Abstract
In this paper we explain how one can obtain Key-IV pairs for Grain family of stream ciphers that can generate output key-streams which are either (i) almost similar in the initial part or (ii) exact shifts of each other throughout the generation of the stream. Let l P be the size of the pad used during the key loading of Grain. For the first case, we show that in expected \(2^{l_P}\) many invocations of the Key Scheduling Algorithm and its reverse routine, one can obtain two related Key-IV pairs that can produce same output bits in 75 (respectively 112 and 115) selected positions among the initial 96 (respectively 160 and 160) bits for Grain v1 (respectively Grain-128 and Grain-128a). Similar idea works for the second case in showing that given any Key-IV, one can obtain another related Key-IV in expected \(2^{l_P}\) many trials such that the related Key-IV pairs produce shifted key-streams. We also provide an efficient strategy to obtain related Key-IV pairs that produce exactly i-bit shifted key-streams for small i. Our technique pre-computes certain equations that help in obtaining such related Key-IV pairs in 2i many expected trials.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
The ECRYPT Stream Cipher Project. eSTREAM Portfolio of Stream Ciphers (revised on September 8, 2008)
Ã…gren, M., Hell, M., Johansson, T., Meier, W.: A New Version of Grain-128 with Authentication. In: Symmetric Key Encryption Workshop 2011. DTU, Denmark (2011)
Aumasson, J.P., Dinur, I., Henzen, L., Meier, W., Shamir, A.: Efficient FPGA Implementations of High-Dimensional Cube Testers on the Stream Cipher Grain-128. In: SHARCS - Special-purpose Hardware for Attacking Cryptographic Systems (2009)
Berbain, C., Gilbert, H., Maximov, A.: Cryptanalysis of Grain. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 15–29. Springer, Heidelberg (2006)
Bjørstad, T.E.: Cryptanalysis of Grain using Time/Memory/Data tradeoffs (v1.0 / 2008-02-25), http://www.ecrypt.eu.org/stream
De Cannière, C., Küçük, Ö., Preneel, B.: Analysis of Grain’s Initialization Algorithm. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 276–289. Springer, Heidelberg (2008)
Dinur, I., Güneysu, T., Paar, C., Shamir, A., Zimmermann, R.: An Experimentally Verified Attack on Full Grain-128 Using Dedicated Reconfigurable Hardware. In: Lee, D.H. (ed.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 327–343. Springer, Heidelberg (2011)
Dinur, I., Shamir, A.: Breaking Grain-128 with Dynamic Cube Attacks. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 167–187. Springer, Heidelberg (2011)
Englund, H., Johansson, T., Sönmez Turan, M.: A Framework for Chosen IV Statistical Analysis of Stream Ciphers. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 268–281. Springer, Heidelberg (2007)
Fischer, S., Khazaei, S., Meier, W.: Chosen IV Statistical Analysis for Key Recovery Attacks on Stream Ciphers. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 236–245. Springer, Heidelberg (2008)
Fredricksen, H.: A survey of full length nonlinear shift register cycle algorithms. SIAM Rev. 24, 195–221 (1982)
Hell, M., Johansson, T., Meier, W.: Grain - A Stream Cipher for Constrained Environments. ECRYPT Stream Cipher Project Report 2005/001 (2005), http://www.ecrypt.eu.org/stream
Hell, M., Johansson, T., Maximov, A., Meier, W.: A Stream Cipher Proposal: Grain-128. In: IEEE International Symposium on Information Theory, ISIT 2006 (2006)
Khazaei, S., Hassanzadeh, M., Kiaei, M.: Distinguishing Attack on Grain. ECRYPT Stream Cipher Project Report 2005/071 (2005), http://www.ecrypt.eu.org/stream
Knellwolf, S., Meier, W., Naya-Plasencia, M.: Conditional Differential Cryptanalysis of NLFSR-based Cryptosystems. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 130–145. Springer, Heidelberg (2010)
Lee, Y., Jeong, K., Sung, J., Hong, S.: Related-Key Chosen IV Attacks on Grain-v1 and Grain-128. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 321–335. Springer, Heidelberg (2008)
Stankovski, P.: Greedy Distinguishers and Nonrandomness Detectors. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 210–226. Springer, Heidelberg (2010)
Stein, W.: Sage Mathematics Software. Free Software Foundation, Inc. (2009), http://www.sagemath.org (Open source project initiated by W. Stein and contributed by many)
Zhang, H., Wang, X.: Cryptanalysis of Stream Cipher Grain Family. IACR Cryptology ePrint Archive 2009:109, http://eprint.iacr.org/2009/109
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Banik, S., Maitra, S., Sarkar, S. (2012). Some Results on Related Key-IV Pairs of Grain. In: Bogdanov, A., Sanadhya, S. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2012. Lecture Notes in Computer Science, vol 7644. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34416-9_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-34416-9_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34415-2
Online ISBN: 978-3-642-34416-9
eBook Packages: Computer ScienceComputer Science (R0)