Security Analysis of Cipher ICEBERG against Bit-pattern Based Integral Attack

2016 ◽  
Vol 12 (2) ◽  
pp. 60-71 ◽  
Author(s):  
Yuechuan Wei ◽  
Yisheng Rong ◽  
Xu An Wang
Keyword(s):  
Block Cipher ◽  
Security Analysis ◽  
Block Ciphers ◽  
Significant Progress ◽  
Cryptographic Primitives ◽  
Lightweight Block Cipher ◽  
Balance Property ◽  
Integral Attack ◽  
Final Round ◽  
Made In

Significant progress in the development of lightweight symmetric cryptographic primitives has been made in recent years. Security of ciphers against current cryptanalysis methods should be carefully evaluated. Integral attack is one of the most effective attacks against block ciphers. However, traditional integral attack based on byte or word is not available for a bit-oriented cipher. Bit-pattern based integral attack technique, introduced by Z'aba et al. addresses this issue to some extent. In this paper, bit-pattern based integral attack is applied to ICEBERG—a lightweight block cipher efficient in reconfigurable hard-ware. By tracing the propagation of the plaintext structure at bit-level, the balance property is obtained and then key guesses are verified. The result shows that 3, 4 and 5 rounds ICEBERG are not immune to this attack. All attacks presented in this paper manage to recover the full subkeys of the final round.

scholarly journals Catalog and Illustrative Examples of Lightweight Cryptographic Primitives

2021 ◽  
pp. 21-47
Author(s):  
Aleksandra Mileva ◽  
Vesna Dimitrova ◽  
Orhun Kara ◽  
Miodrag J. Mihaljević
Keyword(s):  
Stream Cipher ◽  
Block Cipher ◽  
Security Analysis ◽  
Stream Ciphers ◽  
Security Evaluation ◽  
Cryptographic Primitives ◽  
Internal States ◽  
Lightweight Block Cipher ◽  
Hardware Performance

AbstractThe main objective of this chapter is to offer to practitioners, researchers and all interested parties a brief categorized catalog of existing lightweight symmetric primitives with their main cryptographic features, ultimate hardware performance, and existing security analysis, so they can easily compare the ciphers or choose some of them according to their needs. Certain security evaluation issues have been addressed as well. In particular, the reason behind why modern lightweight block cipher designs have in the last decade overwhelmingly dominated stream cipher design is analyzed in terms of security against tradeoff attacks. It turns out that it is possible to design stream ciphers having much smaller internal states.

scholarly journals Integral Distinguishers of the Full-Round Lightweight Block Cipher SAT_Jo

2021 ◽  
Vol 2021 ◽  
pp. 1-9
Author(s):  
Xueying Qiu ◽  
Yongzhuang Wei ◽  
Samir Hodzic ◽  
Enes Pasalic
Keyword(s):  
Linear Programming ◽  
Integer Linear Programming ◽  
Mixed Integer Linear Programming ◽  
Time Complexity ◽  
Block Cipher ◽  
Security Analysis ◽  
Mixed Integer ◽  
Substitution Boxes ◽  
Lightweight Block Cipher ◽  
The One

Integral cryptanalysis based on division property is a powerful cryptanalytic method whose range of successful applications was recently extended through the use of Mixed-Integer Linear Programming (MILP). Although this technique was demonstrated to be efficient in specifying distinguishers of reduced round versions of several families of lightweight block ciphers (such as SIMON, PRESENT, and few others), we show that this method provides distinguishers for a full-round block cipher SAT_Jo. SAT_Jo cipher is very similar to the well-known PRESENT block cipher, which has successfully withstood the known cryptanalytic methods. The main difference compared to PRESENT, which turns out to induce severe weaknesses of SAT_Jo algorithm, is its different choice of substitution boxes (S-boxes) and the bit-permutation layer for the reasons of making the cipher highly resource-efficient. Even though the designers provided a security analysis of this scheme against some major generic cryptanalytic methods, an application of the bit-division property in combination with MILP was not considered. By specifying integral distinguishers for the full-round SAT_Jo algorithm using this method, we essentially disapprove its use in intended applications. Using a 30-round distinguisher, we also describe a subkey recovery attack on the SAT_Jo algorithm whose time complexity is about 2 66 encryptions (noting that SAT_Jo is designed to provide 80 bits of security). Moreover, it seems that the choice of bit-permutation induces weak division properties since replacing the original bit-permutation of SAT_Jo by the one used in PRESENT immediately renders integral distinguishers inefficient.

scholarly journals SECURITY ANALYSIS BETWEEN STATIC AND DYNAMIC S-BOXES IN BLOCK CIPHERS

2021 ◽  
Vol 6 (20) ◽  
pp. 10-16
Author(s):  
Nur Hafiza Zakaria ◽  
Azuan Ahmad ◽  
Azni Haslizan Ab Halim ◽  
Farida Hazwani Mohd Ridzuan
Keyword(s):  
Computer Security ◽  
Block Cipher ◽  
Security Analysis ◽  
Block Ciphers ◽  
Statistical Test ◽  
Evaluation Tool ◽  
Work Related ◽  
Security Research ◽  
Cryptographic Algorithms ◽  
Tool Set

The development of block ciphers has resulted in a number of cryptographic algorithms such as AES, aria, blowfish256, desl, and 3d-aes. AES is one of the best cryptographic algorithms that can be used to protect electronic data. However, the principal weakness in AES is the linearity in the s-box. The objective of this research is to investigate and evaluate the existing work related to the dynamic s-box. Other than that, the aim of this research is to design a dynamic s-box using affine transformation in order to increase the security of the encryption. The method to design is using java with the NetBeans software. The proposed block cipher will be tested using NIST statistical test suite to test the randomness of the algorithm. Besides, the strength of the s-box will be analyzed using the s-box evaluation tool (set). The cryptographic strength depends strongly on the choice of s-box. Therefore, this new proposed block cipher can be used by countries, organizations, stakeholders, or interested parties as one of the secure algorithms to increase the protection of the information and also will contribute as an alternative to other cryptographic algorithms in computer security research.

scholarly journals Comprehensive security analysis of CRAFT

2020 ◽  
pp. 290-317
Author(s):  
Hosein Hadipour ◽  
Sadegh Sadeghi ◽  
Majid M. Niknam ◽  
Ling Song ◽  
Nasour Bagheri
Keyword(s):  
Detailed Analysis ◽  
Differential Effect ◽  
Block Cipher ◽  
Security Analysis ◽  
Linear Cryptanalysis ◽  
Zero Correlation ◽  
Efficient Protection ◽  
Lightweight Block Cipher ◽  
Insight Into ◽  
Partitioning Technique

CRAFT is a lightweight block cipher, designed to provide efficient protection against differential fault attacks. It is a tweakable cipher that includes 32 rounds to produce a ciphertext from a 64-bit plaintext using a 128-bit key and 64-bit public tweak. In this paper, compared to the designers’ analysis, we provide a more detailed analysis of CRAFT against differential and zero-correlation cryptanalysis, aiming to provide better distinguishers for the reduced rounds of the cipher. Our distinguishers for reduced-round CRAFT cover a higher number of rounds compared to the designers’ analysis. In our analysis, we observed that, for any number of rounds, the differential effect of CRAFT has an extremely higher probability compared to any differential trail. As an example, while the best trail for 11 rounds of the cipher has a probability of at least 2−80, we present a differential with probability 2−49.79, containing 229.66 optimal trails, all with the same optimum probability of 2−80. Next, we use a partitioning technique, based on optimal expandable truncated trails to provide a better estimation of the differential effect on CRAFT. Thanks to this technique, we are able to find differential distinguishers for 9, 10, 11, 12, 13, and 14 rounds of the cipher in single tweak model with the probabilities of at least 2−40.20, 2−45.12, 2−49.79, 2−54.49, 2−59.13, and 2−63.80, respectively. These probabilities should be compared with the best distinguishers provided by the designers in the same model for 9 and 10 rounds of the cipher with the probabilities of at least 2−54.67 and 2−62.61, respectively. In addition, we consider the security of CRAFT against the new concept of related tweak zero-correlation (ZC) linear cryptanalysis and present a new distinguisher which covers 14 rounds of the cipher, while the best previous ZC distinguisher covered 13 rounds. Thanks to the related tweak ZC distinguisher for 14 rounds of the cipher, we also present 14 rounds integral distinguishers in related tweak mode of the cipher. Although the provided analysis does not compromise the cipher, we think it provides a better insight into the designing of CRAFT.

A Method for Security Estimation of the Spn-Based Block Cipher Against Related-Key Attacks

2014 ◽  
Vol 60 (1) ◽  
pp. 25-45 ◽  
Author(s):  
Dmytro Kaidalov ◽  
Roman Oliynykov ◽  
Oleksandr Kazymyrov
Keyword(s):  
Block Cipher ◽  
Block Ciphers ◽  
Message Authentication ◽  
Brute Force ◽  
Symmetric Encryption ◽  
Authentication Codes ◽  
Cryptographic Primitives ◽  
Encryption Algorithms ◽  
Brute Force Attack ◽  
Symmetric Block

Abstract Symmetric block ciphers are the most widely used cryptographic primitives. In addition to providing privacy, block ciphers are used as basic components in the construction of hash functions, message authentication codes, pseudorandom number generators, as a part of various cryptographic protocols, etc. Nowadays the most popular block cipher is AES (Advanced Encryption Standard). It is used as a standard of symmetric encryption in many countries. Several years ago it was found a theoretical attack exploiting the AES key expansion algorithm that allows reducing significantly the complexity comparing to the brute force attack. This article presents an advanced method of finding the number of active substitutions that helps to estimate the security of encryption algorithms against related-key attacks. The method was applied to a prospective block cipher, which is a candidate for the Ukrainian standard

Improved Meet-in-the-Middle Attacks on Reduced-Round Kiasu-BC and Joltik-BC

2019 ◽  
Vol 62 (12) ◽  
pp. 1761-1776 ◽  
Author(s):  
Ya Liu ◽  
Yifan Shi ◽  
Dawu Gu ◽  
Zhiqiang Zeng ◽  
Fengyu Zhao ◽  
...  
Keyword(s):  
Block Cipher ◽  
Block Ciphers ◽  
Authenticated Encryption ◽  
Caesar Competition ◽  
Encryption Algorithms ◽  
Lightweight Block Cipher

Abstract Kiasu-BC and Joltik-BC are internal tweakable block ciphers of authenticated encryption algorithms Kiasu and Joltik submitted to the CAESAR competition. Kiasu-BC is a 128-bit block cipher, of which tweak and key sizes are 64 and 128 bits, respectively. Joltik-BC-128 is a 64-bit lightweight block cipher supporting 128 bits tweakey. Its designers recommended the key and tweak sizes are both 64 bits. In this paper, we propose improved meet-in-the-middle attacks on 8-round Kiasu-BC, 9-round and 10-round Joltik-BC-128 by exploiting properties of their structures and using precomputation tables and the differential enumeration. For Kiasu-BC, we build a 5-round distinguisher to attack 8-round Kiasu-BC with $2^{109}$ plaintext–tweaks, $2^{112.8}$ encrytions and $2^{92.91}$ blocks. Compared with previously best known cryptanalytic results on 8-round Kiasu-BC under chosen plaintext attacks, the data and time complexities are reduced by $2^{7}$ and $2^{3.2}$ times, respectively. For the recommended version of Joltik-BC-128, we construct a 6-round distinguisher to attack 9-round Joltik-BC-128 with $2^{53}$ plaintext–tweaks, $2^{56.6}$ encryptions and $2^{52.91}$ blocks, respectively. Compared with previously best known results, the data and time complexities are reduced by $2^7$ and $2^{5.1}$ times, respectively. In addition, we present a 6.5-round distinguisher to attack 10-round Joltik-BC-128 with $2^{53}$ plaintext–tweaks, $2^{101.4}$ encryptions and $2^{76.91}$ blocks.

Security analysis of Khudra: a lightweight block cipher for FPGAs

2015 ◽  
Vol 9 (10) ◽  
pp. 1173-1185 ◽  
Author(s):  
Yibin Dai ◽  
Shaozhen Chen
Keyword(s):  
Block Cipher ◽  
Security Analysis ◽  
Lightweight Block Cipher

scholarly journals A Security Analysis of Deoxys and its Internal Tweakable Block Ciphers

2017 ◽  
pp. 73-107 ◽  
Author(s):  
Carlos Cid ◽  
Tao Huang ◽  
Thomas Peyrin ◽  
Yu Sasaki ◽  
Ling Song
Keyword(s):  
Linear Programming ◽  
Mixed Integer Linear Programming ◽  
Block Cipher ◽  
Security Analysis ◽  
Block Ciphers ◽  
Mixed Integer ◽  
Authenticated Encryption ◽  
Search Tool ◽  
Caesar Competition ◽  
Milp Model

In this article, we provide the first independent security analysis of Deoxys, a third-round authenticated encryption candidate of the CAESAR competition, and its internal tweakable block ciphers Deoxys-BC-256 and Deoxys-BC-384. We show that the related-tweakey differential bounds provided by the designers can be greatly improved thanks to a Mixed Integer Linear Programming (MILP) based search tool. In particular, we develop a new method to incorporate linear incompatibility in the MILP model. We use this tool to generate valid differential paths for reduced-round versions of Deoxys-BC-256 and Deoxys-BC-384, later combining them into broader boomerang or rectangle attacks. Here, we also develop a new MILP model which optimises the two paths by taking into account the effect of the ladder switch technique. Interestingly, with the tweak in Deoxys-BC providing extra input as opposed to a classical block cipher, we can even consider beyond full-codebook attacks. As these primitives are based on the TWEAKEY framework, we further study how the security of the cipher is impacted when playing with the tweak/key sizes. All in all, we are able to attack 10 rounds of Deoxys-BC-256 (out of 14) and 13 rounds of Deoxys-BC-384 (out of 16). The extra rounds specified in Deoxys-BC to balance the tweak input (when compared to AES) seem to provide about the same security margin as AES-128. Finally we analyse why the authenticated encryption modes of Deoxys mostly prevent our attacks on Deoxys-BC to apply to the authenticated encryption primitive.

Sign in / Sign up

Export Citation Format

Share Document