5. 5)
      • M. Lehmann , W. Meier .
        5. Lehmann, M., Meier, W.: ‘Conditional differential cryptanalysis of Grain-128a’. Proc. 11th Int. Conf. Cryptology and Network Security (CANS 2012), Darmstadt, Germany, 2012, pp. 111.
        . Proc. 11th Int. Conf. Cryptology and Network Security (CANS 2012) , 1 - 11
    6. 6)
      • S. Knellwolf , W. Meier , M. Naya-Plasencia .
        6. Knellwolf, S., Meier, W., Naya-Plasencia, M.: ‘Conditional differential cryptanalysis of Trivium and KATAN’. Proc. 18th Int. Workshop on Selected Areas in Cryptography (SAC 2011), Toronto, Ontario, Canada, 2011, pp. 200212.
        . Proc. 18th Int. Workshop on Selected Areas in Cryptography (SAC 2011) , 200 - 212
    7. 7)
      • S. Banik . (2015)
        7. Banik, S.: ‘Conditional differential cryptanalysis of 105 round Grain v1’. Cryptography Communication DOI: 10.1007/s12095-015-0146-5 (Springer, Heidelberg, 2015).
        .
    8. 8)
      • S. Sarkar .
        8. Sarkar, S.: ‘A new distinguisher on Grain v1 for 106 rounds’. Proc. 11th Int. Conf. Information System Security, Kolkata, India, 2015, pp. 334344.
        . Proc. 11th Int. Conf. Information System Security , 334 - 344
    9. 9)
      • M. Hell , T. Johansson , A. Maximov .
        9. Hell, M., Johansson, T., Maximov, A., et al: ‘A stream cipher proposal: Grain-128’. Proc. 2nd Conf. Information Theory, Washington, DC, USA, 2006, pp. 16141618.
        . Proc. 2nd Conf. Information Theory , 1614 - 1618
    10. 10)
      • M. Hell , T. Johansson , W. Meier .
        10. Hell, M., Johansson, T., Meier, W.: ‘Grain: a stream cipher for constrained environments’. New Stream Cipher Designs, (LNCS4986), 2008, pp. 179190.
        . New Stream Cipher Designs, , 179 - 190
    11. 11)
      • J.P. Aumasson , I. Dinur , L. Henzen .
        11. Aumasson, J.P., Dinur, I., Henzen, L., et al: ‘Efficient FPGA implementations of high-dimensional cube testers on the stream cipher Grain-128’. Available at http://eprint.iacr.org/2009/218.pdf, accessed 26 January 2016.
        .
    12. 12)
      • P. Stankovski .
        12. Stankovski, P.: ‘Greedy distinguishers and nonrandomness detectors’. Proc. 11th Int. Conf. Cryptology in India (INDOCRYPT 2010), Hyderabad, India, 2010, pp. 210226.
        . Proc. 11th Int. Conf. Cryptology in India (INDOCRYPT 2010) , 210 - 226
    13. 13)
      • J.M. Miodrag , G. Sugata , P. Goutam .
        13. Miodrag, J.M., Sugata, G., Goutam, P., et al: ‘Generic cryptographic weakness of K-normal Boolean functions in certain stream ciphers and cryptanalysis of Grain-128’, Periodica Mathematica Hungarica, 2012, 65, (2), pp. 205227.
        . Periodica Mathematica Hungarica , 2 , 205 - 227
    14. 14)
      • I. Dinur , T. Güneysu , C. Paar .
        14. Dinur, I., Güneysu, T., Paar, C., et al: ‘An experimentally verified attack on full Grain-128 using dedicated reconfigurable hardware’. Proc. 17th Conf. Theory and Application of Cryptology and Information Security (ASIACRYPT 2011), Seoul, South Korea, 2011, pp. 327343.
        . Proc. 17th Conf. Theory and Application of Cryptology and Information Security (ASIACRYPT 2011) , 327 - 343
    15. 15)
      • M. Ågren , M. Hell , T. Johansson .
        15. Ågren, M., Hell, M., Johansson, T., et al: ‘Grain-128a: a new version of Grain-128 with optional authentication’, Int. J. Wireless Mob. Comput., 2011, 5, (1), pp. 4859.
        . Int. J. Wireless Mob. Comput. , 1 , 48 - 59
    16. 16)
      • S. Banik , S. Maitra , S. Sarkar .
        16. Banik, S., Maitra, S., Sarkar, S.: ‘A Differential Fault Attack on Grain-128a Using MACs’. Proc. Security, Privacy, and Applied Cryptography Engineering, (LNCS7644), 2012, pp. 111125.
        . Proc. Security, Privacy, and Applied Cryptography Engineering, , 111 - 125
    17. 17)
      • S. Banik , S. Maitra , S. Sarkar .
        17. Banik, S., Maitra, S., Sarkar, S.: ‘A differential fault attack on the grain family under reasonable assumptions’. Proc. 13th Int. Conf. Cryptology in India, Kolkata, India, 2012, pp. 191208.
        . Proc. 13th Int. Conf. Cryptology in India , 191 - 208
    18. 18)
      • S. Banik , S. Maitra , S. Sarkar .
        18. Banik, S., Maitra, S., Sarkar, S.: ‘Differential fault attack against grain family with very few faults and minimal assumptions’, IEEE Trans. Comput., 2014, 64, (6), pp. 16471657.
        . IEEE Trans. Comput. , 6 , 1647 - 1657
    19. 19)
      • L. Ding , J. Guan .
        19. Ding, L., Guan, J.: ‘Related key chosen IV attack on Grain-128a stream cipher’, IEEE Trans. Inf. Forensics Sec., 2013, 8, (5), pp. 803809.
        . IEEE Trans. Inf. Forensics Sec. , 5 , 803 - 809
    20. 20)
      • S. Banik , S. Maitra , S. Sarkar .
        20. Banik, S., Maitra, S., Sarkar, S., et al: ‘A chosen IV related key attack on Grain-128a’. Proc. Information Security and Privacy – 18th Australasian Conf. (ACISP 2013), Brisbane, Australia, 2013, pp. 1326.
        . Proc. Information Security and Privacy – 18th Australasian Conf. (ACISP 2013) , 13 - 26
    21. 21)
      • V.H. Robert , A.T. Elliot . (1977)
        21. Robert, V.H., Elliot, A.T.: ‘Probability and statistical inference’ (Macmillan Publishing Co., Inc., 1977).
        .
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2016.0060
Loading

Related content

content/journals/10.1049/iet-ifs.2016.0060
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address