Several MILP-Aided Attacks Against SNOW 2.0

SNOW 2.0 is a software-oriented stream cipher and internationally standardized by ISO/IEC 18033-4. In this paper, we present three attacks on SNOW 2.0 by MILP-aided automatic search algorithms. First, we present an efficient algorithm to find linear masks with the high correlation. It enables us to improve time and data complexities of the known fast correlation attacks. Then we propose a 17-round integral distinguisher out of 32 rounds by evaluating the propagation of the division property. Moreover, we propose a cube attack on the 14-round SNOW 2.0. The time complexity is \(2^{61.59}\) where \(2^{39}\) chosen IVs are required. As far as we know, these are the first investigations about integral and cube attacks of SNOW 2.0, respectively.