Zero-Correlation Attacks on Tweakable Block Ciphers with Linear Tweakey Expansion
The design and analysis of dedicated tweakable block ciphers is a quite recent and very active research field that provides an ongoing stream of new insights. For instance, results of Kranz, Leander, and Wiemer from FSE 2017 show that the addition of a tweak using a linear tweak schedule does not i...
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Ruhr-Universität Bochum
2019-03-01
|
| Series: | IACR Transactions on Symmetric Cryptology |
| Subjects: | |
| Online Access: | https://tosc.iacr.org/index.php/ToSC/article/view/7402 |
| id |
doaj-9fd4db4f0f954c1681c697a31a580514 |
|---|---|
| record_format |
Article |
| spelling |
doaj-9fd4db4f0f954c1681c697a31a5805142021-03-02T02:22:30ZengRuhr-Universität BochumIACR Transactions on Symmetric Cryptology2519-173X2019-03-012019110.13154/tosc.v2019.i1.192-235Zero-Correlation Attacks on Tweakable Block Ciphers with Linear Tweakey ExpansionRalph Ankele0Christoph Dobraunig1Jian Guo2Eran Lambooij3Gregor Leander4Yosuke Todo5Royal Holloway University of London, UK; Division of Mathematical Sciences, School of Physical and Mathematical Sciences, Nanyang Technological UniversityGraz University of Technology, Austria; Digital Security Group, Radboud University, NijmegenDivision of Mathematical Sciences, School of Physical and Mathematical Sciences, Nanyang Technological UniversityUniversity of HaifaRuhr-Universität BochumNTT Secure Platform Laboratories The design and analysis of dedicated tweakable block ciphers is a quite recent and very active research field that provides an ongoing stream of new insights. For instance, results of Kranz, Leander, and Wiemer from FSE 2017 show that the addition of a tweak using a linear tweak schedule does not introduce new linear characteristics. In this paper, we consider – to the best of our knowledge – for the first time the effect of the tweak on zero-correlation linear cryptanalysis for ciphers that have a linear tweak schedule. It turns out that the tweak can often be used to get zero-correlation linear hulls covering more rounds compared to just searching zero-correlation linear hulls on the data-path of a cipher. Moreover, this also implies the existence of integral distinguishers on the same number of rounds. We have applied our technique on round reduced versions of Qarma, Mantis, and Skinny. As a result, we can present – to the best of our knowledge – the best attack (with respect to number of rounds) on a round-reduced variant of Qarma. https://tosc.iacr.org/index.php/ToSC/article/view/7402Symmetric-key cryptographytweakable block cipherszero-correlationintegral cryptanalysisQarmaMantis |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Ralph Ankele Christoph Dobraunig Jian Guo Eran Lambooij Gregor Leander Yosuke Todo |
| spellingShingle |
Ralph Ankele Christoph Dobraunig Jian Guo Eran Lambooij Gregor Leander Yosuke Todo Zero-Correlation Attacks on Tweakable Block Ciphers with Linear Tweakey Expansion IACR Transactions on Symmetric Cryptology Symmetric-key cryptography tweakable block ciphers zero-correlation integral cryptanalysis Qarma Mantis |
| author_facet |
Ralph Ankele Christoph Dobraunig Jian Guo Eran Lambooij Gregor Leander Yosuke Todo |
| author_sort |
Ralph Ankele |
| title |
Zero-Correlation Attacks on Tweakable Block Ciphers with Linear Tweakey Expansion |
| title_short |
Zero-Correlation Attacks on Tweakable Block Ciphers with Linear Tweakey Expansion |
| title_full |
Zero-Correlation Attacks on Tweakable Block Ciphers with Linear Tweakey Expansion |
| title_fullStr |
Zero-Correlation Attacks on Tweakable Block Ciphers with Linear Tweakey Expansion |
| title_full_unstemmed |
Zero-Correlation Attacks on Tweakable Block Ciphers with Linear Tweakey Expansion |
| title_sort |
zero-correlation attacks on tweakable block ciphers with linear tweakey expansion |
| publisher |
Ruhr-Universität Bochum |
| series |
IACR Transactions on Symmetric Cryptology |
| issn |
2519-173X |
| publishDate |
2019-03-01 |
| description |
The design and analysis of dedicated tweakable block ciphers is a quite recent and very active research field that provides an ongoing stream of new insights. For instance, results of Kranz, Leander, and Wiemer from FSE 2017 show that the addition of a tweak using a linear tweak schedule does not introduce new linear characteristics. In this paper, we consider – to the best of our knowledge – for the first time the effect of the tweak on zero-correlation linear cryptanalysis for ciphers that have a linear tweak schedule. It turns out that the tweak can often be used to get zero-correlation linear hulls covering more rounds compared to just searching zero-correlation linear hulls on the data-path of a cipher. Moreover, this also implies the existence of integral distinguishers on the same number of rounds. We have applied our technique on round reduced versions of Qarma, Mantis, and Skinny. As a result, we can present – to the best of our knowledge – the best attack (with respect to number of rounds) on a round-reduced variant of Qarma.
|
| topic |
Symmetric-key cryptography tweakable block ciphers zero-correlation integral cryptanalysis Qarma Mantis |
| url |
https://tosc.iacr.org/index.php/ToSC/article/view/7402 |
| work_keys_str_mv |
AT ralphankele zerocorrelationattacksontweakableblockcipherswithlineartweakeyexpansion AT christophdobraunig zerocorrelationattacksontweakableblockcipherswithlineartweakeyexpansion AT jianguo zerocorrelationattacksontweakableblockcipherswithlineartweakeyexpansion AT eranlambooij zerocorrelationattacksontweakableblockcipherswithlineartweakeyexpansion AT gregorleander zerocorrelationattacksontweakableblockcipherswithlineartweakeyexpansion AT yosuketodo zerocorrelationattacksontweakableblockcipherswithlineartweakeyexpansion |
| _version_ |
1724244346080854016 |