Security analysis of Khudra: a lightweight block cipher for FPGAs

Yibin Dai; Shaozhen Chen

doi:10.1002/sec.1409

Integral Distinguishers of the Full-Round Lightweight Block Cipher SAT_Jo

Security and Communication Networks ◽

10.1155/2021/5310545 ◽

2021 ◽

Vol 2021 ◽

pp. 1-9

Author(s):

Xueying Qiu ◽

Yongzhuang Wei ◽

Samir Hodzic ◽

Enes Pasalic

Keyword(s):

Linear Programming ◽

Integer Linear Programming ◽

Mixed Integer Linear Programming ◽

Time Complexity ◽

Block Cipher ◽

Security Analysis ◽

Mixed Integer ◽

Substitution Boxes ◽

Lightweight Block Cipher ◽

The One

Integral cryptanalysis based on division property is a powerful cryptanalytic method whose range of successful applications was recently extended through the use of Mixed-Integer Linear Programming (MILP). Although this technique was demonstrated to be efficient in specifying distinguishers of reduced round versions of several families of lightweight block ciphers (such as SIMON, PRESENT, and few others), we show that this method provides distinguishers for a full-round block cipher SAT_Jo. SAT_Jo cipher is very similar to the well-known PRESENT block cipher, which has successfully withstood the known cryptanalytic methods. The main difference compared to PRESENT, which turns out to induce severe weaknesses of SAT_Jo algorithm, is its different choice of substitution boxes (S-boxes) and the bit-permutation layer for the reasons of making the cipher highly resource-efficient. Even though the designers provided a security analysis of this scheme against some major generic cryptanalytic methods, an application of the bit-division property in combination with MILP was not considered. By specifying integral distinguishers for the full-round SAT_Jo algorithm using this method, we essentially disapprove its use in intended applications. Using a 30-round distinguisher, we also describe a subkey recovery attack on the SAT_Jo algorithm whose time complexity is about 2 66 encryptions (noting that SAT_Jo is designed to provide 80 bits of security). Moreover, it seems that the choice of bit-permutation induces weak division properties since replacing the original bit-permutation of SAT_Jo by the one used in PRESENT immediately renders integral distinguishers inefficient.

Download Full-text

Comprehensive security analysis of CRAFT

IACR Transactions on Symmetric Cryptology ◽

10.46586/tosc.v2019.i4.290-317 ◽

2020 ◽

pp. 290-317

Author(s):

Hosein Hadipour ◽

Sadegh Sadeghi ◽

Majid M. Niknam ◽

Ling Song ◽

Nasour Bagheri

Keyword(s):

Detailed Analysis ◽

Differential Effect ◽

Block Cipher ◽

Security Analysis ◽

Linear Cryptanalysis ◽

Zero Correlation ◽

Efficient Protection ◽

Lightweight Block Cipher ◽

Insight Into ◽

Partitioning Technique

CRAFT is a lightweight block cipher, designed to provide efficient protection against differential fault attacks. It is a tweakable cipher that includes 32 rounds to produce a ciphertext from a 64-bit plaintext using a 128-bit key and 64-bit public tweak. In this paper, compared to the designers’ analysis, we provide a more detailed analysis of CRAFT against differential and zero-correlation cryptanalysis, aiming to provide better distinguishers for the reduced rounds of the cipher. Our distinguishers for reduced-round CRAFT cover a higher number of rounds compared to the designers’ analysis. In our analysis, we observed that, for any number of rounds, the differential effect of CRAFT has an extremely higher probability compared to any differential trail. As an example, while the best trail for 11 rounds of the cipher has a probability of at least 2−80, we present a differential with probability 2−49.79, containing 229.66 optimal trails, all with the same optimum probability of 2−80. Next, we use a partitioning technique, based on optimal expandable truncated trails to provide a better estimation of the differential effect on CRAFT. Thanks to this technique, we are able to find differential distinguishers for 9, 10, 11, 12, 13, and 14 rounds of the cipher in single tweak model with the probabilities of at least 2−40.20, 2−45.12, 2−49.79, 2−54.49, 2−59.13, and 2−63.80, respectively. These probabilities should be compared with the best distinguishers provided by the designers in the same model for 9 and 10 rounds of the cipher with the probabilities of at least 2−54.67 and 2−62.61, respectively. In addition, we consider the security of CRAFT against the new concept of related tweak zero-correlation (ZC) linear cryptanalysis and present a new distinguisher which covers 14 rounds of the cipher, while the best previous ZC distinguisher covered 13 rounds. Thanks to the related tweak ZC distinguisher for 14 rounds of the cipher, we also present 14 rounds integral distinguishers in related tweak mode of the cipher. Although the provided analysis does not compromise the cipher, we think it provides a better insight into the designing of CRAFT.

