Advertisement

Revised Version of Block Cipher CHAM

  • Dongyoung RohEmail author
  • Bonwook Koo
  • Younghoon Jung
  • Il Woong Jeong
  • Dong-Geon Lee
  • Daesung Kwon
  • Woo-Hwan Kim
Conference paper
  • 25 Downloads
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11975)

Abstract

CHAM is a family of lightweight block ciphers published in 2017 [22]. The CHAM family consists of three ciphers, CHAM-64/128, CHAM-128/128, and CHAM-128/256. CHAM can be implemented with a remarkably low area in hardware compared to other lightweight block ciphers, and it also performs well on software. We found new (related-key) differential characteristics and differentials of CHAM using a SAT solver. Although attacks using the new characteristics are limited to the reduced rounds of CHAM, it is preferable to increase the number of rounds to ensure a sufficient security margin. The numbers of rounds of CHAM-64/128, CHAM-128/128, and CHAM-128/256 are increased from 80 to 88, 80 to 112, and 96 to 120, respectively. We provide strong evidence that CHAM with these new numbers of rounds is secure enough against (related-key) differential cryptanalysis. Because increasing the number of rounds does not affect the area in low-area hardware implementations, the revised CHAM is still excellent in lightweight hardware implementations. In software, the revised CHAM is still comparable to SPECK, one of the top-ranked algorithms in software.

Keywords

Lightweight block cipher CHAM (Related-key) Differential cryptanalysis SAT solver 

Notes

Acknowledgement

We are grateful to the anonymous reviewers for their help in improving the quality of the paper. This work was supported by Institute for Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korean government (MSIT) (No.2017-0-00267).

