Differential cryptanalysis of Lucifer
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Cube Attacks on Tweakable Black Box Polynomials
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
PolyBoRi: A framework for Gröbner-basis computations with Boolean polynomials
Journal of Symbolic Computation
Cube Testers and Key Recovery Attacks on Reduced-Round MD6 and Trivium
Fast Software Encryption
KATAN and KTANTAN -- A Family of Small and Efficient Hardware-Oriented Block Ciphers
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Two trivial attacks on TRIVIUM
SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
Chosen IV statistical analysis for key recovery attacks on stream ciphers
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
A 3-subset meet-in-the-middle attack: cryptanalysis of the lightweight block cipher KTANTAN
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Breaking Grain-128 with dynamic cube attacks
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Trivium: a stream cipher construction inspired by block cipher design principles
ISC'06 Proceedings of the 9th international conference on Information Security
Some instant- and practical-time related-key attacks on KTANTAN32/48/64
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
High order differential attacks on stream ciphers
Cryptography and Communications
Hi-index | 0.00 |
The concept of conditional differential cryptanalysis has been applied to NLFSR-based cryptosystems at ASIACRYPT 2010. We improve the technique by using automatic tools to find and analyze the involved conditions. Using these improvements we cryptanalyze the stream cipher Trivium and the KATAN family of lightweight block ciphers. For both ciphers we obtain new cryptanalytic results. For reduced variants of Trivium we obtain a class of weak keys that can be practically distinguished up to 961 of 1152 rounds. For the KATAN family we focus on its security in the related-key scenario and obtain practical key-recovery attacks for 120, 103 and 90 of 254 rounds of KATAN32, KATAN48 and KATAN64, respectively.