Download Full-text

Security Analysis of SAT_Jo Lightweight Block Cipher for Data Security in Healthcare IoT

Proceedings of the 2019 3rd International Conference on Cloud and Big Data Computing - ICCBDC 2019 ◽

10.1145/3358505.3358527 ◽

2019 ◽

Author(s):

R. Shantha Mary Joshitta ◽

L. Arockiam ◽

P. D. Sheba Kezia Malarchelvi

Keyword(s):

Data Security ◽

Block Cipher ◽

Security Analysis ◽

Lightweight Block Cipher

Download Full-text

Catalog and Illustrative Examples of Lightweight Cryptographic Primitives

Security of Ubiquitous Computing Systems ◽

10.1007/978-3-030-10591-4_2 ◽

2021 ◽

pp. 21-47

Author(s):

Aleksandra Mileva ◽

Vesna Dimitrova ◽

Orhun Kara ◽

Miodrag J. Mihaljević

Keyword(s):

Stream Cipher ◽

Block Cipher ◽

Security Analysis ◽

Stream Ciphers ◽

Security Evaluation ◽

Cryptographic Primitives ◽

Internal States ◽

Lightweight Block Cipher ◽

Hardware Performance

AbstractThe main objective of this chapter is to offer to practitioners, researchers and all interested parties a brief categorized catalog of existing lightweight symmetric primitives with their main cryptographic features, ultimate hardware performance, and existing security analysis, so they can easily compare the ciphers or choose some of them according to their needs. Certain security evaluation issues have been addressed as well. In particular, the reason behind why modern lightweight block cipher designs have in the last decade overwhelmingly dominated stream cipher design is analyzed in terms of security against tradeoff attacks. It turns out that it is possible to design stream ciphers having much smaller internal states.

Download Full-text

Fault Analysis for Lightweight Block Cipher and Security Analysis in Wireless Sensor Network for Internet of Things

Lecture Notes in Networks and Systems - Innovations in Electronics and Communication Engineering ◽

10.1007/978-981-15-3172-9_1 ◽

2020 ◽

pp. 3-11

Author(s):

Shamimul Qamar ◽

Nawsher Khan ◽

Naim Ahmad ◽

Mohammed Rashid Hussain ◽

Arshi Naim ◽

...

Keyword(s):

Wireless Sensor Network ◽

Internet Of Things ◽

Sensor Network ◽

Block Cipher ◽

Security Analysis ◽

Fault Analysis ◽

Wireless Sensor ◽

Lightweight Block Cipher

Download Full-text

Security Analysis of Cipher ICEBERG against Bit-pattern Based Integral Attack

International Journal of Technology and Human Interaction ◽

10.4018/ijthi.2016040105 ◽

2016 ◽

Vol 12 (2) ◽

pp. 60-71 ◽

Cited By ~ 1

Author(s):

Yuechuan Wei ◽

Yisheng Rong ◽

Xu An Wang

Keyword(s):

Block Cipher ◽

Security Analysis ◽

Block Ciphers ◽

Significant Progress ◽

Cryptographic Primitives ◽

Lightweight Block Cipher ◽

Balance Property ◽

Integral Attack ◽

Final Round ◽

Made In

Significant progress in the development of lightweight symmetric cryptographic primitives has been made in recent years. Security of ciphers against current cryptanalysis methods should be carefully evaluated. Integral attack is one of the most effective attacks against block ciphers. However, traditional integral attack based on byte or word is not available for a bit-oriented cipher. Bit-pattern based integral attack technique, introduced by Z'aba et al. addresses this issue to some extent. In this paper, bit-pattern based integral attack is applied to ICEBERG—a lightweight block cipher efficient in reconfigurable hard-ware. By tracing the propagation of the plaintext structure at bit-level, the balance property is obtained and then key guesses are verified. The result shows that 3, 4 and 5 rounds ICEBERG are not immune to this attack. All attacks presented in this paper manage to recover the full subkeys of the final round.

