Advertisement

Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

Improved meet-in-the-middle attacks on reduced-round Piccolo

Abstract

Piccolo is a lightweight block cipher that adopts a generalized Feistel network structure with 4 branches, each of which is 16 bit long. The key length is 80 or 128 bit, denoted by Piccolo-80 and Piccolo-128, respectively. In this paper, we mounted meet-in-the-middle attacks on 14-round Piccolo-80 without preand post-whitening keys and 18-round Piccolo-128 with post-whitening keys by exploiting the properties of the key schedule and Maximum Distance Separable (MDS) matrix. For Piccolo-80, we first constructed a 5-round distinguisher. Then 4 rounds and 5 rounds were appended at the beginning and at the end, respectively. Based on this structure, we mounted an attack on 14-round Piccolo-80 from the 5th round to the 18th round. The data, time, and memory complexities were 252 chosen plaintexts, 267.44 encryptions, and 264.91 blocks, respectively. For Piccolo-128, we built a 7-round distinguisher to attack 18-round Piccolo-128 from the 4th round to the 21st round. The data, time, and memory complexities were 252 chosen plaintexts, 2126.63 encryptions, and 2125.29 blocks, respectively. If not considering results on biclique cryptanalysis, these are currently the best public results on this reduced version of the Piccolo block cipher.

This is a preview of subscription content, log in to check access.

References

  1. 1

    Bogdanov A, Knudsen L R, Leander G, et al. PRESENT: an ultra-lightweight block cipher. In: Cryptographic Hardware and Embedded Systems-CHES 2007. Berlin: Springer-Verlag, 2007. 450–466

  2. 2

    Wu W, Zhang L. LBlock: a lightweight block cipher. In: Applied Cryptography and Network Security-ACNS 2011. Berlin: Springer-Verlag, 2011. 327–344

  3. 3

    Guo J, Peyrin T, Poschmann A, et al. The LED block cipher. In: Cryptographic Hardware and Embedded Systems-CHES 2011. Berlin: Springer-Verlag, 2011. 326–341

  4. 4

    Shibutani K, Isobe T, Hiwatari H, et al. Piccolo: an ultra-lightweight blockcipher. In: Cryptographic Hardware and Embedded Systems-CHES 2011. Berlin: Springer-Verlag, 2011. 342–357

  5. 5

    Suzaki T, Minematsu K, Morioka S, et al. TWINE: a lightweight block cipher for multiple platforms. In: Selected Areas in Cryptography-SAC 2012. Berlin: Springer-Verlag, 2013. 339–354

  6. 6

    Isobe T, Shibutani K. Security analysis of the lightweight block ciphers XTEA, LED and Piccolo. In: Proceedings of Australasian Conference on Information Security and Privacy-ACISP 2012. Berlin: Springer-Verlag, 2012. 71–86

  7. 7

    Minier M. On the security of Piccolo lightweight block cipher against related-key impossible differentials. In: Progress in Cryptology-INDOCRYPT 2013. Berlin: Springer-Verlag, 2013. 308–318

  8. 8

    Azimi S, Ahmadian Z, Mohajeri J, et al. Impossible differential cryptanalysis of Piccolo lightweight block cipher. In: Proceedings of International ISC Conference on Information Security and Cryptology-ISCISC 2014. Piscataway: IEEE, 2014. 89–94

  9. 9

    Huang J L, Lai X J. What is the effective key length for a block cipher: an attack on every practical block cipher. Sci China Inf Sci, 2014, 57: 072110

  10. 10

    Tolba M, Abdelkhalek A, Youssef A M. Meet-in-the-middle attacks on reduced round Piccolo. In: Lightweight Cryptography for Security and Privacy-LightSec 2015. Berlin: Springer-Verlag, 2016. 3–20

  11. 11

    Jeong K, Kang H, Lee C, et al. Biclique cryptanalysis of lightweight block ciphers PRESENT, Piccolo and LED. IACR Cryptology ePrint Archive, 2012, 2012: 621

  12. 12

    Wang Y, Wu W, Yu X. Biclique cryptanalysis of reduced-round Piccolo block cipher. In: Information Security Practice and Experience-ISPEC 2012. Berlin: Springer-Verlag, 2012. 337–352

  13. 13

    Ahmadi S, Ahmadian Z, Mohajeri J, et al. Low-data complexity biclique cryptanalysis of block ciphers with application to Piccolo and HIGHT. IEEE Trans Inf Foren Sec, 2014, 9: 1641–1652

