scholarly journals Cryptanalysis on SDDO-Based BM123-64 Designs Suitable for Various IoT Application Targets

Symmetry ◽  
2018 ◽  
Vol 10 (8) ◽  
pp. 353 ◽  
Author(s):  
Tran Phuc ◽  
Changhoon Lee
Keyword(s):  
Internet Of Things ◽  
High Speed ◽  
High Probability ◽  
Block Cipher ◽  
Algorithm Selection ◽  
Key Schedule ◽  
Boomerang Attack ◽  
Selection For ◽  
Differential Attacks

BM123-64 block cipher, which was proposed by Minh, N.H. and Bac, D.T. in 2014, was designed for high speed communication applications factors. It was constructed in hybrid controlled substitution–permutation network (CSPN) models with two types of basic controlled elements (CE) in distinctive designs. This cipher is based on switchable data-dependent operations (SDDO) and covers dependent-operations suitable for efficient primitive approaches for cipher constructions that can generate key schedule in a simple way. The BM123-64 cipher has advantages including high applicability, flexibility, and portability with different algorithm selection for various application targets with internet of things (IoT) as well as secure protection against common types of attacks, for instance, differential attacks and linear attacks. However, in this paper, we propose methods to possibly exploit the BM123-64 structure using related-key attacks. We have constructed a high probability related-key differential characteristics (DCs) on a full eight rounds of BM123-64 cipher. The related-key amplified boomerang attack is then proposed on all three different cases of operation-specific designs with effective results in complexity of data and time consumptions. This study can be considered as the first cryptographic results on BM123-64 cipher.

scholarly journals Complexity analysis and hardware implementation of extensible modulo addition for lightweight block cipher in Internet of Things (IOT)

2021 ◽  
Author(s):  
Sheraz Raza Siddique
Keyword(s):  
Internet Of Things ◽  
Hardware Implementation ◽  
Block Cipher ◽  
Complexity Analysis ◽  
National Security Agency ◽  
Round Function ◽  
Lightweight Block Cipher ◽  
Differential Attacks ◽  
The Internet Of Things ◽  
Feistel Structure

This project presents complexity analysis and hardware implementation of extensible modulo addition [15] encryption algorithm on a 32-bit lightweight FPGA based block cipher called INFLEX, which is designed for the internet of things (IoT) environment, supporting 64-bits key. It is designed for constrained hardware resources yet providing a highly secure scalable configuration for the variety of applications. This characteristic is obtained by the use of generalized Feistel structure combined with an improved block inflation feature. INFLEX follows a typical ARX (Add, Rotate, XOR) round function with a distinguished feature of block expansion and collapse as per user selected control string, which makes INFLEX act as a tweakable Cipher. We have shown comparison of INFLEX algorithm robustness and immunity against linear and differential attacks and demonstrated that it outperforms one of the benchmark block Ciphers Speck32/64 proposed by national security agency (NSA).

scholarly journals Automated Search Oriented to Key Recovery on Ciphers with Linear Key Schedule

2021 ◽  
pp. 249-291
Author(s):  
Lingyue Qin ◽  
Xiaoyang Dong ◽  
Xiaoyun Wang ◽  
Keting Jia ◽  
Yunwen Liu
Keyword(s):  
High Probability ◽  
Block Cipher ◽  
Secret Key ◽  
Key Recovery ◽  
Key Schedule ◽  
Before And After ◽  
Two Phases ◽  
Key Recovery Attack ◽  
Key Recovery Attacks ◽  
Automated Search

Automatic modelling to search distinguishers with high probability covering as many rounds as possible, such as MILP, SAT/SMT, CP models, has become a very popular cryptanalysis topic today. In those models, the optimizing objective is usually the probability or the number of rounds of the distinguishers. If we want to recover the secret key for a round-reduced block cipher, there are usually two phases, i.e., finding an efficient distinguisher and performing key-recovery attack by extending several rounds before and after the distinguisher. The total number of attacked rounds is not only related to the chosen distinguisher, but also to the extended rounds before and after the distinguisher. In this paper, we try to combine the two phases in a uniform automatic model.Concretely, we apply this idea to automate the related-key rectangle attacks on SKINNY and ForkSkinny. We propose some new distinguishers with advantage to perform key-recovery attacks. Our key-recovery attacks on a few versions of round-reduced SKINNY and ForkSkinny cover 1 to 2 more rounds than the best previous attacks.

scholarly journals NEW KEY EXPANSION FUNCTION OF RIJNDAEL 128-BIT RESISTANCE TO THE RELATED-KEY ATTACKS

2018 ◽  
Author(s):  
Hassan Mansur Hussien ◽  
Zaiton Muda ◽  
Sharifah Md Yasin
Keyword(s):  
Mixed Integer Linear Programming ◽  
Block Cipher ◽  
Statistical Tests ◽  
Mixed Integer ◽  
Differential Attack ◽  
Key Schedule ◽  
Strict Avalanche Criterion ◽  
Boomerang Attack ◽  
Common Block ◽  
Provably Secure

A master key of special length is manipulated based on the key schedule to create round sub-keys in most block ciphers. A strong key schedule is described as a cipher that will be more resistant to various forms of attacks, especially in related-key model attacks. Rijndael is the most common block cipher, and it was adopted by the National Institute of Standards and Technology, USA in 2001 as an Advance Encryption Standard. However, a few studies on cryptanalysis revealed that a security weakness of Rijndael refers to its vulnerability to related-key differential attack as well as the related-key boomerang attack, which is mainly caused by the lack of nonlinearity in the key schedule of Rijndael. In relation to this, constructing a key schedule that is both efficient and provably secure has been an ongoing open problem. Hence, this paper presents a method to improve the key schedule of Rijndael 128-bit for the purpose of making it more resistance to the related-key differential and boomerang attacks. In this study, two statistical tests, namely the Frequency test and the Strict Avalanche Criterion test were employed to respectively evaluate the properties of bit confusion and bit diffusion. The results showed that the proposed key expansion function has excellent statistical properties and agrees with the concept of Shannon’s diffusion and confusion bits. Meanwhile, the Mixed Integer Linear Programming based approach was adopted to evaluate the resistance of the proposed approach towards the related-key differential and boomerang attacks. The proposed approach was also found to be resistant against the two attacks discovered in the original Rijndael. Overall, these results proved that the proposed approach is able to perform better compared to the original Rijndael key expansion function and that of the previous research.  

scholarly journals Boomerang Connectivity Table Revisited. Application to SKINNY and AES

2019 ◽  
pp. 118-141
Author(s):  
Ling Song ◽  
Xianrui Qin ◽  
Lei Hu
Keyword(s):  
High Probability ◽  
Block Cipher ◽  
Careful Analysis ◽  
Block Ciphers ◽  
Middle Part ◽  
Differential Cryptanalysis ◽  
Accurate Estimation ◽  
Generalized Framework ◽  
Boomerang Attack ◽  
New Framework

The boomerang attack is a variant of differential cryptanalysis which regards a block cipher E as the composition of two sub-ciphers, i.e., E = E1 o E0, and which constructs distinguishers for E with probability p2q2 by combining differential trails for E0 and E1 with probability p and q respectively. However, the validity of this attack relies on the dependency between the two differential trails. Murphy has shown cases where probabilities calculated by p2q2 turn out to be zero, while techniques such as boomerang switches proposed by Biryukov and Khovratovich give rise to probabilities greater than p2q2. To formalize such dependency to obtain a more accurate estimation of the probability of the distinguisher, Dunkelman et al. proposed the sandwich framework that regards E as Ẽ1 o Em o Ẽ0, where the dependency between the two differential trails is handled by a careful analysis of the probability of the middle part Em. Recently, Cid et al. proposed the Boomerang Connectivity Table (BCT) which unifies the previous switch techniques and incompatibility together and evaluates the probability of Em theoretically when Em is composed of a single S-box layer. In this paper, we revisit the BCT and propose a generalized framework which is able to identify the actual boundaries of Em which contains dependency of the two differential trails and systematically evaluate the probability of Em with any number of rounds. To demonstrate the power of this new framework, we apply it to two block ciphers SKINNY and AES. In the application to SKINNY, the probabilities of four boomerang distinguishers are re-evaluated. It turns out that Em involves5 or 6 rounds and the probabilities of the full distinguishers are much higher than previously evaluated. In the application to AES, the new framework is used to exclude incompatibility and find high probability distinguishers of AES-128 under the related-subkey setting. As a result, a 6-round distinguisher with probability 2−109.42 is constructed. Lastly, we discuss the relation between the dependency of two differential trails in boomerang distinguishers and the properties of components of the cipher.

scholarly journals Complexity analysis and hardware implementation of extensible modulo addition for lightweight block cipher in Internet of Things (IOT)

2021 ◽  
Author(s):  
Sheraz Raza Siddique
Keyword(s):  
Internet Of Things ◽  
Hardware Implementation ◽  
Block Cipher ◽  
Complexity Analysis ◽  
National Security Agency ◽  
Round Function ◽  
Lightweight Block Cipher ◽  
Differential Attacks ◽  
The Internet Of Things ◽  
Feistel Structure

This project presents complexity analysis and hardware implementation of extensible modulo addition [15] encryption algorithm on a 32-bit lightweight FPGA based block cipher called INFLEX, which is designed for the internet of things (IoT) environment, supporting 64-bits key. It is designed for constrained hardware resources yet providing a highly secure scalable configuration for the variety of applications. This characteristic is obtained by the use of generalized Feistel structure combined with an improved block inflation feature. INFLEX follows a typical ARX (Add, Rotate, XOR) round function with a distinguished feature of block expansion and collapse as per user selected control string, which makes INFLEX act as a tweakable Cipher. We have shown comparison of INFLEX algorithm robustness and immunity against linear and differential attacks and demonstrated that it outperforms one of the benchmark block Ciphers Speck32/64 proposed by national security agency (NSA).

scholarly journals Algorithm selection for software validation based on graph kernels

2020 ◽  
Vol 27 (1-2) ◽  
pp. 153-186
Author(s):  
Cedric Richter ◽  
Eyke Hüllermeier ◽  
Marie-Christine Jakobs ◽  
Heike Wehrheim
Keyword(s):  
Software Validation ◽  
Algorithm Selection ◽  
Graph Kernels ◽  
Selection For
Sign in / Sign up

Export Citation Format

Share Document