Download Full-text

FPGA Implementation And Analysis Of RC7 Algorithm Using Reversible Logic Gates

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.f7993.088619 ◽

2019 ◽

Vol 8 (6) ◽

pp. 769-776

Keyword(s):

Performance Evaluation ◽

Resource Utilization ◽

Block Cipher ◽

Security Analysis ◽

Logic Gates ◽

Reversible Logic ◽

Fpga Implementation ◽

Lightweight Cryptography ◽

Lightweight Block Cipher ◽

Reversible Logic Gates

Lightweight cryptography is one of the efficient technologies that permit the confidentiality of communication through an insecure channel. Recently, several researchers have made a study on a lightweight block cipher in the field of cryptography. In this research paper we have concentrated on the design of lightweight block cipher with its performance evaluation and security analysis. We introduce RC7-RLGC algorithm, an FPGA implementation of Rivest's Cipher 7 (RC7) algorithm using reversible logic gates to encrypt the messages. The pseudorandom numbers are generated in Reversible Logic Gates Circuits (RLGCs) are used as key; this minimizes the resource utilization in encryption process. The proposed RC7-RLGC architecture has occupied less FPGA device utilization on LP-Virtex-6 device. It has occupied 13.04 % of LUTs, 10 % of flip-flops and 36.363 % of slices less than the existing RC7 algorithm.

Download Full-text

Cryptanalysis of the Lightweight Block Cipher BORON

Security and Communication Networks ◽

10.1155/2019/7862738 ◽

2019 ◽

Vol 2019 ◽

pp. 1-12 ◽

Cited By ~ 1

Author(s):

Huicong Liang ◽

Meiqin Wang

Keyword(s):

Block Cipher ◽

Security Analysis ◽

Third Party ◽

Linear Cryptanalysis ◽

Key Recovery ◽

Smt Solver ◽

Optimal Probability ◽

Lightweight Block Cipher ◽

Security Evaluations ◽

Key Recovery Attacks

This paper provides security evaluations of a lightweight block cipher called BORON proposed by Bansod et al. There is no third-party cryptanalysis towards BORON. Designers only provided coarse and simple security analysis. To fill this gap, security bounds of BORON against differential and linear cryptanalysis are presented in this paper. By automatic models based on the SMT solver STP, we search for differential and linear trails with the minimal number of active S-boxes and trails with optimal probability and bias. Then, we present key-recovery attacks towards round-reduced BORON. This paper is the first third-party cryptanalysis towards BORON.

Download Full-text

Protecting lightweight block cipher implementation in mobile big data computing

Peer-to-Peer Networking and Applications ◽

10.1007/s12083-016-0481-0 ◽

2016 ◽

Vol 11 (2) ◽

pp. 252-264

Author(s):

Weidong Qiu ◽

Bozhong Liu ◽

Can Ge ◽

Lingzhi Xu ◽

Xiaoming Tang ◽

...

Keyword(s):

Big Data ◽

Block Cipher ◽

Mobile Big Data ◽

Lightweight Block Cipher ◽

Big Data Computing

Download Full-text

Eight-sided fortress: a lightweight block cipher

The Journal of China Universities of Posts and Telecommunications ◽

10.1016/s1005-8885(14)60275-2 ◽

2014 ◽

Vol 21 (1) ◽

pp. 104-128

Author(s):

Xuan LIU ◽

Wen-ying ZHANG ◽

Xiang-zhong LIU ◽

Feng LIU

Keyword(s):

Block Cipher ◽

Lightweight Block Cipher

Download Full-text