Two trivial attacks on TRIVIUM
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
Trivium: a stream cipher construction inspired by block cipher design principles
ISC'06 Proceedings of the 9th international conference on Information Security
| Hi-index | 0.01 |
Trivium an eSTREAM candidate has an internal state of 288 bits,and it has been designed to provide a security level of 80 bits.Recently, its tweaked structure Trivium/128 with three added gatesis also proposed which is meant to provide the security level of128 bits without any increase in the internal state bits. Thisarticle presents an algebraic analysis of the key generatingstructure of both versions. Our experiments target to recover theinternal state bits by solving practically the varying degreeequations of Trivium, with some guessed bits using Groebner basisalgorithm. Our analysis shows that although tweaked structure offermore complex equations, still it is unsuitable to provide asecurity level of 128 bits. We also propose a modified version ofthe Trivium. The algebraic relations of internal states with outputbits formed using our proposed modified version are higher indegrees in comparison with both previous versions. Thus, ourproposed version offers increased difficulty of recovering internalstate bits by solving algebraic equations and this proves it to bemore suitable to provide 128-bit security level.