Cryptanalysis of fruit-80, craft and cham lightweight symmetric-key cryptographic primitives

In this modern era, computers are getting more lightweight and smaller in size. This advancement has caused lightweight cryptography becomes a prevalent trend. However, lightweight primitives may present undiscovered vulnerabilities that threaten the security and privacy of communications. In this thesis, cryptanalysis on selected lightweight symmetric-key ciphers, which are the Fruit-80 stream cipher, the CRAFT block cipher and the CHAM family of block ciphers, are presented. The objective of this thesis is to study the security level of selected lightweight ciphers, namely Fruit-80, CRAFT and CHAM, to apply cryptanalytic techniques on the selected ciphers, and to study the impact of the cryptanalytic techniques on these three ciphers. The research framework for cryptanalysis of block ciphers and stream ciphers are discussed, which is divided into five phases, namely, literature review, determining research requirements, evaluation of cipher’s properties, result assessment and documentation. First, the security of the Fruit-80 stream cipher is investigated with regard to the existence of slid key-IV pairs (also known as slid pairs). By using a Mixed Integer Linear Programming (MILP) solver, slid pairs can be generated trivially. The result shows that slid pairs do exist in Fruit-80, which also implies the existence of more than one key-IV pair that can generate an identical keystream. Next, security evaluation on the CRAFT block cipher against side channel cube attack is also presented in this thesis. For most of the secret keys, by reading the Hamming weight leakage after the first round and the second round of CRAFT, the whole secret key can be recovered within a practical time. This attack shows that CRAFT does not necessarily provide protection for all side channel attacks although the designers of CRAFT claims that CRAFT is secure against differential fault attack, which is also a side channel attack. Finally, the security evaluation of CHAM from the perspective of its key scheduling is also analysed. The correlation between master key difference and round key difference is measured. It is found that the number of different master key bits is almost proportional to the number of different round key bits in all CHAM block ciphers, suggesting that the key scheduling used in CHAM family of block ciphers has a weak diffusion. The key scheduling of CHAM is also evaluated for existence of repeated differential pattern. The results show that all CHAM variants possess strong repeated differential patterns. This thesis provides insights to future studies such as analysis in slid pairs of the Fruit and Fruit-128 stream ciphers, full key recovery by side-channel attacks on the CRAFT block cipher, and related-key cryptanalysis on the CHAM block ciphers based on their repeated differential patterns

Slid Pairs of the Fruit-80 Stream Cipher

Fruit is a small-state stream cipher designed for securing communications among resource-constrained devices. The design of Fruit was first known to the public in 2016. It was later improved as Fruit-80 in 2018 and becomes the latest and final version among all versions of the Fruit stream ciphers. In this paper, we analyze the Fruit-80 stream cipher. We found that Fruit-80 generates identical keystreams from certain two distinct pairs of key and IV. Such pair of key and IV pairs is known as a slid pair. Moreover, we discover that when two pairs of key and IV fulfill specific characteristics, they will generate identical keystreams. This shows that slid pairs do not always exist arbitrarily in Fruit-80. We define specific rules which are equivalent to the characteristics. Using the defined rules, we are able to automate the searching process using an MILP solver, which makes searching of the slid pairs trivial

Key-dependent side-channel cube attack on CRAFT

CRAFT is a tweakable block cipher introduced in 2019 that aims to provide strong protection against differential fault analysis. In this paper, we show that CRAFT is vulnerable to side-channel cube attacks. We apply side-channel cube attacks to CRAFT with the Hamming weight leakage assumption. We found that the first half of the secret key can be recovered from the Hamming weight leakage after the first round. Next, using the recovered key bits, we continue our attack to recover the second half of the secret key. We show that the set of equations that are solvable varies depending on the value of the key bits. Our result shows that 99.90% of the key space can be fully recovered within a practical time

Major trends in the manifestations and treatment of rheumatoid arthritis in a multiethnic cohort in Singapore

10.1007/s00296-012-2602-2Rheumatology International3371693-1703RHIN