Open AccessDistinguisher and non‐randomness of Grain‐v1 for 112, 114 and 116 initialisation rounds with multiple‐bit difference in IVs
Author(s) -
Dalai Deepak Kumar,
Maitra Subhamoy,
Pal Santu,
Roy Dibyendu
Publication year - 2019
Publication title -
iet information security
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.308
H-Index - 34
eISSN - 1751-8717
pISSN - 1751-8709
DOI - 10.1049/iet-ifs.2018.5276
Subject(s) - randomness , bit (key) , bit array , computer science , cryptanalysis , key (lock) , key space , algorithm , cryptography , mathematics , theoretical computer science , statistics , type (biology) , ecology , computer security , biology
In this study, the authors construct two different distinguishers on Grain‐v1 with 112 and 114 initialisation rounds. Their first distinguisher can distinguish Grain‐v1 with 112 initialisation rounds from a uniform random source for 99% of the randomly chosen keys from full key space. The second one can distinguish Grain‐v1 from a random source for 73% of the randomly chosen keys for one‐fourth of the total key space (2 78 keys out of 2 80 keys). Our results improve upon the earlier distinguishers. The technique used for the distinguishers is conditional differential cryptanalysis. The existing works in this direction considered only one bit difference in the initialisation vector. However, for the first time, they could handle complicated conditions for the 2‐bit difference to obtain better cryptanalytic results. Extending their technique by allowing the 1‐bit difference in the pair of keys (i.e. related keys) and the 4‐bit difference in IVs, they could observe the non‐randomness till 116 initialisation rounds with a success in 62% cases.