[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.4218/etrij.17.0116.0544

Multidimensional Differential-Linear Cryptanalysis of ARIA Block Cipher

Yi, Wentan (State Key Laboratory of Mathematical Engineering and Advanced Computing)
Ren, Jiongjiong (State Key Laboratory of Mathematical Engineering and Advanced Computing)
Chen, Shaozhen (State Key Laboratory of Mathematical Engineering and Advanced Computing)

Publication Information

ETRI Journal / v.39, no.1, 2017 , pp. 108-115 More about this Journal

Abstract

ARIA is a 128-bit block cipher that has been selected as a Korean encryption standard. Similar to AES, it is robust against differential cryptanalysis and linear cryptanalysis. In this study, we analyze the security of ARIA against differential-linear cryptanalysis. We present five rounds of differential-linear distinguishers for ARIA, which can distinguish five rounds of ARIA from random permutations using only 284.8 chosen plaintexts. Moreover, we develop differential-linear attacks based on six rounds of ARIA-128 and seven rounds of ARIA-256. This is the first multidimensional differential-linear cryptanalysis of ARIA and it has lower data complexity than all previous results. This is a preliminary study and further research may obtain better results in the future.

Keywords

ARIA; Block cipher; Cryptanalysis; Linear hull; Multidimensional differential-linear attack;

Citations & Related Records

Times Cited By KSCI : 1 (Citation Analysis)

Reference
Cited By KSCI

1	E. Biham, O. Dunkelman, and N. Keller, "Enhancing Differential-linear Cryptanalysis," Advances in Cryptology - ASIACRYPT 2002, vol. 2501, Heidelberg, Berlin; Springer, pp. 254-266.
2	S. Langford, "Differential-Linear Cryptanalysis and Threshold Signatures," Ph.D. Thesis, 1995.
3	Z. Liu et al., "Differential-Multiple Linear Cryptanalysis," Int. Conf. Inscrypt, Beijing, China, Dec.12-15, 2009, pp. 35-49.
4	J. Lu, "A Methodology for Differential-Linear Cryptanalysis and its Applications," Proc. Fast Software Encryption, vol. 7549, Heidelberg, Berlin; Springer, pp. 69-89.
5	D. Wagner, "Towards a Unifying View of Block Cipher Cryptanalysis," Proc. FSE 2004, vol. 3017, Heidelberg, Berlin; Springer, pp.16-33.
6	C. Blondeau, G. Leander, and K. Nyberg, "Differential-Linear Cryptanalysis Revisited," Int. Workshop FSE, London, UK, Mar. 3-5, 2014, pp. 411-430.
7	B. Sun et al., "Provable Security Evaluation of Structures Against Impossible Differential and Zero Correlation Linear Cryptanalysis," Proc. EUROCRYPT 2016, vol. 9665, pp. 196-213.
8	B. Sun et al., "New Insights on the AES-like SPN Ciphers," Proc. CRYPTO 2016, vol. 9814, pp. 605-624.
9	C. Blondeau et al., "Accurate Estimates of the Data Complexity and Success Probability for Various Cryptanalysis," Annu. Int. Conf. Theory Applicat. Cryptographic Techn., Vienna, Austria, May 8-12, 2016, pp. 31-34.
10	P. Li, B. Sun, and C. Li, "Integral Cryptanalysis of ARIA," Int. Conf. Inscrypt, Beijing, China, Dec. 12-15, 2009, pp. 1-14.
11	Y. Li, W. Wu, and L. Zhang, "Integral Attacks on Reduced-round ARIA Block Cipher," Proc. ISPEC, Seoul, Rep. of Korea, May 12-13, 2010, pp. 19-29.
12	E. Fleischmann et al., "New Boomerang Attacks on ARIA," Int. Conf. Cryptology India, Hyderabad, India, Dec.12-15, 2010, pp. 163-175.
13	X. Tang et al., "A Meet-in-the-Middle Attack on Reduced Round ARIA," J. Syst. Softw., vol. 84, no. 10, Oct. 2011, pp. 1685-1692. DOI
14	T. Akshima et al., "Improved Meet-in-the-Middle Attacks on 7 and 8-Round ARIA-192 and ARIA-256," Int. Conf. Cryptology India, Bangalore, India, Dec. 6-9, 2015, pp. 198-217.
15	S. Chen and T. Xu, "Biclique Attack of the Full ARIA-256," IET Inform. Security, vol. 8, no. 5, 2014, pp. 259-264. DOI
16	X. Bai et al., "Improved Meet-in-the-Middle Attacks on Round-reduced ARIA," Int. Conf. ISC, Dallas, TX, USA, Nov. 13-15, 2013, pp. 155-168.
17	W. Wu, W. Zhang, D. Feng, "Impossible Differential Cryptanalysis of Reduced Round ARIA and Camellia," J. Comput. Sci. Technol., vol. 22, no. 3, May 2007, pp. 449-456. DOI
18	R. Li et al., New Impossible Differential Cryptanalysis of ARIA. http://eprint.iacr.org/2008/227
19	C. Du and J. Chen, "Impossible Differential Cryptanalysis of ARIA Reduced to 7 Rounds," Int. Conf. CANS, Kuala Lumpur, Malaysia, Dec. 12-14, 2010, pp. 20-30.
20	W. Yi, S. Chen, and K. Wei, "Zero-Correlation Linear Cryptanalysis of Reduced Round ARIA with Partial-sum and FFT," Trans. Internet Inform. Syst., vol. 9, no. 1, 2015, pp. 280-295.
21	D. Kwon et al., "New Bock Cipher: ARIA," Proc. Int. Conf. Inform. Security Cryptology, Seoul, Rep. of Korea, Nov. 27-28, 2003, pp. 432-445.
22	National Security Research Institute: Specification of ARIA, version 1.0, January 2005. http://www.nsri.re.kr/ARIA/doc/ARIAspecification-e.pdf
23	Korean Agency for Technology and Standards (KATS): 128 bit Block Encryption Algorithm ARIA, KS X 1213:2004, Dec. 2004.
24	M. Hermelin, J.Y. Cho, and K. Nyberg, "Multidimensional Extension of Matsui's Algorithm 2," Proc. Fast Softw. Encyption, vol. 5665, Heidelberg, Berlin; Springer, pp. 209-227.
25	D. Kwon et al., A Description of the ARIA Encryption Algorithm. RFC 5794, Mar. 2010. https://tools.ietf.org/html/rfc5794
26	W. Kim et al., Addition of the ARIA Cipher Suites to Transport Layer Security (TLS). RFC 6209, Apr. 2011. https://tools.ietf.org/html/rfc6209
27	RSA Laboratories, Additional PKCS \#11 Mechanisms, PKCS \#11 v2.20 Amendment, Revision 1, 2007.
28	A. Bogdanov et al., "On the Wrong Key Randomization and Key Equivalence Hypothesis in Matsui's Algorithm 2," Int. Workshop FSE, Singapore, Mar. 11-13, 2013, pp. 19-38.
29	A. Selcuk, "On Probability of Success in Linear and Differential Cryptanalysis," J. Cryptoloy, vol. 21, no. 1, Jan. 2008, pp. 131-147. DOI
30	K. Paterson, "On Linear Hulls, Statistical Saturation Attacks, Present and a Cryptanalysis of Puffin," Adv. Cryptology - EUROCRYPT, vol. 6632, Heidelberg, Berlin; Springer, pp. 303-322.
31	S. Langford and M.E. Hellman, "Differential-Linear Cryptanalysis," Advances in Cryptology - CRYPTO '94, vol. 839, Heidelberg, Berlin; Springer, pp. 17-25.