{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T14:42:55Z","timestamp":1765982575270,"version":"3.48.0"},"reference-count":0,"publisher":"Universitatsbibliothek der Ruhr-Universitat Bochum","issue":"4","license":[{"start":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T00:00:00Z","timestamp":1765929600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ToSC"],"abstract":"<jats:p>In this paper, we present a novel framework for cube attacks named cube attacks with elimination strategy. The core idea is to find specific key conditions and cubes such that their superpolies under these key conditions can be efficiently computed. By recovering these conditional superpolies, we can solve the corresponding equation system and thereby retrieve key information. If a sufficient number of such key conditions can be found, the attack can be extended to a larger key space. To apply this framework in practical attacks, we propose the following techniques.First, we propose a nested coefficient solver that combines variable substitution and symbolic computation to efficiently recover superpolies, and present the conditional monomial prediction technique to rapidly recover conditional superpolies. Second, by combining numeric mapping with monomial prediction techniques, we propose an automated cube search algorithm that is capable of generating a large number of good cubes for attacks. Finally, we develop two kinds of testing methods, which are used to efficiently extract substantial key information from large-scale equation systems.To illustrate the power of our techniques, we apply them to Trivium. As a result, for 840 rounds of Trivium, a practical key recovery attack is mounted with complexity below 255 and a success rate 77.8%. For 845 rounds, we present a practical key recovery attack with complexity below 256 and a success rate 98.1% for 280 x 59.1% keys. For 855 rounds, we present a theoretical weak-key recovery attack for 274 keys. To the best of our knowledge, these are the best practical and theoretical attacks on Trivium. The improvements in the number of rounds reached are 13 for practical attacks and 4 for theoretical attacks, respectively.<\/jats:p>","DOI":"10.46586\/tosc.v2025.i4.308-356","type":"journal-article","created":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T14:39:59Z","timestamp":1765982399000},"page":"308-356","source":"Crossref","is-referenced-by-count":0,"title":["Cube Attacks with Elimination Strategy: Key Recovery Attacks on Trivium"],"prefix":"10.46586","volume":"2025","author":[{"given":"Haoran","family":"Li","sequence":"first","affiliation":[]},{"given":"Shichang","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Meicheng","family":"Liu","sequence":"additional","affiliation":[]},{"given":"Willi","family":"Meier","sequence":"additional","affiliation":[]},{"given":"Dongdai","family":"Lin","sequence":"additional","affiliation":[]}],"member":"25480","published-online":{"date-parts":[[2025,12,17]]},"container-title":["IACR Transactions on Symmetric Cryptology"],"original-title":[],"link":[{"URL":"https:\/\/tosc.iacr.org\/index.php\/ToSC\/article\/download\/12619\/12334","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/tosc.iacr.org\/index.php\/ToSC\/article\/download\/12619\/12334","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T14:39:59Z","timestamp":1765982399000},"score":1,"resource":{"primary":{"URL":"https:\/\/tosc.iacr.org\/index.php\/ToSC\/article\/view\/12619"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,17]]},"references-count":0,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2025,12,17]]}},"URL":"https:\/\/doi.org\/10.46586\/tosc.v2025.i4.308-356","relation":{},"ISSN":["2519-173X"],"issn-type":[{"value":"2519-173X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,12,17]]}}}