nach oben

Erschienen in:

2024 | OriginalPaper | Buchkapitel

Automated-Based Rebound Attacks on ACE Permutation

verfasst von : Jiali Shi, Guoqiang Liu, Chao Li, Yingxin Li

Erschienen in: Topics in Cryptology – CT-RSA 2024

Verlag: Springer Nature Switzerland

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

\(\texttt{ACE}\), a second-round candidate of the NIST Lightweight Cryptography Standardization project, is a 16-step iterative permutation that operates on a 320-bit state. It aims to optimize the software efficiency and hardware cost for authentication encryption (AE) mode and a hashing mode based on sufficient security margins. However, the security of such permutation has not been studied well so far. In this paper, an algorithm is used for searching rebound distinguishers of \(\texttt{ACE}\) permutation. By applying this algorithm, we obtained the first 14-step rebound attack on \(\texttt{ACE}\) permutation. The nonlinear function (ordinary represented as Sbox) of \(\texttt{ACE}\) permutation is based on 8 rounds unkeyed \(\texttt{Simeck}\)-64 abbreviated as \(\texttt{SB}\)-64. By constructing an SMT model, the lower bound on the number of active \(\texttt{SB}\)-64s for the differential characteristics of \(\texttt{ACE}\) has been verified. Then, by making use of \(\texttt{SB}\)-64’s iterative differentials, we construct 128 11-step/13-step rebound distinguishers and 9 14-step rebound distinguishers for \(\texttt{ACE}\) permutation, the complexity of these rebound attacks was also discussed. All these attacks are the best ones so far, and this reduces the security margin of \(\texttt{ACE}\) permutation to \(12.5\%\).

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel The Multi-user Security of MACs via Universal Hashing in the Ideal Cipher Model

Nächstes Kapitel The Exact Multi-user Security of 2-Key Triple DES

Nur mit Berechtigung zugänglich

ACE Team. https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/round-2/official-comments/ace-round2-official-comment.pdf.

Aagaard, M., AlTawy, R., Gong, G., Mandal, K., Rohit, R.: ACE: an authenticated encryption and hash algorithm. Submission to NIST-LWC (Round 2) (2019). https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/round-2/spec-doc-rnd2/ace-spec-round2.pdf

AlTawy, R., Rohit, R., He, M., Mandal, K., Yang, G., Gong, G.: sLiSCP: simeck-based permutations for lightweight sponge cryptographic primitives. In: Adams, C., Camenisch, J. (eds.) SAC 2017. LNCS, vol. 10719, pp. 129–150. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-72565-9_7CrossRef

AlTawy, R., Rohit, R., He, M., Mandal, K., Yang, G., Gong, G.: Sliscp-light: towards hardware optimized sponge-specific cryptographic permutations. ACM Trans. Embed. Comput. Syst. 17(4), 81:1–81:26 (2018). https://doi.org/10.1145/3233245

Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. IACR Cryptology ePrint Archive, p. 404 (2013). http://eprint.iacr.org/2013/404

Bogdanov, A., Shibutani, K.: Generalized Feistel networks revisited. Des. Codes Cryptogr. 66(1–3), 75–97 (2013). https://doi.org/10.1007/s10623-012-9660-zMathSciNetCrossRef

Dong, X., Guo, J., Li, S., Pham, P.: Triangulating rebound attack on AES-like hashing. In: Dodis, Y., Shrimpton, T. (eds.) CRYPTO 2022, Part I. LNCS, vol. 13507, pp. 94–124. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-15802-5_4CrossRef

Dong, X., Li, S., Pham, P.: Chosen-key distinguishing attacks on full AES-192, AES-256, Kiasu-BC, and more. IACR Cryptology ePrint Archive, p. 1095 (2023). https://eprint.iacr.org/2023/1095

Gilbert, H., Peyrin, T.: Super-Sbox cryptanalysis: improved attacks for AES-like permutations. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 365–383. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13858-4_21CrossRef

Hosoyamada, A., Naya-Plasencia, M., Sasaki, Y.: Improved attacks on sLiSCP permutation and tight bound of limited birthday distinguishers. IACR Trans. Symmetric Cryptol. 2020(4), 147–172 (2020). https://doi.org/10.46586/tosc.v2020.i4.147-172

10.

Iwamoto, M., Peyrin, T., Sasaki, Yu.: Limited-birthday distinguishers for hash functions. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 504–523. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-42045-0_26CrossRef

11.

Kölbl, S., Leander, G., Tiessen, T.: Observations on the SIMON block cipher family. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015, Part I. LNCS, vol. 9215, pp. 161–185. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47989-6_8CrossRef

12.

Kullmann, O. (ed.): SAT 2009. LNCS, vol. 5584. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02777-2CrossRef

13.

Lai, X., Massey, J.L., Murphy, S.: Markov ciphers and differential cryptanalysis. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 17–38. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-46416-6_2CrossRef

14.

Lamberger, M., Mendel, F., Schläffer, M., Rechberger, C., Rijmen, V.: The rebound attack and subspace distinguishers: application to whirlpool. J. Cryptol. 28(2), 257–296 (2015). https://doi.org/10.1007/s00145-013-9166-5

15.

