A framework for chosen IV statistical analysis of stream ciphers

Englund H., Johansson T., Turan M. S.

8th Annual International Conference on Cryptology in India, Chennai, India, 9 - 13 December 2007, vol.4859, pp.268-270 identifier identifier

  • Publication Type: Conference Paper / Full Text
  • Volume: 4859
  • City: Chennai
  • Country: India
  • Page Numbers: pp.268-270
  • Middle East Technical University Affiliated: Yes


Saarinen recently proposed a chosen IV statistical attack, called the d-monomial test, and used it to find weaknesses in several proposed stream ciphers. In this paper we generalize this idea and propose a framework for chosen IV statistical attacks using a polynomial description. We propose a few new statistical attacks, apply them on some existing stream cipher proposals, and give some conclusions regarding the strength of their IV initialization. In particular, we experimentally detected statistical weaknesses in some state bits of Grain-128 with full IV initialization as well as in the keystream of Trivium using an initialization reduced to 736 rounds from 1152 rounds. We also propose some stronger alternative initialization schemes with respect to these statistical attacks.