Hill Climbing Algorithms and Trivium

This paper proposes a new method to solve certain classes of systems of multivariate equations over the binary field and its crypt-analytical applications. We show how heuristic optimization methods such as hill climbing algorithms can be relevant to solving systems of multivariate equations. A characteristic of equation systems that may be efficiently solvable by the means of such algorithms is provided. As an example, we investigate equation systems induced by the problem of recovering the internal state of the stream cipher Trivium. We propose an improved variant of the simulated annealing method that seems to be well-suited for this type of system and provide some experimental results.

[1]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[2]  J. Lutton,et al.  Thermostatistical persistency: A powerful improving concept for simulated annealing algorithms , 1995 .

[3]  C. D. Gelatt,et al.  Optimization by Simulated Annealing , 1983, Science.

[4]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[5]  E. Weinberger,et al.  Correlated and uncorrelated fitness landscapes and how to tell the difference , 1990, Biological Cybernetics.

[6]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[7]  Frederik Armknecht,et al.  Algebraic Attacks on Combiners with Memory , 2003, CRYPTO.

[8]  Josef Pieprzyk,et al.  Cryptanalysis of Block Ciphers with Overdefined Systems of Equations , 2002, ASIACRYPT.

[9]  Eli Biham,et al.  Differential Cryptanalysis of the Data Encryption Standard , 1993, Springer New York.

[10]  Wim Hordijk,et al.  A Measure of Landscapes , 1996, Evolutionary Computation.

[11]  Sheldon H. Jacobson,et al.  A class of convergent generalized hill climbing algorithms , 2002, Appl. Math. Comput..

[12]  Tor Helleseth,et al.  Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.

[13]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[14]  Stuart A. Kauffman,et al.  The origins of order , 1993 .

[15]  Alex Biryukov,et al.  Two Trivial Attacks on Trivium , 2007, IACR Cryptol. ePrint Arch..

[16]  Don Coppersmith,et al.  The Data Encryption Standard (DES) and its strength against attacks , 1994, IBM J. Res. Dev..

[17]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[18]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[19]  Willi Meier,et al.  Fast Algebraic Attacks on Stream Ciphers with Linear Feedback , 2003, CRYPTO.

[20]  Meltem Sönmez Turan,et al.  Linear Approximations for 2-round Trivium , 2007 .

[21]  Adi Shamir,et al.  Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations , 2000, EUROCRYPT.

[22]  Colin Boyd,et al.  Cryptography and Coding , 1995, Lecture Notes in Computer Science.

[23]  Yuliang Zheng,et al.  Advances in Cryptology — ASIACRYPT 2002 , 2002, Lecture Notes in Computer Science.

[24]  Chris Charnes,et al.  An Algebraic Analysis of Trivium Ciphers based on the Boolean Satisfiability Problem , 2007, IACR Cryptol. ePrint Arch..

[25]  Donald Geman,et al.  Stochastic relaxation, Gibbs distributions, and the Bayesian restoration of images , 1984 .

[26]  Lars R. Knudsen,et al.  Bivium as a Mixed-Integer Linear Programming Problem , 2009, IMACC.

[27]  John A. Clark,et al.  Fault Injection and a Timing Channel on an Analysis Technique , 2002, EUROCRYPT.

[28]  Willi Meier,et al.  Cryptanalysis of an Identification Scheme Based on the Permuted Perceptron Problem , 1999, EUROCRYPT.

[29]  Christophe De Cannière,et al.  Trivium: A Stream Cipher Construction Inspired by Block Cipher Design Principles , 2006, ISC.

[30]  Aviezri S. Fraenkel,et al.  Complexity of Solving Algebraic Equations , 1980, Inf. Process. Lett..