In Asiacrypt 2010, Knellwolf, Meier and Naya-Plasencia proposed
distinguishing attacks on Grain v1 when (i) Key Scheduling process is
reduced to 97 rounds using $2^{27}$ chosen IVs and (ii) Key Scheduling process is
reduced to 104 rounds using $2^{35}$ chosen IVs. Using similar idea, Banik
obtained a new distinguisher for 105 rounds.
In this paper, we show similar approach can work for 106 rounds. We present
a new distinguisher on Grain v1 for 106 rounds with success probability 63\%.
↧
