Skip to main content
SpringerLink
Log in

Greedy Distinguishers and Nonrandomness Detectors

  • Conference paper
Progress in Cryptology - INDOCRYPT 2010 (INDOCRYPT 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6498))

Included in the following conference series:

Abstract

We present the concept of greedy distinguishers and show how some simple observations and the well known greedy heuristic can be combined into a very powerful strategy (the Greedy Bit Set Algorithm) for efficient and systematic construction of distinguishers and nonrandomness detectors. We show how this strategy can be applied to a large array of stream and block ciphers, and we show that our method outperforms every other method we have seen so far by presenting new and record-breaking results for Trivium, Grain-128 and Grain v1.

We show that the greedy strategy reveals weaknesses in Trivium reduced to 1026 (out of 1152) initialization rounds using 245 complexity – a result that significantly improves all previous efforts. This result was further improved using a cluster; 1078 rounds at 254 complexity. We also present an 806-round distinguisher for Trivium with 244 complexity.

Distinguisher and nonrandomness records are also set for Grain-128. We show nonrandomness for the full Grain-128 with its 256 (out of 256) initialization rounds, and present a 246-round distinguisher with complexity 242.

For Grain v1 we show nonrandomness for 96 (out of 256) initialization rounds at the very modest complexity of 27, and a 90-round distinguisher with complexity 239.

On the theoretical side we define the Nonrandomness Threshold, which explicitly expresses the nature of the randomness limit that is being explored.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aumasson, J.-P., Dinur, I., Henzen, L., Meier, W., Shamir, A.: Efficient FPGA Implementations of High-Dimensional Cube Testers on the Stream Cipher Grain-128 (2009), http://eprint.iacr.org/2009/218/ (accessed June 17, 2009)

  2. Aumasson, J.-P., Dinur, I., Meier, W., Shamir, A.: Cube Testers and Key Recovery Attacks on Reduced-Round MD6 and Trivium. In: Dunkelman, O. (ed.) Fast Software Encryption. LNCS, vol. 5665, pp. 1–22. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  3. Babbage, S., Dodd, M.: The MICKEY Stream Ciphers. In: Robshaw, M.J.B., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 191–209. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  4. Berbain, C., Billet, O., Canteaut, A., Courtois, N., Gilbert, H., Goubin, L., Gouget, A., Granboulan, L., Lauradoux, C., Minier, M., Pornin, T., Sibert, H.: Sosemanuk, a Fast Software-Oriented Stream Cipher. In: Robshaw, M.J.B., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 98–118. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  5. Bernstein, D.J.: The Salsa20 Family of Stream Ciphers. In: Robshaw, M.J.B., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 84–97. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  6. Boesgaard, M., Vesterager, M., Pedersen, T., Christiansen, J., Scavenius, O.: Rabbit: A New High-Performance Stream Cipher. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 307–329. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  7. Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: An Ultra-Lightweight Block Cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  8. De Cannière, C., Preneel, B.: Trivium. In: Robshaw, M.J.B., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 244–266. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  9. Diffie, W., Ledin, G.: SMS4 Encryption Algorithm for Wireless Networks. Version 1.03, (2008), http://eprint.iacr.org/2008/329.pdf (accessed February 18, 2010)

  10. Dinur, I., Shamir, A.: Cube Attacks on Tweakable Black Box Polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2010)

    Google Scholar 

  11. Englund, H., Johansson, T., Turan, M.S.: A framework for chosen IV statistical analysis of stream ciphers. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 268–281. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  12. Filiol, E.: A new statistical testing for symmetric ciphers and hash functions. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  13. Fischer, S., Khazaei, S., Meier, W.: Chosen IV Statistical Analysis for Key Recovery Attacks on Stream Ciphers. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 236–245. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  14. Gligoroski, D., Markovski, S., Knapskog, S.J.: The Stream Cipher Edon80. In: Robshaw, M.J.B., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 152–169. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  15. Hell, M., Johansson, T., Maximov, A., Meier, W.: A Stream Cipher Proposal: Grain-128. In: International Symposium on Information Theory—ISIT 2006, IEEE, Los Alamitos (2006)

    Google Scholar 

  16. Hell, M., Johansson, T., Meier, W.: Grain - a stream cipher for constrained environments. International Journal of Wireless and Mobile Computing, Special Issue on Security of Computer Network and Mobile Systems 2(1), 86–93 (2006)

    Google Scholar 

  17. Hong, D., Sung, J., Hong, S., Lim, J., Lee, S., Koo, B.-S., Lee, C., Chang, D., Lee, J., Jeong, K., Kim, H., Kim, J., Chee, S.: HIGHT: A New Block Cipher Suitable for Low-Resource Device. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 46–59. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  18. Kelsey, J., Schneier, B., Wagner, D.: Related-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 233–246. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  19. Knudsen, L.R., Rijmen, V.: Known-Key Distinguishers for Some Block Ciphers. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 315–324. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  20. Lee, H.J., Lee, S.J., Yoon, J.H., Cheon, D.H., Lee, J.I.: The SEED Encryption Algorithm. (2005), http://tools.ietf.org/html/rfc4269 (accessed February 18, 2010)

  21. Maximov, A., Biryukov, A.: Two Trivial Attacks on Trivium. In: The State of the Art of Stream Ciphers, Workshop Record, SASC 2007, Bochum, Germany (January 2007)

    Google Scholar 

  22. NTT and Mitsubishi Electric Company. Specification of Camellia - A 128-bit Block Cipher. Version 2.0 (2000), http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf (accessed February 18, 2010)

  23. U.S. Department of Commerce and NIST. Data Encryption Standard (DES). FIPS Publication 46-3 (1999)

    Google Scholar 

  24. U.S. Department of Commerce and NIST. Announcing the Advanced Encryption Standard (AES). FIPS Publication 197 (2001)

    Google Scholar 

  25. Rivest, R.L.: The RC5 encryption algorithm. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 86–96. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  26. Rivest, R.L., Robshaw, M.J.B., Sidney, R., Yin, Y.L.: The RC6 Block Cipher. Version 1.1 (1998), http://people.csail.mit.edu/rivest/Rc6.pdf (accessed February 18, 2010)

  27. Saarinen, M.-J.O.: Chosen-IV statistical attacks on eSTREAM stream ciphers. eSTREAM, ECRYPT Stream Cipher Project, Report 2006/013 (2006), http://www.ecrypt.eu.org/stream

  28. Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-Bit Blockcipher CLEFIA (Extended Abstract). In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 181–195. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  29. Stankovski, P.: Maximum Degree Monomial Toolkit with Source Code (2010), http://www.eit.lth.se/staff/paul.stankovski/phdprojects (accessed September 24, 2010)

  30. Vielhaber, M.: Breaking ONE.FIVIUM by AIDA an Algebraic IV Differential attack (2007), http://eprint.iacr.org/2007/413/ (accessed June 17, 2009)

  31. Wheeler, D.J., Needham, R.M.: TEA, a Tiny Encryption Algorithm, http://www.cix.co.uk/~klockstone/tea.pdf (accessed February18 , 2010)

  32. Wheeler, D.J., Needham, R.M.: TEA extensions, http://www.cix.co.uk/~klockstone/xtea.pdf (accessed February18, 2010)

  33. Wu, H.: A New Stream Cipher HC-256. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 226–244. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  34. Wu, H.: The Stream Cipher HC-128. In: Robshaw, M.J.B., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 39–47. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Electrical and Information Technology, Lund University, P.O. Box 118, 221 00, Lund, Sweden

    Paul Stankovski

Authors
  1. Paul Stankovski
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, Ontario, Canada

    Guang Gong

  2. Indian Statistical Institute, Applied Statistics Unit, 203 B. T. Road, 700108, Kolkata, India

    Kishan Chand Gupta

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Stankovski, P. (2010). Greedy Distinguishers and Nonrandomness Detectors. In: Gong, G., Gupta, K.C. (eds) Progress in Cryptology - INDOCRYPT 2010. INDOCRYPT 2010. Lecture Notes in Computer Science, vol 6498. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17401-8_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-17401-8_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-17400-1

  • Online ISBN: 978-3-642-17401-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation