Distinguishing and key recovery attacks on the reduced-round SNOW-V and SNOW-Vi

Ekdahl, 2019, A new SNOW stream cipher called SNOW-V, IACR Trans Symmetric Cryptol, 2019, 1, 10.46586/tosc.v2019.i3.1-42 Ekdahl Patrik, Johansson Thomas, Maximov Alexander, Yang Jing. SNOW-Vi: An extreme performance variant of SNOW-V for low-end CPUs. Cryptology ePrint Archive, Report 2021/236, 2021, https://eprint.iacr.org/2021/236. Todo, 2016, Bit-based division property and application to simon family, vol. 9783, 357 Jiao, 2020, A guess-and-determine attack on SNOW-V stream cipher, Comput J, 10.1093/comjnl/bxaa003 Gong, 2021, Resistance of SNOW-V against fast correlation attacks, IACR Trans Symmetric Cryptol, 2021, 378, 10.46586/tosc.v2021.i1.378-410 Shi, 2021, Improved linear approximations of SNOW-V and SNOW-Vi, IACR Cryptol ePrint Arch, 1105 Shi, 2021, A correlation attack on full SNOW-V and SNOW-Vi, IACR Cryptol ePrint Arch, 1047 Yang, 2021, Improved guess-and-determine and distinguishing attacks on SNOW-V, IACR Trans Symmetric Cryptol, 2021, 54, 10.46586/tosc.v2021.i3.54-83 Hell, 2007, Grain: A stream cipher for constrained environments, Int J Wirel Mob Comput, 2, 86, 10.1504/IJWMC.2007.013798 De Cannière, 2006, Trivium: A stream cipher construction inspired by block cipher design principles, vol. 4176, 171 Babbage, 2008, The MICKEY stream ciphers Kiyomoto, 2007, K2: A stream cipher algorithm using dynamic feedback control Hoki Jin, Isobe Takanori, Ito Ryoma, Liu Fukang, Sakamoto Kosei. Distinguishing and Key Recovery Attacks on the Reduced-Round SNOW-V. Cryptology ePrint Archive, Report 2021/546 (Version: 20210427:061034), 2021,. Choudhuri, 2016, Significantly improved multi-bit differentials for reduced round Salsa and ChaCha, 2016, 261 Aumasson, 2008, New features of Latin dances: Analysis of Salsa, ChaCha, and Rumba, 470 Todo, 2015, Structural evaluation by generalized integral property, vol. 9056, 287 Xiang, 2016, Applying MILP method to searching integral distinguishers based on division property for 6 lightweight block ciphers, vol. 10031, 648 Sun, 2016, MILP-aided bit-based division property for primitives with non-bit-permutation linear layers, IACR Cryptol ePrint Arch, 2016, 811 Sun, 2017, Automatic search of bit-based division property for ARX ciphers and word-based division property, 10624, 128 CNET. Logic friday. https://download.cnet.com/Logic-Friday/3000-20415_4-75848245.html/. Sun, 2015, Links among impossible differential, integral and zero correlation linear cryptanalysis, vol. 9215, 95 Gurobi Optimization Inc., 2019 Funabiki, 2018, Several MILP-aided attacks against SNOW 2.0, vol. 11124, 394 Abdelkhalek, 2017, MILP modeling for (large) S-boxes to optimize probability of differential characteristics, IACR Trans Symmetric Cryptol, 2017, 99, 10.46586/tosc.v2017.i4.99-129 Fu, 2016, MILP-based automatic search algorithms for differential and linear trails for speck, vol. 9783, 268 Mantin, 2002, A practical attack on broadcast RC4, 152 Matsumoto, 1998, Mersenne twister: A 623-dimensionally equidistributed uniform pseudo-random number generator, ACM Trans Model Comput Simul, 8, 3, 10.1145/272991.272995