DIFFERENTIAL CRYPTANALYSIS OF THE LIGHTWEIGHT BLOCK CIPHER CYPRESS-256

International Journal of Computing ◽

10.47839/ijc.19.2.1771 ◽

2020 ◽

pp. 273-281

Author(s):

Mariia Rodinko ◽

Roman Oliynykov ◽

Khalicha Yubuzova

Keyword(s):

Block Cipher ◽

Differential Cryptanalysis ◽

Hamming Weight ◽

Differential Characteristic ◽

Lightweight Block Cipher

This paper presents the results of differential cryptanalysis of the lightweight block cipher Cypress-256. The method for searching multi-round differential characteristic of the block cipher Cypress-256 is proposed. The searching assumes 1) building a big set of one-round differential characteristics and search for possible combinations of one-round characteristics into multi-round ones; 2) extending one-round differential characteristics with the probability up to certain threshold into multi-round characteristics. The following experiments show that the most probable one-round differential characteristics have input differences with 4-6 active bits which are distributed between different words. Besides that, high-probable one-round differential characteristics, which output differences have a small Hamming weight, cannot be extended to build high-probable multi-round differential characteristics. Due to application of the method assuming extension of one-round differential characteristics into multi-round ones, the differential characteristic up to 6 rounds was built, so 10-round block cipher Cypress-256 is resistant to differential cryptanalysis according to the requirements of practical criterion.

Download Full-text

Refined Probability of Differential Characteristics Including Dependency Between Multiple Rounds

IACR Transactions on Symmetric Cryptology ◽

10.46586/tosc.v2017.i2.203-227 ◽

2017 ◽

pp. 203-227

Author(s):

Anne Canteaut ◽

Eran Lambooij ◽

Samuel Neves ◽

Shahram Rasoolzadeh ◽

Yu Sasaki ◽

...

Keyword(s):

Block Cipher ◽

Current Paper ◽

Inner Function ◽

Encryption Scheme ◽

Authenticated Encryption ◽

Binary Matrix ◽

Exact Probability ◽

The Core ◽

Differential Characteristic ◽

Lightweight Block Cipher

The current paper studies the probability of differential characteristics for an unkeyed (or with a fixed key) construction. Most notably, it focuses on the gap between two probabilities of differential characteristics: probability with independent S-box assumption, pind, and exact probability, pexact. It turns out that pexact is larger than pind in Feistel network with some S-box based inner function. The mechanism of this gap is then theoretically analyzed. The gap is derived from interaction of S-boxes in three rounds, and the gap depends on the size and choice of the S-box. In particular the gap can never be zero when the S-box is bigger than six bits. To demonstrate the power of this improvement, a related-key differential characteristic is proposed against a lightweight block cipher RoadRunneR. For the 128-bit key version, pind of 2−48 is improved to pexact of 2−43. For the 80-bit key version, pind of 2−68 is improved to pexact of 2−62. The analysis is further extended to SPN with an almost-MDS binary matrix in the core primitive of the authenticated encryption scheme Minalpher: pind of 2−128 is improved to pexact of 2−96, which allows to extend the attack by two rounds.

Download Full-text

Clustering Related-Tweak Characteristics: Application to MANTIS-6

IACR Transactions on Symmetric Cryptology ◽

10.46586/tosc.v2018.i2.111-132 ◽

2018 ◽

pp. 111-132

Author(s):

Maria Eichlseder ◽

Daniel Kales

Keyword(s):

Block Cipher ◽

Differential Cryptanalysis ◽

Differential Attack ◽

Key Recovery ◽

Popular Approach ◽

Differential Characteristic ◽

Clustering Approach ◽

Tweakable Block Cipher ◽

Key Recovery Attack ◽

Truncated Differential

The TWEAKEY/STK construction is an increasingly popular approach for designing tweakable block ciphers that notably uses a linear tweakey schedule. Several recent attacks have analyzed the implications of this approach for differential cryptanalysis and other attacks that can take advantage of related tweakeys. We generalize the clustering approach of a recent differential attack on the tweakable block cipher MANTIS5 and describe a tool for efficiently finding and evaluating such clusters. More specifically, we consider the set of all differential characteristics compatible with a given truncated characteristic, tweak difference, and optional constraints for the differential. We refer to this set as a semi-truncated characteristic and estimate its probability by analyzing the distribution of compatible differences at each step. We apply this approach to find a semi-truncated differential characteristic for MANTIS6 with probability about 2−67.73 and derive a key-recovery attack with a complexity of about 255.09 chosen-plaintext queries and 255.52 computations. The data-time product is 2110.61 << 2126.

