Skip to main content
SpringerLink
Log in

On Selection of Samples in Algebraic Attacks and a New Technique to Find Hidden Low Degree Equations

  • Conference paper
Information Security and Privacy (ACISP 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8544))

Included in the following conference series:

Abstract

The best way of selecting samples in algebraic attacks against block ciphers is not well explored and understood. We introduce a simple strategy for selecting the plaintexts and demonstrate its strength by breaking reduced-round KATAN32 andLBlock. In both cases, we present a practical attack which outperforms previous attempts of algebraic cryptanalysis whose complexities were close to exhaustive search. The attack is based on the selection of samples using cube attack and ElimLin which was presented at FSE’12, and a new technique called Universal Proning. In the case ofLBlock, we break 10 out of 32 rounds. In KATAN32, we break 78 out of 254 rounds. Unlike previous attempts which break smaller number of rounds, we do not guess any bit of the key and we only use structural properties of the cipher to be able to break a higher number of rounds with much lower complexity. We show that cube attacks owe their success to the same properties and therefore, can be used as a heuristic for selecting the samples in an algebraic attack. The performance of ElimLin is further enhanced by the new Universal Proning technique, which allows to discover linear equations that are not found by ElimLin.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Al-Hinai, S.Z., Dawson, E., Henricksen, M., Simpson, L.R.: On the security of the LILI family of stream ciphers against algebraic attacks. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 2007. LNCS, vol. 4586, pp. 11–28. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  2. Albrecht, M.R., Cid, C., Faugère, J.-C., Perret, L.: On the Relation Between the Mutant Strategy and the Normal Selection Strategy in Gröbner Basis Algorithms. IACR Cryptology ePrint Archive 2011, 164 (2011)

    Google Scholar 

  3. Albrecht, M.R., Cid, C., Faugère, J.-C., Perret, L.: On the relation between the MXL family of algorithms and Gröbner basis algorithms. J. Symb. Comput. 47(8), 926–941 (2012)

    Article  MATH  Google Scholar 

  4. Ars, G., Faugère, J.-C., Imai, H., Kawazoe, M., Sugita, M.: Comparison between XL and Gröbner basis algorithms. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 338–353. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  5. Aumasson, J.-P., Dinur, I., Meier, W., Shamir, A.: Cube testers and key recovery attacks on reduced-round MD6 and Trivium. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 1–22. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  6. Bard, G.V., Courtois, N.T., Nakahara Jr, J., Sepehrdad, P., Zhang, B.: Algebraic, aida/cube and side channel analysis of katan family of block ciphers. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 176–196. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  7. Bardet, M., Faugère, J.-C., Salvy, B., Yang, B.-Y.: Asymptotic behaviour of the degree of regularity of semi-regular polynomial systems. In: Eighth International Symposium on Effective Methods in Algebraic Geometry, MEGA 2005, Porto Conte, Alghero, Sardinia, Italy, May 27-June 1 (2005)

    Google Scholar 

  8. Bardet, M., Faugère, J.-C., Salvy, B., Spaenlehauer, P.-J.: On the complexity of solving quadratic boolean systems. J. Complexity 29(1), 53–75 (2013)

    Article  MATH  MathSciNet  Google Scholar 

  9. De Cannière, C.: Trivium: A Stream Cipher Construction Inspired by Block Cipher Design Principles. In: Katsikas, S.K., López, J., Backes, M., Gritzalis, S., Preneel, B. (eds.) ISC 2006. LNCS, vol. 4176, pp. 171–186. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  10. De Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN - a family of small and efficient hardware-oriented block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  11. Cheng, C.-M., Chou, T., Niederhagen, R., Yang, B.-Y.: Solving quadratic equations with XL on parallel architectures. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 356–373. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  12. Choy, J., Yap, H., Khoo, K.: An analysis of the compact XSL attack on BES and embedded SMS4. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 103–118. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  13. Cid, C., Leurent, G.: An analysis of the XSL algorithm. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 333–352. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  14. Courtois, N.T.: Higher order correlation attacks, XL algorithm and cryptanalysis of toyocrypt. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 182–199. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  15. Courtois, N.T.: Algebraic attacks over GF(2k), application to HFE challenge 2 and Sflash-v2. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 201–217. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  16. Courtois, N.T., Bard, G.V.: Algebraic cryptanalysis of the data encryption standard. In: Galbraith, S.D. (ed.) Cryptography and Coding 2007. LNCS, vol. 4887, pp. 152–169. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  17. Courtois, N.T., Bard, G.V., Wagner, D.: Algebraic and slide attacks on KeeLoq. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 97–115. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  18. Courtois, N.T., Debraize, B.: Algebraic description and simultaneous linear approximations of addition in Snow 2.0. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 328–344. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  19. Courtois, N.T., Pieprzyk, J.: Cryptanalysis of block ciphers with overdefined systems of equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 267–287. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  20. Courtois, N.T.: A new frontier in symmetric cryptanalysis. Invited talk, Indocrypt (2008), http://www.nicolascourtois.com/papers/front_indocrypt08_2p.pdf

  21. Courtois, N.T., Mourouzis, T., Song, G., Sepehrdad, P., Sušil, P.: Combined Algebraic and Truncated Differential Cryptanalysis on Reduced-Round Simon (April 2014) (Preprint)

