Cryptanalysis of stream cipher LIZARD using division property and MILP based cube attack

LIZARD is a lightweight stream cipher designed by Hamann et al. in 2017 for power constrained devices. In this work, we have done cryptanalysis of LIZARD by improving modified Three Subset Division Property proposed by Hao et al. in EUROCRYPT 2020. We have improved Hao et al.’s attack model using the following methods — first we found a set of secret key bits that are involved in the superpoly and then estimated the degree of the superpoly using degree estimation strategy introduced by Q.Wang et al. in CRYPTO 2018. With the knowledge of and , we evaluate only those monomials with degree less than or equal to . This improvement to Hao’s attack model reduces the time complexity from to . Further, since removing even number of trails do not have impact on the final result, we present a propagation reduction property which eliminates the even number of trails and this improves the algorithm efficiency too. Using the improved attack model we have recovered superpoly and key for the reduced initialization rounds 223 and 224. The time complexity to recover superpoly for round 223 is and for round 224 it is . The time complexity for key recovery process is .