Top

Cryptography and Communications

Published in:

03-03-2018

Statistical integral distinguisher with multi-structure and its application on AES-like ciphers

Authors: Tingting Cui, Huaifeng Chen, Sihem Mesnager, Ling Sun, Meiqin Wang

Published in: Cryptography and Communications | Issue 5/2018

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Integral attack is one of the most powerful tools in the field of symmetric ciphers. In order to reduce the time complexity of original integral one, Wang et al. firstly proposed a statistical integral distinguisher at FSE’16. However, they don’t consider the cases that there are several integral properties on output and multiple structures of data should be used at the same time. In terms of such cases, we put forward a new statistical integral distinguisher, which enables us to reduce the data complexity comparing to the traditional integral ones under multiple structures. As illustrations, we use it into the known-key distinguishers on AES-like ciphers including AES and the permutations of Whirlpool, PHOTON and Grøstl-256 hash functions based on the Gilbert’s work at ASIACRYPT’14. These new distinguishers are the best ones comparing with previous ones under known-key setting. Moreover, we propose a secret-key distinguisher on 5-round AES under chosen-ciphertext mode. Its data, time and memory complexities are 2^114.32 chosen ciphertexts, 2¹¹⁰ encryptions and 2^33.32 blocks. This is the best integral distinguisher on AES with secret S-box under secret-key setting so far.

previous article On rate-1 and beyond-the-birthday bound secure online ciphers using tweakable block ciphers

next article Statistical attacks on cookie masking for RC4

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Available only for authorised users

Active property means that the values on target bits are uniform distributed.

Here is an underlying assumption that all \(T^{i}_{\lambda }(y) = H_{i}(\lambda , y)\)are i.i.d.. If {H_i(λ,y)}are simple and have strong relationship with each other, this assumption is incorrect.However, in actual ciphers, integral distinguishers often include so many rounds that{H_i(λ,y)}arecomplicated and have enough randomness. So this assumption here is suitable in practice, which isalso verified by experiments in Appendix AA.1.

These improved known-key distinguishers on AES-like cipher in this paper follow the idea in Gilbert’ work at ASIACRYPT’14, but we adopt statistical integral method instead of integral method and more delicate processes to reduce the data and time complexities.

Aoki, K.: A middletext distinguisher for full CLEFIA-128. In: Proceedings of the international symposium on information theory and its applications, ISITA 2012, Honolulu, October 28-31, 2012, pp 521–525. IEEE, Piscataway (2012)

Aumasson, J.-P., Meier, W.: Zero-sum distinguishers for reduced keccak-f and for the core functions of luffa and hamsi 01 (2018)

Barreto, P.S.L.M., Rijmen, V.: Whirlpool. In: van Tilborg, H.C.A., Jajodia, S. (eds.) Encyclopedia of cryptography and security. 2nd edn., pp 1384–1385. Springer, Berlin (2011)

Biryukov, A. , Khovratovich, D., Nikolic, I.: Distinguisher and related-key attack on the full AES-256. In: Halevi, S. (ed.) Advances in cryptology - CRYPTO 2009, 29th annual international cryptology conference, Santa Barbara, August 16-20, 2009, Proceedings, vol. 5677 of Lecture Notes in Computer Science, pp 231–249. Springer, Berlin (2009)

Blondeau, C., Peyrin, T., Wang, L.: Known-key distinguisher on full PRESENT. In: Gennaro, R., Robshaw, M. (eds.): Advances in cryptology - CRYPTO 2015 - 35th annual cryptology conference, Santa Barbara, August 16-20, 2015, Proceedings, Part I, vol. 9215 of lecture notes in computer science, pp. 455–474. Springer, Berlin (2015)

Cui, T., Sun, L., Chen, H., Wang, M.: Statistical integral distinguisher with multi-structure and its application on AES. In: Pieprzyk, J., Suriadi, S. (eds.) Information security and privacy - 22nd Australasian conference, ACISP 2017, Auckland, July 3-5, 2017, Proceedings, Part I, vol. 10342 of lecture notes in computer science, pp 402–420. Springer, Berlin (2017)

