Improved Conditional Differential Analysis on NLFSR-Based Block Cipher KATAN32 with MILP
In this paper, a new method for constructing a Mixed Integer Linear Programming (MILP) model on conditional differential cryptanalysis of the nonlinear feedback shift register- (NLFSR-) based block ciphers is proposed, and an approach to detecting the bit with a strongly biased difference is provide...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Hindawi-Wiley
2020-01-01
|
| Series: | Wireless Communications and Mobile Computing |
| Online Access: | http://dx.doi.org/10.1155/2020/8883557 |
| Summary: | In this paper, a new method for constructing a Mixed Integer Linear Programming (MILP) model on conditional differential cryptanalysis of the nonlinear feedback shift register- (NLFSR-) based block ciphers is proposed, and an approach to detecting the bit with a strongly biased difference is provided. The model is successfully applied to the block cipher KATAN32 in the single-key scenario, resulting in practical key-recovery attacks covering more rounds than the previous. In particular, we present two distinguishers for 79 and 81 out of 254 rounds of KATAN32. Based on the 81-round distinguisher, we recover 11 equivalent key bits of 98-round KATAN32 and 13 equivalent key bits of 99-round KATAN32. The time complexity is less than 231 encryptions of 98-round KATAN32 and less than 233 encryptions of 99-round KATAN32, respectively. Thus far, our results are the best known practical key-recovery attacks for the round-reduced variants of KATAN32 regarding the number of rounds and the time complexity. All the results are verified experimentally. |
|---|---|
| ISSN: | 1530-8669 1530-8677 |