Advertisement

Cryptanalysis of Reduced sLiSCP Permutation in Sponge-Hash and Duplex-AE Modes

  • Yunwen Liu
  • Yu SasakiEmail author
  • Ling Song
  • Gaoli Wang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11349)

Abstract

This paper studies security of a family of lightweight permutations sLiSCP that was proposed by AlTawy et al. at SAC 2017. sLiSCP also specifies an authenticated encryption (AE) mode and a hashing mode based on the sponge framework, however the designers’ analysis focuses on the indistinguishability of the permutation, and there is no analysis for those modes. This paper presents the first analysis of reduced-step sLiSCP in the AE and hashing modes fully respecting the recommended parameters and usage by the designers. Forgery and collision attacks are presented against 6 (out of 18) steps of the AE and hashing modes. Moreover, rebound distinguishers are presented against 15 steps of the permutation. We believe that those results especially about the AE and hashing modes provide a better understanding of sLiSCP, and bring more confidence about the lightweight version sLiSCP-light.

Keywords

sLiSCP Simeck Permutation Sponge Collision Forgery 

Notes

Acknowledgements

We thank the anonymous reviewers for their valuable comments. This work was initiated during the 7’th Asian Workshop on Symmetric Key Cryptography, we would like to thank the organisers of ASK 2017. Yunwen Liu is supported by the Research Fund KU Leuven C16/18/004, grant agreement No. H2020-MSCA-ITN-2014-643161 ECRYPT-NET, China Scholarship Council (CSC 201403170380) and National Natural Science Foundation (No. 61672530). Ling Song is supported by the Youth Innovation Promotion Association CAS and the National Natural Science Foundation of China (Grants No. 61802399, 61472415, 61732021 and 61772519). Gaoli Wang is supported by the National Natural Science Foundation of China (No. 61572125) and National Cryptography Development Fund (No. MMJJ20180201).