Daemen, J., Knudsen, L. R., Rijmen, V.: The block cipher square. In: Biham, E. (ed.) Fast software encryption, 4th international workshop, FSE ’97, Haifa, Israel, January 20-22, 2017 proceedings, vol. 1267 of lecture notes in computer science, pp 149–165. Springer, Berlin (1997)

Daemen, J., Rijmen, V.: The design of Rijndael: AES - the advanced encryption standard. Information Security and Cryptography. Springer, Berlin (2002)CrossRefMATH

Gauravaram, P., Knudsen, L.R., Matusiewicz, K., Mendel, F., Rechberger, C., Schläffer, M., Thomsen, S.S.: Grøstl - a SHA-3 candidate. In: Handschuh, H., Lucks, S., Preneel, B., Rogaway, P. (eds.) Symmetric Cryptography, 11.01. – 16.01.2009, vol. 09031 of Dagstuhl seminar proceedings. Schloss Dagstuhl - Leibniz-Zentrum für Informatik, Germany (2009)

10.

Gilbert, H.: A simplified representation of AES. In: Sarkar, P., Iwata, T. (eds.) Advances in cryptology - ASIACRYPT 2014 - 20th international conference on the theory and application of cryptology and information security, Kaoshiung, R.O.C., December 7-11, 2014, Proceedings, Part I, vol. 8873 of lecture notes in computer science, pp 200–222. Springer, Berlin (2014)

11.

Gilbert, H. , Peyrin, T.: Super-sbox cryptanalysis: Improved attacks for aes-like permutations. In: Hong, S., Iwata, T. (eds.) Fast software encryption, 17th international workshop, FSE 2010, Seoul, February 7-10, 2010, Revised Selected Papers, vol. 6147 of lecture notes in computer science, pp 365–383. Springer, Berlin (2010)

12.

Grassi, L., Rechberger, C., Rønjom, S.: Subspace trail cryptanalysis and its applications to AES. IACR Trans Symmetric Cryptol 2016(2), 192–225 (2016)

13.

Grassi, L., Rechberger, C., Rønjom, S.: A new structural-differential property of 5-round AES. In: Coron, J., Nielsen, J.B. (eds.) Advances in cryptology - EUROCRYPT 2017 - 36th annual international conference on the theory and applications of cryptographic techniques, Paris, April 30 - May 4, 2017, Proceedings, Part II, volume 10211 of lecture notes in computer science, pp 289–317 (2017)

14.

Guo, J., Peyrin, T., Poschmann, A.: The PHOTON family of lightweight hash functions. In: Rogaway, P. (ed.) Advances in cryptology - CRYPTO 2011 - 31st annual cryptology conference, Santa Barbara, August 14-18, 2011 proceedings, vol. 6841 of lecture notes in computer science, pp 222–239. Springer, Berlin (2011)

15.

Jean, J., Naya-Plasencia, M., Peyrin, T.: Improved rebound attack on the finalist grøstl. In: Canteaut, A. (ed.) Fast software encryption - 19th international workshop, FSE 2012, Washington, March 19-21, 2012, Revised Selected papers, vol. 7549 of lecture notes in computer science, pp 110–126. Springer, Berlin (2012)

16.

Jean, J., Naya-Plasencia, M., Peyrin, T.: Multiple limited-birthday distinguishers and applications. In: Lange, T., Lauter, K.E., Lisonek, P. (eds.) Selected areas in cryptography - SAC 2013 - 20th international conference, Burnaby, August 14-16, 2013, Revised Selected papers, vol. 8282 of lecture notes in computer science, pp 533–550. Springer, Berlin (2013)

17.

Knudsen, L.R., Rijmen, V.: Known-key distinguishers for some block ciphers. In: Kurosawa, K. (ed.) Advances in cryptology - ASIACRYPT 2007, 13th international conference on the theory and application of cryptology and information security, Kuching, December 2-6, 2007, Proceedings, vol. 4833 of lecture notes in computer science, pp 315–324. Springer, Berlin (2007)

18.

