Abstract
In this paper, we analyze the initialization algorithm of Grain, one of the eSTREAM candidates which made it to the third phase of the project. We point out the existence of a sliding property in the initialization algorithm of the Grain family, and show that it can be used to reduce by half the cost of exhaustive key search (currently the most efficient attack on both Grain v1 and Grain-128). In the second part of the paper, we analyze the differential properties of the initialization, and mount several attacks, including a differential attack on Grain v1 which recovers one out of 29 keys using two related keys and 255 chosen IV pairs.
The work described in this paper has been partly supported by the European Commission under contract IST-2002-507932 (ECRYPT), by the Fund for Scientific Research – Flanders (FWO), the Chaire France Telecom pour la sécurité des réseaux de télécommunications, and the IAP Programme P6/26 BCRYPT of the Belgian State (Belgian Science Policy).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Wu, H., Preneel, B.: Differential-linear attacks against the stream cipher Phelix. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 87–100. Springer, Heidelberg (2007)
Wu, H., Preneel, B.: Differential cryptanalysis of the stream ciphers Py, Py6 and Pypy. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 276–290. Springer, Heidelberg (2007)
Joux, A., Reinhard, J.R.: Overtaking Vest. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 58–72. Springer, Heidelberg (2007)
Wu, H., Preneel, B.: Resynchronization attacks on WG and LEX. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 422–432. Springer, Heidelberg (2006)
Küçük, Ö.: Slide resynchronization attack on the initialization of Grain 1.0. eSTREAM, ECRYPT Stream Cipher Project, Report 2006/044 (2006), http://www.ecrypt.eu.org/stream
Hell, M., Johansson, T., Meier, W.: Grain – A Stream Cipher for Constrained Environments. eSTREAM, ECRYPT Stream Cipher Project, Report 2005/010 (2005) http://www.ecrypt.eu.org/stream
Berbain, C., Gilbert, H., Maximov, A.: Cryptanalysis of Grain. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 15–29. Springer, Heidelberg (2006)
Khazaei, S., Kiaei, M.H.M.: Distinguishing attack on Grain. eSTREAM, ECRYPT Stream Cipher Project, Report 2006/071 (2005), http://www.ecrypt.eu.org/stream .
Hell, M., Johansson, T., Meier, W.: A Stream Cipher Proposal: Grain-128. eSTREAM, ECRYPT Stream Cipher Project (2006), http://www.ecrypt.eu.org/stream
Biryukov, A., Wagner, D.: Slide attacks. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 245–259. Springer, Heidelberg (1999)
Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, Heidelberg (1993)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
De Cannière, C., Küçük, Ö., Preneel, B. (2008). Analysis of Grain’s Initialization Algorithm. In: Vaudenay, S. (eds) Progress in Cryptology – AFRICACRYPT 2008. AFRICACRYPT 2008. Lecture Notes in Computer Science, vol 5023. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-68164-9_19
Download citation
DOI: https://doi.org/10.1007/978-3-540-68164-9_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-68159-5
Online ISBN: 978-3-540-68164-9
eBook Packages: Computer ScienceComputer Science (R0)