    Google Scholar 

  22. Courtois, N.T., Sepehrdad, P., Sušil, P., Vaudenay, S.: ElimLin algorithm revisited. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 306–325. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  23. Dinur, I., Shamir, A.: Cube attacks on tweakable black box polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  24. Dinur, I., Shamir, A.: Side Channel Cube attacks on Block Ciphers. IACR Cryptology ePrint Archive 2009, 127 (2009)

    Google Scholar 

  25. Dinur, I., Shamir, A.: Breaking grain-128 with dynamic cube attacks. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 167–187. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  26. Dinur, I., Shamir, A.: Applying cube attacks to stream ciphers in realistic scenarios. Cryptography and Communications 4(3-4), 217–232 (2012)

    Article  MATH  MathSciNet  Google Scholar 

  27. Erickson, J., Ding, J., Christensen, C.: Algebraic cryptanalysis of SMS4: Gröbner basis attack and SAT attack compared. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 73–86. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  28. Faugère, J.-C.: A new efficient algorithm for computing Grobner bases (F4). Journal of Pure and Applied Algebra 139(13), 61–88 (1999)

    Article  MATH  MathSciNet  Google Scholar 

  29. Faugère, J.-C., Perret, L.: Algebraic cryptanalysis of curry and flurry using correlated messages. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 266–277. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  30. Fouque, P.A., Vannet, T.: Improving Key Recovery to 784 and 799 rounds of Trivium using Optimized Cube Attacks. In: FSE 2013 (2013)

    Google Scholar 

  31. Hell, M., Johansson, T., Meier, W.: Grain; a stream cipher for constrained environments. Int. J. Wire. Mob. Comput. 2(1), 86–93 (2007)

    Article  Google Scholar 

  32. Hodges, T., Petit, C., Schlather, J.: Degree of Regularity for Systems arising from Weil Descent. In: YAC 2012 - Yet Another Conference in Cryptography, p. 9 (2012)

    Google Scholar 

  33. Isobe, T., Sasaki, Y., Chen, J.: Related-key boomerang attacks on KATAN32/48/64. In: Boyd, C., Simpson, L. (eds.) ACISP. LNCS, vol. 7959, pp. 268–285. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  34. Faugère, J.-C.: A New Efficient Algorithm for Computing Gröbner Bases Without Reduction to Zero (F5). In: ISSAC 2002: Proceedings of the 2002 International Symposium on Symbolic and Algebraic Computation, pp. 75–83 (2002)

    Google Scholar 

  35. Knellwolf, S., Meier, W., Naya-Plasencia, M.: Conditional differential cryptanalysis of Trivium and KATAN. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 200–212. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  36. Knudsen, L.R.: Truncated and higher order differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  37. Lim, C.-W., Khoo, K.: An analysis of XSL applied to BES. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 242–253. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  38. Lipton, R.J., Viglas, A.: On the complexity of SAT. In: 40th FOCS, October 17-19, pp. 459–464. IEEE Computer Society Press, New York (1999)

    Google Scholar 

  39. Mohamed, M.S.E., Mohamed, W.S.A.E., Ding, J., Buchmann, J.: MXL2: Solving Polynomial Equations over GF(2) Using an Improved Mutant Strategy. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 203–215. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  40. Mohamed, M.S.E., Cabarcas, D., Ding, J., Buchmann, J., Bulygin, S.: MXL3: An efficient algorithm for computing Gröbner bases of zero-dimensional ideals. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 87–100. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  41. Song, L., Hu, L.: Improved algebraic and differential fault attacks on the katan block cipher. In: Deng, R.H., Feng, T. (eds.) ISPEC 2013. LNCS, vol. 7863, pp. 372–386. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  42. Soos, M.: Cryptominisat 2.5.0. In: SAT Race competitive event booklet (July 2010)

    Google Scholar 

  43. Stegers, T.: Faugère’s F5 Algorithm Revisited. Cryptology ePrint Archive, Report 2006/404 (2006), http://eprint.iacr.org/

  44. Wu, W., Zhang, L.: LBlock: A lightweight block cipher. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 327–344. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  45. Yang, B.-Y., Chen, J.-M., Courtois, N.T.: On asymptotic security estimates in XL and Gröbner bases-related algebraic cryptanalysis. In: López, J., Qing, S., Okamoto, E. (eds.) ICICS 2004. LNCS, vol. 3269, pp. 401–413. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. EPFL, Switzerland

    Petr Sušil, Pouyan Sepehrdad & Serge Vaudenay

Authors
  1. Petr Sušil
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pouyan Sepehrdad
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Serge Vaudenay
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Centre for Computer and Information Security Research, School of Computer Science and Software Engineering, University of Wollongong, Northfields Avenue, 2522, Wollongong, NSW, Australia

    Willy Susilo  & Yi Mu  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Sušil, P., Sepehrdad, P., Vaudenay, S. (2014). On Selection of Samples in Algebraic Attacks and a New Technique to Find Hidden Low Degree Equations. In: Susilo, W., Mu, Y. (eds) Information Security and Privacy. ACISP 2014. Lecture Notes in Computer Science, vol 8544. Springer, Cham. https://doi.org/10.1007/978-3-319-08344-5_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-08344-5_4

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-08343-8

  • Online ISBN: 978-3-319-08344-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation