Quantum rebound attack to D-M structure based on ARIA algorithm

With the increasing application of quantum computing, quantum technology is increasingly used in the security analysis and research of multiple symmetric cryptographic algorithms such as block ciphers and hash functions. In 2020, Sasaki et al. proposed a dedicated quantum collision attack against hash functions in EUROCRYPT. Some differential trajectories with a probability of 2−2n/3 that cannot be used in the classical environment may be used to launch collision attacks in the quantum environment. The ARIA algorithm is a block cipher proposed by the Korean researcher Kwon et al. on ICISC 2003. The block cipher algorithm is similar to AES in structure. This article mainly analyzes the security of Davies-Meyer structure, and uses AIRA as the permutation function to construct ARIA hash function based on the DM hash model. A new AIRA differential path was found based on MILP, and 7 rounds of ARIA-DM hash function quantum rebound attacks were given.

Chained Digital Signature for the Improved Video Integrity Verification

The recorded videos from the surveillance cameras can be used as potential evidence in forensic applications. These videos can be easily manipulated or tampered with video editing tools without leaving visible clues. Hence integrity verification is essential before using the videos as evidence. Existing methods mostly depend on the analysis of video data stream and video container for tampering detection. This paper discusses an active video integrity verification method using Elliptic Curve Cryptography and blockchain. The method uses Elliptic Curve Digital Signature Algorithm for calculating digital signature for video content and previous block. The digital signature of the encoded video segment (video content with predetermined size) and that of previous block are kept in each block to form an unbreakable chain. Our method does not consider any coding or compression artifacts of the video file and can be used on any video type and is tested on public-available standard videos with varying sizes and types. The proposed integrity verification scheme has better detection capabilities towards different types of alterations like insertion, copy-paste and deletion and can detect any type of forgery. This method is faster and more resistant to brute force and collision attacks in comparison to existing recent blockchain method.

(Quantum) Collision Attacks on Reduced Simpira v2

Simpira v2 is an AES-based permutation proposed by Gueron and Mouha at ASIACRYPT 2016. In this paper, we build an improved MILP model to count the differential and linear active Sboxes for Simpira v2, which achieves tighter bounds of the minimum number of active Sboxes for a few versions of Simpira v2. Then, based on the new model, we find some new truncated differentials for Simpira v2 and give a series (quantum) collision attacks on two versions of reduced Simpira v2.

Quantum Free-Start Collision Attacks on Double Block Length Hashing with Round-Reduced AES-256

Recently, Hosoyamada and Sasaki (EUROCRYPT 2020), and Xiaoyang Dong et al. (ASIACRYPT 2020) proposed quantum collision attacks against AES-like hashing modes AES-MMO and AES-MP. Their collision attacks are based on the quantum version of the rebound attack technique exploiting the differential trails whose probabilities are too low to be useful in the classical setting but large enough in the quantum setting. In this work, we present dedicated quantum free-start collision attacks on Hirose’s double block length compression function instantiated with AES-256, namely HCF-AES-256. The best publicly known classical attack against HCF-AES-256 covers up to 9 out of 14 rounds. We present a new 10-round differential trail for HCF-AES-256 with probability 2−160, and use it to find collisions with a quantum version of the rebound attack. Our attack succeeds with a time complexity of 285.11 and requires 216 qRAM in the quantum-attack setting, where an attacker can make only classical queries to the oracle and perform offline computations. We also present a quantum free-start collision attack on HCF-AES-256 with a time complexity of 286.07 which outperforms Chailloux, Naya-Plasencia, and Schrottenloher’s generic quantum collision attack (ASIACRYPT 2017) in a model when large qRAM is not available.

Algebraic Collision Attacks on Keccak

In this paper, we analyze the collision resistance of the two smallest versions of Keccak which have a width of 200 and 400 bits respectively. We show that algebraic and linearization techniques can serve collision cryptanalysis by using some interesting properties of the linear part of the round function of Keccak. We present an attack on the Keccak versions that could be used in lightweight cryptography reduced to two rounds. For Keccak[40, 160] (resp. Keccak[72, 128] and Keccak[144, 256]) our attack has a computational complexity of 273 (resp. 252.5 and 2101.5) Keccak calls.

Fake Near Collisions Attacks

Fast Near collision attacks on the stream ciphers Grain v1 and A5/1 were presented at Eurocrypt 2018 and Asiacrypt 2019 respectively. They use the fact that the entire internal state can be split into two parts so that the second part can be recovered from the first one which can be found using the keystream prefix and some guesses of the key materials.In this paper we reevaluate the complexity of these attacks and show that actually they are inferior to previously known results. Basically, we show that their complexity is actually much higher and we point out the main problems of these papers based on information theoretic ideas. We also check that some distributions do not have the predicted entropy loss claimed by the authors. Checking cryptographic attacks with galactic complexity is difficult in general. In particular, as these attacks involve many steps it is hard to identify precisely where the attacks are flawed. But for the attack against A5/1, it could have been avoided if the author had provided a full experiment of its attack since the overall claimed complexity was lower than 232 in both time and memory.

Known-Key Distinguishing and Partial-Collision Attacks on GFN-2 with SP F-Function

We study known-key distinguishing and partial-collision attacks on GFN-2 structures with various block lengths in this paper. For 4-branch GFN-2, we present 15-round known-key distinguishing attack and 11-round partial-collision attack which improve previous results. We also present 17-round known-key distinguishing attack on 6-branch GFN-2 and 27-round known-key distinguishing attack on 8-branch GFN-2 and show that several partial-collision attacks are derived from them. Additionally, some attacks are valid under special conditions for the F-function.