Grain-128AEAD, Round 3 Tweak and Motivation

Hell, Martin; Johansson, Thomas; Maximov, Alexander; Meier, W; Yoshida, H

Grain-128AEAD, Round 3 Tweak and Motivation

Mark

Hell, Martin ^LU ; Johansson, Thomas ^LU

; Maximov, Alexander ; Meier, W and Yoshida, H (2021)

Abstract: Weaknesses in the Grain-128AEAD key re-introduction, as part of the
cipher initialization, are analyzed and discussed. We consider and analyze
several possible alternatives for key re-introduction and identify weaknesses, or potential weaknesses, in them. Our results show that it seems
favorable to separate the state initialization, the key re-introduction, and
the A/R register initialization into three separate phases. Based on this,
we propose a new cipher initialization and update the cipher version to
Grain-128AEADv2. It can be noted that previously reported and published analysis of the initialization remains valid also for this new versi

Please use this url to cite or link to this publication: https://lup.lub.lu.se/record/a1684d4b-02cc-40bc-a0a3-838b5108c82c

author

Hell, Martin ^LU ; Johansson, Thomas ^LU

; Maximov, Alexander ; Meier, W and Yoshida, H

organization

publishing date

2021

type

Book/Report

publication status

published

subject

Computer Science

publisher

ARMGHM / NIST - CNRS

language

English

LU publication?

yes

id

a1684d4b-02cc-40bc-a0a3-838b5108c82c

alternative location

https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/changelog-files/grain-128aead-tweak-final.pdf

date added to LUP

2021-12-15 15:10:45

date last changed

2021-12-17 14:17:11

@techreport{a1684d4b-02cc-40bc-a0a3-838b5108c82c,
  abstract     = {{Weaknesses in the Grain-128AEAD key re-introduction, as part of the<br/>cipher initialization, are analyzed and discussed. We consider and analyze<br/>several possible alternatives for key re-introduction and identify weaknesses, or potential weaknesses, in them. Our results show that it seems<br/>favorable to separate the state initialization, the key re-introduction, and<br/>the A/R register initialization into three separate phases. Based on this,<br/>we propose a new cipher initialization and update the cipher version to<br/>Grain-128AEADv2. It can be noted that previously reported and published analysis of the initialization remains valid also for this new versi}},
  author       = {{Hell, Martin and Johansson, Thomas and Maximov, Alexander and Meier, W and Yoshida, H}},
  institution  = {{ARMGHM / NIST - CNRS}},
  language     = {{eng}},
  title        = {{Grain-128AEAD, Round 3 Tweak and Motivation}},
  url          = {{https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/finalist-round/changelog-files/grain-128aead-tweak-final.pdf}},
  year         = {{2021}},
}

Lund University Publications

LUND UNIVERSITY LIBRARIES

Grain-128AEAD, Round 3 Tweak and Motivation