Some results on related Key-IV pairs of grain

  • Authors:

  • Subhadeep Banik;Subhamoy Maitra;Santanu Sarkar

  • Affiliations:

  • Applied Statistics Unit, Indian Statistical Institute, Kolkata, India;Applied Statistics Unit, Indian Statistical Institute, Kolkata, India;Applied Statistics Unit, Indian Statistical Institute, Kolkata, India

  • Venue:
  • SPACE'12 Proceedings of the Second international conference on Security, Privacy, and Applied Cryptography Engineering
  • Year:
  • 2012

Quantified Score

Hi-index 0.00

Visualization

Abstract

In this paper we explain how one can obtain Key-IV pairs for Grain family of stream ciphers that can generate output key-streams which are either (i) almost similar in the initial part or (ii) exact shifts of each other throughout the generation of the stream. Let lP be the size of the pad used during the key loading of Grain. For the first case, we show that in expected $2^{l_P}$ many invocations of the Key Scheduling Algorithm and its reverse routine, one can obtain two related Key-IV pairs that can produce same output bits in 75 (respectively 112 and 115) selected positions among the initial 96 (respectively 160 and 160) bits for Grain v1 (respectively Grain-128 and Grain-128a). Similar idea works for the second case in showing that given any Key-IV, one can obtain another related Key-IV in expected $2^{l_P}$ many trials such that the related Key-IV pairs produce shifted key-streams. We also provide an efficient strategy to obtain related Key-IV pairs that produce exactly i-bit shifted key-streams for small i. Our technique pre-computes certain equations that help in obtaining such related Key-IV pairs in 2i many expected trials.