Improved Integral Cryptanalysis on Block Cipher uBlock

WANG Chen; CUI Jiamin; LI Muzhou; WANG Meiqin

doi:10.11999/JEIT231231

Volume 46 Issue 5

May 2024

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2024 > 46(5): 2149-2158

ZHANG Tianqi, QUAN Shengrong, QIANG Xingzi, JIANG Xiaolei. Time-frequency Analysis Method Based on Multi-scale Chirplet Sparse Decomposition and Wigner-Ville Transform[J]. Journal of Electronics & Information Technology, 2017, 39(6): 1333-1339. doi: 10.11999/JEIT160750

Citation:

WANG Chen, CUI Jiamin, LI Muzhou, WANG Meiqin. Improved Integral Cryptanalysis on Block Cipher uBlock[J]. Journal of Electronics & Information Technology, 2024, 46(5): 2149-2158. doi: 10.11999/JEIT231231

Citation:

PDF( 2283 KB)

Improved Integral Cryptanalysis on Block Cipher uBlock

doi: 10.11999/JEIT231231

WANG Chen^{1, 3},
CUI Jiamin^{1, 3},
LI Muzhou^{2
,
,},
WANG Meiqin^{1, 2, 3}

1.
School of Cyber Science and Technology, Shandong University, Qingdao 266237, China
2.
Quan Cheng Shandong Laboratory, Jinan 250100, China
3.
Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan 250100, China

Funds: The National Key Research and Development Program of China (2018YFA0704702), The National Natural Science Foundation of China (62032014), The Major Basic Research Project of Natural Science Foundation of Shandong Province, China (ZR202010220025), Qingdao Innovation Project (QDBSH20230101008)

Received Date: 2023-11-07
Rev Recd Date: 2024-01-29

Available Online: 2024-03-09

Publish Date: 2024-05-30

Abstract

Abstract

Integral attack is one of the most powerful cryptanalytic methods after differential and linear cryptanalysis, which was presented by Daemen et al. in 1997 (doi: 10.1007/BFb0052343). As the winning block cipher of China’s National Cipher Designing Competition in 2018, the security strength of uBlock against integral attack has received much attention. To better understand the integral property, this paper constructs the Mixed Integer Linear Programming (MILP) models for monomial prediction to search for the integral distinguishers and uses the partial sum techniques to perform key-recovery attacks. For uBlock-128/128 and uBlock-128/256, this paper gives the first 11 and 12-round attacks based on a 9-round integral distinguisher, respectively. The data complexity is ${2}^{127}$ chosen plaintexts. The time complexities are ${2}^{127.06}$ and ${2}^{224}$ times encryptions, respectively. The memory complexities are ${2}^{44.58}$ and ${2}^{138}$ Byte, respectively. For uBlock-256/256, this paper gives the first 12-round attack based on a 10-round integral distinguisher. The data complexity is ${2}^{253}$ chosen plaintexts. The time and memory complexities are ${2}^{253.06}$ times encryptions and ${2}^{44.46}$ Byte, respectively. The number of attacked rounds for uBlock-128/128 and uBlock-256/256 are improved by two rounds compared with the previous best ones. Besides, the number of attacked rounds for uBlock-128/256 is improved by three rounds. The results show that uBlock has enough security margin against integral attack.
- Cryptanalysis,
- Block cipher,
- uBlock,
- Integral attack

FullText(HTML)

References(30)

References

[1]	BIHAM E and SHAMIR A. Differential cryptanalysis of DES-like cryptosystems[C]. Conference on the Theory and Application of Cryptography. Santa Barbara, USA, 1990: 2–21. doi: 10.1007/3-540-38424-3_1.
[2]	BIHAM E and SHAMIR A. Differential cryptanalysis of DES-like cryptosystems[J]. Journal of Cryptology, 1991, 4(1): 3–72. doi: 10.1007/BF00630563.
[3]	MATSUI M. Linear cryptanalysis method for DES cipher[C]. Workshop on the Theory and Application of of Cryptographic Techniques, Lofthus, Norway, 1993, 765: 386–397. doi: 10.1007/3-540-48285-7_33.
[4]	DAEMEN J, KNUDSEN L, and RIJMEN V. The block cipher square[C]. The 4th International Workshop on Fast Software Encryption, Haifa, Israel, 1997: 149–165. doi: 10.1007/BFb0052343.
[5]	KNUDSEN L and WAGNER D. Integral cryptanalysis[C]. The 9th International Workshop on Fast Software Encryption, Leuven, Belgium, 2002: 112–127. doi: 10.1007/3-540-45661-9_9.
[6]	TODO Y. Structural evaluation by generalized integral property[C]. The 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, 2015: 287–314. doi: 10.1007/978-3-662-46800-5_12.
[7]	TODO Y. Integral cryptanalysis on full MISTY1[C]. The 35th Annual Cryptology Conference, Santa Barbara, USA, 2015: 413–432. doi: 10.1007/978-3-662-47989-6_20.
[8]	TODO Y. Integral cryptanalysis on full MISTY1[J]. Journal of Cryptology, 2017, 30(3): 920–959. doi: 10.1007/s00145-016-9240-x.
[9]	TODO Y and MORII M. Bit-based division property and application to SIMON family[C]. The 23rd International Conference on Fast Software Encryption, Bochum, Germany, 2016: 357–377. doi: 10.1007/978-3-662-52993-5_18.
[10]	XIANG Zejun, ZHANG Wentao, BAO Zhenzhen, et al. Applying MILP method to searching integral distinguishers based on division property for 6 lightweight block ciphers[C]. The 22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, 2016: 648–678. doi: 10.1007/978-3-662-53887-6_24.
[11]	DERBEZ P and LAMBIN B. Fast MILP models for division property[J]. IACR Transactions on Symmetric Cryptology, 2022, 2022(2): 289–321. doi: 10.46586/tosc.v2022.i2.289-321.
[12]	ROHIT R and SARKAR S. Cryptanalysis of reduced round SPEEDY[C]. 13th International Conference on Cryptology in Africa, Fes, Morocco, 2022: 133–149. doi: 10.1007/978-3-031-17433-9_6.
[13]	SHIBA R, SAKAMOTO K, LIU Fukang, et al. Integral and impossible-differential attacks on the reduced-round Lesamnta-LW-BC[J]. IET Information Security, 2022, 16(2): 75–85. doi: 10.1049/ise2.12044.
[14]	SHIRAYA T, TAKEUCHI N, SAKAMOTO K, et al. MILP-based security evaluation for AEGIS/Tiaoxin-346/Rocca[J]. IET Information Security, 2023, 17(3): 458–467. doi: 10.1049/ise2.12109.
[15]	WANG Senpeng, HU Bin, GUAN Jie, et al. MILP-aided method of searching division property using three subsets and applications[C]. The 25th International Conference on the Theory and Application of Cryptology and Information Security, Kobe, Japan, 2019: 398–427. doi: 10.1007/978-3-030-34618-8_14.
[16]	HAO Yonglin, LEANDER G, MEIER W, et al. Modeling for three-subset division property without unknown subset[C]. The 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, 2020: 466–495. doi: 10.1007/978-3-030-45721-1_17.
[17]	HAO Yonglin, LEANDER G, MEIER W, et al. Modeling for three-subset division property without unknown subset[J]. Journal of Cryptology, 2021, 34(3): 22. doi: 10.1007/s00145-021-09383-2.
[18]	HU Kai, SUN Siwei, WANG Meiqin, et al. An algebraic formulation of the division property: Revisiting degree evaluations, cube attacks, and key-independent sums[C]. The 26th International Conference on the Theory and Application of Cryptology and Information Security, Daejeon, South Korea, 2020: 446–476. doi: 10.1007/978-3-030-64837-4_15.
[19]	CUI Jiamin, HU Kai, WANG Qingju, et al. Integral attacks on pyjamask-96 and round-reduced pyjamask-128[C]. Cryptographers’ Track at the RSA Conference, Virtual Event, 2022: 223–246. doi: 10.1007/978-3-030-95312-6_10.
[20]	CUI Jiamin, HU Kai, WANG Meiqin, et al. On the field-based division property: Applications to MiMC, feistel MiMC and GMiMC[C]. The 28th International Conference on the Theory and Application of Cryptology and Information Security, Taipei, China, 2022: 241–270. doi: 10.1007/978-3-031-22969-5_9.
[21]	胡斌, 张贵显. ${\mu }^{2}$ 算法的积分攻击和不可能差分攻击[J]. 电子与信息学报, 2022, 44(9): 3335–3342. doi: 10.11999/JEIT210638. HU Bin and ZHANG Guixian. Integral cryptanalysis and impossible differential cryptanalysis of the ${\mu }^{2}$ algorithm[J]. Journal of Electronics & Information Technology, 2022, 44(9): 3335–3342. doi: 10.11999/JEIT210638.
[22]	吴文玲, 张蕾, 等. The Block Cipher uBlock [OL]. https://sfjs.cacrnet.org.cn/site/term/list_76_1.html. WU Wenling, ZHANG Lei, ZHENG Yafei, et al. The Block Cipher uBlock [OL]. https://sfjs.cacrnet.org.cn/site/term/list_76_1.html.
[23]	吴文玲, 张蕾, 郑雅菲, 等. 分组密码uBlock[J]. 密码学报, 2019, 6(6): 690–703. doi: 10.13868/j.cnki.jcr.000334. WU Wenling, ZHANG Lei, ZHENG Yafei, et al. The block cipher uBlock[J]. Journal of Cryptologic Research, 2019, 6(6): 690–703. doi: 10.13868/j.cnki.jcr.000334.
[24]	TIAN Wenqiang and HU Bin. Integral cryptanalysis on two block ciphers pyjamask and uBlock[J]. IET Information Security, 2020, 14(5): 572–579. doi: 10.1049/iet-ifs.2019.0624.
[25]	MAO Yongxia, WU Wenling, WANG Bolin, et al. Improved division property for ciphers with complex linear layers[C]. The 27th Australasian Conference on Information Security and Privacy, Wollongong, Australia, 2022: 106–124. doi: 10.1007/978-3-031-22301-3_6.
[26]	黄明, 张莎莎, 洪春雷, 等. 分组密码复杂线性层可分性传播的MILP刻画方法[J]. 软件学报, 2023: 1–13. doi: 10.13328/j.cnki.jos.006839. HUANG Ming, ZHANG Shasha, HONG Chunlei, et al. MILP modeling of division property propagation for block ciphers with complex linear layers[J]. Journal of Software, 2023: 1–13. doi: 10.13328/j.cnki.jos.006839.
[27]	https://www.sagemath.org.
[28]	SUN Siwei, HU Lei, WANG Peng, et al. Automatic security evaluation and (Related-key) differential characteristic search: Application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers[C]. The 20th International Conference on the Theory and Application of Cryptology and Information Security, Kaoshiung, China, 2014: 158–178. doi: 10.1007/978-3-662-45611-8_9.
[29]	SUN Ling, WANG Wei, and WANG Meiqin. MILP-aided bit-based division property for primitives with non-bit-permutation linear layers[J]. IET Information Security, 2020, 14(1): 12–20. doi: 10.1049/iet-ifs.2018.5283.
[30]	FERGUSON N, KELSEY J, LUCKS S, et al. Improved cryptanalysis of rijndael[C]. The 7th International Workshop on Fast Software Encryption, New York, USA, 2000: 213–230. doi: 10.1007/3-540-44706-7_15.

