We present a new variant of cube attacks called a dynamic cube attack. Whereas standard cube attacks [4] find the key by solving a system of linear equations in the key bits, the new attack recovers the secret key by exploiting distinguishers obtained from cube testers. Dynamic cube attacks can create lower degree representations of the given cipher, which makes it possible to attack schemes th...

Higher order differentiation was introduced in a cryptographic context by Lai. Several attacks can be viewed in the context of higher order differentiations, amongst them the cube attack and the AIDA attack. All of the above have been developed for the binary case. We examine differentiation in larger fields, starting with the field GF(p) of integers modulo a prime p. We prove a number of resul...

This note analyzes the security of Kravatte against the cube attack. We provide an analysis result which recovers the master key of the current version of full Kravatte with data and time complexities 2136.01, and negligible memory. The same could be applied to the first version of Kravatte with complexities of 238.04, which could be carried out in practice. These results are possible thanks to...

We present in full details a version of the DinurShamir Cube Attack (Dinur & Shamir 2009) for a generic finite field of order q. In particular, when applied to multivariate monomials of degree d in k < d variables, the attack acts exactly in the same way if the selected monomial was using the degree k monomial in the same k variables.

This paper introduces a more in-depth cryptanalysis framework for tweakable cryptosystems than Cube Attack, Cube Tester, algebraic IV differential attack (AIDA), and higher order differential cryptanalysis in Boolean algebra. Through the view of the new framework, the differences among these existing analysis methods are clarified. Furthermore, a principle is proposed to design secure systems a...

We generalise the cube attack of Dinur and Shamir (and the similar AIDA attack of Vielhaber) to a more general higher order differentiation attack, by summing over an arbitrary subspace of the space of initialisation vectors. The Moebius transform can be used for efficiently examining all the subspaces of a big space, similar to the method used by Fouque and Vannet for the usual cube attack. Se...

In 2008 I. Dinur and A. Shamir presented a new type of algebraic attack on symmetric ciphers named cube attack. The method has been applied to reduced variants of stream ciphers Trivium and Grain128, reduced variants of the block ciphers Serpent and CTC and to a reduced version of the keyed hash function MD6. Independently a very similar attack named AIDA was introduced by M. Vielhaber. In this...

In 2008 I. Dinur and A. Shamir presented a new type of algebraic attack on symmetric ciphers named cube attack. The method has been applied to reduced variants of stream ciphers Trivium and Grain128, reduced variants of the block ciphers Serpent and CTC and to a reduced version of the keyed hash function MD6. Independently a very similar attack named AIDA was introduced by M. Vielhaber. In this...