Abstract
Lightweight cryptography aims to design secure and efficient cryptographic algorithms for resource-constrained devices. Traditional cryptographic algorithms may not be readily usable in resource-constrained environments. To standardise cryptographic solutions tailored for such resource-constraint environments, the National Institute of Standards and Technology (NIST) launched the Lightweight Cryptography (LWC) project. Grain-128AEAD is a stream cipher-based finalist in the NIST LWC project. In this work, we examine the security of the initial version of Grain-128AEAD against cube attacks. We present distinguishing attacks on a reduced-round version of the cipher, assuming that the keystream can be observed immediately after the reduced-round initialisation of the pre-output generator. We obtained various cubes of sizes 25 to 45 for reduced-round Grain-128AEAD. The best cube reported in this work can distinguish the output of a 165-round initialisation of Grain-128AEAD with a cube size of 35. The complexity of the distinguishing attack is \(\mathcal {O}(2^{35})\). The results are confirmed experimentally. We conclude that even with fewer rounds of initialisation for the first version of Grain-128AEAD, the cipher still has a good security margin against cube attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Mouha, N.: The design space of lightweight cryptography. In: NIST Lightweight Cryptography Workshop (2015). https://csrc.nist.gov/csrc/media/events/lightweight-cryptography-workshop-2015/documents/papers/session5-mouha-paper.pdf. Accessed 10 May 2023
NIST: Lightweight cryptography. https://csrc.nist.gov/projects/lightweight-cryptography. Accessed 10 May 2023
Turan, M.S., et al.: Status report on the second round of the NIST lightweight cryptography standardization process. National Institute of Standards and Technology Interagency or Internal Report 8369 (2021). https://doi.org/10.6028/NIST.IR.8369. Accessed 10 May 2023
Hell, M., Johansson, T., Meier, W., Sönnerup, J., Yoshida, H.: Grain-128AEAD - a lightweight AEAD stream cipher. https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/grain-128aead-spec-final.pdf. Accessed 10 May 2023
Hell, M., Johansson, T., Maximov, A., Meier, W., Sönnerup, J., Yoshida, H.: Grain-128AEADv2 - a lightweight AEAD stream cipher (2021). https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/updated-spec-doc/grain-128aead-spec-final.pdf. Accessed 10 May 2023
Dinur, I., Shamir, A.: Cube attacks on tweakable black box polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_16
Vielhaber, M.: Breaking ONE.FIVIUM by AIDA an algebraic IV differential attack. IACR Cryptology ePrint Archive (2007). https://eprint.iacr.org/2007/413.pdf. Accessed 10 May 2023
Lai, X.: Higher order derivatives and differential cryptanalysis. In: Blahut, R.E., Costello, D.J., Maurer, U., Mittelholzer, T. (eds.) Communications and Cryptography. The Springer International Series in Engineering and Computer Science, vol. 276, pp. 227–233. Springer, Boston (1994). https://doi.org/10.1007/978-1-4615-2694-0_23
Aumasson, J.-P., Dinur, I., Meier, W., Shamir, A.: Cube testers and key recovery attacks on reduced-round MD6 and trivium. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 1–22. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03317-9_1
Dinur, I., Shamir, A.: Breaking grain-128 with dynamic cube attacks. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 167–187. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21702-9_10
Dinur, I., Shamir, A.: Applying cube attacks to stream ciphers in realistic scenarios. Cryptogr. Commun. 4, 217–232 (2012). https://doi.org/10.1007/s12095-012-0068-4
Knellwolf, S., Meier, W.: High order differential attacks on stream ciphers. Cryptogr. Commun. 4, 203–215 (2012). https://doi.org/10.1007/s12095-012-0071-9
