Mixing Property Tester: A General Framework for Evaluating the Mixing Properties of Initialization of Stream Ciphers

  • Lin DingEmail author
  • Dawu Gu
  • Lei Wang
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1122)


In this paper, a general framework for evaluating the mixing properties of initialization of stream ciphers, called Mixing Property Tester-MPT, is exploited and formalized. Based on this general framework, we propose a concrete and efficient algorithm, which can compute the maximum number of initialization rounds of a given stream cipher such that any internal state bit or generated keystream bit does not achieve full mixing properties. Our algorithm has linear time complexity and needs a negligible amount of memory. As illustrations, we apply our algorithm to ZUC-128, ZUC-256 and Trivium stream ciphers. The results show that though ZUC-256 has a much larger initial input size than ZUC-128, its mixing properties are almost as good as ZUC-128. As for Trivium, the tap positions of keystream output function are not chosen optimally with respect to this tester and we provide some better selections of tap positions. As a general cryptanalytic tool, MPT can help to give the designers more insights to choose the initialization functions and the required number of initialization rounds.


Stream cipher Initialization Mixing property ZUC-128 ZUC-256 Trivium 



The authors would like to thank the anonymous reviewers for their valuable comments and suggestions. This work was supported by the National Natural Science Foundation of China under Grant 61602514, 61802437, 61272488, 61202491, 61572516, 61272041, 61772547, National Cryptography Development Fund under Grant MMJJ20170125 and National Postdoctoral Program for Innovative Talents under Grant BX201700153.


  1. 1.
    ETSI/SAGE: Specification of the 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3, Document 2: ZUC Specification, Version 1.6, 28 June 2011.
  2. 2.
    Zhou, C., Feng, X., Lin, D.: The initialization stage analysis of ZUC v1.5. In: Lin, D., Tsudik, G., Wang, X. (eds.) CANS 2011. LNCS, vol. 7092, pp. 40–53. Springer, Heidelberg (2011). Scholar
  3. 3.
    Guan, J., Ding, L., Liu, S.: Guess and determine attack on SNOW3G and ZUC. J. Softw. 24(6), 1324–1333 (2013). (in Chinese)CrossRefGoogle Scholar
  4. 4.
    Lafitte, F., Markowitch, O., Heule, D.V.: SAT based analysis of LTE stream cipher ZUC. J. Inf. Secur. Appl. 22, 54–65 (2015)Google Scholar
  5. 5.
    Design Team: ZUC-256 stream cipher. J. Cryptologic Res. 5(2), 167–179 (2018)Google Scholar
  6. 6.
    De Cannière, C., Preneel, B.: Trivium. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 244–266. Springer, Heidelberg (2008). Scholar
  7. 7.
    Maximov, A., Biryukov, A.: Two trivial attacks on Trivium. In: Adams, C., Miri, A., Wiener, M. (eds.) SAC 2007. LNCS, vol. 4876, pp. 36–55. Springer, Heidelberg (2007). Scholar
  8. 8.
    Fouque, P.-A., Vannet, T.: Improving key recovery to 784 and 799 rounds of trivium using optimized cube attacks. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 502–517. Springer, Heidelberg (2014). Scholar
  9. 9.
    Liu, M., Lin, D., Wang, W.: Searching cubes for testing Boolean functions and its application to Trivium. In: IEEE International Symposium on Information Theory (ISIT 2015), Hong Kong, China, 14–19 June 2015, pp. 496–500. IEEE (2015)Google Scholar
  10. 10.
    Liu, M.: Degree evaluation of NFSR-based cryptosystems. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 227–249. Springer, Cham (2017). Scholar
  11. 11.
    Todo, Y., Isobe, T., Hao, Y., Meier, W.: Cube attacks on non-blackbox polynomials based on division property. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 250–279. Springer, Cham (2017). Scholar
  12. 12.
    Wang, Q., Hao, Y., Todo, Y., Li, C., Isobe, T., Meier, W.: Improved division property based cube attacks exploiting algebraic properties of superpoly. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 275–305. Springer, Cham (2018). Scholar
  13. 13.
    Englund, H., Johansson, T., Sönmez Turan, M.: A framework for chosen IV statistical analysis of stream ciphers. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 268–281. Springer, Heidelberg (2007). Scholar
  14. 14.
    Fischer, S., Khazaei, S., Meier, W.: Chosen IV statistical analysis for key recovery attacks on stream ciphers. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 236–245. Springer, Heidelberg (2008). Scholar
  15. 15.
    Dinur, I., Shamir, A.: Cube attacks on tweakable black box polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009). Scholar
  16. 16.
    Aumasson, J.-P., Dinur, I., Meier, W., Shamir, A.: Cube testers and key recovery attacks on reduced-round MD6 and Trivium. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 1–22. Springer, Heidelberg (2009). Scholar
  17. 17.
    Dinur, I., Shamir, A.: Breaking Grain-128 with dynamic cube attacks. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 167–187. Springer, Heidelberg (2011). Scholar
  18. 18.
    Huang, S., Wang, X., Xu, G., Wang, M., Zhao, J.: Conditional cube attack on reduced-round keccak sponge function. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10211, pp. 259–288. Springer, Cham (2017). Scholar
  19. 19.
    Liu, M., Yang, J., Wang, W., Lin, D.: Correlation cube attacks: from weak-key distinguisher to key recovery. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 715–744. Springer, Cham (2018). Scholar
  20. 20.
    Sönmez Turan, M., Kara, O.: Linear approximations for 2-round trivium. In: Proceedings of First International Conference on Security of Information and Networks (SIN 2007), Gazimagusa (TRNC), North Cyprus, 8–10 May 2007, pp. 96–105. Trafford Publishing (2007)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringShanghai Jiao Tong UniversityShanghaiChina
  2. 2.PLA SSF Information Engneering UniversityZhengzhouChina
  3. 3.Westone Cryptologic Research CenterBeijingChina

Personalised recommendations