Abstract
Trivium is a well-known lightweight synchronous stream cipher that was submitted to the European eSTREAM project in April 2005. Thus far, it has been difficult to determine cycles of the internal state values of Trivium, remaining an open problem to date. In this paper, the internal structure of Trivium is exploited to generate an algorithm called Trivium-model. Based on Trivium-model, some new results are obtained through the state cycles of Trivium. It is noted that there exists one cycle of size 10, one cycle of size 11, two cycles of size 12, one cycle of size 15 and at least 16 cycles of size \(3(2^{93}-1)\). Therefore, the distribution of cycle lengths is not equiprobable, and small cycles exist. These cycles may cause the weak initial states and be the vulnerability of Trivium.
Similar content being viewed by others
References
Biham E., Dunkelman O.: Cryptanalysis of the A5/1 GSM Stream Cipher. Cryptology, Proceedings of Indocrypt 00, Computer Science 1977, Springer, New York, pp. 43–51 (2000).
Borghoff J., Knudsen L.R., Stolpe M.: Bivium as a mixed-integer linear programming problem. In: Parker M.G. (ed.) LNCS, vol. 5921, pp. 133–152. Springer, Heidelberg (2009).
De Cannière C., Preneel B.: Trivium—A Stream Cipher Construction Inspired by Block Cipher Design Principles. eSTREAM, ECRYPT Stream Cipher Project. http://www.ecrypt.eu.org/stream (2005).
De Cannière C., Preneel B.: TRIVIUM Specifications. eSTREAM, ECRYPT Stream Cipher Project. http://www.ecrypt.eu.org/stream, Report 2005/030 (2005).
Dinur I., Shamir A.: Cube attacks on weakable black box polynomials. In: Joux A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009).
Fouque P.A., Vannet T.: Improving key recovery to 784 and 799 rounds of trivium using optimized cube attacks. In: Moriai S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 502–517. Springer, Heidelberg (2014).
Gaj K., Southern G., Bachimanchi R.: Comparison of Hardware Performance of Selected Phase II eSTREAM Candidates. http://www.ecrypt.eu.org/stream/papersdir/2007/026.pdf (2007).
Hu H., Gong G.: Periods on two kinds of nonlinear feedback shift registers with time varying feedback functions. Int. J. Found. Comput. 22(6), 1317–1329 (2011).
Lechtaler A.C., Cipriano M., García E., César J., Liporace A.M., Malvacio E.: Trivium vs. trivium toy. In: Argentinean Congress on Computer Science—III Workshop Computer Security. ISBN 978-987-3806-05-6. pp. 161–172 (2014).
Maximov A., Biryukov A.: Two trivial attacks on TRIVIUM. In: SASC2007: The State of the Art of Stream Ciphers, pp. 1–16 (2007).
Raddum H.: Cryptanalytic Results on Trivium. http://www.ecrypt.eu.org/stream/papersdir/2006/039.ps (2007).
SIG Bluetooth. Bluetooth specification. https://www.bluetooth.com/specifications.
Simpson L., Boztas S.: State cycles, initialization and the Trivium stream cipher. Cryptogr. Commun. 4(3), 245–258 (2012).
Smart N.: Cryptography: An Introduction. McGraw-Hill Education, New York. ISBN 0-077-09987-7 (2003).
Wang Z., Qi W., Tian T.: A note on determine the greatest common subfamily of two NFSRs by Gröbner basis. J. Syst. Sci. Complex. 28, 1231–1242 (2015).
Wang H., Zhong J., Lin D.: Linearization of Multi-valued Nonlinear Feedback Shift Registers. https://eprint.iacr.org/ (2018).
Acknowledgements
This work was supported in part by the International Researcher Exchange Project of the National Science Foundation of China and Centre national de la recherche scientifique de France (NSFC-CNRS) under Grant No. 61211130104 and the National Key Research and Development Program of China under Grant No. yfb0802505.
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by V. Rijmen.
Rights and permissions
About this article
Cite this article
Zhang, S., Chen, G. New results on the state cycles of Trivium. Des. Codes Cryptogr. 87, 149–162 (2019). https://doi.org/10.1007/s10623-018-0493-2
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10623-018-0493-2