Browse > Article
http://dx.doi.org/10.3837/tiis.2021.10.018

Impossible Differential Cryptanalysis on ESF Algorithm with Simplified MILP Model  

Wu, Xiaonian (Guangxi Key Laboratory of Cryptography and Information Security, Guilin University of Electronic Technology)
Yan, Jiaxu (Guangxi Key Laboratory of Cryptography and Information Security, Guilin University of Electronic Technology)
Li, Lingchen (Guangxi Key Laboratory of Cryptography and Information Security, Guilin University of Electronic Technology)
Zhang, Runlian (Guangxi Key Laboratory of Cryptography and Information Security, Guilin University of Electronic Technology)
Yuan, Pinghai (School of Computing, National University of Singapore)
Wang, Yujue (Hangzhou Innovation Institute, Beihang University)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.15, no.10, 2021 , pp. 3815-3833 More about this Journal
Abstract
MILP-based automatic search is the most common method in analyzing the security of cryptographic algorithms. However, this method brings many issues such as low efficiency due to the large size of the model, and the difficulty in finding the contradiction of the impossible differential distinguisher. To analyze the security of ESF algorithm, this paper introduces a simplified MILP-based search model of the differential distinguisher by reducing constrains of XOR and S-box operations, and variables by combining cyclic shift with its adjacent operations. Also, a new method to find contradictions of the impossible differential distinguisher is proposed by introducing temporary variables, which can avoid wrong and miss selection of contradictions. Based on a 9-round impossible differential distinguisher, 15-round attack of ESF can be achieved by extending forward and backward 3-round in single-key setting. Compared with existing results, the exact lower bound of differential active S-boxes in single-key setting for 10-round ESF are improved. Also, 2108 9-round impossible differential distinguishers in single-key setting and 14 12-round impossible differential distinguishers in related-key setting are obtained. Especially, the round of the discovered impossible differential distinguisher in related-key setting is the highest, and compared with the previous results, this attack achieves the highest round number in single-key setting.
Keywords
ESF; MILP; related-key attack; differential active S-box; impossible differential distinguisher;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Gurobi. Gurobi Optimizer Reference Manual, http://www.gurobi.com, 2020.
2 M. Xie, Q.Y. Zeng, "Related-key Impossible Differential Cryptanalysis on Lightweight Block Cipher ESF," Journal of Electronics and Information Technology, vol. 41, no.5, pp. 1173-1179, 2019.
3 S. Sun, L. Hu, P. Wang, et al., "Automatic security evaluation and (related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES (L) and other bit-oriented block ciphers," in Proc. of International Conference on the Theory and Application of Cryptology and Information Security, pp. 158-178, 2014.
4 Y. Sasaki, Y. Todo, "New algorithm for modeling S-box in MILP based differential and division trail search," in Proc. of International Conference for Information Technology and Communications, Springer, Cham, pp. 150-165, 2017.
5 X. Liu, W. Zhang, X. Liu, et al., "Eight-sided fortress: a lightweight block cipher," The Journal of China Universities of Posts and Telecommunications, vol. 21, no.1, pp. 104-128, 2014.   DOI
6 J. Yin, C.Y. Ma, J. Song, et al., "Security Analysis of LightWeight Block Cipher ESF," Journal of Computer Research and Development, vol. 54, no. 10 pp. 2224-2231, 2017.
7 Li J, Wang H, Qiu X, et al., "Integral analysis of GRANULE and ESF block ciphers based on MILP," in Proc. of 2021 12th International Conference on Information and Communication Systems (ICICS). IEEE, pp. 10-16, 2021.
8 H. L. Chen, G. Xu, Y. L. Chen, X. B. Chen, Y. X. Yang et al., "Cipherchain: a secure and efficient ciphertext blockchain via mpeck," Journal of Quantum Computing, vol. 2, no. 1, pp. 57-83, 2020.   DOI
9 N. Mouha, Q. Wang, D. Gu, et al., "Differential and linear cryptanalysis using mixed-integer linear programming," in Proc. of International Conference on Information Security and Cryptology, pp. 57-76, 2011.