Download Full-text

Impossible differential cryptanalysis of Piccolo lightweight block cipher

2014 11th International ISC Conference on Information Security and Cryptology ◽

10.1109/iscisc.2014.6994028 ◽

2014 ◽

Cited By ~ 8

Author(s):

Seyyed Arash Azimi ◽

Zahra Ahmadian ◽

Javad Mohajeri ◽

Mohammad Reza Aref

Keyword(s):

Block Cipher ◽

Differential Cryptanalysis ◽

Impossible Differential ◽

Lightweight Block Cipher ◽

Impossible Differential Cryptanalysis

Download Full-text

Protecting lightweight block cipher implementation in mobile big data computing

Peer-to-Peer Networking and Applications ◽

10.1007/s12083-016-0481-0 ◽

2016 ◽

Vol 11 (2) ◽

pp. 252-264

Author(s):

Weidong Qiu ◽

Bozhong Liu ◽

Can Ge ◽

Lingzhi Xu ◽

Xiaoming Tang ◽

...

Keyword(s):

Big Data ◽

Block Cipher ◽

Mobile Big Data ◽

Lightweight Block Cipher ◽

Big Data Computing

Download Full-text

Eight-sided fortress: a lightweight block cipher

The Journal of China Universities of Posts and Telecommunications ◽

10.1016/s1005-8885(14)60275-2 ◽

2014 ◽

Vol 21 (1) ◽

pp. 104-128

Author(s):

Xuan LIU ◽

Wen-ying ZHANG ◽

Xiang-zhong LIU ◽

Feng LIU

Keyword(s):

Block Cipher ◽

Lightweight Block Cipher

Download Full-text

Impossible Differential Cryptanalysis of Reduced-Round Midori64 Block Cipher

2017 14th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC) ◽

10.1109/iscisc.2017.8488362 ◽

2017 ◽

Author(s):

Aein Rezaei Shahmirzadi ◽

Seyyed Arash Azimi ◽

Mahmoud Salmasizadeh ◽

Javad Mohajeri ◽

Mohammad Reza Aref

Keyword(s):

Block Cipher ◽

Differential Cryptanalysis ◽

Impossible Differential ◽

Impossible Differential Cryptanalysis

Download Full-text

Crypto-Archaeology: unearthing design methodology of DES s-boxes

10.7287/peerj.preprints.3285v1 ◽

2017 ◽

Author(s):

Sankhanil Dey ◽

Ranjan Ghosh

Keyword(s):

Boolean Function ◽

Boolean Functions ◽

Design Methodology ◽

Block Cipher ◽

Block Ciphers ◽

Public Domain ◽

Differential Cryptanalysis ◽

Linear Cryptanalysis ◽

Strict Avalanche Criterion ◽

Independence Criterion

US defence sponsored the DES program in 1974 and released it in 1977. It remained as a well-known and well accepted block cipher until 1998. Thirty-two 4-bit DES S-Boxes are grouped in eight each with four and are put in public domain without any mention of their design methodology. S-Boxes, 4-bit, 8-bit or 32-bit, find a permanent seat in all future block ciphers. In this paper, while looking into the design methodology of DES S-Boxes, we find that S-Boxes have 128 balanced and non-linear Boolean Functions, of which 102 used once, while 13 used twice and 92 of 102 satisfy the Boolean Function-level Strict Avalanche Criterion. All the S-Boxes satisfy the Bit Independence Criterion. Their Differential Cryptanalysis exhibits better results than the Linear Cryptanalysis. However, no S-Boxes satisfy the S-Box-level SAC analyses. It seems that the designer emphasized satisfaction of Boolean-Function-level SAC and S-Box-level BIC and DC, not the S-Box-level LC and SAC.

Download Full-text