Lightweight Block Ciphers Revisited: Cryptanalysis of Reduced Round PRESENT and HIGHT

2009-07-03
Ozen, Onur
Varici, Kerem
Tezcan, Cihangir
Kocair, Celebi
Design and analysis of lightweight block ciphers have become more popular due to the fact that the future use of block ciphers in ubiquitous devices is generally assumed to be extensive. In this respect, several lightweight block ciphers are designed, of which PRESENT and HIGHT are two recently proposed ones by Bogdanov et al. and Hong et al. respectively. In this paper, we propose new attacks on PRESENT and HIGHT. Firstly, we present the first related-key cryptanalysis of 128-bit keyed PRESENT by introducing 17-round related-key rectangle attack with time complexity approximately 2 104 memory accesses. Moreover, we further analyze the resistance of HIGHT against impossible differential attacks by mounting new 26-round impossible differential and 31-round related-key impossible differential attacks where the former requires time complexity of 2(119.53) reduced round HIGHT evaluations and the latter is slightly better than exhaustive search.
14th Australasian Conference on Information Security and Privacy

Suggestions

Impossible differential cryptanalysis of reduced round HIGHT
Tezcan, Cihangir; Doğanaksoy, Ali; Department of Cryptography (2009)
Design and analysis of lightweight block ciphers have become more popular due to the fact that the future use of block ciphers in ubiquitous devices is generally assumed to be extensive. In this respect, several lightweight block ciphers are designed, of which HIGHT is proposed by Hong et al. at CHES 2006 as a constrained hardware oriented block cipher. HIGHT is shown to be highly convenient for extremely constrained devices such as RFID tags and sensor networks and it became a standard encryption algorithm...
Differential-linear Attacks on Permutation Ciphers Revisited: Experiments on Ascon and DryGASCON
Civek, Aslı Başak; Tezcan, Cihangir (2021-01-01)
Ascon and DryGASCON are very similar designs that were submitted to NIST's lightweight cryptography standardization process. While Ascon made it to the finals, DryGASCON was eliminated in the second round. We analyze these algorithms against truncated, linear and differential-linear distinguishers to compare their security. We correct 2, 3, 3.5-round truncated differentials and 5-round differential-linear distinguishers that were given for DryGASCON-128. Moreover, we provide the longest practical differenti...
Truncated Impossible and Improbable Differential Analysis of ASCON
Tezcan, Cihangir (2016-02-01)
Ascon is an authenticated encryption algorithm which is recently qualified for the second-round of the Competition for Authenticated Encryption: Security, Applicability, and Robustness. So far, successful differential, differential-linear, and cube-like attacks on the reduced-round Ascon are provided. In this work, we provide the inverse of Ascon's linear layer in terms of rotations which can be used for constructing impossible differentials. We show that Ascon's S-box contains 35 undisturbed bits and we us...
Efficient Abstractions for the Supervisory Control of Modular Discrete Event Systems
Schmidt, Klaus Verner (2012-12-01)
The topic of this technical note is the nonblocking and maximally permissive abstraction-based supervisory control for modular discrete event systems (DES). It is shown, that an efficient abstraction technique, that was developed for the nonconflict verification of modular DES, is also suitable for the nonblocking supervisory control. Moreover, it is proved that this abstraction technique can be extended by the condition of local control consistency, in order to achieve maximally permissive supervision. Dif...
Differential Factors Revisited: Corrected Attacks on PRESENT and SERPENT
Tezcan, Cihangir (2015-09-11)
Differential factors, which prevent the attacker to distinguish some of the guessed keys corresponding to an active S-box during a differential attack on a block cipher, are recently introduced at Lightsec 2014 and used to reduce the time complexities of the previous differential-linear attacks on Serpent. Key recovery attacks generally consists of two parts: Key guess using the distinguisher and exhaustive search on the remaining key bits. Thus, we show that differential factors can reduce the time complex...
Citation Formats
O. Ozen, K. Varici, C. Tezcan, and C. Kocair, “Lightweight Block Ciphers Revisited: Cryptanalysis of Reduced Round PRESENT and HIGHT,” Queensland Univ Technol, Informat Secur Inst, Brisbane, AUSTRALIA, 2009, vol. 5594, Accessed: 00, 2020. [Online]. Available: https://hdl.handle.net/11511/55846.