Improved cube attacks on some authenticated encryption ciphers and stream ciphers in the internet of things

Abstract

With technical development and internet popularization, Internet of Things (IoT) technology is gaining a wider application in various fields. Key challenges in the growth of IoT are related to privacy and security. To avoid any possible malicious attacks, employing cryptosystems is widely recognized as one of the most effective approaches to implement confidentiality, integrity, and message authentication for the security of IoT. In this work, we investigate the security of Authenticated Encryption ciphers and stream cipher by using the improved cube attack. Firstly, we introduce a method to identify good cubes, which leads to the largest-round distinguisher. Our idea is based on the greedy algorithm of finding cubes and the numeric mapping method for estimating the algebraic degree of the NFSR-based cryptosystem. By using this method, we can efficiently explore useful cubes from a large search space. Further, we evaluate the security of several cryptographic primitives against the cube attack by using the SAT model of division property and flag technique, which can make the propagation of division property more accurately. Experiments show that we can obtain some new or improved cryptanalysis on MORUS-640-128, TRIAD, Quartet, TriviA-ck-v2, and Enhanced-bivium. The attacks can improve the number of attacking rounds and efficiency, and provide a vital reference for security analysis of other Authenticated Encryption ciphers and lightweight stream ciphers.