Cube Attack on Reduced-Round Quavium

Trivium is a notable light-weight synchronous stream cipher submitted to the European eSTREAM project in April 2005. Quavium is a Trivium-like algorithm which is almost as fast as Trivium. In this paper, the security of Quavium is concerned under cube attack, which is one of the best known attack on the reduced round Trivium proposed by Dinur and Shamir at EUROCRYPT 09. Trivium with 576 initialization rounds can be recovered in 11 2 . We show that it is difficult to search the cubes of Quavium with the same rounds and after 288 rounds the attack complexity is reduced to 59 2 . Therefore, comparing with Trivium, Quavium has a better performance under cube attack.