nach oben

Erschienen in:

2016 | OriginalPaper | Buchkapitel

Related-Key Cryptanalysis of Midori

verfasst von : David Gérault, Pascal Lafourcade

Erschienen in: Progress in Cryptology – INDOCRYPT 2016

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Midori64 and Midori128 [2] are lightweight block ciphers, which respectively cipher 64-bit and 128-bit blocks. While several attack models are discussed by the authors of Midori, the authors made no claims concerning the security of Midori against related-key differential attacks. In this attack model, the attacker uses related-key differential characteristics, i.e., tuples \((\delta _P, \delta _K, \delta _C)\) such that a difference (generally computed as a XOR) of \(\delta _P\) in the plaintext coupled with a difference \(\delta _K\) in the key yields a difference \(\delta _C\) after r rounds with a good probability. In this paper, we propose a constraint programming model to automate the search for optimal (in terms of probability) related-key differential characteristics on Midori. Using it, we build related-key distinguishers on the full-round Midori64 and Midori128, and mount key recovery attacks on both versions of the cipher with practical time complexity, respectively \(2^{35.8}\) and \(2^{43.7}\).

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel On Linear Hulls and Trails

Nächstes Kapitel Some Proofs of Joint Distributions of Keystream Biases in RC4

Nur mit Berechtigung zugänglich

The full specification is presented in [2].

The \(\text {Sboxes}\) of Midori 128 are given in [11].

It is the case for most block ciphers, including Midori.

Note that the XOR operations between the key and constants at each rounds are not taken into account when working at a differential level. This is because the constants are canceled, i.e., for two different keys \(K^0\) and \(K^1\), and a constant c, \((K^0 \oplus c) \oplus (K^1 \oplus c) = K^0 \oplus K^1\).

As the operation XOR is not by default implemented in the solver.

http://www.minizinc.org/.

https://github.com/geoffchu/chuffed.

We run our experiments on an Intel i7-4790, 3.6 Ghz with 16 GB RAM.

From \(\delta _K\) which is composed of \(\delta _{K[0]}\) and \(\delta _{K[1]}\), we can compute \(\delta _{WK}= \delta _{K[0]} \oplus \delta _{K[1]}\).

Indexes of the cell having the maximum values in the tables CPT.

In Appendix D, we provide an example of values that satisfy the distinguisher built using the pattern given in Fig. 4 with

https://static-content.springer.com/image/chp%3A10.1007%2F978-3-319-49890-4_16/426556_1_En_16_IEq346_HTML.gif

and \(\blacksquare =0xa\).

Baignères, T., Sepehrdad, P., Vaudenay, S.: Distinguishing distributions using chernoff information. In: Heng, S.-H., Kurosawa, K. (eds.) ProvSec 2010. LNCS, vol. 6402, pp. 144–165. Springer, Heidelberg (2010). doi:10.1007/978-3-642-16280-0_10 CrossRef

Banik, S., Bogdanov, A., Isobe, T., Shibutani, K., Hiwatari, H., Akishita, T., Regazzoni, F.: Midori: a block cipher for low energy. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9453, pp. 411–436. Springer, Heidelberg (2015). doi:10.1007/978-3-662-48800-3_17 CrossRef

Biham, E.: New types of cryptanalytic attacks using related keys. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 398–409. Springer, Heidelberg (1994). doi:10.1007/3-540-48285-7_34

Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, London (1993)CrossRefMATH

Biryukov, A., Nikolić, I.: Automatic search for related-key differential characteristics in byte-oriented block ciphers: application to AES, Camellia, Khazad and others. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 322–344. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13190-5_17 CrossRef

Chen, Z., Wang, X.: Impossible differential cryptanalysis of midori. IACR Cryptology ePrint Archive 2016, 535 (2016)

Dong, X.: Cryptanalysis of reduced-round midori64 block cipher. Cryptology ePrint Archive, Report 2016, 676 (2016). http://eprint.iacr.org/2016/676

Fouque, P.-A., Jean, J., Peyrin, T.: Structural evaluation of AES, and chosen-key distinguisher of 9-round AES-128. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 183–203. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40041-4_11 CrossRef

Gerault, D., Minier, M., Solnon, C.: Constraint programming models for chosen key differential cryptanalysis. In: The 22nd International Conference on Principles and Practice of Constraint Programming, Toulouse, France (2016)

10.

Gilbert, H., Peyrin, T.: Super-sbox cryptanalysis: improved attacks for AES-like permutations. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 365–383. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13858-4_21 CrossRef

11.

Guo, J., Jean, J., Nikolić, I., Qiao, K., Sasaki, Y., Sim, S.M.: Invariant subspace attack against full midori64. Cryptology ePrint Archive, Report 2015, 1189 (2015). http://eprint.iacr.org/

12.

Knudsen, L.R.: Cryptanalysis of LOKI 91. In: Seberry, J., Zheng, Y. (eds.) AUSCRYPT 1992. LNCS, vol. 718, pp. 196–208. Springer, Heidelberg (1993). doi:10.1007/3-540-57220-1_62 CrossRef

13.

Lin, L., Wu, W.: Meet-in-the-middle attacks on reduced-round midori-64. Cryptology ePrint Archive, Report 2015, 1165 (2015). http://eprint.iacr.org/

14.

Mouha, N., Wang, Q., Gu, D., Preneel, B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Wu, C.-K., Yung, M., Lin, D. (eds.) Inscrypt 2011. LNCS, vol. 7537, pp. 57–76. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34704-7_5 CrossRef

15.

Prud’homme, C., Fages, J.-G., Lorca, X.: Choco Documentation. TASC, INRIA Rennes, LINA CNRS UMR 6241, COSLING S.A.S. (2016)

16.

Selçuk, A.A.: On probability of success in linear and differential cryptanalysis. J. Crypt. 21(1), 131–147 (2008)MathSciNetCrossRefMATH

17.

Sun, S., Hu, L., Wang, M., Yang, Q., Qiao, K., Ma, X., Song, L., Shan, J.: Extending the applicability of the mixed-integer programming technique in automatic differential cryptanalysis. In: Lopez, J., Mitchell, C.J. (eds.) ISC 2015. LNCS, vol. 9290, pp. 141–157. Springer, Heidelberg (2015). doi:10.1007/978-3-319-23318-5_8 CrossRef

18.

Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., Song, L.: Automatic security evaluation and (Related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 158–178. Springer, Heidelberg (2014). doi:10.1007/978-3-662-45611-8_9

19.

Wheeler, D.J., Needham, R.M.: TEA, a tiny encryption algorithm. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 363–366. Springer, Heidelberg (1995). doi:10.1007/3-540-60590-8_29 CrossRef

20.

ZDNet: New xbox security cracked by linux fans. http://www.zdnet.com/article/new-xbox-security-cracked-by-linux-fans

Titel: Related-Key Cryptanalysis of Midori
verfasst von: David Gérault
Pascal Lafourcade
Verlag: Springer International Publishing
Buch: Progress in Cryptology – INDOCRYPT 2016
Print ISBN: 978-3-319-49889-8

Electronic ISBN: 978-3-319-49890-4

Copyright-Jahr: 2016
DOI: https://doi.org/10.1007/978-3-319-49890-4_16

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"