MORUS is an authenticated encryption algorithm and one of the candidates in the CAESAR competition. Currently, the security of MORUS received extensive attention. In this paper, a new existence terms detection method in superpoly recovery phase in cube attack is proposed. More precisely, the upper bounding degree of superpoly is first estimated by using the cube attack based on the division property with Mixed Integer Linear Programming tool. Moreover, the $t$t-degree monomials that may be involved in the superpoly are divided into two groups, where the elements of the first group can be directly determined without using the solver via the embedded property. Compared with previous methods, the time consumption by the solvers of our new method is reduced significantly. In particular, the truth table from only the existent terms can be used to recover the superpoly in the offline phase of the cube attack. Therefore, the time complexity of cube attack can be further reduced. As illustrative example, the security of the reduced-step variants of MORUS-640-128 against cube attack is evaluated by using this new method. It is demonstrated that the key recovery attacks can be applied to 6/7-step MORUS-640-128. Furthermore, some integral distinguishers of 7-step MORUS-640-128/MORUS-1280-256 are achieved.

中文翻译：

---

使用除法属性对 MORUS 的新立方体攻击

MORUS 是一种经过认证的加密算法，是 CAESAR 竞赛的候选者之一。目前，MORUS 的安全性受到广泛关注。本文提出了一种新的立方体攻击中超多边形恢复阶段的存在项检测方法。更准确地说，首先使用基于除法性质的立方体攻击和混合整数线性规划工具来估计超多边形的上限度。此外，该$t$吨超多边形中可能涉及的-度单项式分为两组，其中第一组的元素可以通过嵌入属性直接确定，而无需使用求解器。与以前的方法相比，我们新方法的求解器的时间消耗显着减少。特别是，仅从存在项中得出的真值表可用于在立方体攻击的离线阶段恢复超多边形。因此，可以进一步降低立方体攻击的时间复杂度。作为说明性示例，使用这种新方法评估了 MORUS-640-128 的减步变体对立方体攻击的安全性。证明密钥恢复攻击可以应用于 6/7 步 MORUS-640-128。此外，还实现了 7 步 MORUS-640-128/MORUS-1280-256 的一些完整区分器。