Abstract
The deterministic related-key characteristic in DES can be used to accelerate the exhaustive search in the single-key setting even if an adversary cannot obtain the ciphertexts for arbitrary plaintexts in the related-key model. Inspired by this observation, it has become a common belief that if there exist \(2^m\) deterministic differential characteristics for a block cipher with the key size of k, they can be employed to decrease the security to \(k-m\) bits. The adversary should be able to efficiently partition the key space according to eliminated related keys in order to accelerate the exhaustive search. However, the conventional technique utilized to exploit one deterministic related-key differential characteristic is not extendable. Several deterministic related-key differential properties, regardless of the differences’ values cannot be exploited by applying this technique. In this paper, we describe a precise framework for utilizing several deterministic related-key differential distinguishers, which provides a general methodology to reduce the security of cryptographic primitives. It takes the advantage of deterministic related-key properties. We demonstrate our proposed framework can be used to evaluate the security of block ciphers by presenting straightforward applications of our framework on different variants of block ciphers. In particular, we present a new attack on the well-known FX and Even–Mansour constructions. The latter is quite simpler than the former.
Similar content being viewed by others
References
Albrecht, M.R., Driessen, B., Kavun, E.B., Leander, G., Paar, C., Yalçin, T.: Block ciphers - focus on the linear layer (feat. PRIDE). In Garay, J.A., Gennaro, R. (eds.) Advances in Cryptology - CRYPTO 2014 - 34th Annual Cryptology Conference, Santa Barbara, CA, USA, August 17-21, 2014, Proceedings, Part I, volume 8616 of Lecture Notes in Computer Science, pp. 57–76. Springer, Berlin (2014)
Avanzi, R.: The QARMA block cipher family almost MDS matrices over rings with zero divisors, nearly symmetric even-mansour constructions with non-involutory central rounds, and search heuristics for low-latency s-boxes. IACR Trans. Symmetric Cryptol. 2017(1), 4–44 (2017)
Banik, S., Bogdanov, A., Isobe, T., Shibutani, K., Hiwatari, H., Akishita, T., Regazzoni, F.M.: A block cipher for low energy. In Iwata, T., Cheon, J.H. (eds.) Advances in Cryptology - ASIACRYPT 2015 - 21st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29 - December 3, 2015, Proceedings, Part II, volume 9453 of Lecture Notes in Computer Science, pp. 411–436. Springer, Berlin (2015)
Borghoff, J., Canteaut, A., Güneysu, T., Kavun, E.B., Knezevic, M., Knudsen, L.R., Leander, G., Nikov, V., Paar, C., Rechberger, C., Rombouts, P., Thomsen, S.S., Yalçin, T.: PRINCE - A Low-Latency Block Cipher for Pervasive Computing Applications - Extended Abstract. In Wang, X., Sako, K. (eds.) ASIACRYPT 2012, volume 7658 of LNCS, pp. 208–225. Springer, Berlin (2012)
Bozilov, D., Eichlseder, M., Knezevic, M., Lambin, B., Leander, G., Moos, T., Nikov, V., Rasoolzadeh, S., Todo, Y., Wiemer, F.: Princev2 - more security for (almost) no overhead. IACR Cryptol. ePrint Arch., 2020:1269, (2020)
Bernstein, D.J.: Related-key Attacks: Who Cares? eSTREAM discussion forum (2005). http://www.ecrypt.eu.org/stream/phorum/
Biham, E.: New types of cryptanalytic attacks using related keys. J. Cryptol. 7(4), 229–246 (1994)
Biryukov, A., Khovratovich, D.: Related-key cryptanalysis of the full AES-192 and AES-256. In Matsui, M. (ed.) Advances in Cryptology - ASIACRYPT 2009, 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, Japan, December 6–10, 2009. Proceedings, volume 5912 of Lecture Notes in Computer Science, pp. 1–18. Springer, Berlin (2009)
Biryukov, A., Khovratovich, D., Nikolic, I.: Distinguisher and related-key attack on the full AES-256. In Halevi, S. (ed.) Advances in Cryptology - CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16–20, 2009. Proceedings, volume 5677 of Lecture Notes in Computer Science, pp. 231–249. Springer, Berlin (2009)
Brown, L., Kwan, M., Pieprzyk, J., Seberry, J.: Improving Resistance to Differential Cryptanalysis and the Redesign of LOKI. In Imai, H., Rivest, R.L., Matsumoto, T. (eds.) ASIACRYPT 1991, volume 739 of LNCS, pp. 36–50. Springer, Berlin (1991)
