NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

A Chosen IV Related Key Attack on Grain-128a

Published

Author(s)

Subhadeep Banik, Subhamoy Maitra, Santanu (. Sarkar, Meltem Sonmez Turan

Abstract

Due to the symmetric padding used in the stream cipher Grain v1 and Grain-128, it is possible to find Key-IV pairs that generate shifted keystreams efficiently. Based on this observation, Lee et al. presented a related-Key chosen IV attack on Grain v1 and Grain-128 in ACISP 2008. Later, the designers introduced Grain-128a having an asymmetric padding. As a result, the existing idea of related-Key chosen IV attack does not work on this new design. In this paper, we present a key recovery attack on Grain-128a, in a related-Key chosen IV setting. We show that using around $\gamma \cdot 2^32}$ ($\gamma$ is a constant related to actual experimentation and it is sufficient to estimate it as $2^8$) related keys and $\gamma \cdot 2^64}$ chosen IVs, it is possible to obtain $32\cdot \gamma$ simple nonlinear equations and solve them to recover the secret key in Grain-128a.
Proceedings Title
Proceedings of 18th Australasian Conference on Information Security and Privacy
Volume
7959
Conference Dates
July 1-3, 2013
Conference Location
Brisbane, AU
Conference Title
18th Australasian Conference on Information Security and Privacy
Pub Type
Conferences

Download Paper

https://doi.org/10.1007/978-3-642-39059-3_2
Local Download

Keywords

Cryptanalysis, eStream, Grain-128a, Related Keys, Stream Cipher
Cybersecurity and privacy

Citation

Banik, S. , Maitra, S. , Sarkar, S. and Sonmez Turan, M. (2013), A Chosen IV Related Key Attack on Grain-128a, Proceedings of 18th Australasian Conference on Information Security and Privacy, Brisbane, AU, [online], https://doi.org/10.1007/978-3-642-39059-3_2, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=913678 (Accessed October 15, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created July 23, 2013, Updated October 12, 2021
Was this page helpful?