{"id":"https://openalex.org/W4417433667","doi":"https://doi.org/10.46586/tosc.v2025.i4.308-356","title":"Cube Attacks with Elimination Strategy: Key Recovery Attacks on Trivium","display_name":"Cube Attacks with Elimination Strategy: Key Recovery Attacks on Trivium","publication_year":2025,"publication_date":"2025-12-17","ids":{"openalex":"https://openalex.org/W4417433667","doi":"https://doi.org/10.46586/tosc.v2025.i4.308-356"},"language":"en","primary_location":{"id":"doi:10.46586/tosc.v2025.i4.308-356","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tosc.v2025.i4.308-356","pdf_url":"https://tosc.iacr.org/index.php/ToSC/article/download/12619/12334","source":{"id":"https://openalex.org/S4210236173","display_name":"IACR Transactions on Symmetric Cryptology","issn_l":"2519-173X","issn":["2519-173X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Symmetric Cryptology","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://tosc.iacr.org/index.php/ToSC/article/download/12619/12334","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100327744","display_name":"Haoran Li","orcid":"https://orcid.org/0000-0003-1656-1278"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Haoran Li","raw_affiliation_strings":["Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, People\u2019s Republic of China; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, People\u2019s Republic of China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, People\u2019s Republic of China; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, People\u2019s Republic of China","institution_ids":["https://openalex.org/I4210156404"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102971767","display_name":"Shichang Wang","orcid":"https://orcid.org/0000-0002-7633-8118"},"institutions":[{"id":"https://openalex.org/I172675005","display_name":"Nanyang Technological University","ror":"https://ror.org/02e7b5302","country_code":"SG","type":"education","lineage":["https://openalex.org/I172675005"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Shichang Wang","raw_affiliation_strings":["School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore, Singapore","institution_ids":["https://openalex.org/I172675005"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072544269","display_name":"Meicheng Liu","orcid":"https://orcid.org/0000-0002-5259-1848"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Meicheng Liu","raw_affiliation_strings":["Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, People\u2019s Republic of China; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, People\u2019s Republic of China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, People\u2019s Republic of China; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, People\u2019s Republic of China","institution_ids":["https://openalex.org/I4210156404"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086309954","display_name":"Willi Meier","orcid":"https://orcid.org/0000-0003-4594-1501"},"institutions":[{"id":"https://openalex.org/I2972652528","display_name":"FHNW University of Applied Sciences and Arts","ror":"https://ror.org/04mq2g308","country_code":"CH","type":"education","lineage":["https://openalex.org/I2972652528"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Willi Meier","raw_affiliation_strings":["University of Applied Sciences and Arts Northwestern Switzerland, Windisch, Switzerland"],"affiliations":[{"raw_affiliation_string":"University of Applied Sciences and Arts Northwestern Switzerland, Windisch, Switzerland","institution_ids":["https://openalex.org/I2972652528"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5008820992","display_name":"Dongdai Lin","orcid":"https://orcid.org/0000-0002-3951-7889"},"institutions":[{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Dongdai Lin","raw_affiliation_strings":["Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, People\u2019s Republic of China; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, People\u2019s Republic of China"],"affiliations":[{"raw_affiliation_string":"Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, People\u2019s Republic of China; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, People\u2019s Republic of China","institution_ids":["https://openalex.org/I4210156404"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5100327744"],"corresponding_institution_ids":["https://openalex.org/I4210156404"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.21118707,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"2025","issue":"4","first_page":"308","last_page":"356"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.38440001010894775,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.38440001010894775,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.30889999866485596,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11693","display_name":"Cryptography