143 research outputs found
Multidimensional Zero-Correlation Linear Cryptanalysis of the Block Cipher KASUMI
The block cipher KASUMI is widely used for security in many synchronous
wireless standards. It was proposed by ETSI SAGE for usage in 3GPP (3rd
Generation Partnership Project) ciphering algorthms in 2001. There are a great
deal of cryptanalytic results on KASUMI, however, its security evaluation
against the recent zero-correlation linear attacks is still lacking so far. In
this paper, we select some special input masks to refine the general 5-round
zero-correlation linear approximations combining with some observations on the
functions and then propose the 6-round zero-correlation linear attack on
KASUMI. Moreover, zero-correlation linear attacks on the last 7-round KASUMI
are also introduced under some weak keys conditions. These weak keys take
of the whole key space.
The new zero-correlation linear attack on the 6-round needs about
encryptions with known plaintexts. For the attack under weak keys
conditions on the last 7 round, the data complexity is about known
plaintexts and the time complexity encryptions
Impossible Differential-Linear Cryptanalysis of Reduced-Round CLEFIA-128
CLEFIA is a 128-bit block cipher proposed by Sony Corporation in
2007. Our paper introduces a new chosen text attack, the
impossible differential-linear attack, on iterated cryptosystems.
The attack is efficient for -round CLEFIA with whitening keys.
In the paper, we construct a -round impossible
differential-linear distinguisher. Based on the distinguisher, we
present an effective attack on 16-round CLEFIA- with data
complexity of , recovering -bit subkeys in total.
Our attack can also be applied to CLEFIA-192 and CLEFIA-
SoK: Security Evaluation of SBox-Based Block Ciphers
Cryptanalysis of block ciphers is an active and important research area with an extensive volume of literature. For this work, we focus on SBox-based ciphers, as they are widely used and cover a large class of block ciphers. While there have been prior works that have consolidated attacks on block ciphers, they usually focus on describing and listing the attacks. Moreover, the methods for evaluating a cipher\u27s security are often ad hoc, differing from cipher to cipher, as attacks and evaluation techniques are developed along the way. As such, we aim to organise the attack literature, as well as the work on security evaluation.
In this work, we present a systematization of cryptanalysis of SBox-based block ciphers focusing on three main areas: (1) Evaluation of block ciphers against standard cryptanalytic attacks; (2) Organisation and relationships between various attacks; (3) Comparison of the evaluation and attacks on existing ciphers
Multidimensional zero-correlation attacks on lightweight block cipher HIGHT: Improved cryptanalysis of an ISO standard
AbstractHIGHT is a block cipher designed in Korea with the involvement of Korea Information Security Agency. It was proposed at CHES 2006 for usage in lightweight applications such as sensor networks and RFID tags. Lately, it has been adopted as ISO standard. Though there is a great deal of cryptanalytic results on HIGHT, its security evaluation against the recent zero-correlation linear attacks is still lacking. At the same time, the Feistel-type structure of HIGHT suggests that it might be susceptible to this type of cryptanalysis. In this paper, we aim to bridge this gap.We identify zero-correlation linear approximations over 16 rounds of HIGHT. Based upon those, we attack 27-round HIGHT (round 4 to round 30) with improved time complexity and practical memory requirements. This attack of ours is the best result on HIGHT to date in the classical single-key setting. We also provide the first attack on 26-round HIGHT (round 4 to round 29) with the full whitening key
Linear Hulls with Correlation Zero and Linear Cryptanalysis of Block Ciphers
Linear cryptanalysis, along with differential cryptanalysis, is an important tool to evaluate the security of block ciphers. This work introduces a novel extension of linear cryptanalysis: zero-correlation linear cryptanalysis, a technique applicable to many block cipher constructions. It is based on linear approximations with a correlation value of exactly zero. For a permutation on bits, an algorithm of complexity is proposed for the exact evaluation of correlation. Non-trivial zero-correlation linear approximations are demonstrated for various block cipher structures including AES, balanced Feistel networks, Skipjack, CLEFIA, and CAST256. As an example, using the zero-correlation linear cryptanalysis, a key-recovery attack is shown on 6 rounds of AES-192 and AES-256 as well as 13 rounds of CLEFIA-256
Symmetric lightweight primitives: (Design and) Cryptanalysis
International audienc
An overview of memristive cryptography
Smaller, smarter and faster edge devices in the Internet of things era
demands secure data analysis and transmission under resource constraints of
hardware architecture. Lightweight cryptography on edge hardware is an emerging
topic that is essential to ensure data security in near-sensor computing
systems such as mobiles, drones, smart cameras, and wearables. In this article,
the current state of memristive cryptography is placed in the context of
lightweight hardware cryptography. The paper provides a brief overview of the
traditional hardware lightweight cryptography and cryptanalysis approaches. The
contrast for memristive cryptography with respect to traditional approaches is
evident through this article, and need to develop a more concrete approach to
developing memristive cryptanalysis to test memristive cryptographic approaches
is highlighted.Comment: European Physical Journal: Special Topics, Special Issue on
"Memristor-based systems: Nonlinearity, dynamics and applicatio
Quantum impossible differential attack. Applications to CLEFIA, AES and SKINNY
International audienceThe general context Cryptography is a computer discipline that aims to protect messages through encryption systems. In symmetric cryptography, a secret parameter, called a key, is used both to encrypt and to decrypt messages. The security provided by a symmetric encryption system is evaluated using cryptanalysis techniques which aim, for example, to find the secret key. Quantum computer arrival could impact the cryptographic field. Indeed, in 1994, Shor exhibited that quantum computers could be used to improve assymetric cryptanalysis [17]. With the recent breakthrough in quantum computer, the security of cryptographic primitives against quantum adversary can not be taken as guaranteed. The NIST launched a competition for new primitives that are safe even against adversaries that has access to a quantum computer. To estimate the quantum security of a cryptographic scheme, it is necessary to perform its quantum cryptanalysis. Quantum cryptanalysis techniques sometimes are quantum adaptation of classical cryptanalysis techniques. This transformation is called quantizing. Let's note that an attack is valid if and only if it is more efficient than the naive attack. In the classical setting, the naive attack is the generic exhaustive search, in the quantum setting, it is the Grover search algorithm [14]
- …