Abstract: Trivium is an important international sequence cryptography. Jia Yan-yan(Journal of Electronics & Information Technology, 2011, (6)) attacks 2-round Trivium by utilizing a simple and multiple linear cryptanalysis. In the light of few linear approximation and little deviation in their papers. This paper presents a method to conduct linear cryptanalysis of 2-round Trivium by changing clock number and linear approximations of the first round, and proposes a linear approximation with deviation 2–29 and 8 linear approximations with deviation 2–30. Moreover, utilizing the algorithm of Jia Yan-yan paper attacks 2-round Trivium by simple and multiple linear cryptanalysis. Study result shows that, in order to identify a secret key given, the method can supply the success rate with 1/16 of data amount compared with the foregone data amount required, namely, the number of chosen Initial Vector(IV) are 258 and 257, respectively.

Key words: sequence cryptography, Trivium algorithm, cryptanalysis, linear approximation, linear attack, deviation

摘要： Trivium是国际重要的序列密码，贾艳艳等人曾提出对2轮Trivium进行单线性和多线性密码攻击(电子与信息学报，2011年第1期)。针对其中的线性近似方程个数少和偏差小问题，提出通过改变第1轮Trivium所占的时钟数和线性逼近式的方法对2轮进行线性逼近，给出一个偏差为2–29的线性符合和8个偏差为2–30的线性符合，并利用贾艳艳文中算法对2轮Trivium进行单线性和多线性密码攻击。研究结果表明，在相同攻击成功概率的前提下，所需的数据量均为上文中所需数据量的1/16，即需要选择初始化向量的个数分别为258和257。

关键词: 序列密码, Trivium算法, 密码分析, 线性近似, 线性攻击, 偏差

CLC Number: 

• TP391