and Residue Arithmetic","score":0.14869999885559082,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.7597000002861023},{"id":"https://openalex.org/keywords/monomial","display_name":"Monomial","score":0.5181999802589417},{"id":"https://openalex.org/keywords/cube","display_name":"Cube (algebra)","score":0.44179999828338623},{"id":"https://openalex.org/keywords/computation","display_name":"Computation","score":0.39399999380111694},{"id":"https://openalex.org/keywords/solver","display_name":"Solver","score":0.3682999908924103},{"id":"https://openalex.org/keywords/attack-model","display_name":"Attack model","score":0.3433000147342682}],"concepts":[{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.7597000002861023},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5953999757766724},{"id":"https://openalex.org/C11252640","wikidata":"https://www.wikidata.org/wiki/Q243723","display_name":"Monomial","level":2,"score":0.5181999802589417},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.46630001068115234},{"id":"https://openalex.org/C53051483","wikidata":"https://www.wikidata.org/wiki/Q861555","display_name":"Cube (algebra)","level":2,"score":0.44179999828338623},{"id":"https://openalex.org/C11413529","wikidata":"https://www.wikidata.org/wiki/Q8366","display_name":"Algorithm","level":1,"score":0.41269999742507935},{"id":"https://openalex.org/C45374587","wikidata":"https://www.wikidata.org/wiki/Q12525525","display_name":"Computation","level":2,"score":0.39399999380111694},{"id":"https://openalex.org/C2778770139","wikidata":"https://www.wikidata.org/wiki/Q1966904","display_name":"Solver","level":2,"score":0.3682999908924103},{"id":"https://openalex.org/C65856478","wikidata":"https://www.wikidata.org/wiki/Q3991682","display_name":"Attack model","level":2,"score":0.3433000147342682},{"id":"https://openalex.org/C179799912","wikidata":"https://www.wikidata.org/wiki/Q205084","display_name":"Computational complexity theory","level":2,"score":0.3280999958515167},{"id":"https://openalex.org/C2778220771","wikidata":"https://www.wikidata.org/wiki/Q1522579","display_name":"Substitution (logic)","level":2,"score":0.3102000057697296},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.29910001158714294},{"id":"https://openalex.org/C182365436","wikidata":"https://www.wikidata.org/wiki/Q50701","display_name":"Variable (mathematics)","level":2,"score":0.2808000147342682},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.27889999747276306},{"id":"https://openalex.org/C311688","wikidata":"https://www.wikidata.org/wiki/Q2393193","display_name":"Time complexity","level":2,"score":0.2696000039577484},{"id":"https://openalex.org/C78168278","wikidata":"https://www.wikidata.org/wiki/Q5227269","display_name":"Data cube","level":2,"score":0.26269999146461487}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.46586/tosc.v2025.i4.308-356","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tosc.v2025.i4.308-356","pdf_url":"https://tosc.iacr.org/index.php/ToSC/article/download/12619/12334","source":{"id":"https://openalex.org/S4210236173","display_name":"IACR Transactions on Symmetric Cryptology","issn_l":"2519-173X","issn":["2519-173X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Symmetric Cryptology","raw_type":"journal-article"},{"id":"pmh:oai:dr.ntu.edu.sg:10356/208924","is_oa":false,"landing_page_url":"https://hdl.handle.net/10356/208924","pdf_url":null,"source":{"id":"https://openalex.org/S4306402609","display_name":"DR-NTU (Nanyang Technological University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I172675005","host_organization_name":"Nanyang Technological University","host_organization_lineage":["https://openalex.org/I172675005"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":null,"raw_type":"Journal Article"},{"id":"pmh:oai:doaj.org/article:aea496fbce9243a6b236db925e5d3245","is_oa":true,"landing_page_url":"https://doaj.org/article/aea496fbce9243a6b236db925e5d3245","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IACR Transactions on Symmetric Cryptology, Vol 2025, Iss 4 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.46586/tosc.v2025.i4.308-356","is_oa":true,"landing_page_url":"https://doi.org/10.46586/tosc.v2025.i4.308-356","pdf_url":"https://tosc.iacr.org/index.php/ToSC/article/download/12619/12334","source":{"id":"https://openalex.org/S4210236173","display_name":"IACR Transactions on Symmetric Cryptology","issn_l":"2519-173X","issn":["2519-173X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IACR Transactions on Symmetric Cryptology","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1121271761","display_name":null,"funder_award_id":"Program","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G1231421488","display_name":null,"funder_award_id":"under","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G1880996512","display_name":null,"funder_award_id":"62372449","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G2087396116","display_name":null,"funder_award_id":"China","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3085993365","display_name":null,"funder_award_id":"(Grant