  14. 14

    Jeong K. Cryptanalysis of block cipher Piccolo suitable for cloud computing. J Supercomput, 2013, 66: 829–840

  15. 15

    Song J, Lee K, Lee H. Biclique cryptanalysis on lightweight block cipher: HIGHT and Piccolo. Int J Comput Math, 2013, 90: 2564–2580

  16. 16

    Gong Z, Liu S, Wen Y, et al. Biclique cryptanalysis using balanced complete bipartite subgraphs. Sci China Inf Sci, 2016, 59: 049101

  17. 17

    Biryukov A, Derbez P, Perrin L. Differential analysis and meet-in-the-middle attack against round-reduced TWINE. In: Fast Software Encryption-FSE 2015. Berlin: Springer-Verlag, 2015. 3–27

  18. 18

    Demirci H, Sel¸cuk A A. A meet-in-the-middle attack on 8-round AES. In: Fast Software Encryption-FSE 2008. Berlin: Springer-Verlag, 2008. 116–126

  19. 19

    Chen J, Li L. Low data complexity attack on reduced camellia-256. In: Proceedings of Australasian Conference on Information Security and Privacy-ACISP 2012. Berlin: Springer-Verlag, 2012. 101–114

  20. 20

    Bogdanov A, Rechberger C. A 3-subset meet-in-the-middle attack: cryptanalysis of the lightweight block cipher KTANTAN. In: Selected Areas in Cryptography-SAC 2010. Berlin: Springer-Verlag, 2011. 229–240

  21. 21

    Jia K, Yu H, Wang X. A meet-in-the-middle attack on the full kasumi. IACR Cryptol ePrint Archive, 2011, 2011: 466

  22. 22

    Aoki K, Sasaki Y. Preimage attacks on one-block MD4, 63-step MD5 and more. In: Selected Areas in Cryptography-SAC 2008. Berlin: Springer-Verlag, 2009. 103–119

  23. 23

    Sasaki Y, Aoki K. Finding preimages in full MD5 faster than exhaustive search. In: Advances in Cryptology-EUROCRYPT 2009. Berlin: Springer-Verlag, 2009. 134–152

  24. 24

    Dunkelman O, Keller N, Shamir A. Improved single-key attacks on 8-round AES-192 and AES-256. In: Advances in Cryptology-ASIACRYPT 2010. Berlin: Springer-Verlag, 2010. 158–176

  25. 25

    Derbez P, Fouque P-A, Jean J. Improved key recovery attacks on reduced-round AES in the single-key setting. In: Advances in Cryptology C EUROCRYPT 2013. Berlin: Springer-Verlag, 2013. 371–387

  26. 26

    Li L, Jia K, Wang X. Improved single-key attacks on 9-round AES-192/256. In: Fast Software Encryption-FSE 2015. Berlin: Springer-Verlag, 2015. 127–146

  27. 27

    Guo J, Jean J, Nikolic I, et al. Meet-in-the-middle attacks on generic Feistel constructions. In: Advances in Cryptology-ASIACRYPT 2014. Berlin: Springer-Verlag, 2014. 458–477

  28. 28

    Guo J, Yu S. Extended meet-in-the-middle attacks on some Feistel constructions. Design Code Cryptogr, 2016, 80: 587–618

  29. 29

    Guo J, Jean J, Nikolic I, et al. Meet-in-the-middle attacks on classes of contracting and expanding Feistel constructions. IACR Transact Symmetric Cryptol, 2017, 2016: 307–337

Download references

Acknowledgements

This work was supported by National Natural Science Foundation of China (Grant Nos. 61402288, 61672347, 61772129, 61472250), National Basic Research Program of China (Grant No. 2013CB338004), Shanghai Natural Science Foundation (Grant Nos. 15ZR1400300, 16ZR1401100), Innovation Program of Shanghai Municipal Education Commission (Grant No. 14ZZ066), Opening Project of Shanghai Key Laboratory of Integrated Administration Technologies for Information Security(Grant No. AGK201703). The authors are grateful to Dr. Lei WANG and the reviewers for their valuable suggestions and comments.

Author information

Correspondence to Wei Li.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Liu, Y., Cheng, L., Liu, Z. et al. Improved meet-in-the-middle attacks on reduced-round Piccolo. Sci. China Inf. Sci. 61, 032108 (2018). https://doi.org/10.1007/s11432-016-9157-y

Download citation

Keywords

  • block cipher
  • lightweight
  • Piccolo
  • meet-in-the-middle attack
  • distinguisher