Analysis of Grain’s Initialization Algorithm
Analysis of Grain’s Initialization Algorithm
In this paper, we analyze the initialization algorithm of Grain, one of the eSTREAM candidates which made it to the third phase of the project. We point out the existence of a sliding property in the initialization algorithm of the Grain family, and show that it can be used to reduce by half the cost of exhaustive key search (currently the most efficient attack on both Grain v1 and Grain-128). In the second part of the paper, we analyze the differential properties of the initialization, and mount several attacks, including a differential attack on Grain v1 which recovers one out of 29 keys using two related keys and 255 chosen IV pairs.
- École Normale Supérieure Burundi
- Katholieke Universiteit Leuven Belgium
- KU Leuven Belgium
- École Normale Supérieure France
Technology, CRYPTANALYSIS, Science & Technology, Computer Science, Theory & Methods, Computer Science, cosic, ATTACKS
Technology, CRYPTANALYSIS, Science & Technology, Computer Science, Theory & Methods, Computer Science, cosic, ATTACKS
selected citations These citations are derived from selected sources.This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).41 popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.Top 10% influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).Top 10% impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.Average
Citations provided by BIP!Popularity provided by BIP!