Related-Tweak Multiple Impossible Differential Attack for TweAES

JIANG Zilong; JIN Chenhui

doi:10.11999/JEIT211147

Volume 45 Issue 1

Jan. 2023

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2023 > 45(1): 344-352

JIANG Zilong, JIN Chenhui. Related-Tweak Multiple Impossible Differential Attack for TweAES[J]. Journal of Electronics & Information Technology, 2023, 45(1): 344-352. doi: 10.11999/JEIT211147

Citation:

JIANG Zilong, JIN Chenhui. Related-Tweak Multiple Impossible Differential Attack for TweAES[J]. Journal of Electronics & Information Technology, 2023, 45(1): 344-352. doi: 10.11999/JEIT211147

JIANG Zilong, JIN Chenhui. Related-Tweak Multiple Impossible Differential Attack for TweAES[J]. Journal of Electronics & Information Technology, 2023, 45(1): 344-352. doi: 10.11999/JEIT211147

Citation:

JIANG Zilong, JIN Chenhui. Related-Tweak Multiple Impossible Differential Attack for TweAES[J]. Journal of Electronics & Information Technology, 2023, 45(1): 344-352. doi: 10.11999/JEIT211147

PDF( 3949 KB)

Related-Tweak Multiple Impossible Differential Attack for TweAES

doi: 10.11999/JEIT211147

JIANG Zilong^,,
JIN Chenhui

Strategic Support Forces Information Engineering University, Zhengzhou 450001, China

Funds: The National Natural Science Foundation of China (61772547, 61902428, 61802438)

Received Date: 2021-10-21
Rev Recd Date: 2022-03-21

Available Online: 2022-04-15

Publish Date: 2023-01-17

Abstract

Abstract

TweAES is one of the second-round candidates in the NIST Lightweight Cryptography Standardization competition. The related-tweak multiple impossible differentials attack of 8-round TweAES is presented. Firstly, two types of impossible differential distinguishers are utilized to construct two attack trails, and each attack trail needs to guess 16 Byte subkey. It is worth noting that two attack trails have the same plaintext structure and 14 Byte common subkey. Attackers can utilize the plaintext pairs with the same plaintext structure to reject wrong subkeys by two filters processed, and because of a large number of common subkey, the efficiency of subkeys sifting can be improved. Furthermore, the incompleteness of the key schedule is utilized to choose the subkey Bytes. With the help of the relations of subkey Bytes, the efficiency of reconstructing the corresponding master keys can be improved, so the complexity of the whole attack scheme can be improved. Compared with the previous results, this work obtain the new attack scheme of 8-round TweAES, which needs lower time, data, and memory complexities than other attack schemes.
- Lightweight cipher,
- Impossible differential,
- TweAES,
- Tweak

FullText(HTML)

References(20)

References

[1]	CHAKRABORTI A, DATTA N, JHA A, et al. ESTATE: A lightweight and low energy authenticated encryption mode[J]. IACR Transactions on Symmetric Cryptology, 2020, 2020(S1): 350–389. doi: 10.13154/tosc.v2020.iS1.350-389
[2]	DWORKIN M J, BARKER E B, NECHVATAL J R, et al. Advanced encryption standard (AES)[EB/OL]. https: //doi. org/https://doi.org/10.6028/NIST.FIPS.197, 2001.
[3]	BIHAM E, BIRYUKOV A, and SHAMIR A. Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials[C]. Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques, Czech Republic, 1999: 12-23.
[4]	AOKI K, ICHIKAWA T, KANDA M, et al. Camellia: A 128-bit block cipher suitable for multiple platforms — design andanalysis[C]. Proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography, Ontario, Canada, 2000: 39-56.
[5]	TSUNOO Y, TSUJIHARA E, SHIGERI M, et al. Cryptanalysis of CLEFIA using multiple impossible differentials[C]. Proceedings of 2008 International Symposium on Information Theory and Its Applications, Auckland, New Zealand, 2008: 1-6.
[6]	BOURA C, NAYA-PLASENCIA M, and SUDER V. Scrutinizing and improving impossible differential attacks: Applications to CLEFIA, Camellia, LBlock and Simon[C]. Proceedings of the 20th International Conference on the Theory and Application of Cryptology and Information Security, Kaoshiung, China, 2014: 179-199.
[7]	BOURA C, LALLEMAND V, NAYA-PLASENCIA M, et al. Making the impossible possible[J]. Journal of Cryptology, 2018, 31(1): 101–133. doi: 10.1007/s00145-016-9251-7
[8]	LI Xinran, JIN Chenhui, and FU Fangwei. Improved results of impossible differential cryptanalysis on reduced FOX[J]. The Computer Journal, 2016, 59(4): 541–548. doi: 10.1093/comjnl/bxv073
[9]	LI Xinran, FU Fangwei, and GUANG Xuan. Multiple impossible differential cryptanalysis on reduced FOX[J]. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2015, 98(3): 906–911. doi: 10.1587/transfun.E98.A.906
[10]	SHIRAI T, SHIBUTANI K, AKISHITA T, et al. The 128-bit blockcipher CLEFIA (extended abstract)[C]. Proceedings of the 14th International Workshop on Fast Software Encryption, Luxembourg, 2007: 181-195.
[11]	WU Wenling and ZHANG Lei. LBlock: A lightweight block cipher[C]. Proceedings of the 9th International Conference on Applied Cryptography and Network Security, Nerja, Spain, 2011: 327-344.
[12]	JUNOD P and VAUDENAY S. FOX: A new family of block ciphers[C]. Proceedings of the 11th International Workshop on Selected Areas in Cryptography, Waterloo, Canada, 2004: 114-129.
[13]	BONNETAIN X, NAYA-PLASENCIA M, and SCHROTTENLOHER A. Quantum security analysis of AES[J]. IACR Transactions on Symmetric Cryptology, 2019, 2019(2): 55–93. doi: 10.13154/tosc.v2019.i2.55-93
[14]	GILBERT H. A simplified representation of AES[C]. Proceedings of the 20th International Conference on the Theory and Application of Cryptology and Information Security, Kaoshiung, China, 2014: 200-222.
[15]	MALA H, DAKHILALIAN M, RIJMEN V, et al. Improved impossible differential cryptanalysis of 7-round AES-128[C]. Proceedings of the 11th International Conference on Cryptology in India, Hyderabad, India, 2010: 282-291.
[16]	SUN Siwei, GERAULT D, LAFOURCADE P, et al. Analysis of AES, SKINNY, and others with constraint programming[J]. IACR Transactions on Symmetric Cryptology, 2017, 2017(1): 281–306. doi: 10.13154/tosc.v2017.i1.281-306
[17]	CUI Ting, JIN Chenhui, ZHANG Bin, et al. Searching all truncated impossible differentials in SPN[J]. IET Information Security, 2017, 11(2): 89–96. doi: 10.1049/iet-ifs.2015.0052
[18]	张海青. AES型密钥编排方案扩散不完全性的研究及应用[D]. [硕士论文], 战略支援部队信息工程大学, 2019. ZHANG Haiqing. Research and application of incomplete diffusion of AES-like key schedule[D]. [Master dissertation], Information Engineering University, 2019.
[19]	LEURENT G and PERNOT C. New representations of the AES key schedule[C]. Proceedings of the 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, 2021: 54-84.
[20]	NIU Chao, LI Muzhou, WANG Meiqin, et al. Related-tweak impossible differential cryptanalysis of reduced-round TweAES[C]. Proceedings of the 28th International Conference on Selected Areas in Cryptography, Cham, Switzerland, 2021: 223-245.