Investigating Cube Attacks on the Authenticated Encryption Stream Cipher ACORN

  • Md Iftekhar Salam
  • Harry Bartlett
  • Ed Dawson
  • Josef Pieprzyk
  • Leonie Simpson
  • Kenneth Koon-Ho Wong
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 651)


The cube attack is an algebraic attack that allows an adversary to extract low degree polynomial equations from the targeted cryptographic primitive. This work applies the cube attack to a reduced round version of ACORN, a candidate cipher design in the CAESAR cryptographic competition. The cube attack on 477 initialization rounds of ACORN can recover the 128 bit key with a total attack complexity of about \(2^{35}\). We have also shown that linear equations relating the initial state of the full version of ACORN can be easily generated which can lead to state recovery attack with an attack complexity of about \(2^{72.8}\).


CAESAR Authenticated Encryption Cube attack ACORN 



Md Iftekhar Salam was supported by the QUT Postgraduate Research Award (QUTPRA), QUT Higher Degree Research Tuition Fee Sponsorship and QUT Excellence Top Up Scholarship. Josef Pieprzyk was supported by the Polish National Science Center Grant DEC-2014/15/B/ST6/05130.


  1. 1.
    Dinur, I., Shamir, A.: Cube attacks on tweakable black box polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-01001-9_16 CrossRefGoogle Scholar
  2. 2.
    Wu, H., ACORN: A Lightweight Authenticated Cipher (v1). CAESAR Competition. Accessed 29 May 2015
  3. 3.
    CAESAR: Competition for Authenticated Encryption: Security, Applicability, and Robustness. Accessed 10 Sep 2015
  4. 4.
    Wu, H., ACORN: A Lightweight Authenticated Cipher (v2). CAESAR Competition. Accessed 10 Sep 2015
  5. 5.
    Lai, X.: Higher order derivatives, differential cryptanalysis. In: Blahut, R.E., Costello, D.J., Maurer, U., Mittelholzer, T. (eds.) Communications, Cryptography: Two Sides of One Tapestry. The Springer International Series in Engineering and Computer Science, vol. 276, pp. 227–233. Springer, US (1994)CrossRefGoogle Scholar
  6. 6.
    Vielhaber, M., Breaking One. Fivium by AIDA an Algebraic IV Differential Attack. IACR ePrint Archive 2007/413. Accessed 28 May 2016
  7. 7.
    Cannière, C.: Trivium: a stream cipher construction inspired by block cipher design principles. In: Katsikas, S.K., López, J., Backes, M., Gritzalis, S., Preneel, B. (eds.) ISC 2006. LNCS, vol. 4176, pp. 171–186. Springer, Heidelberg (2006). doi: 10.1007/11836810_13 CrossRefGoogle Scholar
  8. 8.
    Mroczkowski, P. and Szmidt, J., The Cube Attack on Courtois Toy Cipher. IACR ePrint Archive 2009/497. Accessed 17 June 2016
  9. 9.
    Dinur, I., Shamir, A.: Breaking grain-128 with dynamic cube attacks. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 167–187. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-21702-9_10 CrossRefGoogle Scholar
  10. 10.
    Sarkar, S., Maitra, S., Baksi, A.: Observing biases in the state: case studies with Trivium and Trivia-SC. Des. Codes Crypt. 1–25 (2016)Google Scholar
  11. 11.
    Blum, M., Luby, M., Rubinfeld, R.: Self-testing/correcting with applications to numerical problems. J. Comput. Syst. Sci. 47, 579–595 (1993)MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    Stein, W., et al.: Sage Mathematics Software (Version 6.4.1), The Sage Development Team (2015).

Copyright information

© Springer Nature Singapore Pte Ltd. 2016

Authors and Affiliations

  • Md Iftekhar Salam
    • 1
  • Harry Bartlett
    • 1
  • Ed Dawson
    • 1
  • Josef Pieprzyk
    • 1
    • 2
  • Leonie Simpson
    • 1
  • Kenneth Koon-Ho Wong
    • 1
  1. 1.Science and Engineering FacultyQueensland University of TechnologyBrisbaneAustralia
  2. 2.Institute of Computer Science, Polish Academy of SciencesWarsawPoland

Personalised recommendations