Browse > Article
http://dx.doi.org/10.3837/tiis.2020.11.014

Integral Attacks on Some Lightweight Block Ciphers  

Zhu, Shiqiang (Shanghai Key Laboratory of Trustworthy Computing, East China Normal University)
Wang, Gaoli (Shanghai Key Laboratory of Trustworthy Computing, East China Normal University)
He, Yu (Shanghai Key Laboratory of Trustworthy Computing, East China Normal University)
Qian, Haifeng (Shanghai Key Laboratory of Trustworthy Computing, East China Normal University)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.14, no.11, 2020 , pp. 4502-4521 More about this Journal
Abstract
At EUROCRYPT 2015, Todo proposed a new technique named division property, and it is a powerful technique to find integral distinguishers. The original division property is also named word-based division property. Later, Todo and Morii once again proposed a new technique named the bit-based division property at FSE 2016 and find more rounds integral distinguisher for SIMON-32. There are two basic approaches currently being adopted in researches under the bit-based division property. One is conventional bit-based division property (CBDP), the other is bit-based division property using three-subset (BDPT). Particularly, BDPT is more powerful than CBDP. In this paper, we use Boolean Satisfiability Problem (SAT)-aided cryptanalysis to search integral distinguishers. We conduct experiments on SIMON-32/-48/-64/-96, SIMON (102)-32/-48/-64, SIMECK-32/-48/-64, LBlock, GIFT and Khudra to prove the efficiency of our method. For SIMON (102)-32/-48/-64, we can determine some bits are odd, while these bits can only be determined as constant in the previous result. For GIFT, more balanced (zero-sum) bits can be found. For LBlock, we can find some other new integral distinguishers. For Khudra, we obtain two 9-round integral distinguishers. For other ciphers, we can find the same integral distinguishers as before.
Keywords
Division property; three-subset; integral distinguisher; SAT; block cipher;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Z. Xiang, W. Zhang, Z. Bao, and D. Lin, "Applying MILP method to searching integral distinguishers based on division property for 6 lightweight block ciphers," in Proc. of ASIACRYPT 2016, vol. 10031, pp. 648-678, November, 2016.
2 L. Sun, W. Wang, and M. Wang, "Automatic search of bit-based division property for ARX ciphers and word-based division property," in Proc. of ASIACRYPT 2017, vol. 10624, pp.128-157, November, 2017.
3 S. A. Cook, "The complexity of theorem-proving procedures," in Proc. of the third annual ACM symposium on Theory of computing, pp. 151-158, May, 1971.
4 K. Hu and M. Wang, "Automatic search for a variant of division property using three subsets," in Proc. of CT-RSA 2019, vol. 11405, 2019, pp. 412-432, February, 2019.
5 Y. Todo, "Structural evaluation by generalized integral property," in Proc. of the 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, vol. 9056, pp. 287-314, April, 2015.
6 Q. Wang, Z. Liu, K. Varici, Y. Sasaki, V. Rijmen, and Y. Todo, "Cryptanalysis of reduced-round SIMON32 and SIMON48," in Proc. of INDOCRYPT 2014, vol. 8885, pp. 143-160, October, 2014.
7 S. Wang, B. Hu, J. Guan, K. Zhang, and T. Shi, "Milp aided method of searching division property using three subsets and applications," in Proc. of ASIACRYPT 2019, vol. 11923, pp. 398-427, November, 2019.
8 S. K lbl, G. Leander, and T. Tiessen, "Observations on the SIMON block cipher family," in Proc. of CRYPTO 2015, vol. 9215, pp. 161-185, August 2015.
9 Z. Eskandari, A. B. Kidmose, S. K lbl, and T. Tiessen, "Finding integral distinguishers with ease," in Proc. of Selected Areas in Cryptography - SAC 2018, vol. 11349, pp. 115-138, January, 2019.
10 G. Yang, B. Zhu, V. Suder, M. Aagaard, and G. Gong, "The simeck family of lightweight block ciphers," in Proc. of Cryptographic Hardware and Embedded Systems 2015, vol. 9293, pp. 307-329, September, 2015.
11 V. T. Hoang and P. Rogaway, "On generalized Feistel Networks," in Proc. of CRYPTO 2010, vol. 6223, pp. 613-630, August, 2010.
12 S. Banik, S. K. Pandey, T. Peyrin, Y. Sasaki, S. M. Sim, and Y. Todo, "GIFT: a small PRESENT - towards reaching the limit of lightweight encryption," in Proc. of Cryptographic Hardware and Embedded Systems 2017, vol. 10529, pp. 321-345, January, 2017.
13 W. Wu and L. Zhang, "LBlock: a lightweight block cipher," in Proc. of Applied Cryptography and Network Security 2011, vol. 6715, pp. 327-344, June, 2011.
14 S. Kolay and D. Mukhopadhyay, "Khudra: A new lightweight block cipher for FPGAs," in Proc. of Security, Privacy, and Applied Cryptography Engineering, vol. 8804, pp. 126-145, October, 2014.
15 Y. Todo and M. Morii, "Bit-based division property and application to Simon family," in Proc. of the 23rd International Conference, FSE 2016, vol. 9783, pp. 357-377, July, 2016.
16 L. R. Knudsen and D. Wagner, "Integral cryptanalysis," in Proc. of International Workshop on Fast Software Encryption 2002, vol. 2365, pp. 112-127, July, 2002.
17 Y. Todo, "Integral cryptanalysis on full MISTY1," Journal of Cryptology, vol.30, pp.920-959, 2017.   DOI
18 H. Zhang and W. Wu, "Structural evaluation for generalized Feistel structures and applications to LBlock and TWINE," in Proc. of Cryptology -- INDOCRYPT 2015, vol. 9462, pp. 218-237, November, 2015.
19 R. Beaulieu, D. Shors, J. Smith, S. Treatman-Clark, B. Weeks, and L. Wingers, "The SIMON and SPECK lightweight block ciphers," in Proc. of the 52nd Annual Design Automation Conference, pp. 1-6, June, 2015.