Blok şifrelerin olası olmayan diferansiyel kriptanalizi

TÜBİTAK EEEAG Proje01.10.201

Searching for Subspace Trails and Truncated Differentials

Grassi et al. [Gra+16] introduced subspace trail cryptanalysis as a generalization of invariant subspaces and used it to give the first five round distinguisher for Aes. While it is a generic method, up to now it was only applied to the Aes and Prince. One problem for a broad adoption of the attack is a missing generic analysis algorithm. In this work we provide efficient and generic algorithms that allow to compute the provably best subspace trails for any substitution permutation cipher

Grover on Present: Quantum Resource Estimation

In this work, we present cost analysis for mounting Grover\u27s key search on Present block cipher. Reversible quantum circuits for Present are designed taking into consideration several decompositions of toffoli gate. This designs are then used to produce Grover oracle for Present and their implementations cost is compared using several metrics. Resource estimation for Grover\u27s search is conducted by employing these Grover oracles. Finally, gate cost for these designs are estimated considering NIST\u27s depth restrictions

О множествах невозможных разностей алгоритмов шифрования Фейстеля с небиективной функцией усложнения

Рассматривается семейство l-раундовых сбалансированных алгоритмов шифрования Фейстеля с небиективной функций усложнения. Для каждого из них доказано существование l-раундовых невозможных разностей для произвольного числа раундов l, а также получена нижняя оценка числа описанных невозможных разностей. Рассматриваемому семейству принадлежит алгоритм блочного шифрования GRANULE, для которого предложен новый подход поиска невозможных разностей. Показано, что он лучше других ранее известных способов. Получено как увеличение числа l раундов, для которых находятся невозможные разности, так и их количества. Приведены аналитические оценки числа невозможных разностей, которые подтверждены экспериментально

Differential Cryptanalysis of 18-Round PRIDE

The rapid growth of the Internet of Things together with the increasing popularity of connected objects have created a need for secure, efficient and lightweight ciphers. Among the multitude of candidates, the block cipher PRIDE is, to this day, one of the most efficient solutions for 8-bit micro-controllers. In this paper, we provide new insights and a better understanding of differential attacks of PRIDE. First, we show that two previous attacks are incorrect, and describe (new and old) properties of the cipher that make such attacks intricate. Based on this understanding, we show how to properly mount a differential attack. Our proposal is the first single key differential attack that reaches 18 rounds out of 20. It requires $2^{61}$ chosen plaintexts and recovers the 128-bit key with a final time complexity of $2^{63.3}$ encryptions, while requiring a memory of about $2^{35}$ blocks of 64 bits

The biology and behaviour of a free-living population of black rats (Rattus rattus)

