University of Birmingham > Talks@bham > Computer Security Seminars > Improved Division Property Based Cube Attacks Exploiting Algebraic Properties of Superpoly

Improved Division Property Based Cube Attacks Exploiting Algebraic Properties of Superpoly

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Mani Bhesania.

In this talk, we formulate the algebraic properties of the superpoly of stream ciphers/authenticated encryptions in one framework to facilitate cube attacks in more successful applications: we propose the “flag” technique to enhance the preciseness of MILP models, which enable us to identify proper non-cube IV assignments; a degree evaluation algorithm is presented to upper bound the degree of the superpoly s.t. the superpoly can be recovered without constructing its whole truth table and overall complexity of the attack can be largely reduced; we provide a divide-and-conquer strategy to TRIVIUM -like stream ciphers namely TRIVIUM , Kreyvium, TriviA-SC1/2 so that the large scale MILP models can be split into several small solvable ones enabling us to analyze TRIVIUM -like primitives with more than 1000 initialization rounds; finally, we provide a term enumeration algorithm for finding the monomials of the superpoly, so that the complexity of many attacks can be further reduced. We apply our techniques to attack the initialization of several ciphers. Our key recovery attacks have mounted to 839-round TRIVIUM , 891-round Kreyvium, 1009-round TriviA-SC1, 1004-round TriviA-SC2, 184-round Grain-128a and 750-round ACORN respectively.

This talk is part of the Computer Security Seminars series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

Talks@bham, University of Birmingham. Contact Us | Help and Documentation | Privacy and Publicity.
talks@bham is based on talks.cam from the University of Cambridge.