Supplementary material

References

  1. 1.
    Albrecht, M., Cid, C.: Algebraic techniques in differential cryptanalysis. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 193–208. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03317-9_12CrossRefGoogle Scholar
  2. 2.
    Banik, S., et al.: Midori: a block cipher for low energy. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015, Part II. LNCS, vol. 9453, pp. 411–436. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48800-3_17CrossRefGoogle Scholar
  3. 3.
    Banik, S., Pandey, S.K., Peyrin, T., Sasaki, Y., Sim, S.M., Todo, Y.: GIFT: a small present. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 321–345. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-66787-4_16CrossRefGoogle Scholar
  4. 4.
    Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. Cryptology ePrint Archive, Report 2013/404 (2013). https://eprint.iacr.org/2013/404
  5. 5.
    Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The Simon and Speck block ciphers on AVR 8-bit microcontrollers. In: Eisenbarth, T., Öztürk, E. (eds.) LightSec 2014. LNCS, vol. 8898, pp. 3–20. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-16363-5_1CrossRefzbMATHGoogle Scholar
  6. 6.
    Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: SIMON and SPECK: block ciphers for the internet of things. IACR Cryptol. ePrint Arch. 2015, 585 (2015)zbMATHGoogle Scholar
  7. 7.
    Beierle, C., et al.: The SKINNY family of block ciphers and its low-latency variant MANTIS. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part II. LNCS, vol. 9815, pp. 123–153. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53008-5_5CrossRefGoogle Scholar
  8. 8.
    Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptol. 4(1), 3–72 (1991)MathSciNetCrossRefGoogle Scholar
  9. 9.
    Biryukov, A., Velichkov, V.: Automatic search for differential trails in ARX ciphers. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 227–250. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-04852-9_12CrossRefzbMATHGoogle Scholar
  10. 10.
    Bogdanov, A., et al.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-74735-2_31CrossRefGoogle Scholar
  11. 11.
    Borghoff, J., et al.: PRINCE – a low-latency block cipher for pervasive computing applications. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 208–225. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-34961-4_14CrossRefGoogle Scholar
  12. 12.
    De Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN — a family of small and efficient hardware-oriented block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-04138-9_20CrossRefzbMATHGoogle Scholar
  13. 13.
    Dinu, D., Biryukov, A., Großschädl, J., Khovratovich, D., Le Corre, Y., Perrin, L.: FELICS-fair evaluation of lightweight cryptographic systems. In: NIST Workshop on Lightweight Cryptography (2015)Google Scholar
  14. 14.
    Dinu, D., Le Corre, Y., Khovratovich, D., Perrin, L., Großschädl, J., Biryukov, A.: Triathlon of lightweight block ciphers for the internet of things. J. Cryptogr. Eng. 9(3), 283–302 (2019)CrossRefGoogle Scholar
  15. 15.
    Dinu, D., Perrin, L., Udovenko, A., Velichkov, V., Großschädl, J., Biryukov, A.: Design strategies for ARX with provable bounds: Sparx and LAX. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 484–513. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53887-6_18CrossRefGoogle Scholar
  16. 16.
    Dinur, I.: Improved differential cryptanalysis of round-reduced speck. In: Joux, A., Youssef, A. (eds.) SAC 2014. LNCS, vol. 8781, pp. 147–164. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-13051-4_9CrossRefGoogle Scholar
  17. 17.
    Eén, N., Sörensson, N.: An extensible SAT-solver. In: Giunchiglia, E., Tacchella, A. (eds.) SAT 2003. LNCS, vol. 2919, pp. 502–518. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-24605-3_37CrossRefGoogle Scholar
  18. 18.
    Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.: The LED block cipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 326–341. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-23951-9_22CrossRefGoogle Scholar
  19. 19.
    Hamadi, Y., Jabbour, S., Sais, L.: ManySAT: a parallel SAT solver. J. Satisf. Boolean Model. Comput. 6, 245–262 (2008)zbMATHGoogle Scholar
  20. 20.
    Hong, D., Lee, J.-K., Kim, D.-C., Kwon, D., Ryu, K.H., Lee, D.-G.: LEA: a 128-bit block cipher for fast encryption on common processors. In: Kim, Y., Lee, H., Perrig, A. (eds.) WISA 2013. LNCS, vol. 8267, pp. 3–27. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-05149-9_1CrossRefGoogle Scholar
  21. 21.
    Knudsen, L., Leander, G., Poschmann, A., Robshaw, M.J.B.: PRINTcipher: a block cipher for IC-printing. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 16–32. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-15031-9_2CrossRefGoogle Scholar
  22. 22.
    Koo, B., Roh, D., Kim, H., Jung, Y., Lee, D.-G., Kwon, D.: CHAM: a family of lightweight block ciphers for resource-constrained devices. In: Kim, H., Kim, D.-C. (eds.) ICISC 2017. LNCS, vol. 10779, pp. 3–25. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-78556-1_1CrossRefGoogle Scholar
  23. 23.
    Lee, H., Kim, S., Kang, H., Hong, D., Sung, J., Hong, S.: Calculating the approximate probability of differentials for arx-based cipher using sat solver. J. Korea Inst. Inf. Secur. Cryptol. 28(1), 15–24 (2018)Google Scholar
  24. 24.
    Lipmaa, H., Moriai, S.: Efficient algorithms for computing differential properties of addition. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 336–350. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45473-X_28CrossRefGoogle Scholar
  25. 25.
    Matsui, M.: On correlation between the order of S-boxes and the strength of DES. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 366–375. Springer, Heidelberg (1995).  https://doi.org/10.1007/BFb0053451CrossRefGoogle Scholar
  26. 26.
    Moradi, A., Poschmann, A., Ling, S., Paar, C., Wang, H.: Pushing the limits: a very compact and a threshold implementation of AES. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 69–88. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-20465-4_6CrossRefGoogle Scholar
  27. 27.
    Mouha, N., Preneel, B.: Towards finding optimal differential characteristics for ARX: application to Salsa20 (2013)Google Scholar
  28. 28.
    Needham, R.M., Wheeler, D.J.: TEA extensions. Report, Cambridge University, Cambridge, UK, October 1997Google Scholar
  29. 29.
    Polimón, J., Hernández-Castro, J.C., Estévez-Tapiador, J.M., Ribagorda, A.: Automated design of a lightweight block cipher with genetic programming. Int. J. Knowl. Based Intell. Eng. Syst. 12(1), 3–14 (2008)CrossRefGoogle Scholar
  30. 30.
    Shirai, T., Shibutani, K., Akishita, T., Moriai, S., Iwata, T.: The 128-bit blockcipher CLEFIA (extended abstract). In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 181–195. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-74619-5_12CrossRefGoogle Scholar
  31. 31.
    Song, L., Huang, Z., Yang, Q.: Automatic differential analysis of ARX block ciphers with application to SPECK and LEA. In: Liu, J.K., Steinfeld, R. (eds.) ACISP 2016, Part II. LNCS, vol. 9723, pp. 379–394. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-40367-0_24CrossRefGoogle Scholar
  32. 32.
    Soos, M., Nohl, K., Castelluccia, C.: Extending SAT solvers to cryptographic problems. In: Kullmann, O. (ed.) SAT 2009. LNCS, vol. 5584, pp. 244–257. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-02777-2_24CrossRefGoogle Scholar
  33. 33.
    Wheeler, D.J., Needham, R.M.: TEA, a tiny encryption algorithm. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 363–366. Springer, Heidelberg (1995).  https://doi.org/10.1007/3-540-60590-8_29CrossRefzbMATHGoogle Scholar
  34. 34.
    Yang, G., Zhu, B., Suder, V., Aagaard, M.D., Gong, G.: The Simeck family of lightweight block ciphers. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 307–329. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48324-4_16CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Dongyoung Roh
    • 1
    Email author
  • Bonwook Koo
    • 1
  • Younghoon Jung
    • 1
  • Il Woong Jeong
    • 1
  • Dong-Geon Lee
    • 1
  • Daesung Kwon
    • 1
  • Woo-Hwan Kim
    • 1
  1. 1.The Affiliated Institute of ETRIDaejeonRepublic of Korea

Personalised recommendations