Self-testing/correcting with applications to numerical problems
Journal of Computer and System Sciences - Special issue: papers from the 22nd ACM symposium on the theory of computing, May 14–16, 1990
Probabilistic checking of proofs: a new characterization of NP
Journal of the ACM (JACM)
Generalized Inversion Attack on Nonlinear Filter Generators
IEEE Transactions on Computers
Fast Correlation Attacks through Reconstruction of Linear Polynomials
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of Block Ciphers with Overdefined Systems of Equations
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the Security of Nonlinear Filter Generators
Proceedings of the Third International Workshop on Fast Software Encryption
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
The Interpolation Attack on Block Ciphers
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Cube Testers and Key Recovery Attacks on Reduced-Round MD6 and Trivium
Fast Software Encryption
Efficient algorithms for solving overdefined systems of multivariate polynomial equations
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Algebraic attacks on stream ciphers with linear feedback
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
About the XL algorithm over GF(2)
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
A framework for chosen IV statistical analysis of stream ciphers
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
Two trivial attacks on TRIVIUM
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
Chosen IV statistical analysis for key recovery attacks on stream ciphers
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
A new simple technique to attack filter generators and related ciphers
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
KATAN and KTANTAN -- A Family of Small and Efficient Hardware-Oriented Block Ciphers
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Extensions of the Cube Attack Based on Low Degree Annihilators
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Side Channel Cube Attack on PRESENT
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Hummingbird: ultra-lightweight cryptography for resource-constrained devices
FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Extended cubes: enhancing the cube attack by extracting low-degree non-linear equations
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
A resynchronization attack on stream ciphers filtered by Maiorana-McFarland functions
Frontiers of Computer Science in China
Breaking Grain-128 with dynamic cube attacks
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Cryptanalysis of the atmel cipher in secure memory, cryptoMemory and crypto RF
ACNS'11 Proceedings of the 9th international conference on Applied cryptography and network security
Attacking Bivium and Trivium with the characteristic set method
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
On the security of NOEKEON against side channel cube attacks
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Second-Order differential collisions for reduced SHA-256
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
An experimentally verified attack on full grain-128 using dedicated reconfigurable hardware
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Cryptographic analysis of all 4 × 4-bit s-boxes
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
Conditional differential cryptanalysis of trivium and KATAN
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
KLEIN: a new family of lightweight block ciphers
RFIDSec'11 Proceedings of the 7th international conference on RFID Security and Privacy
The hummingbird-2 lightweight authenticated encryption algorithm
RFIDSec'11 Proceedings of the 7th international conference on RFID Security and Privacy
Cube cryptanalysis of hitag2 stream cipher
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
Boomerang distinguisher for the SIMD-512 compression function
INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
Fault analysis of the KATAN family of block ciphers
ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
The Cube Attack on Stream Cipher Trivium and Quadraticity Tests
Fundamenta Informaticae - Cryptology in Progress: 10th Central European Conference on Cryptology, Będlewo Poland, 2010
High order differential attacks on stream ciphers
Cryptography and Communications
Applying cube attacks to stream ciphers in realistic scenarios
Cryptography and Communications
State cycles, initialization and the Trivium stream cipher
Cryptography and Communications
On the security of hummingbird-2 against side channel cube attacks
WEWoRC'11 Proceedings of the 4th Western European conference on Research in Cryptology
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Controversy Corner: Efficient Hamming weight-based side-channel cube attacks on PRESENT
Journal of Systems and Software
Hard fault analysis of Trivium
Information Sciences: an International Journal
Solving polynomial systems over finite fields: improved analysis of the hybrid approach
Proceedings of the 37th International Symposium on Symbolic and Algebraic Computation
Cube attack in finite fields of higher order
AISC '11 Proceedings of the Ninth Australasian Information Security Conference - Volume 116
Cube cryptanalysis of LBlock with noisy leakage
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
A new model for error-tolerant side-channel cube attacks
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Optimal parameters for the WG stream cipher family
Cryptography and Communications
| Hi-index | 0.00 |
Almost any cryptographic scheme can be described by tweakable polynomials over GF (2), which contain both secret variables (e.g., key bits) and public variables (e.g., plaintext bits or IV bits). The cryptanalyst is allowed to tweak the polynomials by choosing arbitrary values for the public variables, and his goal is to solve the resultant system of polynomial equations in terms of their common secret variables. In this paper we develop a new technique (called a cube attack ) for solving such tweakable polynomials, which is a major improvement over several previously published attacks of the same type. For example, on the stream cipher Trivium with a reduced number of initialization rounds, the best previous attack (due to Fischer, Khazaei, and Meier) requires a barely practical complexity of 255 to attack 672 initialization rounds, whereas a cube attack can find the complete key of the same variant in 219 bit operations (which take less than a second on a single PC). Trivium with 735 initialization rounds (which could not be attacked by any previous technique) can now be broken with 230 bit operations. Trivium with 767 initialization rounds can now be broken with 245 bit operations, and the complexity of the attack can almost certainly be further reduced to about 236 bit operations. Whereas previous attacks were heuristic, had to be adapted to each cryptosystem, had no general complexity bounds, and were not expected to succeed on random looking polynomials, cube attacks are provably successful when applied to random polynomials of degree d over n secret variables whenever the number m of public variables exceeds d + log d n . Their complexity is 2 d *** 1 n + n 2 bit operations, which is polynomial in n and amazingly low when d is small. Cube attacks can be applied to any block cipher, stream cipher, or MAC which is provided as a black box (even when nothing is known about its internal structure) as long as at least one output bit can be represented by (an unknown) polynomial of relatively low degree in the secret and public variables.