Advertisement

Integral Attacks on Round-Reduced Bel-T-256

  • Muhammad ElSheikh
  • Mohamed Tolba
  • Amr M. YoussefEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11349)

Abstract

Bel-T is the national block cipher encryption standard of the Republic of Belarus. It has a 128-bit block size and a variable key length of 128, 192 or 256 bits. Bel-T combines a Feistel network with a Lai-Massey scheme to build a complex round function with 7 S-box layers per round then iterate this round function 8 times to construct the whole cipher. In this paper, we present integral attacks against Bel-T-256 using the propagation of the bit-based division property. Firstly, we propose two 2-round integral characteristics by employing a Mixed Integer Linear Programming (MILP) (Our open source code to generate the MILP model can be downloaded from https://github.com/mhgharieb/Bel-T-256) approach to propagate the division property through the round function. Then, we utilize these integral characteristics to attack 3\(\frac{2}{7}\) rounds (out of 8) Bel-T-256 with data and time complexities of \(2^{13}\) chosen plaintexts and \(2^{199.33}\) encryption operations, respectively. We also present an attack against 3\(\frac{6}{7}\) rounds with data and time complexities of \(2^{33}\) chosen plaintexts and \(2^{254.61}\) encryption operations, respectively. To the best of our knowledge, these attacks are the first published theoretical attacks against the cipher in the single-key model.

Keywords

Bel-T Integral attacks Bit-based division property MILP 

Supplementary material

References

  1. 1.
    Preliminary state standard of republic of belarus (stbp 34.101.312011) (2011). http://apmi.bsu.by/assets/files/std/belt-spec27.pdf
  2. 2.
    Abdelkhalek, A., Tolba, M., Youssef, A.M.: Related-key differential attack on round-reduced Bel-T-256. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 101(5), 859–862 (2018)CrossRefGoogle Scholar
  3. 3.
    Beaulieu, R., Treatman-Clark, S., Shors, D., Weeks, B., Smith, J., Wingers, L.: The SIMON and SPECK lightweight block ciphers. In: 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC), pp. 1–6. IEEE (2015)Google Scholar
  4. 4.
    Daemen, J., Knudsen, L., Rijmen, V.: The block cipher square. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997).  https://doi.org/10.1007/BFb0052343CrossRefGoogle Scholar
  5. 5.
    Feistel, H., Notz, W.A., Smith, J.L.: Some cryptographic techniques for machine-to-machine data communications. Proc. IEEE 63(11), 1545–1554 (1975)CrossRefGoogle Scholar
  6. 6.
    Jovanovic, P., Polian, I.: Fault-based attacks on the Bel-T block cipher family. In: Proceedings of the 2015 Design, Automation & Test in Europe Conference & Exhibition, pp. 601–604. EDA Consortium (2015)Google Scholar
  7. 7.
    Knudsen, L., Wagner, D.: Integral cryptanalysis. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 112–127. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45661-9_9CrossRefGoogle Scholar
  8. 8.
    Lai, X., Massey, J.L.: A proposal for a new block encryption standard. In: Damgård, I.B. (ed.) EUROCRYPT 1990. LNCS, vol. 473, pp. 389–404. Springer, Heidelberg (1991).  https://doi.org/10.1007/3-540-46877-3_35CrossRefGoogle Scholar
  9. 9.
    Sun, L., Wang, M.: Toward a further understanding of bit-based division property. Sci. China Inf. Sci. 60(12), 128101 (2017)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Sun, L., Wang, W., Liu, R., Wang, M.: MILP-aided bit-based division property for ARX-based block cipher. Cryptology ePrint Archive, report 2016/1101 (2016). https://eprint.iacr.org/2016/1101
  11. 11.
    Sun, L., Wang, W., Wang, M.: MILP-aided bit-based division property for primitives with non-bit-permutation linear layers. Cryptology ePrint Archive, report 2016/811 (2016). https://eprint.iacr.org/2016/811
  12. 12.
    Sun, L., Wang, W., Wang, M.: Automatic search of bit-based division property for ARX ciphers and word-based division property. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 128–157. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70694-8_5CrossRefGoogle Scholar
  13. 13.
    Sun, S., et al.: Towards finding the best characteristics of some bit-oriented block ciphers and automatic enumeration of (related-key) differential and linear characteristics with predefined properties (2014). https://eprint.iacr.org/2014/747
  14. 14.
    Todo, Y.: Structural evaluation by generalized integral property. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 287–314. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46800-5_12CrossRefGoogle Scholar
  15. 15.
    Todo, Y.: Integral cryptanalysis on full MISTY1. J. Cryptol. 30(3), 920–959 (2017)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Todo, Y., Morii, M.: Bit-based division property and application to Simon family. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 357–377. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-52993-5_18CrossRefGoogle Scholar
  17. 17.
    Xiang, Z., Zhang, W., Bao, Z., Lin, D.: Applying MILP method to searching integral distinguishers based on division property for 6 lightweight block ciphers. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 648–678. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53887-6_24CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Muhammad ElSheikh
    • 1
  • Mohamed Tolba
    • 1
  • Amr M. Youssef
    • 1
    Email author
  1. 1.Concordia Institute for Information Systems EngineeringConcordia UniversityMontréalCanada

Personalised recommendations