Skip to main content
Log in

Certain Observations on ACORN v3 and Grain v1—Implications Towards TMDTO Attacks

  • Published:
Journal of Hardware and Systems Security Aims and scope Submit manuscript

Abstract

It is known that for a stream cipher with state size less than 2.5 times the key size, it is possible to mount a Time-Memory-Data Trade-Off attack with an online complexity lower than the exhaustive key search. The search space is restricted by considering a fixed keystream prefix and deducing certain state bits by formulating equations. We show how by using SAT solving techniques one can automate this process of solving equations and obtain better parameters. This is demonstrated by mounting TMDTO attacks on ACORN v3 and Grain v1. We show that a TMDTO attack can be mounted on ACORN v3 with a preprocessing complexity 2171 and 2180 (without and with the help of a SAT solver) and the maximum of online time, memory and data complexities 2122 and 2120 respectively. For Grain v1, we show that it is possible to obtain parameters as T = 268.06, M = 264, D = 268 with a preprocessing complexity of 296. While our results do not refute any claim of the designers, these observations might be useful for further understanding of the ciphers.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Biryukov A, Shamir A, Wagner D Real time cryptanalysis of A5/1 on a PC. FSE 2000, pp. 1–18, LNCS 1978, 2000. Available at: https://link.springer.com/chapter/10.1007/3-540-44706-7_1

  2. Biryukov A, Shamir A Cryptanalytic time/memory/data tradeoffs for stream ciphers. Asiacrypt 2000, pp. 1–13, LNCS 1976, 2000. Available at: https://link.springer.com/chapter/10.1007/3-540-44448-3_1

  3. Bjrstad TE Cryptanalysis of grain using time/memory/data tradeoffs. Estream Phase 3 (2013). Available at: www.ii.uib.no/tor/pdf/grain.pdf

  4. Competition CAESAR, Hosted at: http://competitions.cr.yp.to/caesar.html

  5. Hamann M, Krause M, Meier W LIZARD - A lightweight stream cipher for power-constrained devices. FSE 2017. Available at: http://tosc.iacr.org/index.php/ToSC/article/view/584

  6. Hell M, Johansson T, Meier W (2007) Grain: a stream cipher for constrained environments. Int J Wirel Mob Comput 2(1):86–93. Available at: https://dl.acm.org/citation.cfm?id=1358401

    Article  Google Scholar 

  7. Jiao L, Zhang B, Wang M Two generic methods of analyzing stream ciphers. ISC 2015, Lecture Notes in Computer Science, pp. 379–396, 2015. Available at: https://dl.acm.org/citation.cfm?id=2966308

  8. Maitra S, Sinha N, Siddhanti A, Anand R, Gangopadhyay S (2018) A TMDTO attack against lizard. IEEE Trans Comput 67(5):733–739. Available at: https://ieeexplore.ieee.org/abstract/document/8107499/

    Article  MathSciNet  MATH  Google Scholar 

  9. Mihaljević MJ, Gangopadhyay S, Paul G, Imai H (2012) Internal state recovery of Grain-v1 employing normality order of the filter function. IET Inf Secur 6(2):55–64. Available at: ieeexplore.ieee.org/document/6230812/

    Article  Google Scholar 

  10. SAGE mathematics software. Free software foundation, Inc., 2009. Available at http://www.sagemath.org. (Open source project initiated by W. Stein and contributed by many)

  11. Sarkar S, Banik S, Maitra S (2015) Differential Fault Attack against Grain family with very few faults and minimal assumptions. IEEE Trans Comput 64(6):1647–1657. Available at: https://ieeexplore.ieee.org/document/6857997/

    Article  MathSciNet  MATH  Google Scholar 

  12. Siddhanti A A, Maitra S, Sinha N Certain Observations on ACORN v3 and the Implications to TMDTO Attacks. International Conference on Security, Privacy, and Applied Cryptography Engineering, pp. 264-280, LNCS 10662, Springer. Available at: https://link.springer.com/chapter/10.1007/978-3-319-71501-8_15

  13. Wu H ACORN: A Lightweight Authenticated Cipher (v3). Available at: https://competitions.cr.yp.to/round3/acornv3.pdf

Download references

Acknowledgments

The authors like to thank Dr. Dibyendu Roy, School of Mathematical Science, NISER, India, for an excellent review on an initial version of this paper.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Akhilesh Anilkumar Siddhanti.

Additional information

This work is an extended and revised version of the paper presented at SPACE 2017 [12]. Section 5 has been added in this draft over the conference version.

Appendix

Appendix

Table 6 Recovery of 49 bits of the internal state after fixing 10 bits

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Siddhanti, A.A., Maitra, S. & Sinha, N. Certain Observations on ACORN v3 and Grain v1—Implications Towards TMDTO Attacks. J Hardw Syst Secur 3, 64–77 (2019). https://doi.org/10.1007/s41635-018-0054-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41635-018-0054-1

Keywords

Navigation