A New Distinguisher on Grain v1 for 106 Rounds

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9478)


In Asiacrypt 2010, Knellwolf, Meier and Naya-Plasencia proposed distinguishing attacks on Grain v1 when (i) Key Scheduling process is reduced to 97 rounds using \(2^{27}\) chosen IVs and (ii) Key Scheduling process is reduced to 104 rounds using \(2^{35}\) chosen IVs. Using similar idea, Banik obtained a new distinguisher for 105 rounds. In this paper, we show similar approach can work for 106 rounds. We present a new distinguisher on Grain v1 for 106 rounds with success probability 63 %.


Differential cryptanalysis Distinguisher Grain v1 Stream cipher 


  1. 1.
    Aumasson, J.-P., Dinur, I., Meier, W., Shamir, A.: Cube testers and key recovery attacks on reduced-round MD6 and trivium. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 1–22. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  2. 2.
    Aumasson, J.P., Dinur, I., Henzen, L., Meier, W., Shamir, A.: Efficient FPGA implementations of high-dimensional cube testers on the stream cipher Grain-128. In: SHARCS - Special-Purpose Hardware for Attacking Cryptographic Systems (2009)Google Scholar
  3. 3.
    Banik, S.: Some insights into differential cryptanalysis of grain v1. In: Susilo, W., Mu, Y. (eds.) ACISP 2014. LNCS, vol. 8544, pp. 34–49. Springer, Heidelberg (2014) Google Scholar
  4. 4.
    Banik, S.: A Dynamic Cube Attack on 105 round Grain v1. IACR Cryptology ePrint Archive 2014: 652. http://eprint.iacr.org/2014/652
  5. 5.
    Ben-Aroya, I., Biham, E.: Differential cryptanalysis of lucifer. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 187–199. Springer, Heidelberg (1994) Google Scholar
  6. 6.
    Berbain, C., Gilbert, H., Maximov, A.: Cryptanalysis of grain. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 15–29. Springer, Heidelberg (2006) CrossRefGoogle Scholar
  7. 7.
    Bjørstad, T.E.: Cryptanalysis of Grain using Time/Memory/Data tradeoffs (v1.0/2008–02-25). http://www.ecrypt.eu.org/stream
  8. 8.
    Daemen, J., Govaerts, R., Vandewalle, J.: Resynchronization weaknesses in synchronous stream ciphers. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 159–167. Springer, Heidelberg (1994) CrossRefGoogle Scholar
  9. 9.
    De Cannière, C., Küçük, Ö., Preneel, B.: Analysis of grain’s initialization algorithm. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 276–289. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  10. 10.
  11. 11.
    Dinur, I., Güneysu, T., Paar, C., Shamir, A., Zimmermann, R.: An experimentally verified attack on full grain-128 using dedicated reconfigurable hardware. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 327–343. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  12. 12.
    Dinur, I., Shamir, A.: Cube attacks on tweakable black box polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  13. 13.
    Dinur, I., Shamir, A.: Breaking grain-128 with dynamic cube attacks. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 167–187. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  14. 14.
    The ECRYPT Stream Cipher Project. eSTREAM Portfolio of Stream Ciphers. Accepted 8 September 2008Google Scholar
  15. 15.
    Englund, H., Johansson, T., Sönmez Turan, M.: A framework for chosen IV statistical analysis of stream ciphers. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 268–281. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  16. 16.
    Fischer, S., Khazaei, S., Meier, W.: Chosen IV statistical analysis for key recovery attacks on stream ciphers. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 236–245. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  17. 17.
    Fredricksen, H.: A survey of full length nonlinear shift register cycle algorithms. SIAM Rev. 24(1982), 195–221 (1982)CrossRefMATHMathSciNetGoogle Scholar
  18. 18.
    Hell, M., Johansson, T., Meier, W.: Grain - A Stream Cipher for Constrained Environments. ECRYPT Stream Cipher Project Report 2005/001 (2005). http://www.ecrypt.eu.org/stream
  19. 19.
    Khazaei, S., Hassanzadeh, M., Kiaei, M.: Distinguishing Attack on Grain. ECRYPT Stream Cipher Project Report 2005/071 (2005). http://www.ecrypt.eu.org/stream
  20. 20.
    Knellwolf, S., Meier, W., Naya-Plasencia, M.: Conditional differential cryptanalysis of NLFSR-based cryptosystems. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 130–145. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  21. 21.
    Knellwolf, S., Meier, W., Naya-Plasencia, M.: Conditional differential cryptanalysis of trivium and KATAN. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 200–212. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  22. 22.
    Knellwolf, S., Meier, W.: High order differential attacks on stream ciphers. Crypt. Commun. 4(3–4), 203–215 (2012)CrossRefMATHMathSciNetGoogle Scholar
  23. 23.
    Lehmann, M., Meier, W.: Conditional differential cryptanalysis of grain-128a. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 1–11. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  24. 24.
    Lee, Y., Jeong, K., Sung, J., Hong, S.H.: Related-key chosen IV attacks on grain-v1 and grain-128. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 321–335. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  25. 25.
    Mihaljevic, M.J., Gangopadhyay, S., Paul, G., Imai, H.: Internal state recovery of grain-v1 employing normality order of the filter function. IET Inf. Secur. 6(2), 55–64 (2012)CrossRefGoogle Scholar
  26. 26.
    Stein, W.: Sage Mathematics Software. Free Software Foundation Inc. (2009). http://www.sagemath.org. (Open source project initiated by W. Stein and contributed by many)
  27. 27.
    Stankovski, P.: Greedy distinguishers and nonrandomness detectors. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 210–226. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  28. 28.
    Zhang, H., Wang, X.: Cryptanalysis of Stream Cipher Grain Family. IACR Cryptology ePrint Archive 2009: 109. http://eprint.iacr.org/2009/109

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.Department of MathematicsIndian Institute of TechnologyChennaiIndia

Personalised recommendations