(no title)

In doctoral school I spent some time applying the state-of-the-art methods to trying to break lightweight symmetric ciphers. The idea was that the system of polynomials generated from a number of plaintext/ciphertext pairs might be solvable via Gröbner bases methods if the number of rounds of the cipher was low enough.

Quickly ran out of steam after a couple of rounds and ~200 polynomials or thereabouts (doubly exponential)