Skip to main content
SpringerLink
Log in

Cryptanalysis of AES and Camellia with Related S-boxes

  • Conference paper
Progress in Cryptology – AFRICACRYPT 2013 (AFRICACRYPT 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7918))

Included in the following conference series:

Abstract

Cryptanalysis mainly has public algorithms as target; however cryptanalytic effort has also been directed quite successfully to block ciphers that contain secret components, typically S-boxes. Known approaches can only attack reduced-round variants of the target algorithms, AES being a nice example. In this paper we present a novel cryptanalytic attack that can recover the specification of S-boxes from algorithms that resist to cryptanalysis, under the assumption that the attacker can work on a pair of such block ciphers that instantiate related S-boxes. These S-boxes satisfy the designer’s requirements but are weakly diversified; the relationship between these unknown components is used in much the same way as relationship between secret keys is used in related-key attacks. This attack (called related S-box attack) can be used, under certain assumptions, to retrieve the content of the S-boxes in practical time. We apply our attack to two well known ciphers, AES and Camellia; these ciphers use 8-bit S-boxes but are structurally very different, and our attack adapts accordingly. This shows that most probably the same can be applied to other ciphers which can be customized to instantiate unknown 8-bit S-boxes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: Camellia: A 128-bit block cipher suitable for multiple platforms - design and analysis. In: Stinson, D.R., Tavares, S. (eds.) SAC 2000. LNCS, vol. 2012, pp. 39–56. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  2. Biham, E., Shamir, A.: Differential cryptanalysis of des-like cryptosystems. Journal of Cryptology 4, 3–72 (1991)

    Article  MathSciNet  MATH  Google Scholar 

  3. Biham, E., Shamir, A.: Differential Fault Analysis of Secret Key Cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  4. Biryukov, A., De Cannire, C., Braeken, A., Preneel, B.: A toolbox for cryptanalysis: Linear and affine equivalence algorithms. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 648–648. Springer, Heidelberg (2003)

    Google Scholar 

  5. Biryukov, A., Khovratovich, D.: Related-Key Cryptanalysis of the Full AES-192 and AES-256. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 1–18. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  6. Biryukov, A., Shamir, A.: Structural cryptanalysis of SASAS. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 395–405. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  7. Bogdanov, A.A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M., Seurin, Y., Vikkelsoe, C.: PRESENT: An Ultra-Lightweight Block Cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  8. Bogdanov, A., Khovratovich, D., Rechberger, C.: Biclique cryptanalysis of the full AES. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 344–371. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  9. Borghoff, J., Knudsen, L.R., Leander, G., Thomsen, S.S.: Cryptanalysis of PRESENT-Like Ciphers with Secret S-Boxes. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 270–289. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  10. Clavier, C.: An improved SCARE cryptanalysis against a secret A3/A8 GSM algorithm. In: McDaniel, P., Gupta, S.K. (eds.) ICISS 2007. LNCS, vol. 4812, pp. 143–155. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  11. Courtois, N.T., Pieprzyk, J.: Cryptanalysis of Block Ciphers with Overdefined Systems of Equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 267–287. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  12. Daemen, J., Rijmen, V.: The Design of Rijndael - AES - The Advanced Encryption Standard. Springer (2002)

    Google Scholar 

  13. Guilley, S., Sauvage, L., Micolod, J., Réal, D., Valette, F.: Defeating Any Secret Cryptography with SCARE Attacks. In: Abdalla, M., Barreto, P.S.L.M. (eds.) LATINCRYPT 2010. LNCS, vol. 6212, pp. 273–293. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  14. Knuth, D.E.: The Art of Computer Programming, 3rd edn. Addison-Wesley (1997)

    Google Scholar 

  15. Matsui, M.: Linear Cryptanalysis Method for DES Cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  16. Novak, R.: Side-Channel Attack on Substitution Blocks. In: Zhou, J., Yung, M., Han, Y. (eds.) ACNS 2003. LNCS, vol. 2846, pp. 307–318. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. O’Connor, L.: On the Distribution of Characteristics in Bijective Mappings. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 360–370. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  18. Réal, D., Dubois, V., Guilloux, A.-M., Valette, F., Drissi, M.: SCARE of an Unknown Hardware Feistel Implementation. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 218–227. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  19. Sasaki, Y.: Known-Key Attacks on Rijndael with Large Blocks and Strengthening ShiftRow Parameter. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds.) IWSEC 2010. LNCS, vol. 6434, pp. 301–315. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  20. Sung, J., Kim, J., Lee, C., Hong, S.: Related-Cipher Attacks on Block Ciphers with Flexible Number of Rounds. In: Research in Cryptology - 1st Western European Workshop, WEWoRC 2005, Leuven-Heverlee,be. LNCS, p. 10. Springer (2005)

    Google Scholar 

  21. Wang, D., Lin, D., Wu, W.: Related-mode attacks on ctr encryption mode. I. J. Network Security 4(3), 282–287 (2007)

    Google Scholar 

  22. Wu, H.: Related-Cipher Attacks. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 447–455. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Kudelski Group, Switzerland

    Marco Macchetti

Authors
  1. Marco Macchetti
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Concordia Institute for Information Systems Engineering, Concordia University, 1515 St. Catherine Street West, H3G 2W1, Montreal, QC, Canada

    Amr Youssef

  2. Laboratoire de Mathématiques Nicolas Oresme, Université de Caen Basse-Normandie, BP 5186, 14032, Caen, France

    Abderrahmane Nitaj

  3. Department of Information Technology, Cairo University, 5 Dr. Ahmed Zewil Street, 12613, Cairo, Giza, Egypt

    Aboul Ella Hassanien

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Macchetti, M. (2013). Cryptanalysis of AES and Camellia with Related S-boxes. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds) Progress in Cryptology – AFRICACRYPT 2013. AFRICACRYPT 2013. Lecture Notes in Computer Science, vol 7918. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38553-7_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-38553-7_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-38552-0

  • Online ISBN: 978-3-642-38553-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation