Open AccessInternal state recovery of Grain v1 employing guess‐and‐determine attack
Author(s) -
Ma Zhen,
Tian Tian,
Qi WenFeng
Publication year - 2017
Publication title -
iet information security
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.308
H-Index - 34
eISSN - 1751-8717
pISSN - 1751-8709
DOI - 10.1049/iet-ifs.2017.0232
Subject(s) - stream cipher , computer science , preprocessor , cryptanalysis , sampling (signal processing) , state (computer science) , algorithm , set (abstract data type) , cryptography , artificial intelligence , detector , programming language , telecommunications
The well‐known stream cipher Grain v1 is one of the finalists of European eSTREAM project. In this study, a novel guess‐and‐determine attack on Grain v1 is introduced. The attack primarily employs a new conditional BSW sampling technique and the main creative idea is that the conditions are set not only on state bits but also on the updates of the registers for the BSW sampling technique. It is shown that using this technique we can further reduce the sampling resistance of Grain v1 to 2 − 29which is the best result so far. The attack leads to an efficient internal state recovery of Grain v1 with only 2 52online time employing a memory of 2 79 , requiring 2 37keystreams each of length 2 44and 2 79preprocessing time. It is shown that these figures are obviously better compared with the previous results. This is also the first attempt to control the updates of the registers of Grain v1 in the guess‐and‐determine attack and hopefully this provides new insights for cryptanalysis on such compact stream ciphers.