No.","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3317480652","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G3321935324","display_name":null,"funder_award_id":"62122085","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G391238517","display_name":null,"funder_award_id":", and","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G4039563609","display_name":null,"funder_award_id":"XDB06","funder_id":"https://openalex.org/F4320321133","funder_display_name":"Chinese Academy of Sciences"},{"id":"https://openalex.org/G4944960033","display_name":null,"funder_award_id":"XDB0690000","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G5994120800","display_name":null,"funder_award_id":"Natural","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6258415954","display_name":null,"funder_award_id":"Chinese","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G6328393359","display_name":null,"funder_award_id":"12231015","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7033253288","display_name":null,"funder_award_id":"Grants","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7473718869","display_name":null,"funder_award_id":"22310","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7726157001","display_name":null,"funder_award_id":"Grant No.","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320321133","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35"},{"id":"https://openalex.org/F4320322847","display_name":"Youth Innovation Promotion Association of the Chinese Academy of Sciences","ror":"https://ror.org/031141b54"},{"id":"https://openalex.org/F4320335892","display_name":"Youth Innovation Promotion Association","ror":null}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4417433667.pdf","grobid_xml":"https://content.openalex.org/works/W4417433667.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"In":[0],"this":[1,80],"paper,":[2],"we":[3,45,85,90,128,149,175,207,231],"present":[4,108,208,232],"a":[5,58,74,92,140,181,188,200,209,219,233],"novel":[6],"framework":[7,81],"for":[8,146,183,223,238,267,272],"cube":[9,12,132],"attacks":[10,13,254,269],"named":[11],"with":[14,124,195,214],"elimination":[15],"strategy.":[16],"The":[17,257],"core":[18],"idea":[19],"is":[20,136,193],"to":[21,73,103,114,159,178],"find":[22],"specific":[23],"key":[24,34,55,63,76,163,190,211],"conditions":[25,35,64],"and":[26,52,100,107,199,218,252,270],"cubes":[27,145],"such":[28,62],"that":[29,96,135],"their":[30],"superpolies":[31],"under":[32],"these":[33,42,247],"can":[36,46,65,70],"be":[37,66,71],"efficiently":[38,104,160],"computed.":[39],"By":[40],"recovering":[41],"conditional":[43,110,117],"superpolies,":[44,106],"solve":[47],"the":[48,68,87,109,170,242,249,260],"corresponding":[49],"equation":[50,167],"system":[51],"thereby":[53],"retrieve":[54],"information.":[56],"If":[57],"sufficient":[59],"number":[60,142,261],"of":[61,138,143,153,172,186,244,262],"found,":[67],"attack":[69,192,213,237],"extended":[72],"larger":[75],"space.":[77],"To":[78,241],"apply":[79,176],"in":[82,259],"practical":[83,189,210,251,268],"attacks,":[84,274],"propose":[86,91,129],"following":[88],"techniques.First,":[89],"nested":[93],"coefficient":[94],"solver":[95],"combines":[97],"variable":[98],"substitution":[99],"symbolic":[101],"computation":[102],"recover":[105,116],"monomial":[111,125],"prediction":[112,126],"technique":[113],"rapidly":[115],"superpolies.":[118],"Second,":[119],"by":[120],"combining":[121],"numeric":[122],"mapping":[123],"techniques,":[127,174],"an":[130],"automated":[131],"search":[133],"algorithm":[134],"capable":[137],"generating":[139],"large":[141],"good":[144],"attacks.":[147],"Finally,":[148],"develop":[150],"two":[151],"kinds":[152],"testing":[154],"methods,":[155],"which":[156],"are":[157,248,265],"used":[158],"extract":[161],"substantial":[162],"information":[164],"from":[165],"large-scale":[166],"systems.To":[168],"illustrate":[169],"power":[171],"our":[173,245],"them":[177],"Trivium.":[179,256],"As":[180],"result,":[182],"840":[184],"rounds":[185,263],"Trivium,":[187],"recovery":[191,212,236],"mounted":[194],"complexity":[196,215],"below":[197,216],"255":[198],"success":[201,220],"rate":[202,221],"77.8%.":[203],"For":[204,228],"845":[205],"rounds,":[206,230],"256":[217],"98.1%":[222],"280":[224],"x":[225],"59.1%":[226],"keys.":[227,240],"855":[229],"theoretical":[234,253,273],"weak-key":[235],"274":[239],"best":[243,250],"knowledge,":[246],"on":[255],"improvements":[258],"reached":[264],"13":[266],"4":[271],"respectively.":[275]},"counts_by_year":[],"updated_date":"2026-04-13T07:58:08.660418","created_date":"2025-12-17T00:00:00"}