International Conference on the Theory and Application of Cryptology and Information Security

ASIACRYPT 2010: Advances in Cryptology - ASIACRYPT 2010 pp 130-145

Conditional Differential Cryptanalysis of NLFSR-Based Cryptosystems

  • Simon Knellwolf
  • Willi Meier
  • María Naya-Plasencia
Conference paper

DOI: 10.1007/978-3-642-17373-8_8

Volume 6477 of the book series Lecture Notes in Computer Science (LNCS)

Abstract

Non-linear feedback shift registers are widely used in lightweight cryptographic primitives. For such constructions we propose a general analysis technique based on differential cryptanalysis. The essential idea is to identify conditions on the internal state to obtain a deterministic differential characteristic for a large number of rounds. Depending on whether these conditions involve public variables only, or also key variables, we derive distinguishing and partial key recovery attacks. We apply these methods to analyse the security of the eSTREAM finalist Grain v1 as well as the block cipher family KATAN/KTANTAN. This allows us to distinguish Grain v1 reduced to 104 of its 160 rounds and to recover some information on the key. The technique naturally extends to higher order differentials and enables us to distinguish Grain-128 up to 215 of its 256 rounds and to recover parts of the key up to 213 rounds. All results are the best known thus far and are achieved by experiments in practical time.

Keywords

differential cryptanalysisNLFSRdistinguishing attackkey recoveryGrainKATAN/KTANTAN
Download to read the full conference paper text

Copyright information

© International Association for Cryptologic Research 2010

Authors and Affiliations

  • Simon Knellwolf
    • 1
  • Willi Meier
    • 1
  • María Naya-Plasencia
    • 1
  1. 1.FHNWSwitzerland