10 M.M.Li, J.S.Guo, J.Y.Cui, L.H.Xu, "Truncated impossible difference cryptanalysis of ESF Algorithm," Journal of Cryptologic Research, vol. 6, no.5, pp. 585-593, 2019.
11 C. Chu, Z. Huang, R. Xu, G. Wen, L. Liu, "A cross layer protocol for fast identification of blocked tags in large-scale RFID systems," Computers, Materials & Continua, vol. 64, no. 3, pp. 1705-1724, 2020.   DOI
12 S. Banik, A. Bogdanov, T. Isobe, et al., "Midori: a block cipher for low energy," in Proc. of International International Conference on the Theory and Application of Cryptology and Information Security, pp. 411-436, 2015.
13 Y. Wang, Y. Chen, H. Ahmad, et al., "Message authentication with a new quantum hash function," CMC-Computers, Materials & Continua, vol. 59, no. 2, pp. 635-648, 2019.   DOI
14 J. Guo, T. Peyrin, A. Poschmann, et al., "The LED block cipher," in Proc. of International International Workshop on Cryptographic Hardware and Embedded Systems, pp. 326-341, 2011.
15 C. Beierle, J. Jean, S. Kolbl, et al., "The SKINNY family of block ciphers and its low-latency variant MANTIS," in Proc. of International Annual International Cryptology Conference, pp. 123-153, 2016.
16 E. Biham, A. Biryukov, A. Shamir, "Cryptanalysis of skipjack reduced to 31 rounds using impossible differentials," in Proc. of the EUROCRYPT'99, pp. 12-23, 1999.
17 Y. Sasaki, Y. Todo, "New impossible differential search tool from design and cryptanalysis aspects," in Proc. of Annual International Conference on the Theory and Applications of Cryptographic Techniques, Springer, Cham, pp. 185-215, 2017.
18 C. T. Poomagal, G. A. Sathish Kumar and D. Mehta, "Multi level key exchange and encryption protocol for internet of things (iot)," Computer Systems Science and Engineering, vol. 35, no.1, pp. 51-63, 2020.   DOI
19 Biham E, Biryukov A, Shamir A, "Miss in the Middle Attacks on IDEA and Khufu," in Proc. of International Workshop on Fast Software Encryption, pp. 124-138, 1999.
20 T.T. Cui, et al., "New Automatic Search Tool for Impossible Differentials and Zero-Correlation Linear Approximations," IACR Cryptology ePrint Archive, pp. 689-707, 2016.
21 A. Bogdanov, L.R. Knudsen, G. Leander, "PRESENT: an ultra-lightweight block cipher," in Proc. of International Workshop on Cryptographic Hardware and Embedded Systems, pp. 450-466, 2007.
22 W.L. WU, L. Zhang, "LBlock: a lightweight block cipher," in Proc. of International Conference on Applied Cryptography and Network Security, pp. 327-344, 2011.
23 S. Banik, S.K. Pandey, T. Peyrin, et al., "GIFT: a small Present," in Proc. of International International Conference on Cryptographic Hardware and Embedded Systems, pp. 321-345, 2017.
24 M. Long, M. Kong, S. Long and X. Zhang, "An improved differential fault analysis on block cipher klein-64," Computers, Materials & Continua, vol. 65, no. 2, pp. 1425-1436, 2020.   DOI
25 E. Biham, "New types of cryptanalytic attacks using related keys," Journal of Cryptology, vol.7, no.4, pp.229-246, 1994.   DOI
26 L. Knudsen, "DEAL-a 128-bit block cipher," complexity, vol.258, no.2, pp. 216-225, 1998.
27 L.R. Knudsen, "Cryptanalysis of LOKI 91," in Proc. of International AUSCRYPT'92, pp. 196-208, 1992.