Relative Articles

Supplements(0)

Cited By

Cited by

Periodical cited type(12)

1.	张艳睛，龙伟军，潘明海. 射频辐射源的高精度参数估计. 现代电子技术. 2022(15): 63-68 .
2.	陈万里，李伟，柴远波. 一种低信噪比下的LFM脉冲信号起始频率校正方法. 火力与指挥控制. 2021(02): 58-63 .
3.	孙同晶，刘桐，杨阳. 多阶次分数阶傅里叶域特征融合的主动声呐目标稀疏表示分类方法. 电子与信息学报. 2021(03): 809-816 . 本站查看
4.	李亚利，刘佳. 基于非平稳信号时频分析的DDoS攻击检测仿真. 计算机仿真. 2021(05): 353-356+370 .
5.	张玉，李天琪，张进，唐波. 基于集成固有时间尺度分解的IFF辐射源个体识别算法. 电子与信息学报. 2020(02): 430-437 . 本站查看
6.	邬俊阳，陈欣. 基于迭代搜索的线性调频脉冲信号参数估计方法. 探测与控制学报. 2020(04): 39-46 .
7.	林江刚，胡正新，李晶，翟怡萌，邓艾东. 低转速下基于AE信号与LMD的滚动轴承故障诊断. 动力工程学报. 2019(04): 293-298 .
8.	刘会杰，高新海，郭汝江. 一种低副瓣无混叠的线性调频信号时频分析方法. 电子与信息学报. 2019(11): 2614-2622 . 本站查看
9.	林江刚，胡正新，李晶，翟怡萌，邓艾东. 基于AE信号与VMD的滚动轴承故障诊断研究. 燃气轮机技术. 2018(03): 34-38 .
10.	欧国建，张淑芳，邓剑勋，蒋清平. 利用FFT实现对LFM信号的快速稀疏分解. 数据采集与处理. 2018(05): 865-871 .
11.	孙湘，华钢. 生物特征信号提纯算法的设计与实现. 生物医学工程研究. 2018(04): 492-495 .
12.	陈小龙，关键，黄勇，于晓涵，刘宁波，董云龙，何友. 雷达低可观测动目标精细化处理及应用. 科技导报. 2017(20): 19-27 .