Authors:Miodrag Mihaljević, Sugata Gangopadhyay, Goutam Paul and Hideki Imai
This paper considers security implications of k-normal Boolean functions when they are employed in certain stream ciphers.
A generic algorithm is proposed for cryptanalysis of the considered class of stream ciphers based on a security weakness of
k-normal Boolean functions. The proposed algorithm yields a framework for mounting cryptanalysis against particular stream
ciphers within the considered class. Also, the proposed algorithm for cryptanalysis implies certain design guidelines for
avoiding certain weak stream cipher constructions. A particular objective of this paper is security evaluation of stream cipher
Grain-128 employing the developed generic algorithm. Contrary to the best known attacks against Grain-128 which provide complexity
of a secret key recovery lower than exhaustive search only over a subset of secret keys which is just a fraction (up to 5%)
of all possible secret keys, the cryptanalysis proposed in this paper provides significantly lower complexity than exhaustive
search for any secret key. The proposed approach for cryptanalysis primarily depends on the order of normality of the employed
Boolean function in Grain-128. Accordingly, in addition to the security evaluation insights of Grain-128, the results of this
paper are also an evidence of the cryptographic significance of the normality criteria of Boolean functions.