Advertisement

Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

Revised cryptanalysis for SMS4

Abstract

SMS4 is released by the Chinese government as part of theWAPI standard for the wireless networks. At ICICS 2007 and CRYPTO 2015, Lu and Sun et al. constructed some 12-round impossible differentials and 12-round zero correlation linear hulls, respectively. In this paper, it is proved that the distinguishers constructed by Lu and Sun et al. are independent with the details of the non-linear layers though they concentrated on the specific S-boxes. This indicates that for the structure deduced by SMS4, there always exist 12-round impossible differentials and 12-round zero correlation linear hulls.

This is a preview of subscription content, log in to check access.

References

  1. 1

    Zhang L, Zhang W T, Wu W L. Cryptanalysis of reduced-round SMS4 block cipher. In: Proceedings of the 13th Australasian Conference on Information Security and Privacy, Wollongong, 2008. 216–229

  2. 2

    Zhang W T, Wu W L, Feng D G, et al. Some new observations on the SMS4 block cipher in the Chinese WAPI standard. In: Proceedings of the 5th International Conference on Information Security Practice and Experience, Xi’an, 2009. 324–335

  3. 3

    Su B Z, Wu W L, Zhang W T. Security of the SMS4 block cipher against differential cryptanalysis. J Comput Sci Tech, 2011, 26: 130–138

  4. 4

    Etrog J, Robshaw M J. The cryptanalysis of reduced-round SMS4. In: Selected Areas in Cryptography. Berlin: Springer, 2009. 51–65

  5. 5

    Liu Z Q, Gu D W, Zhang J. Multiple linear cryptanalysis of reduced-round SMS4 block ciphers. Chinese J Electron, 2010, 19: 389–393

  6. 6

    Lu J Q. Attacking reduced-round versions of the SMS4 block cipher in the Chinese WAPI standard. In: Proceedings of the 9th International Conference on Information and Communications Security, Zhengzhou, 2007. 306–318

  7. 7

    Toz D, Dunkelman O. Analysis of two attacks on reduced-round versions of the SMS4. In: Proceedings of the 10th International Conference on Information and Communications Security, Birmingham, 2008. 141–156

  8. 8

    Sun B, Liu Z Q, Rijmen V, et al. Links among impossible differential, integral and zero correlation linear cryptanalysis. In: Advances in Cryptology — CRYPTO 2015. Berlin: Springer. 2015. 95–115

  9. 9

    Zhang W T, Su B Z, Wu W L, et al. Extending higher-order integral: an efficient unified algorithm of constructing integral distinguishers for block ciphers. In: Applied Cryptography and Network Security. Berlin: Springer, 2012. 117–134

  10. 10

    Liu F, Ji W, Hu L, et al. Analysis of the SMS4 block cipher. In: Information Security and Privacy. Berlin: Springer, 2007. 158–170

  11. 11

    Erickson J, Ding J T, Christensen C. Algebraic cryptanalysis of SMS4: Gröbner basis attack and SAT attack compared. In: Proceedings of the 12th International Conference on Information, Security and Cryptology, Seoul, 2009. 73–86

  12. 12

    Ji W, Hu L. New description of SMS4 by an embedding over GF(28). In: Proceedings of the 8th International Conference on Progress in Cryptology, Chennai, 2007. 238–251

  13. 13

    Knudsen L R. DEAL–A 128-bit Block Cipher. Technical Report, Department of Informatics, University of Bergen, Norway, 1998

  14. 14

    Biham E, Biryukov A, Shamir A. Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials. In: Proceedings of the 17th International Conference on Theory and Application of Cryptographic Techniques, Prague, 1999. 12–23

  15. 15

    Biham E, Biryukov A, Shamir A. Miss in the middle attacks on IDEA and Khufu. In: Proceedings of the 6th International Workshop on Fast Software Encryption. London: Springer, 1999. 124–138

  16. 16

    Kim J, Hong S, Sung J, et al. Impossible differential cryptanalysis for block cipher structures. In: Progress in Cryptology — INDOCRYPT. Berlin: Springer, 2003. 82–96

  17. 17

    Luo Y Y, Lai X J, Wu Z M, et al. A unified method for finding impossible differentials of block cipher structures. Inform Sci, 2014, 263: 211–220

  18. 18

    Wu S B, Wang M S. Automatic search of truncated impossible differentials for word-oriented block ciphers. In: Progress in Cryptology — INDOCRYPT. Berlin: Springer, 2012. 283–302

  19. 19

    Bogdanov A, Rijmen V. Linear hulls with correlation zero and linear cryptanalysis of block ciphers. Design Code Cryptogr, 2014, 70: 369–383

  20. 20

    Knudsen L R, Wagner D. Integral cryptanalysis. In: Revised Papers From the 9th International Workshop on Fast Software Encryption. Berlin: Springer, 2002. 112–127

  21. 21

    Sun B, Li R L, Qu L J, et al. SQUARE attack on block ciphers with low algebraic degree. Sci China Inf Sci, 2010, 53: 1988–1995

Download references

Acknowledgments

This work was supported by National Natural Science Foundation of China (Grant Nos. 61672530, 61402515), and Research Fund for the Doctoral Program of Higher Education of China (Grant No. 2012150112004)

Author information

Correspondence to Chao Li.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Cheng, L., Sun, B. & Li, C. Revised cryptanalysis for SMS4. Sci. China Inf. Sci. 60, 122101 (2017). https://doi.org/10.1007/s11432-016-0477-8

Download citation

Keywords

  • SMS4
  • impossible differential
  • zero correlation linear hull
  • structure
  • integral
  • 122101