Improved Division Property Based Cube Attacks Exploiting Algebraic Properties of Superpoly

Add to your list(s) Download to your calendar using vCal

• Qingju Wang
• Thursday 08 November 2018, 11:00-12:00
• Computer Science, The Sloman Lounge (UG).

If you have a question about this talk, please contact Mani Bhesania.

In this talk, we formulate the algebraic properties of the superpoly of stream ciphers/authenticated encryptions in one framework to facilitate cube attacks in more successful applications: we propose the “flag” technique to enhance the preciseness of MILP models, which enable us to identify proper non-cube IV assignments; a degree evaluation algorithm is presented to upper bound the degree of the superpoly s.t. the superpoly can be recovered without constructing its whole truth table and overall complexity of the attack can be largely reduced; we provide a divide-and-conquer strategy to TRIVIUM -like stream ciphers namely TRIVIUM , Kreyvium, TriviA-SC1/2 so that the large scale MILP models can be split into several small solvable ones enabling us to analyze TRIVIUM -like primitives with more than 1000 initialization rounds; finally, we provide a term enumeration algorithm for finding the monomials of the superpoly, so that the complexity of many attacks can be further reduced. We apply our techniques to attack the initialization of several ciphers. Our key recovery attacks have mounted to 839-round TRIVIUM , 891-round Kreyvium, 1009-round TriviA-SC1, 1004-round TriviA-SC2, 184-round Grain-128a and 750-round ACORN respectively.

This talk is part of the Computer Security Seminars series.

This talk is included in these lists:

• Computer Science Departmental Series
• Computer Science Distinguished Seminars
• Computer Science, The Sloman Lounge (UG)
• Computer Security Seminars
• computer sience

Note that ex-directory lists are not shown.