Welcome to the resource topic for 2014/971
Title:
Key recovery attacks on Grain family using BSW sampling and certain weaknesses of the filtering function
Authors: Y. Wei, E. Pasalic, F. Zhang, W. Wu
Abstract:A novel internal state recovery attack on the whole Grain family of ciphers is proposed in this work. It basically uses the ideas of BSW sampling along with employing a weak placement of the tap positions of the driving LFSRs. The currently best known complexity trade-offs are obtained, and due to the structure of Grain family these attacks are also key recovery attacks. It is shown that the internal state of Grain-v1 can be recovered with the time complexity of about 2^{66} operations using a memory of about 2^{58.91} bits, assuming availability of 2^{45} keystream sequences each of length 2^{49} bits generated for different initial values. Moreover, for Grain-128 or Grain-128a, the attack requires about 2^{105} operations using a memory of about 2^{82.59} bits, assuming availability of 2^{75} keystream sequences each of length 2^{76} bits generated for different initial values. These results further show that the whole Grain family, due to the choice of tap positions mainly, does not provide enough security margins against internal state recovery attacks. A simple modification of the selection of the tap positions, as a countermeasure against the attacks described here, is given.
ePrint: https://eprint.iacr.org/2014/971
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .