nach oben

Designs, Codes and Cryptography

Erschienen in:

01.09.2015

Differential cryptanalysis of PRESENT-like cipher

verfasst von: Guo-Qiang Liu, Chen-Hui Jin

Erschienen in: Designs, Codes and Cryptography | Ausgabe 3/2015

Einloggen, um Zugang zu erhalten

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

In 2011, Borghoff et al. introduced a slender-set differential cryptanalysis on PRESENT-like ciphers with key-dependent S-boxes. Borghoff’s differential attack mainly divides into two parts: data collection phase and S-box recovery phase. In this paper, we investigate different attacks on PRESENT-like cipher with secret S-boxes and public S-boxes. For PRESENT-like cipher with secret S-boxes, we introduce two new cryptanalytic techniques, and use them to recover the secret S-boxes more efficiently. Our first new idea is that we present a new method of data collection based on the method of optimal distinguisher for collecting information efficiently. Another new technique is that we propose a method of constructing the entire correct slender-sets instead of checking the correctness of slender-sets in the S-box recovery phase. In particular, we implemented a successful attack on the cipher Maya in practice. In our experiments, the correct S-boxes can be recovered with \(2^{26}\) data complexity and \(2^{22.4}\) time complexity at a success rate of 100 % based on 200 independent trials. Furthermore, we propose a new method of recovering the secret key of PRESENT-like cipher with public S-boxes with lower data and time complexity. To the 12-round PRESENT-80, the experiments show that we can recover the entire 80-bit secret key with \(2^{34.9}\) data and \(2^{38.9}\) time complexity. To the 22-round \(\mathrm{PRINT}_\mathrm{CIPHER}\), experiments show that we can recover the entire 80-bit secret key with \(2^{37.5}\) data complexity and \(2^{41.5}\) time complexity. To the best of our knowledge, our attack is the best known differential attacks on PRESENT and \(\mathrm{PRINT}_\mathrm{CIPHER}\) in practice.

Vorheriger Artikel On a 5-design related to a putative extremal doubly even self-dual code of length a multiple of 24

Nächster Artikel Bentness and nonlinearity of functions on finite groups

Nur mit Berechtigung zugänglich

Abdelraheem M., Leander G., Zenner E.: Differential cryptanalysis of round-reduced PRINTcipher: computing roots of permutations. In: Joux A. (ed.) Fast Software Encryption. Lecture Notes in Computer Science, vol. 6733, pp. 1–17. Springer, Berlin (2011).

Baignères T., Junod P., Vaudenay S.: How far can we go beyond linear cryptanalysis? In: Lee P.J. (ed.) Advances in Cryptology—Asiacrypt 2004 (Proceedings). Lecture Notes in Computer Science, vol. 3329, pp. 432–450. Springer, Berlin (2004).

Biryukov A., Shamir A.: Structural cryptanalysis of SASAS. In: Pfitzmann B. (ed.) Advances in Cryptology—Eurocrypt 2001 (Proceedings). Lecture Notes in Computer Science, vol. 2045, pp. 394–405. Springer, Berlin (2001).

Biryukov A., Shamir A.: Structural cryptanalysis of SASAS. J. Cryptol. 23(4), 505–518 (2010). doi:10.1007/s00145-010-9062-1.

Blondeau C., Gérard B.: Multiple differential cryptanalysis: theory and practice. In: Joux A. (ed.) Fast Software Encryption. Lecture Notes in Computer Science, vol. 6733, pp. 35–54. Springer, Berlin (2011).

Blondeau C., Gérard B.: Multiple differential cryptanalysis: theory and practice (corrected). In: Cryptology ePrint Archive. Report 2011/115 (2011).

Blondeau C., Gérard B., Nyberg K.: Multiple differential cryptanalysis using LLR and \(\chi ^2\) statistics. In: Visconti I., De Prisco R. (eds.) SCN 2012. Lecture Notes in Computer Science, vol. 7485, pp. 343–360. Springer, Berlin (2012).

Bogdanov A., Knudsen L.R., Leander G., Paar C., Poschmann A., Robshaw M.J.B., Seurin Y., Vikkelsø C.: Present: an ultra-lightweight block cipher. In: Paillier P., Verbauwhede I. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2007 (Proceedings). Lecture Notes in Computer Science, vol. 4727, pp. 450–466. Springer, Berlin (2007).

Borghoff J., Knudsen L.R., Leander G., Matusiewicz K.: Cryptanalysis of C2. In: Halevi S. (ed.) Advances in Cryptology—Crypto 2009. Lecture Notes in Computer Science, vol. 5677, pp. 250-266. Springer, Berling (2009).

10.

Borghoff J., Knudsen L., Leander G., Thomsen S.: Cryptanalysis of PRESENT-like ciphers with secret S-boxes. In: Joux A. (ed.) Fast Software Encryption. Lecture Notes in Computer Science, vol. 6733, pp. 270–289. Springer, Berlin (2011).

11.

Borghoff, J., Knudsen, L.R., Leander, G., Thomsen, S.S.: Slender-set differential cryptanalysis. J. Cryptol 26(1), 11–38 (2013). doi:10.1007/s00145-011-9111-4 MathSciNetCrossRefMATH

12.

Cho J.Y.: Linear cryptanalysis of reduced-round PRESENT. In: Pieprzyk J. (ed.) Topics in Cryptology—Ct-Rsa 2010, (Proceedings). Lecture Notes in Computer Science, vol. 5985, pp. 302–317. Springer, Berlin (2010).

13.

Collard, B., Standaert, F.-X.: A statistical saturation attack against the block cipher PRESENT. In: Fischlin, M. (ed.) CT-RSA 2009. Lecture Notes in Computer Science, vol. 5473, pp. 195–210. Springer, Heidelberg (2009)

14.

Coppersmith D., Halevi S., Jutla C.: Cryptanalysis of stream ciphers with linear masking. In: Yung M. (ed.) Advances in Cryptology—Crypto02. Lecture Notes in Computer Science, vol. 2442, pp. 515–532. Springer, Heidelberg (2002).

15.

Gilbert, H., Chauvaud, P.: A chosen plaintext attack of the 16-round Khufu cryptosystem. In: Desmedt, Y. (ed.) Advances in Cryptology CRYPTO 94. Lecture Notes in Computer Science, vol. 839, pp. 359–368. Springer, Berlin (1994)

16.

Gomathisankaran M., Lee R.B.: Maya: A novel block encryption function. In: Proceedings of the International Workshop on Coding and Cryptography 2009. Accessed http://palms.princeton.edu/system /files/maya (2010/02/14).

17.

Hermelin M., Cho J.Y., Nyberg K.: Multidimensional extension of Matsui’s algorithm 2. In: Dunkelman O. (ed.) Fast Software Encryption. Lecture Notes in Computer Science, vol. 5665, pp. 209–227. (2009).

18.

Junod P.: On the optimality of linear, differential and sequential distinguishers. In: Biham E. (ed.) Advances in Cryptology—Eurocrypt03. Lecture Notes in Computer Science, vol. 2656, pp. 17–32. Springer, Berlin (2003).

19.

Knudsen, L., Leander, G., Poschmann, A., Robshaw, M.B.: PRINTcipher: A Block Cipher for IC-Printing. In: Mangard, S., Standaert, F.-X. (eds.) Cryptographic Hardware and Embedded Systems, CHES 2010. Lecture Notes in Computer Science, vol. 6225, pp. 16–32. Springer, Berlin (2010)CrossRef

20.

Nakahara Jr, J., Sepehrdad, P., Zhang, B., Wang, M.: Linear (Hull) and algebraic cryptanalysis of the block cipher PRESENT. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. Lecture Notes in Computer Science, vol. 5888, pp. 58–75. Springer, Heidelberg (2009)

21.

Neyman P., Pearson E.: On the problem of the most efficient tests of statistical hypotheses. Philos. Trans. R. Soc. Lond. 289–337 (1933).

22.

Ohkuma, K.: Weak keys of reduced-round PRESENT for linear cryptanalysis. In: Jacobson Jr, M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. Lecture Notes in Computer Science, vol. 5867, pp. 249–265. Springer, Heidelberg (2009)

23.

Peng J., Jin S.: Designing key-dependent S-boxes using hyperchaotic chen system. In: Zhong Z. (ed.) Proceedings of the International Conference on Information Engineering and Applications (IEA) 2012. Lecture Notes in Electrical Engineering, vol. 216, pp. 733–740. Springer, London (2013).

24.

Stoianov N.: One approach of using key-dependent S-BOXes in AES. In: Dziech A., Czyzewski A. (eds.) Multimedia Communications, Services, and Security, vol. 149. Communications in Computer and Information Science, pp. 317–323 (2011).

25.

Szaban M., Seredynski F.: Dynamic cellular automata-based S-boxes. In: MorenoDiaz R., Pichler F., QuesadaArencibia A. (eds.) Computer Aided Systems Theory—Eurocast 2011, Pt I. Lecture Notes in Computer Science, vol. 6927, pp. 184–191. Springer, Berlin (2012).

26.

Vaudenay, S.: On the weak keys of blowfish. In: Gollmann, D. (ed.) Fast Software Encryption. Lecture Notes in Computer Science, vol. 1039, pp. 27–32. Springer, Berlin (1996)CrossRef

27.

Wang M.: Differential cryptanalysis of reduced-round PRESENT. In: Vaudenay S. (ed.) Progress in Cryptology—Africacrypt 2008, vol. 5023. Lecture Notes in Computer Science, pp. 40–49 (2008).

28.

Wang, M., Sun, Y., Tischhauser, E., Preneel, B.: A model for structure attacks, with applications to PRESENT and serpent. In: Canteaut, A. (ed.) Fast Software Encryption. Lecture Notes in Computer Science, vol. 7549, pp. 49–68. Springer, Berlin (2012)CrossRef

Titel: Differential cryptanalysis of PRESENT-like cipher
verfasst von: Guo-Qiang Liu
Chen-Hui Jin
Publikationsdatum: 01.09.2015
Verlag: Springer US
Erschienen in: Designs, Codes and Cryptography / Ausgabe 3/2015
Print ISSN: 0925-1022
Elektronische ISSN: 1573-7586
DOI: https://doi.org/10.1007/s10623-014-9965-1

Springer Professional

Differential cryptanalysis of PRESENT-like cipher

Abstract

Premium Partner

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Weitere Artikel der Ausgabe 3/2015

Strongly secure authenticated key exchange from factoring, codes, and lattices

Diagonally cyclic equitable rectangles

Codes over rings and Hermitian lattices

An investigation of the tangent splash of a subplane of

Completely reducible super-simple designs with block size five and index two

Almost universal forgery attacks on AES-based MAC’s

Premium Partner