Salam, M.I., Bartlett, H., Dawson, E., Pieprzyk, J., Simpson, L., Wong, K.K.-H.: Investigating cube attacks on the authenticated encryption stream cipher ACORN. In: Batten, L., Li, G. (eds.) ATIS 2016. CCIS, vol. 651, pp. 15–26. Springer, Singapore (2016). https://doi.org/10.1007/978-981-10-2741-3_2
Banik, S.: Conditional differential cryptanalysis of 105 round Grain v1. Cryptogr. Commun. 8, 113–137 (2016). https://doi.org/10.1007/s12095-015-0146-5
Salam, I., Simpson, L., Bartlett, H., Dawson, E., Pieprzyk, J., Wong, K.KH.: Investigating cube attacks on the authenticated encryption stream cipher MORUS. In: 2017 IEEE Trustcom/BigDataSE/ICESS, pp. 961–966. IEEE (2017). https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.337
Todo, Y., Isobe, T., Hao, Y., Meier, W.: Cube attacks on non-blackbox polynomials. IEEE Trans. Comput. 67(12), 1720–1736 (2018). https://doi.org/10.1109/TC.2018.2835480
Hao, Y., Leander, G., Meier, W., Todo, Y., Wang, Q.: Modeling for three-subset division property without unknown subset. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12105, pp. 466–495. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45721-1_17
He, Y., Wang, G., Li, W., Ren, Y.: Improved cube attacks on some authenticated encryption ciphers and stream ciphers in the internet of things. IEEE Access 8, 20920–20930 (2020). https://doi.org/10.1109/ACCESS.2020.2967070
Teng, W.L., Salam, I., Yau, W.-C., Pieprzyk, J., Phan, R.C.-W.: Cube attacks on round-reduced TinyJAMBU. Sci. Rep. 12, 5317 (2022). https://doi.org/10.1038/s41598-022-09004-3
Cianfriglia, M., Onofri, E., Onofri, S., Pedicini, M.: Fourteen years of cube attacks. Appl. Algebra Eng. Commun. Comput. (2023). https://doi.org/10.1007/s00200-023-00602-w
Che, C., Tian, T.: A new correlation cube attack based on division property. In: Simpson, L., Rezazadeh Baee, M.A. (eds.) ACISP 2023. LNCS, vol. 13915, pp. 53–71. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-35486-1_3
Salam, I., Ooi, T.H., Xue, L., Yau, W.-C., Pieprzyk, J., Phan, R.C.-W.: Random differential fault attacks on the lightweight authenticated encryption stream cipher Grain-128AEAD. IEEE Access 9, 72568–72586 (2021). https://doi.org/10.1109/ACCESS.2021.3078845
Chang, D., Turan, M. S. Recovering the key from the internal state of Grain-128AEAD. IACR Cryptology ePrint Archive (2021). https://eprint.iacr.org/2021/439.pdf. Accessed 30 July 2023
Blum, M., Luby, M., Rubinfield, R.: Self-testing/correcting with applications to numerical problems. J. Comput. Syst. Sci. 47(3), 549–595 (1993). https://doi.org/10.1016/0022-0000(93)90044-W
Acknowledgements
This work is supported by the Ministry of Higher Education Malaysia through the Fundamental Research Grant Scheme (FRGS), project no. FRGS/1/2021/ICT07/XMU/02/1, as well as the Xiamen University Malaysia Research Fund under Grants XMUMRF/2019-C3/IECE/0005 and XMUMRF/2022-C9/IECE/0032.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix A Additional Results for Cube Size \({\boldsymbol{\ell }}_{\boldsymbol{c}}\) = 25
Appendix A Additional Results for Cube Size \({\boldsymbol{\ell }}_{\boldsymbol{c}}\) = 25
A list of other cube testers obtained for a cube size of \(\ell _{c} = 25\) for reduced rounds r in between 129 to 160 are shown in Table 7.
Rights and permissions
Copyright information
© 2024 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Teng, W.L., Salam, I., Yau, WC., Teh, J.Y. (2024). Cube Attacks on Round-Reduced Grain-128AEAD. In: Miraz, M.H., Southall, G., Ali, M., Ware, A. (eds) Emerging Technologies in Computing. iCETiC 2023. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 538. Springer, Cham. https://doi.org/10.1007/978-3-031-50215-6_8
Download citation
DOI: https://doi.org/10.1007/978-3-031-50215-6_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-50214-9
Online ISBN: 978-3-031-50215-6
eBook Packages: Computer ScienceComputer Science (R0)