Compact Representation for Division Property

  • Yosuke Todo
  • Masakatu Morii
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10052)


The division property, which is a new method to find integral characteristics, was proposed at Eurocrypt 2015. Thereafter, some applications and improvements have been proposed. The bit-based division property is also one of such improvements, and the accurate integral characteristic of Simon32 is theoretically proved. In this paper, we propose the compact representation for the bit-based division property. The disadvantage of the bit-based division property is that it cannot be applied to block ciphers whose block length is over 32 because of high time and memory complexity. The compact representation partially solves this problem, and we apply this technique to 64-bit block cipher PRESENT to illustrate our method. We can accurately evaluate the propagation characteristic of the bit-based division property thanks to the compact representation. As a result, we find 9-round integral characteristics, and the characteristic is improved by two rounds than previous best characteristic. Moreover, we attack 12-round PRESENT-80 and 13-round PRESENT-128 by using this new characteristic.


Integral cryptanalysis Division property Compact representation PRESENT 


  1. 1.
    Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-74735-2_31 CrossRefGoogle Scholar
  2. 2.
    Boura, C., Canteaut, A.: Another view of the division property (2016). (Accepted to CRYPTO2016).
  3. 3.
    Collard, B., Standaert, F.-X., Quisquater, J.-J.: Improving the time complexity of Matsui’s linear cryptanalysis. In: Nam, K.-H., Rhee, G. (eds.) ICISC 2007. LNCS, vol. 4817, pp. 77–88. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-76788-6_7 CrossRefGoogle Scholar
  4. 4.
    Daemen, J., Knudsen, L., Rijmen, V.: The block cipher Square. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997). doi: 10.1007/BFb0052343 CrossRefGoogle Scholar
  5. 5.
    Knudsen, L.R.: Truncated and higher order differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995). doi: 10.1007/3-540-60590-8_16 CrossRefGoogle Scholar
  6. 6.
    Knudsen, L., Wagner, D.: Integral cryptanalysis. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 112–127. Springer, Heidelberg (2002). doi: 10.1007/3-540-45661-9_9 CrossRefGoogle Scholar
  7. 7.
    Lai, X.: Higher order derivatives and differential cryptanalysis. In: Blahut, R.E., Costello, D.J., Maurer, U., Mittelholzer, T. (eds.) Communications and Cryptography. The Springer International Series in Engineering and Computer Science, vol. 276, pp. 227–233. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  8. 8.
    Li, Y., Wu, W., Zhang, L.: Improved integral attacks on reduced-round CLEFIA block cipher. In: Jung, S., Yung, M. (eds.) WISA 2011. LNCS, vol. 7115, pp. 28–39. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-27890-7_3 CrossRefGoogle Scholar
  9. 9.
    Sasaki, Y., Wang, L.: Meet-in-the-middle technique for integral attacks against feistel ciphers. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 234–251. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-35999-6_16 CrossRefGoogle Scholar
  10. 10.
    Sun, B., Hai, X., Zhang, W., Cheng, L., Yang, Z.: New observation on division property. IACR Cryptology ePrint Archive 2015, 459 (2015).
  11. 11.
    Todo, Y.: Integral cryptanalysis on full MISTY1. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 413–432. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-47989-6_20 CrossRefGoogle Scholar
  12. 12.
    Todo, Y.: Structural evaluation by generalized integral property. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 287–314. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46800-5_12 Google Scholar
  13. 13.
    Todo, Y., Aoki, K.: FFT key recovery for integral attack. In: Gritzalis, D., Kiayias, A., Askoxylakis, I. (eds.) CANS 2014. LNCS, vol. 8813, pp. 64–81. Springer, Heidelberg (2014). doi: 10.1007/978-3-319-12280-9_5 Google Scholar
  14. 14.
    Todo, Y., Morii, M.: Bit-based division property and application to Simon family. IACR Cryptology ePrint Archive 2016, 285 (2016). (Accepted to FSE2016).
  15. 15.
    Wu, S., Wang, M.: Integral attacks on reduced-round PRESENT. In: Qing, S., Zhou, J., Liu, D. (eds.) ICICS 2013. LNCS, vol. 8233, pp. 331–345. Springer, Heidelberg (2013). doi: 10.1007/978-3-319-02726-5_24 CrossRefGoogle Scholar
  16. 16.
    Yeom, Y., Park, S., Kim, I.: On the security of CAMELLIA against the square attack. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 89–99. Springer, Heidelberg (2002). doi: 10.1007/3-540-45661-9_7 CrossRefGoogle Scholar
  17. 17.
    Z’aba, M.R., Raddum, H., Henricksen, M., Dawson, E.: Bit-pattern based integral attack. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 363–381. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-71039-4_23 CrossRefGoogle Scholar
  18. 18.
    Zhang, H., Wu, W.: Structural evaluation for generalized feistel structures and applications to LBlock and TWINE. In: Biryukov, A., Goyal, V. (eds.) INDOCRYPT 2015. LNCS, vol. 9462, pp. 218–237. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-26617-6_12 CrossRefGoogle Scholar
  19. 19.
    Zhang, H., Wu, W., Wang, Y.: Integral attack against bit-oriented block ciphers. In: Kwon, S., Yun, A. (eds.) ICISC 2015. LNCS, vol. 9558, pp. 102–118. Springer, Heidelberg (2016). doi: 10.1007/978-3-319-30840-1_7 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  1. 1.NTT Secure Platform LaboratoriesTokyoJapan
  2. 2.Kobe UniversityKobeJapan

Personalised recommendations