DOI QR코드

DOI QR Code

Guess and Determine Attack on Bivium

  • Rohani, Neda (Information System and Security Lab (ISSL), Dept. of Electrical Engineering, Sharif University of Technology) ;
  • Noferesti, Zainab (Information System and Security Lab (ISSL), Dept. of Electrical Engineering, Sharif University of Technology) ;
  • Mohajeri, Javad (Electronics Research Center, Sharif University of Technology) ;
  • Aref, Mohammad Reza (Information System and Security Lab (ISSL), Dept. of Electrical Engineering, Sharif University of Technology)
  • Received : 2010.08.06
  • Accepted : 2010.09.02
  • Published : 2011.03.31

Abstract

Bivium is a simplified version of Trivium, a hardware profile finalist of the eSTREAM project. Bivium has an internal state size of 177 bits and a key length of 80 bits. In this paper, a guess and determine attack on this cipher is introduced. In the proposed method, the best linear approximations for the updating functions are first defined. Then by using these calculated approximations, a system of linear equations is built. By guessing 30 bits of internal state, the system is solved and all the other 147 remaining bits are determined. The complexity of the attack is O ($2^{30}$), which is an improvement to the previous guess and determine attack with a complexity of order O($2^{52.3}$).

References

  1. eSTREAM: eSTREAM – The ECRYPT Stream Cipher Project: , http://www.ecrypt.eu.org/stream/
  2. J. Borghoff, L. R. Knudsen, M. Stolpe, “Bivium as a Mixed-Integer Linear Programming Problem”, Cryptography and Coding, Lecture Notes in Computer Science, Vol.5921, Springer, 2009, pp.133-152. https://doi.org/10.1007/978-3-642-10868-6_9
  3. C. De Canniere, B. Preneel, “TRIVIUM – a stream cipher construction inspired by block cipher design principles”, new stream cipher designs: the eSTREAM finalists, Lecture Notes in Computer Science, Vol.4986, Springer, 2008, pp.244-266.
  4. C. McDonald, C. Charnes, J. Pieprzyk, “Attacking Bivium with MiniSat”, Cryptology ePrint Archive, Report 2007/040, 2007.
  5. A. Maximov, A. Biryukov, “Two Trivial Attacks on Trivium”, Selected Areas in Cryptography, Lecture Notes in Computer Science, Vol.4876, Springer, 2007, pp.36-55. https://doi.org/10.1007/978-3-540-77360-3_3
  6. H. Ahmadi, T. Eghlidos, “Heuristic Guess-and-Determine Attacks on Stream Ciphers”, IET Journal in Information Security, Vol.3, 2009, pp.66-73. https://doi.org/10.1049/iet-ifs.2008.0013
  7. P. Hawkes, G. Rose, The t-class of SOBER stream ciphers, Technical report, QUALCOMM Australia, Suite 410, Birkenhead Point, DrummoyneNSW 2137, Australia, 1999.
  8. P. Hawkes, G. Rose, “Guess and Determine Attacks on SNOW”, Selected Areas in Cryptography, Lecture Notes in Computer Science, vol. 2595, Springer, 2002, pp.37-46.
  9. J. Hastad, M. Naslund, “The Stream Cipher Polar Bear”, eSTREAM, ECRYPT Stream Cipher Project Report 2005/021, 2005, http://www.ecrypt.eu.org/stream/, accessed June, 2008.
  10. S. Babbage, “Some Thoughts on Trivium”, eSTREAM, ECRYPT Stream Cipher. Project, Report 2007/007 (2007),http://www.ecrypt.eu.org/stream.
  11. D. Denning, Cryptography and Data Security, Addison-Wesley, May, 1982.
  12. H.Raddum, “Cryptanalytic Results on Trivium”, eSTREAM, ECRYPT Stream Cipher Project, Report 2006/039, 2006. http://www.ecrypt.eu.org/stream.
  13. Z. Noferesti, N. Rohani, J. Mohajeri, M. Aref, “Distinguishing Attack on Bivium”, 10th IEEE International Conference on Computer and Information Technology, UK, 2010, pp.1075-1078.