Chang, D.
and Sonmez Turan, M.
(2021),
Recovering the Key from the Internal State of Grain-128AEAD, Cryptology ePrint Archive, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=932091, https://eprint.iacr.org/2021/439
(Accessed October 14, 2025)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Recovering the Key from the Internal State of Grain-128AEAD
Published
Author(s)
,
Abstract
Grain-128AEAD is one of the second-round candidates of the NIST lightweight cryptography standardization process. There is an existing body of third-party analysis on the earlier versions of the Grain family that provide insights on the security of Grain-128AEAD. Different from the earlier versions, Grain-128AEAD reintroduces the key into the internal state during the initialization. The designers claim that internal state recovery no longer results in key recovery, due to this change. In this paper, we analyze this claim under different scenarios.Citation
Cryptology ePrint Archive
Issue
2021
Pub Weblink
Pub Type
Websites
Download Paper
Keywords
Grain-128AEAD, Lightweight cryptography, key recovery
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact [email protected].
Created April 3, 2021, Updated November 29, 2022