FSE 2014: Fast Software Encryption pp 431-450 | Cite as

Improved Slender-Set Linear Cryptanalysis

Conference paper
First Online:
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8540)

Abstract

In 2013, Borghoff et al. introduced a slender-set linear cryptanalysis on PRESENT-like ciphers with key-dependent secret S-boxes. In this paper, we propose an improved slender-set linear attack to PRESENT-like ciphers with secret S-boxes. We investigate three new cryptanalytic techniques, and use them to recover the secret S-boxes efficiently. Our first new idea is that we propose a new technique to support consistency of partitions of the input to the secret S-boxes. Our second new technique is that we present a more efficient method to recover the coordinate functions of secret S-boxes based on more information than that of Borghoff’s attack. The third new technique is that we propose a method of constructing all correct coordinate function of secret S-boxes by pruning search algorithm. In particular, we implemented a successful linear attack on the full round Maya in practice. In our experiments, the correct S-box can be recovered with \(2^{36}\) known plaintexts, \(2^{18.9}\) time complexity and negligible memory complexity at a success rate of 87.5 % based on 200 independent trials. Our attack is the improvement and sequel of Borghoff’s work on PRESENT-like cipher with secret S-boxes.

Keywords

Block cipher Linear cryptanalysis PRESENT-like Secret S-box 
This is a preview of subscription content, log in to check access.

Notes

Acknowledgments

I wish to thank the anonymous reviewers for very useful comments that help to improve the paper. This work was supported by National Natural Science Foundation of China (Grant No. 61272488, No. 61272465).

References

  1. 1.
    Biham, E., Biryukov, A.: How to strengthen DES using existing hardware. In: Pieprzyk, J., Safavi-Naini, R. (eds.) Advances in Cryptology - ASIACRYPT 1994. LNCS, vol. 917, pp. 398–412. Springer, Berlin Heidelberg (1995)Google Scholar
  2. 2.
    Biryukov, A., Shamir, A.: Structural cryptanalysis of SASAS. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 395–405. Springer, Heidelberg (2001) CrossRefGoogle Scholar
  3. 3.
    Biryukov, A., Shamir, A.: Structural cryptanalysis of SASAS. J. Cryptol. 23(4), 505–518 (2010). doi: 10.1007/s00145-010-9062-1 CrossRefMATHMathSciNetGoogle Scholar
  4. 4.
    Bogdanov, A.A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  5. 5.
    Borghoff, J., Knudsen, L.R., Leander, G., Matusiewicz, K.: Cryptanalysis of C2. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 250–266. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  6. 6.
    Borghoff, J., Knudsen, L.R., Leander, G., Thomsen, S.S.: Cryptanalysis of PRESENT-like ciphers with secret S-boxes. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 270–289. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  7. 7.
    Borghoff, J., Knudsen, L., Leander, G., Thomsen, S.: Slender-set differential cryptanalysis. J. Cryptol. 26(1), 11–38 (2013). doi: 10.1007/s00145-011-9111-4 CrossRefMATHMathSciNetGoogle Scholar
  8. 8.
    De Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN — a family of small and efficient hardware-oriented block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  9. 9.
    Cho, J.Y.: Linear cryptanalysis of reduced-round PRESENT. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 302–317. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  10. 10.
    Gilbert, H., Chauvaud, P.: A chosen plaintext attack of the 16-round Khufu cryptosystem. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 359–368. Springer, Heidelberg (1994) Google Scholar
  11. 11.
    Hong, D., Sung, J., Hong, S.H., Lim, J.-I., Lee, S.-J., Koo, B.-S., Lee, C.-H., Chang, D., Lee, J., Jeong, K., Kim, H., Kim, J.-S., Chee, S.: HIGHT: a new block cipher suitable for low-resource device. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 46–59. Springer, Heidelberg (2006) CrossRefGoogle Scholar
  12. 12.
    Izadi, M., Sadeghiyan, B., Sadeghian, S., Khanooki, H.: MIBS: a new lightweight block cipher. In: Garay, J., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 334–348. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  13. 13.
    Leander, G., Paar, C., Poschmann, A., Schramm, K.: New lightweight DES variants. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 196–210. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  14. 14.
    Lim, C.H., Korkishko, T.: mCrypton – a lightweight block cipher for security of low-cost RFID tags and sensors. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 243–258. Springer, Heidelberg (2006) CrossRefGoogle Scholar
  15. 15.
    Mahadevan, G., Ruby, B.L.: Maya: a novel block encryption function. In: International Workshop on Coding and Cryptography. http://palms.princeton.edu/system/files/maya.pdf
  16. 16.
    Matsui, M.: The first experimental cryptanalysis of the data encryption standard. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 1–11. Springer, Heidelberg (1994) Google Scholar
  17. 17.
    Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994) Google Scholar
  18. 18.
    Peng, J., Jin, S.: Designing key-dependent S-boxes using hyperchaotic Chen system. In: Zhong, Z. (ed.) Proceedings of the International Conference on Information Engineering and Applications (IEA) 2012. LNEE, vol. 216, pp. 733–740. Springer, London (2013)CrossRefGoogle Scholar
  19. 19.
    Schneier, B., Kelsey, J., Whiting, D., Wagner, D., Hall, C., Ferguson, N.: Twofish: a 128-bit block cipher. In: AES proposal (1998)Google Scholar
  20. 20.
    Standaert, F.-X., Piret, G., Gershenfeld, N., Quisquater, J.-J.: SEA: a scalable encryption algorithm for small embedded applications. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds.) CARDIS 2006. LNCS, vol. 3928, pp. 222–236. Springer, Heidelberg (2006) CrossRefGoogle Scholar
  21. 21.
    Stoianov, N.: One approach of using key-dependent S-BOXes in AES. In: Dziech, A., Czyżewski, A. (eds.) MCSS 2011. CCIS, vol. 149, pp. 317–323. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  22. 22.
    Szaban, M., Seredynski, F.: Dynamic cellular automata-based S-boxes. In: Moreno-Díaz, R., Pichler, F., Quesada-Arencibia, A. (eds.) EUROCAST 2011, Part I. LNCS, vol. 6927, pp. 184–191. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  23. 23.
    Vaudenay, S.: On the weak keys of blowfish. In: Gollmann, D. (ed.) Fast Software Encryption. LNCS, vol. 1039, pp. 27–32. Springer, Heidelberg (1996)CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2015

Authors and Affiliations

  1. 1.Information Science and Technology InstituteZhengzhouChina
  2. 2.Xinyang Normal UniversityXinyangChina

Personalised recommendations