Experimental Results on Algebraic Analysis of Trivium and Tweaked Trivium

摘要

Trivium is an eSTREAM candidate cipher first proposed in 2005. It has a key length of 80 while an internal state of 288 bits. Its internal state bits can be related to output bits with simple algebraic equations, but non-linear update results in rising degree of equations with time. Recently a tweaked structure of Trivium is also proposed. This article presents algebraic analysis of the key generating structure of both versions. Our experiments target to recover the internal state bits rather than the key bits, as is generally the case in algebraic cryptanal-ysis. Our approach is to solve practically the varying degree equations of Trivium structure, with some guessed bits using Groebner basis algorithm. Our analysis shows that although tweaked structure offer more complex equations, still it is not suitable to provide a security level of 128 bits.