Browse > Article
http://dx.doi.org/10.13089/JKIISC.2019.29.6.1259

Security Analysis of Block Ciphers Designed with BOGI Strategy against Differential Attacks  

Lee, Sanghyeop (Korea University)
Kim, Seonggyeom (Korea University)
Hong, Deukjo (Chonbuk National University)
Sung, Jaechul (University of Seoul)
Hong, Seokhie (Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.29, no.6, 2019 , pp. 1259-1270 More about this Journal
Abstract
The upper bound of differential characteristic probability is mainly used to determine the number of rounds when constructing a block cipher. As the number of rounds affects the performance of block cipher, it is critical to evaluate the tight upper bound in the constructing process. In order to calculate the upper bound of differential characteristic probability, the previous searching methods for minimum number of active S-boxes constructed constraint equations for non-linear operations and linear operations, independently. However, in the case of BOGI design strategy, where linear operation is dependent on non-linear operation, the previous methods may present the less tight upper bound. In this paper, we exploit the properties of BOGI strategy to propose a new method to evaluate a tighter upper bound of differential characteristic probability than previous ones. Additionally, we mathematically proved the validity of our method. Our proposed method was applied to GIFT-64 and GIFT-128, which are based on BOGI strategy, and the upper bounds of differential characteristic probability were derived until 9 round. Previously, the upper bounds of differential characteristic probability for 7-round GIFT-64 and 9-round GIFT-128 were 2-18.395 and 2-26.885, respectively, while we show that the upper bounds of differential characteristic probability are more tight as 2-19.81 and 2-28.3, respectively.
Keywords
BOGI; Differential Cryptanalysis; Active S-box; GIFT; MILP;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Biham, Eli, and Adi Shamir. "Differential cryptanalysis of DES-like cryptosystems." Journal of CRYPTOLOGY vol. 4, no. 1 pp. 3-72, 1991.   DOI
2 Daemen, Joan, and Vincent Rijmen. "The design of Rijndael: AES-the advanced encryption standard." Springer Science & Business Media, 2013.
3 Bogdanov, Andrey, et al. "PRESENT: An ultra-lightweight block cipher." International workshop on cryptographic hardware and embedded systems. Springer, Berlin, Heidelberg, pp. 450-466, Sep. 2007.
4 Shirai, Taizo, et al. "The 128-bit blockcipher CLEFIA." International workshop on fast software encryption. Springer, Berlin, Heidelberg, pp. 181-195, Mar. 2007.
5 Mouha, Nicky, et al. "Differential and linear cryptanalysis using mixed-integer linear programming." International Conference on Information Security and Cryptology. Springer, Berlin, Heidelberg, pp. 57-76, Nov. 2011.
6 Sun, Siwei, et al. "Automatic security evaluation of block ciphers with S-bP structures against related-key differential attacks." International Conference on Information Security and Cryptology. Springer, Cham, pp. 39-51, Nov. 2013.
7 Sun, Siwei, et al. "Automatic security evaluation and (related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES (L) and other bit-oriented block ciphers." International Conference on the Theory and Application of Cryptology and Information Security. Springer, Berlin, Heidelberg, pp. 158-178, Dec. 2014.
8 Sun, Siwei, et al. "Towards finding the best characteristics of some bit-oriented block ciphers and automatic enumeration of (related-key) differential and linear characteristics with predefined properties." Cryptology ePrint Archive, Report 747 (2014): 2014.
9 Bertoni, Guido, et al. "Sponge functions." ECRYPT hash workshop. Vol. 2007. No. 9. 2007.
10 Banik, Subhadeep, et al. "GIFT: a small present." International Conference on Cryptographic Hardware and Embedded Systems. Springer, Cham, pp. 321-345, Sep. 2017.
11 Nyberg, Kaisa. "Differentially uniform mappings for cryptography." Workshop on the Theory and Application of Cryptographic Techniques. Springer, Berlin, Heidelberg, pp. 55-64, May. 1993.
12 Sasaki, Yu, and Yosuke Todo. "New algorithm for modeling S-box in MILP based differential and division trail search." International Conference for Information Technology and Communications. Springer, Cham, pp. 150-165, Jun. 2017.
13 Brayton, Robert K., et al. "Logic minimization algorithms for VLSI synthesis." Springer Science & Business Media, Vol. 2. 1984.
14 Ullrich, Markus, et al. "Finding optimal bitsliced implementations of $4{\times}$ 4-bit S-boxes." SKEW 2011 Symmetric Key Encryption Workshop, Copenhagen, Denmark. pp. 16-17, Feb. 2011.