Beierle, C., Leander, G., Moradi, A., Rasoolzadeh, S.: CRAFT: lightweight tweakable block cipher with efficient protection against DFA attacks. IACR Trans. Symmetric Cryptol. 2019(1), 5–45 (2019)
Biham, E., Shamir, A.: Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer. In Feigenbaum, J. (ed.) CRYPTO, volume 576 of LNCS, pp. 156–171. Springer, Berlin (1991)
Biryukov, A., Wagner, D.: Advanced Slide Attacks. In Preneel, B., (eds.) EUROCRYPT 2000, volume 1807 of LNCS, pp. 589–606. Springer, Berlin (2000)
Daemen, J.: Limitations of the even-mansour construction. In Imai, H., Rivest, R.L., Matsumoto, T. (eds.) Advances in Cryptology - ASIACRYPT ’91, International Conference on the Theory and Applications of Cryptology, Fujiyoshida, Japan, November 11-14, 1991, Proceedings, volume 739 of Lecture Notes in Computer Science, pp. 495–498. Springer, Berlin (1991)
Dobraunig, C., Eichlseder, M., Grassi, L., Lallemand, V., Leander, G., List, E., Mendel, F., Rechberger, C.: Rasta: A cipher with low anddepth and few ands per bit. In Shacham, H., Boldyreva, A. (eds.) Advances in Cryptology - CRYPTO 2018 - 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19–23, 2018, Proceedings, Part I, volume 10991 of Lecture Notes in Computer Science, pp. 662–692. Springer, Berlin (2018)
Dinur, I.: Cryptanalytic time-memory-data tradeoffs for fx-constructions with applications to PRINCE and PRIDE. In Oswald, E., Fischlin, M. (eds.) Advances in Cryptology - EUROCRYPT 2015 - 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26-30, 2015, Proceedings, Part I, volume 9056 of Lecture Notes in Computer Science, pp. 231–253. Springer, Berlin (2015)
Dinur, I.: Cryptanalytic time-memory-data trade-offs for fx-constructions and the affine equivalence problem. J. Cryptol. 33(3), 874–909 (2020)
Dunkelman, O., Keller, N., Shamir, A.: Minimalism in cryptography: The even-mansour scheme revisited. In Pointcheval, D. Johansson, T. (eds.) Advances in Cryptology - EUROCRYPT 2012 - 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cambridge, UK, April 15–19, 2012. Proceedings, volume 7237 of Lecture Notes in Computer Science, pp. 336–354. Springer, Berlin (2012)
Dunkelman, O., Keller, N., Shamir, A.: Slidex attacks on the even-mansour encryption scheme. J. Cryptol. 28(1), 1–28 (2015)
Dobraunig, C., Moazami, F., Rechberger, C., Soleimany, H.: Framework for faster key search using related-key higher-order differential properties: applications to agrasta. IET Inf. Secur. 14(2), 202–209 (2020)
Daemen, J., Rijmen, V.: The design of Rijndael: AES - the advanced encryption standard. In Information Security and Cryptography. Springer, Berlin (2002)
Even, S., Mansour, Y.: A Construction of a Cipher From a Single Pseudorandom Permutation. In Imai, H., Rivest, R.L., Matsumoto, T. (eds.) ASIACRYPT, volume 739 of LNCS, pp. 210–224. Springer, Berlin (1991)
Gérard, B., Grosso, V., Naya-Plasencia, M., Standaert, F.-X.: Block ciphers that are easier to mask: How far can we go? In Bertoni, G., Coron, J.-S. (eds.) Cryptographic Hardware and Embedded Systems - CHES 2013 - 15th International Workshop, Santa Barbara, CA, USA, August 20–23, 2013. Proceedings, volume 8086 of Lecture Notes in Computer Science, pp. 383–399. Springer, Berlin (2013)
Gérard, B., Grosso, V., Naya-Plasencia, M., Standaert, F.-X.: Block ciphers that are easier to mask: How far can we go? IACR Cryptol. ePrint Arch. 2013, 369 (2013)
Knudsen, L.R.: Cryptanalysis of LOKI91. In Seberry, J., Zheng, Y. (eds.) AUSCRYPT, volume 718 of LNCS, pp. 196–208. Springer, Berlin (1992)
Käsper, E., Rijmen, V., Bjørstad, T.E., Rechberger, C., Robshaw, M.J.B., Sekar, G.: Correlated keystreams in moustique. In Vaudenay, S. (ed.), AFRICACRYPT, volume 5023 of LNCS, pp. 246–257. Springer, Berlin (2008)
Soleimany, H.: Self-similarity cryptanalysis of the block cipher itubee. IET Inf. Secur. 9(3), 179–184 (2015)
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Soleimany, H., Moazami, F. A generalized framework for accelerating exhaustive search utilizing deterministic related-key differential characteristics. J Comput Virol Hack Tech 18, 141–146 (2022). https://doi.org/10.1007/s11416-021-00401-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11416-021-00401-2