Suppose that the adversary is able to recover the key of Trivium cipher. But the associated IV is unknown to him. Will he be able to decrypt the ciphertexts without any complexity?
Asked
Active
Viewed 59 times
1
-
I'd study Trivium's security argument and determine if it falls apart in the situation. – fgrieu Apr 22 '20 at 07:12
-
Trivium uses 80-bit IV which means that an attacker has 80-bit key search space like the total computing power of Bitcoin miners can find the IV. Not that the IV is not meant to be secret. – kelalaka Apr 22 '20 at 07:59