A population of wild Rattus rattus living in the roofs of the laboratory buildings was studied by supplying food every evening and watching the behaviour of the animals at the feeding place. Some observations were also made on caged animals. The rats were predominantly of the black rattus variety but white-bellied greys appeared now and then. In breeding tests the grey colour behaved as though determined by a single recessive gene. The study covered two periods of approximately 9 months each, separated by an interval of 3 months during which a reduced quantity of food was provided and the rat population underwent a major decline. During the two periods of richer feeding the population first increased and then stabilized at a level where the animals remained in good condition and there was no starvation. In the first 9-month period, stabilization was achieved by emigration of young adults who colonized neighbouring buildings. Towards the end of the second period, stabilization was achieved by limitation of breeding. The rats accepted a wide variety of foods, including meat, and a number of instances of predation were seen. Small vertebrates as well as insects were killed and eaten. Small pieces of food were usually eaten in situ but large bits were taken up to the nests in the roof. Such differential treatment in relation to size may be a factor of some importance in the evolution of hoarding. The rats visiting the feeding place formed a unit with a definite social structure. A single dominant male and never more than one, was always present and in certain circumstances a linear male hierarchy was formed. There were usually two or three mutually tolerant top ranking females who were subordinate to the top male but dominant to all other members of the group. Within the group attacks were directed downwards in the social scale. An attacked subordinate either fled or appeased and serious fights therefore did not develop. The most essential component of the appease. ment appeared to be a mouth to mouth contact which may be derived from the infantile pattern of 'mouth suckling'. Appeasement permitted superior rats to maintain their status without the necessity of carrying attacks on subordinates to the point where actual hurt was inflicted. A group territory round the feeding place was defended against interlopers. Both sexes took part in chasing out intruders but since males showed inhibition in attacking females, the exclusion of strange females was due principally to the activities of the home females. The point at which pursuit of an intruder stopped was regarded as the territorial boundary. This was also the limit beyond which a group member would not allow himself to be chased but it was not a prison wall. When agonistic tendencies were not aroused the animals no longer always I turned back at the boundary and foraging beyond its limits allowed them to become familiar with an area larger than the territory. Although intruders were normally driven out, it was occasionally possible for a particularly determined animal of either sex to force its way in and ultimately become a member of the group. The patterns of behaviour seen are described, particularly those concerned with hostile encounters and with mating. Scent marking with urine drip trails was not seen but adults of both sexes marked by rubbing the cheeks and ventral surface on branches. The circumstances in which tooth gnashing was heard suggest that this behaviour is not a form of threat but a response to unfamiliar auditory or visual stimuli. There was some evidence that it functioned as an alarm signal within the group. Pilo-erection and a gait or posture with the hind legs much extended ('stegosauring') are considered to function as threats. Pilo-erection occurred in situations where there was little to suggest conflict and is considered to represent a form of threat which has undergone emancipation. Various forms of displacement and ambivalent behaviour were seen. Rapid vibration of the tail occurred in thwarting situations, either during mating or when a defeated opponent suddenly vanished. There was no evidence that it acted as a signal. The common form of amicable behaviour was social grooming. Another amicable action was sitting together with the bodies in contact. Animals reared in cages remained shy and wary and even hand reared young developed the usual alarm responses to movement and noises. Females had their first litters at ages of 3 to 5 months. For first litters gestation periods were 21 to 22 days but in females that were simultaneously lactating they ranged from 23 to 29 days. Eight was the commonest litter number and ten the highest recorded. At birth the tail is very much shorter than the body but has outstripped it by the time the youngster emerges from the nest. This was found to be the result of a period of extremely rapid tail growth immediately preceding emergence. In Rattus norvegicus the peak in tail growth rate was found to be later and less striking. The difference is interpreted as related to the importance of the tail in climbing in the more arboreal R. rattus. During the second week of life an edge response (retreat from a declivity) and a clinging response made their appearance: these have the function of preventing accidental falls from a nest situated above ground level. Mouth suckling was seen only during a period of a few days towards the end of lactation. Play developed within a few days of emergence from the nest: locomotor and fighting play were the common types. Older animals occasionally joined in play with the young. In problem solving tests, first solutions were not insightful but once a solution had been found, the successful technique was at once adopted and subsequently perfected. There was no evidence of learning by imitation but the rats did learn from each other's behaviour that food could be obtained at a certain location and thus the solution of a problem by one rat accelerated its independent solution by others. The reasons for the differences between the behaviour of the free living population and the caged animals studied by other authors are discussed

SoK: Security Evaluation of SBox-Based Block Ciphers

Cryptanalysis of block ciphers is an active and important research area with an extensive volume of literature. For this work, we focus on SBox-based ciphers, as they are widely used and cover a large class of block ciphers. While there have been prior works that have consolidated attacks on block ciphers, they usually focus on describing and listing the attacks. Moreover, the methods for evaluating a cipher\u27s security are often ad hoc, differing from cipher to cipher, as attacks and evaluation techniques are developed along the way. As such, we aim to organise the attack literature, as well as the work on security evaluation. In this work, we present a systematization of cryptanalysis of SBox-based block ciphers focusing on three main areas: (1) Evaluation of block ciphers against standard cryptanalytic attacks; (2) Organisation and relationships between various attacks; (3) Comparison of the evaluation and attacks on existing ciphers