Knudsen, L.R., Wagner, D.A.: Integral cryptanalysis. In: Daemen, J., Rijmen, V. (eds.) Fast software encryption, 9th international workshop, FSE 2002, Leuven, February 4-6, 2002, revised papers, vol. 2365 of lecture notes in computer science, pp 112–127. Springer, Berlin (2002)

19.

Lamberger, M., Mendel, F., Rechberger, C., Rijmen, V., Schläffer, M.: Rebound distinguishers: Results on the full whirlpool compression function. In: Matsui, M. (ed.) Advances in cryptology - ASIACRYPT 2009, 15th international conference on the theory and application of cryptology and information security, Tokyo, December 6-10, 2009. Proceedings, vol. 5912 of lecture notes in computer science, pp 126–143. Springer, Berlin (2009)

20.

Lamberger, M., Mendel, F., Schläffer, M., Rechberger, C., Rijmen, V.: The rebound attack and subspace distinguishers: Application to whirlpool. J. Cryptology 28(2), 257–296 (2015)MathSciNetCrossRefMATH

21.

Mendel, F., Peyrin, T., Rechberger, C., Schläffer, M.: Improved cryptanalysis of the reduced grøstl compression function, ECHO permutation and AES block cipher. In: Rijmen, JrM.J.J.V., Safavi-Naini, R. (eds.) Selected areas in cryptography, 16th annual international workshop, SAC 2009, Calgary, August 13-14, 2009, revised selected papers, vol. 5867 of lecture notes in computer science, pp 16–35. Springer, Berlin (2009)

22.

Minier, M., Phan, R.C., Pousse, B.: Distinguishers for ciphers and known key attack against rijndael with large blocks. In: Preneel, B. (ed.) Progress in cryptology - AFRICACRYPT 2009, Second international conference on cryptology in Africa, Gammarth, June 21-25, 2009, Proceedings, vol. 5580 of lecture notes in computer science, pp 60–76. Springer, Berlin (2009)

23.

Sun, B., Liu, M., Guo, J., Qu, L., Rijmen, V.: New insights on aes-like SPN ciphers. In: Robshaw, M., Katz, J. (eds.) Advances in cryptology - CRYPTO 2016 - 36th annual international cryptology conference, Santa Barbara, August 14-18, 2016, Proceedings, Part I, vol. 9814 of lecture notes in computer science, pp 605–624. Springer, Berlin (2016)

24.

Sun, B. , Liu, Z., Rijmen, V., Li, R., Cheng, L., Wang, Q., AlKhzaimi, H., Li, C.: Links among impossible differential, integral and zero correlation linear cryptanalysis. In: Gennaro, R., Robshaw, M. (eds.): Advances in cryptology - CRYPTO 2015 - 35th annual cryptology conference, Santa Barbara, August 16-20, 2015, Proceedings, Part I, vol. 9215 of lecture notes in computer science, pp. 95–115. Springer, Berlin (2015)

25.

Wang, M., Cui, T., Chen, H., Sun, L., Wen, L., Bogdanov, A.: Integrals go statistical: Cryptanalysis of full skipjack variants. In: Peyrin, T. (ed.) Fast software encryption - 23rd international conference, FSE 2016, Bochum, March 20-23, 2016, revised selected papers, vol. 9783 of lecture notes in computer science, pp 399–415. Springer, Berlin (2016)

Title: Statistical integral distinguisher with multi-structure and its application on AES-like ciphers
Authors: Tingting Cui
Huaifeng Chen
Sihem Mesnager
Ling Sun
Meiqin Wang
Publication date: 03-03-2018
Publisher: Springer US
Published in: Cryptography and Communications / Issue 5/2018
Print ISSN: 1936-2447
Electronic ISSN: 1936-2455
DOI: https://doi.org/10.1007/s12095-018-0286-5

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 5/2018

Success probability of multiple/multidimensional linear cryptanalysis under general key randomisation hypotheses

On stream ciphers with provable beyond-the-birthday-bound security against time-memory-data tradeoff attacks

Guest editorial

On rate-1 and beyond-the-birthday bound secure online ciphers using tweakable block ciphers

Statistical attacks on cookie masking for RC4

Statistical properties of side-channel and fault injection attacks using coding theory

Premium Partner