References

  1. 1.
    AlTawy, R., Rohit, R., He, M., Mandal, K., Yang, G., Gong, G.: sLiSCP: simeck-based permutations for lightweight sponge cryptographic primitives. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 129–150. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-72565-9_7CrossRefGoogle Scholar
  2. 2.
    AlTawy, R., Rohit, R., He, M., Mandal, K., Yang, G., Gong, G.: sLiSCP-light: towards lighter sponge-specific cryptographic permutations (2018). https://cacr.uwaterloo.ca/techreports/2018/cacr2018-01.pdf
  3. 3.
    Aumasson, J., Henzen, L., Meier, W., Naya-Plasencia, M.: Quark: a lightweight hash. J. Cryptol. 26(2), 313–339 (2013).  https://doi.org/10.1007/s00145-012-9125-6MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Aumasson, J.-P., Jovanovic, P., Neves, S.: NORX: parallel and scalable AEAD. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 19–36. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-11212-1_2CrossRefGoogle Scholar
  5. 5.
    Babbage, S., Dodd, M.: The MICKEY stream ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 191–209. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-68351-3_15CrossRefGoogle Scholar
  6. 6.
    Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. IACR Cryptology ePrint Archive 2013, 404 (2013). http://eprint.iacr.org/2013/404
  7. 7.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: On the indifferentiability of the sponge construction. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 181–197. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-78967-3_11CrossRefGoogle Scholar
  8. 8.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Duplexing the sponge: single-pass authenticated encryption and other applications. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 320–337. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-28496-0_19CrossRefGoogle Scholar
  9. 9.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Cryptographic sponge functions. Submission to NIST (Round 3) (2011). http://sponge.noekeon.org/CSF-0.1.pdf
  10. 10.
    Bertoni, G., Daemen, J., Peeters, M., Van Assche, G., Van Keer, R.: CAESAR submission: Ketje v2. Candidate of CAESAR Competition, September 2016Google Scholar
  11. 11.
    Bogdanov, A., Knezevic, M., Leander, G., Toz, D., Varici, K., Verbauwhede, I.: spongent: a lightweight hash function. In: Preneel and Takagi [27], pp. 312–325. http://dx.doi.org/10.1007/978-3-642-23951-9_21CrossRefGoogle Scholar
  12. 12.
    Bogdanov, A., et al.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-74735-2_31CrossRefGoogle Scholar
  13. 13.
    Bogdanov, A., Mendel, F., Regazzoni, F., Rijmen, V., Tischhauser, E.: ALE: AES-based lightweight authenticated encryption. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 447–466. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-43933-3_23CrossRefzbMATHGoogle Scholar
  14. 14.
    De Cannière, C., Preneel, B.: Trivium. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 244–266. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-68351-3_18CrossRefGoogle Scholar
  15. 15.
    Dobraunig, C., Eichlseder, M., Mendel, F., Schläffer, M.: Ascon v1.2. Submission to the CAESAR competition. Submission to NIST (Round 3) (2016). http://competitions.cr.yp.to/round3/asconv12.pdf
  16. 16.
    Gilbert, H., Peyrin, T.: Super-sbox cryptanalysis: improved attacks for AES-like permutations. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 365–383. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13858-4_21CrossRefGoogle Scholar
  17. 17.
    Guo, J., Peyrin, T., Poschmann, A.: The PHOTON family of lightweight hash functions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 222–239. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22792-9_13CrossRefGoogle Scholar
  18. 18.
    Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.J.B.: The LED block cipher. In: Preneel and Takagi [27], pp. 326–341. http://dx.doi.org/10.1007/978-3-642-23951-9CrossRefGoogle Scholar
  19. 19.
    Hell, M., Johansson, T., Maximov, A., Meier, W.: The grain family of stream ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 179–190. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-68351-3_14CrossRefGoogle Scholar
  20. 20.
    Iwamoto, M., Peyrin, T., Sasaki, Y.: Limited-birthday distinguishers for hash functions. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8270, pp. 504–523. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-42045-0_26CrossRefGoogle Scholar
  21. 21.
    Khovratovich, D., Rechberger, C.: The LOCAL attack: cryptanalysis of the authenticated encryption scheme ALE. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 174–184. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-43414-7_9CrossRefGoogle Scholar
  22. 22.
    Kölbl, S., Leander, G., Tiessen, T.: Observations on the SIMON block cipher family. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 161–185. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-47989-6_8CrossRefGoogle Scholar
  23. 23.
    Lamberger, M., Mendel, F., Schläffer, M., Rechberger, C., Rijmen, V.: The rebound attack and subspace distinguishers: application to whirlpool. J. Cryptol. 28(2), 257–296 (2015)MathSciNetCrossRefGoogle Scholar
  24. 24.
    Liu, Y., De Witte, G., Ranea, A., Ashur, T.: Rotational-XOR cryptanalysis of reduced-round SPECK. IACR Trans. Symmetric Cryptol. 2017(3), 24–36 (2017)Google Scholar
  25. 25.
    Mendel, F., Rechberger, C., Schläffer, M., Thomsen, S.S.: The rebound attack: cryptanalysis of reduced Whirlpool and Grøstl. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 260–276. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03317-9_16CrossRefGoogle Scholar
  26. 26.
    NIST: Lightweight Cryptography, April 2018. https://csrc.nist.gov/projects/lightweight-cryptography
  27. 27.
    Preneel, B., Takagi, T. (eds.): CHES 2011. LNCS, vol. 6917. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-23951-9CrossRefzbMATHGoogle Scholar
  28. 28.
    Todo, Y.: Structural evaluation by generalized integral property. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 287–314. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46800-5_12CrossRefGoogle Scholar
  29. 29.
    Wu, S., Wu, H., Huang, T., Wang, M., Wu, W.: Leaked-state-forgery attack against the authenticated encryption algorithm ALE. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 377–404. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-42033-7_20CrossRefGoogle Scholar
  30. 30.
    Yang, G., Zhu, B., Suder, V., Aagaard, M.D., Gong, G.: The Simeck family of lightweight block ciphers. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 307–329. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48324-4_16CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Yunwen Liu
    • 1
    • 2
  • Yu Sasaki
    • 3
    Email author
  • Ling Song
    • 4
    • 5
  • Gaoli Wang
    • 6
  1. 1.imec-COSICKU LeuvenLeuvenBelgium
  2. 2.College of Liberal Arts and SciencesNational University of Defense TechnologyChangshaChina
  3. 3.NTT Secure Platform LaboratoriesTokyoJapan
  4. 4.Nanyang Technological UniversitySingaporeSingapore
  5. 5.Institute of Information EngineeringChinese Academy of SciencesBeijingChina
  6. 6.Department of Cryptography and Network SecurityEast China Normal UniversityShanghaiChina

Personalised recommendations