Conditional differential cryptanalysis of trivium and KATAN

Authors:
Simon Knellwolf;Willi Meier;María Naya-Plasencia
Affiliations:
FHNW, Switzerland;FHNW, Switzerland;FHNW, Switzerland
Venue:
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
Year:
2011

Citing 11
Cited 1

Differential cryptanalysis of Lucifer

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Cube Attacks on Tweakable Black Box Polynomials

EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
PolyBoRi: A framework for Gröbner-basis computations with Boolean polynomials

Journal of Symbolic Computation
Cube Testers and Key Recovery Attacks on Reduced-Round MD6 and Trivium

Fast Software Encryption
KATAN and KTANTAN -- A Family of Small and Efficient Hardware-Oriented Block Ciphers

CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Two trivial attacks on TRIVIUM

SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
Chosen IV statistical analysis for key recovery attacks on stream ciphers

AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
A 3-subset meet-in-the-middle attack: cryptanalysis of the lightweight block cipher KTANTAN

SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Breaking Grain-128 with dynamic cube attacks

FSE'11 Proceedings of the 18th international conference on Fast software encryption
Trivium: a stream cipher construction inspired by block cipher design principles

ISC'06 Proceedings of the 9th international conference on Information Security
Some instant- and practical-time related-key attacks on KTANTAN32/48/64

SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography

High order differential attacks on stream ciphers

Cryptography and Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

The concept of conditional differential cryptanalysis has been applied to NLFSR-based cryptosystems at ASIACRYPT 2010. We improve the technique by using automatic tools to find and analyze the involved conditions. Using these improvements we cryptanalyze the stream cipher Trivium and the KATAN family of lightweight block ciphers. For both ciphers we obtain new cryptanalytic results. For reduced variants of Trivium we obtain a class of weak keys that can be practically distinguished up to 961 of 1152 rounds. For the KATAN family we focus on its security in the related-key scenario and obtain practical key-recovery attacks for 120, 103 and 90 of 254 rounds of KATAN32, KATAN48 and KATAN64, respectively.