Applying cube attacks to stream ciphers in realistic scenarios

Itai Dinur, Adi Shamir

Research output: Contribution to journalArticlepeer-review

19 Scopus citations


Cube attacks were introduced in Dinur and Shamir (2009) as a cryptanalytic technique that requires only black box access to the underlying cryptosystem. The attack exploits the existence of low degree polynomial representation of a single output bit (as a function of the key and plaintext bits) in order to recover the secret key. Although cube attacks can be applied in principle to almost any cryptosystem, most block ciphers iteratively apply a highly non-linear round function (based on Sboxes or arithmetic operations) a large number of times which makes them resistant to cube attacks. On the other hand, many stream ciphers (such as Trivium (De Cannière and Preneel 2008)), are built using linear or low degree components and are natural targets for cube attacks. In this paper, we describe in detail how to apply cube attacks to stream ciphers in various settings with different assumptions on the target stream cipher and on the data available to the attacker.

Original languageEnglish
Pages (from-to)217-232
Number of pages16
JournalCryptography and Communications
Issue number3-4
StatePublished - 1 Dec 2012
Externally publishedYes


  • Algebraic attacks
  • Cryptanalysis
  • Cube attacks
  • Robust cube attacks
  • Stream ciphers

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computational Theory and Mathematics
  • Applied Mathematics


Dive into the research topics of 'Applying cube attacks to stream ciphers in realistic scenarios'. Together they form a unique fingerprint.

Cite this