Designs, Codes and Cryptography

, Volume 87, Issue 1, pp 149–162 | Cite as

New results on the state cycles of Trivium

  • Shiyong ZhangEmail author
  • Gongliang Chen


Trivium is a well-known lightweight synchronous stream cipher that was submitted to the European eSTREAM project in April 2005. Thus far, it has been difficult to determine cycles of the internal state values of Trivium, remaining an open problem to date. In this paper, the internal structure of Trivium is exploited to generate an algorithm called Trivium-model. Based on Trivium-model, some new results are obtained through the state cycles of Trivium. It is noted that there exists one cycle of size 10, one cycle of size 11, two cycles of size 12, one cycle of size 15 and at least 16 cycles of size \(3(2^{93}-1)\). Therefore, the distribution of cycle lengths is not equiprobable, and small cycles exist. These cycles may cause the weak initial states and be the vulnerability of Trivium.


Trivium Trivium-model Security State cycles 

Mathematics Subject Classification




This work was supported in part by the International Researcher Exchange Project of the National Science Foundation of China and Centre national de la recherche scientifique de France (NSFC-CNRS) under Grant No. 61211130104 and the National Key Research and Development Program of China under Grant No. yfb0802505.


  1. 1.
    Biham E., Dunkelman O.: Cryptanalysis of the A5/1 GSM Stream Cipher. Cryptology, Proceedings of Indocrypt 00, Computer Science 1977, Springer, New York, pp. 43–51 (2000).Google Scholar
  2. 2.
    Borghoff J., Knudsen L.R., Stolpe M.: Bivium as a mixed-integer linear programming problem. In: Parker M.G. (ed.) LNCS, vol. 5921, pp. 133–152. Springer, Heidelberg (2009).Google Scholar
  3. 3.
    De Cannière C., Preneel B.: Trivium—A Stream Cipher Construction Inspired by Block Cipher Design Principles. eSTREAM, ECRYPT Stream Cipher Project. (2005).
  4. 4.
    De Cannière C., Preneel B.: TRIVIUM Specifications. eSTREAM, ECRYPT Stream Cipher Project., Report 2005/030 (2005).
  5. 5.
    Dinur I., Shamir A.: Cube attacks on weakable black box polynomials. In: Joux A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009).CrossRefGoogle Scholar
  6. 6.
    Fouque P.A., Vannet T.: Improving key recovery to 784 and 799 rounds of trivium using optimized cube attacks. In: Moriai S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 502–517. Springer, Heidelberg (2014).Google Scholar
  7. 7.
    Gaj K., Southern G., Bachimanchi R.: Comparison of Hardware Performance of Selected Phase II eSTREAM Candidates. (2007).
  8. 8.
    Hu H., Gong G.: Periods on two kinds of nonlinear feedback shift registers with time varying feedback functions. Int. J. Found. Comput. 22(6), 1317–1329 (2011).MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Lechtaler A.C., Cipriano M., García E., César J., Liporace A.M., Malvacio E.: Trivium vs. trivium toy. In: Argentinean Congress on Computer Science—III Workshop Computer Security. ISBN 978-987-3806-05-6. pp. 161–172 (2014).Google Scholar
  10. 10.
    Maximov A., Biryukov A.: Two trivial attacks on TRIVIUM. In: SASC2007: The State of the Art of Stream Ciphers, pp. 1–16 (2007).Google Scholar
  11. 11.
    Raddum H.: Cryptanalytic Results on Trivium. (2007).
  12. 12.
    SIG Bluetooth. Bluetooth specification.
  13. 13.
    Simpson L., Boztas S.: State cycles, initialization and the Trivium stream cipher. Cryptogr. Commun. 4(3), 245–258 (2012).MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Smart N.: Cryptography: An Introduction. McGraw-Hill Education, New York. ISBN 0-077-09987-7 (2003).Google Scholar
  15. 15.
    Wang Z., Qi W., Tian T.: A note on determine the greatest common subfamily of two NFSRs by Gröbner basis. J. Syst. Sci. Complex. 28, 1231–1242 (2015).MathSciNetCrossRefzbMATHGoogle Scholar
  16. 16.
    Wang H., Zhong J., Lin D.: Linearization of Multi-valued Nonlinear Feedback Shift Registers. (2018).

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.School of Information Security EngineeringShanghai Jiaotong UniversityShanghaiChina

Personalised recommendations