Skip to main content
SpringerLink
Log in

Rotational Cryptanalysis on MAC Algorithm Chaskey

  • Conference paper
  • First Online:
Applied Cryptography and Network Security (ACNS 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12146))

Included in the following conference series:

Abstract

In this paper we generalize the Markov theory with respect to a relation between two plaintexts and not their difference and apply it for rotational pairs. We perform a related-key attack over Chaskey- a lightweight MAC algorithm for 32-bit micro controllers - and find a distinguisher by using rotational probabilities. Having a message m we can forge and present a valid tag for some message under a related key with probability \(2^{-57}\) for 8 rounds and \(2^{-86}\) for all 12 rounds of the permutation for keys in a defined weak-key class. This attack can be extended to full key recovery with complexity \(2^{120}\) for the full number of rounds.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Biham, E., Carmeli, Y.: An improvement of linear cryptanalysis with addition operations with applications to FEAL-8X. In: Joux, A., Youssef, A. (eds.) SAC 2014. LNCS, vol. 8781, pp. 59–76. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13051-4_4

    Chapter  Google Scholar 

  2. Biryukov, A., Khovratovich, D.: Related-key cryptanalysis of the full AES-192 and AES-256. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 1–18. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10366-7_1

    Chapter  Google Scholar 

  3. Biryukov, A., Khovratovich, D., Nikolić, I.: Distinguisher and related-key attack on the full AES-256. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 231–249. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_14

    Chapter  Google Scholar 

  4. Biryukov, A., Wagner, D.: Advanced slide attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 589–606. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6_41

    Chapter  Google Scholar 

  5. Black, J., Halevi, S., Krawczyk, H., Krovetz, T., Rogaway, P.: UMAC: fast and secure message authentication. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 216–233. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_14

    Chapter  Google Scholar 

  6. Daemen, J.: Limitations of the Even-Mansour construction. In: Imai, H., Rivest, R.L., Matsumoto, T. (eds.) ASIACRYPT 1991. LNCS, vol. 739, pp. 495–498. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-57332-1_46

    Chapter  Google Scholar 

  7. Daum, M.: Cryptanalysis of Hash functions of the MD4-family. Ph.D. thesis, Ruhr University Bochum (2005). http://www-brs.ub.ruhr-uni-bochum.de/netahtml/HSS/Diss/DaumMagnus/

  8. Dunkelman, O., Keller, N., Shamir, A.: Minimalism in cryptography: the Even-Mansour scheme revisited. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 336–354. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_21

    Chapter  MATH  Google Scholar 

  9. Dworkin, M.: Recommendation for block cipher modes of operation: the CMAC mode for authentication. NIST special publication 800–38b, National Institute of Standards and Technology (NIST), May 2005 (2005)

    Google Scholar 

  10. Even, S., Mansour, Y.: A construction of a cipher from a single pseudorandom permutation. In: Imai, H., Rivest, R.L., Matsumoto, T. (eds.) ASIACRYPT 1991. LNCS, vol. 739, pp. 210–224. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-57332-1_17

    Chapter  Google Scholar 

  11. Ferguson, N., et al.: The Skein hash function family. Submission to SHA-3 Nist Competition (2008)

    Google Scholar 

  12. Khovratovich, D., Nikolić, I.: Rotational cryptanalysis of ARX. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 333–346. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13858-4_19

    Chapter  Google Scholar 

  13. Khovratovich, D., Nikolić, I., Pieprzyk, J., Sokołowski, P., Steinfeld, R.: Rotational cryptanalysis of ARX revisited. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 519–536. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48116-5_25

    Chapter  Google Scholar 

  14. Knudsen, L.R., Rijmen, V.: Known-key distinguishers for some block ciphers. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 315–324. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-76900-2_19

    Chapter  Google Scholar 

  15. Lai, X., Massey, J.L., Murphy, S.: Markov ciphers and differential cryptanalysis. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 17–38. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-46416-6_2

    Chapter  Google Scholar 

  16. Leurent, G.: Improved differential-linear cryptanalysis of 7-round Chaskey with partitioning. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 344–371. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_14

    Chapter  Google Scholar 

  17. Mavromati, C.: Key-recovery attacks against the MAC algorithm Chaskey. In: Dunkelman, O., Keliher, L. (eds.) SAC 2015. LNCS, vol. 9566, pp. 205–216. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31301-6_12

    Chapter  Google Scholar 

  18. Morawiecki, P., Pieprzyk, J., Srebrny, M.: Rotational cryptanalysis of round-reduced Keccak. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 241–262. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43933-3_13

    Chapter  Google Scholar 

  19. Mouha, N.: Chaskey: a MAC algorithm for microcontrollers - status update and proposal of Chaskey-12 -. IACR Cryptology ePrint Archive 2015/1182 (2015). http://eprint.iacr.org/2015/1182

  20. Mouha, N., Mennink, B., Van Herrewege, A., Watanabe, D., Preneel, B., Verbauwhede, I.: Chaskey: an efficient MAC algorithm for 32-bit microcontrollers. In: Joux, A., Youssef, A. (eds.) SAC 2014. LNCS, vol. 8781, pp. 306–323. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13051-4_19

    Chapter  Google Scholar 

  21. Turner, J.: The keyed-hash message authentication code (HMAC). FIPS PUB 198–1, National Institute of Standards and Technology (NIST) (July 2008) (2008). http://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf

  22. Yang, G., Zhang, P., Ding, J., Hu, H.: Advanced slide attacks on the Even-Mansour scheme. In: DSC, pp. 615–621. IEEE (2018)

    Google Scholar 

Download references

Acknowledgements

We thank the anonymous reviewers for their comments. This research is supported by a Ph.D. Fellowship from the Research Foundation - Flanders (FWO), the Research Council KU Leuven - grant C16/18/004 and FWO-BAS grant VS.077.18. Tomer Ashur is an FWO post-doctoral fellow under grant number 12ZH420N.

Author information

Authors and Affiliations

  1. imec-COSIC, KU Leuven, Leuven, Belgium

    Liliya Kraleva, Tomer Ashur & Vincent Rijmen

  2. TU Eindhoven, Eindhoven, The Netherlands

    Tomer Ashur

Authors
  1. Liliya Kraleva
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tomer Ashur
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Vincent Rijmen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Liliya Kraleva , Tomer Ashur or Vincent Rijmen .

Editor information

Editors and Affiliations

  1. Department of Mathematics, University of Padua, Padua, Italy

    Mauro Conti

  2. Singapore University of Technology and Design, Singapore, Singapore

    Jianying Zhou

  3. Dipt di Informatica Sistemi e Produ, Università di Roma “Tor Vergata”, Rome, Roma, Italy

    Emiliano Casalicchio

  4. Sapienza University of Rome, Rome, Italy

    Angelo Spognardi

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kraleva, L., Ashur, T., Rijmen, V. (2020). Rotational Cryptanalysis on MAC Algorithm Chaskey. In: Conti, M., Zhou, J., Casalicchio, E., Spognardi, A. (eds) Applied Cryptography and Network Security. ACNS 2020. Lecture Notes in Computer Science(), vol 12146. Springer, Cham. https://doi.org/10.1007/978-3-030-57808-4_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-57808-4_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-57807-7

  • Online ISBN: 978-3-030-57808-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation