{"title":"改进了Grain v1的条件差分攻击","authors":"Zhen Ma, Tian Tian, Wen-feng Qi","doi":"10.1049/iet-ifs.2015.0427","DOIUrl":null,"url":null,"abstract":"Conditional differential cryptanalysis on NFSR-based cryptosystems was first proposed by Knellwolf et al. in Asiacrypt 2010 and has been successfully used to attack reduced variants of Grain v1. In this paper, we greatly improve conditional differential attacks on Grain v1 in the following four aspects. First, a new differential engine is derived to correctly track the differential trails of Grain v1. Second, we propose a new difference-searching strategy which serves to find suitable differences for the conditional differential attack on a given reduced variant of Grain v1. Third, a highly IV-saving condition-imposing strategy is presented. Last, we propose a further bias-increasing strategy. In particular, the improvements on the difference-searching strategy and the condition-imposing strategy are crucial to mount conditional differential attacks on the variants of Grain v1 with more than 106 rounds. It is shown that the improved conditional differential attacks could retrieve 31 distinct secret key expressions for 107-round Grain v1 and could retrieve 15 distinct secret key expressions for 110-round Grain v1. Both the attacks succeed with constant probabilities. Thus far, our results are the best known for the reduced variants of Grain v1 as far as the number of rounds attacked is concerned.","PeriodicalId":13305,"journal":{"name":"IET Inf. Secur.","volume":"122 1-2 1","pages":"46-53"},"PeriodicalIF":0.0000,"publicationDate":"2017-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":"{\"title\":\"Improved conditional differential attacks on Grain v1\",\"authors\":\"Zhen Ma, Tian Tian, Wen-feng Qi\",\"doi\":\"10.1049/iet-ifs.2015.0427\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Conditional differential cryptanalysis on NFSR-based cryptosystems was first proposed by Knellwolf et al. in Asiacrypt 2010 and has been successfully used to attack reduced variants of Grain v1. In this paper, we greatly improve conditional differential attacks on Grain v1 in the following four aspects. First, a new differential engine is derived to correctly track the differential trails of Grain v1. Second, we propose a new difference-searching strategy which serves to find suitable differences for the conditional differential attack on a given reduced variant of Grain v1. Third, a highly IV-saving condition-imposing strategy is presented. Last, we propose a further bias-increasing strategy. In particular, the improvements on the difference-searching strategy and the condition-imposing strategy are crucial to mount conditional differential attacks on the variants of Grain v1 with more than 106 rounds. It is shown that the improved conditional differential attacks could retrieve 31 distinct secret key expressions for 107-round Grain v1 and could retrieve 15 distinct secret key expressions for 110-round Grain v1. Both the attacks succeed with constant probabilities. Thus far, our results are the best known for the reduced variants of Grain v1 as far as the number of rounds attacked is concerned.\",\"PeriodicalId\":13305,\"journal\":{\"name\":\"IET Inf. Secur.\",\"volume\":\"122 1-2 1\",\"pages\":\"46-53\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-01-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Inf. Secur.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1049/iet-ifs.2015.0427\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Inf. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1049/iet-ifs.2015.0427","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Improved conditional differential attacks on Grain v1
Conditional differential cryptanalysis on NFSR-based cryptosystems was first proposed by Knellwolf et al. in Asiacrypt 2010 and has been successfully used to attack reduced variants of Grain v1. In this paper, we greatly improve conditional differential attacks on Grain v1 in the following four aspects. First, a new differential engine is derived to correctly track the differential trails of Grain v1. Second, we propose a new difference-searching strategy which serves to find suitable differences for the conditional differential attack on a given reduced variant of Grain v1. Third, a highly IV-saving condition-imposing strategy is presented. Last, we propose a further bias-increasing strategy. In particular, the improvements on the difference-searching strategy and the condition-imposing strategy are crucial to mount conditional differential attacks on the variants of Grain v1 with more than 106 rounds. It is shown that the improved conditional differential attacks could retrieve 31 distinct secret key expressions for 107-round Grain v1 and could retrieve 15 distinct secret key expressions for 110-round Grain v1. Both the attacks succeed with constant probabilities. Thus far, our results are the best known for the reduced variants of Grain v1 as far as the number of rounds attacked is concerned.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
