Improved Collision Cryptanalysis of Authenticated Cipher MORUS

MORUS is an authenticated stream cipher designed by Wu et al. and submitted for the third-round of the CAESAR competition. The collision properties of MORUS-640-128 are studied. We propose the necessary conditions for an internal state collision after two-step update, i.e., the Hamming weight of the input difference is at least 5 and the difference is distributed in at least three 32-bit words, which provide the theoretical support for MORUS's resistance against collision attack.