Differential Factors Revisited: Corrected Attacks on PRESENT and SERPENT

2015-09-11
Differential factors, which prevent the attacker to distinguish some of the guessed keys corresponding to an active S-box during a differential attack on a block cipher, are recently introduced at Lightsec 2014 and used to reduce the time complexities of the previous differential-linear attacks on Serpent. Key recovery attacks generally consists of two parts: Key guess using the distinguisher and exhaustive search on the remaining key bits. Thus, we show that differential factors can reduce the time complexity of the former and increase the latter since the attacker does not need to guess the keys which cannot be distinguished. As an example for the latter, we show that the best known differential attack on Present overlooked its six differential factors and the corrected attack actually requires a time complexity increased by a factor of 64. Moreover, we show that differential factors also reduce data complexity of the differential attacks since less number of pairs are required to distinguish the correct key when the key space is reduced. This reduction in data complexity also reduces the time complexity. By using Serpent's differential factors, we further reduce the data and time complexity of the differential-linear attacks on this cipher to obtain the best attacks.
4th International Workshop on Lightweight Cryptography for Security and Privacy (LightSec)

Suggestions

Improbable differential attacks on SERPENT using undisturbed bits
Tezcan, Cihangir; Demircioʇlu, Murat (2014-01-01)
A recently introduced S-box evaluation criteria called undisturbed bits allow the attacker to construct longer truncated, impossible or improbable differentials. In this paper, we analyze the security of Serpent against impossible and improbable differential cryptanalysis for the first time and provide a 7-round improbable differential attack by using undisturbed bits of its S-boxes. Although these cryptanalytic techniques are discovered after Serpent was designed, our analysis shows that the cipher is secu...
Improved improbable differential attacks on ISO standard CLEFIA: Expansion technique revisited
Tezcan, Cihangir (2016-02-01)
Improbable differential cryptanalysis is a recent attack technique that generalizes impossible differential cryptanalysis for block ciphers. In this paper, we give the most effective attacks known to date on the CLEFIA cipher using improbable differential cryptanalysis. Moreover, we provide a general data complexity calculation that can guide the cryptanalyst to choose the optimal improbable differential. On a related account, we consider the probability calculations used for improbable differential cryptan...
Lightweight Block Ciphers Revisited: Cryptanalysis of Reduced Round PRESENT and HIGHT
Ozen, Onur; Varici, Kerem; Tezcan, Cihangir; Kocair, Celebi (2009-07-03)
Design and analysis of lightweight block ciphers have become more popular due to the fact that the future use of block ciphers in ubiquitous devices is generally assumed to be extensive. In this respect, several lightweight block ciphers are designed, of which PRESENT and HIGHT are two recently proposed ones by Bogdanov et al. and Hong et al. respectively. In this paper, we propose new attacks on PRESENT and HIGHT. Firstly, we present the first related-key cryptanalysis of 128-bit keyed PRESENT by introduci...
Basic cryptanalysis methods on block ciphers
Çelik, Dilek; Doğanaksoy, Ali; Department of Cryptography (2010)
Differential cryptanalysis and linear cryptanalysis are the first significant methods used to attack on block ciphers. These concepts compose the keystones for most of the attacks in recent years. Also, while designing a cipher, these attacks should be taken into consideration and the cipher should be created as secure against them. Although di fferential cryptanalysis and linear cryptanalysis are still important, they started to be ine cient due to the improvements in the technology. So, these attacks are ...
On Measuring Security Bounds of Some Ciphers Using Mixed Integer Linear Programming (MILP) Approach
Türesin, Can; Doğanaksoy, Ali; Koçak, Onur; Department of Cryptography (2021-9-6)
Block ciphers are one of the symmetric key encryption algorithms that are used in many devices. Its increasing popularity has led to the emergence of new cryptanalysis methods. Therefore, measuring block cipher's security bounds is one main indispensable need for its designers. Two of the most effective attacks on block ciphers are differential and linear cryptanalysis and these attacks' efficiencies are bonded with a number of active S-boxes of the cipher after a certain number of rounds. Consequently, mea...
Citation Formats
C. Tezcan, “Differential Factors Revisited: Corrected Attacks on PRESENT and SERPENT,” Bochum, GERMANY, 2015, vol. 9542, Accessed: 00, 2020. [Online]. Available: https://hdl.handle.net/11511/31073.