Leurent, G., Pernot, C., Schrottenloher, A.: Clustering effect in Simon and Simeck. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021, Part I. LNCS, vol. 13090, pp. 272–302. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-92062-3_10CrossRef

16.

Liu, J., Liu, G., Qu, L.: A new automatic tool searching for impossible differential of NIST candidate ACE. Mathematics 8(9), 1576 (2020). Number: 9 Publisher: Multidisciplinary Digital Publishing Institute

17.

Liu, Y., Sasaki, Y., Song, L., Wang, G.: Cryptanalysis of reduced sLiSCP permutation in sponge-hash and duplex-AE modes. In: Cid, C., Jacobson, M., Jr. (eds.) SAC 2018. LNCS, vol. 11349, pp. 92–114. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-10970-7_5CrossRef

18.

Liu, Z., Li, Y., Wang, M.: Optimal differential trails in Simon-like ciphers. IACR Trans. Symmetric Cryptol. 2017(1), 358–379 (2017). https://doi.org/10.13154/tosc.v2017.i1.358-379

19.

Massacci, F., Marraro, L.: Logical cryptanalysis as a SAT problem. J. Autom. Reason. 24(1/2), 165–203 (2000). https://doi.org/10.1023/A:1006326723002MathSciNetCrossRef

20.

Mendel, F., Rechberger, C., Schläffer, M., Thomsen, S.S.: The rebound attack: cryptanalysis of reduced whirlpool and. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 260–276. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03317-9_16CrossRef

21.

Mironov, I., Zhang, L.: Applications of SAT solvers to cryptanalysis of hash functions. In: Biere, A., Gomes, C.P. (eds.) SAT 2006. LNCS, vol. 4121, pp. 102–115. Springer, Heidelberg (2006). https://doi.org/10.1007/11814948_13CrossRef

22.

Morawiecki, P., Srebrny, M.: A SAT-based preimage analysis of reduced Keccak hash functions. Inf. Process. Lett. 113(10–11), 392–397 (2013). https://doi.org/10.1016/j.ipl.2013.03.004MathSciNetCrossRef

23.

Nieuwenhuis, R., Oliveras, A., Tinelli, C.: Solving SAT and SAT modulo theories: From an abstract Davis-Putnam-Logemann-Loveland procedure to DPLL(\(T\)). J. ACM 53(6), 937–977 (2006). https://doi.org/10.1145/1217856.1217859MathSciNetCrossRef

24.

Nikolić, I., Pieprzyk, J., Sokołowski, P., Steinfeld, R.: Known and chosen key differential distinguishers for block ciphers. In: Rhee, K.-H., Nyang, D.H. (eds.) ICISC 2010. LNCS, vol. 6829, pp. 29–48. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24209-0_3CrossRef

25.

Nyberg, K.: Generalized Feistel networks. In: Kim, K., Matsumoto, T. (eds.) ASIACRYPT 1996. LNCS, vol. 1163, pp. 91–104. Springer, Heidelberg (1996). https://doi.org/10.1007/BFb0034838CrossRef

26.

Sinz, C.: Towards an optimal CNF encoding of Boolean cardinality constraints. In: van Beek, P. (ed.) CP 2005. LNCS, vol. 3709, pp. 827–831. Springer, Heidelberg (2005). https://doi.org/10.1007/11564751_73CrossRef

27.

Sun, B., Liu, M., Guo, J., Rijmen, V., Li, R.: Provable security evaluation of structures against impossible differential and zero correlation linear cryptanalysis. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 196–213. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_8CrossRef

28.

Sun, L., Wang, W., Wang M.: Accelerating the search of differential and linear characteristics with the SAT method. IACR Trans. Symmetric Cryptol. 2021(1), 269–315 (2021). https://doi.org/10.46586/tosc.v2021.i1.269-315

29.

Wang, S., Feng, D., Hu, B., Guan, J., Shi, T., Zhang, K.: The simplest SAT model of combining Matsui’s bounding conditions with sequential encoding method. IACR Cryptology ePrint Archive, p. 626 (2022). https://eprint.iacr.org/2022/626

30.

Yang, G., Zhu, B., Suder, V., Aagaard, M.D., Gong, G.: The Simeck family of lightweight block ciphers. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 307–329. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_16CrossRef

31.

Ye, T., Wei, Y., Li, L., Pasalic, E.: Impossible differential cryptanalysis and integral cryptanalysis of the ACE-class permutation. In: Deng, R., et al. (eds.) ISPEC 2021. LNCS, vol. 13107, pp. 306–326. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-93206-0_19CrossRef

Titel: Automated-Based Rebound Attacks on ACE Permutation
verfasst von: Jiali Shi
Guoqiang Liu
Chao Li
Yingxin Li
Verlag: Springer Nature Switzerland
Buch: Topics in Cryptology – CT-RSA 2024
Print ISBN: 978-3-031-58867-9

Electronic ISBN: 978-3-031-58868-6

Copyright-Jahr: 2024
DOI: https://doi.org/10.1007/978-3-031-58868-6_4

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner