-
Chapter and Conference Paper
Designing S-Boxes Providing Stronger Security Against Differential Cryptanalysis for Ciphers Using Byte-Wise XOR
In this paper, we develop an S-box designing method by considering an interplay between an S-box and a linear layer, which enhances security against differential cryptanalysis. The basic idea can be found in b...
-
Chapter and Conference Paper
PRINCEv2
In this work, we propose tweaks to the PRINCE block cipher that help us to increase its security without changing the number of rounds or round operations. We get substantially higher security for the same comple...
-
Chapter and Conference Paper
Massive Superpoly Recovery with Nested Monomial Predictions
Determining the exact algebraic structure or some partial information of the superpoly for a given cube is a necessary step in the cube attack – a generic cryptanalytic technique for symmetric-key primitives ...
-
Chapter and Conference Paper
Strong and Tight Security Guarantees Against Integral Distinguishers
Integral attacks belong to the classical attack vectors against any given block ciphers. However, providing arguments that a given cipher is resistant against those attacks is notoriously difficult. In this p...
-
Chapter and Conference Paper
Lower Bounds on the Degree of Block Ciphers
Only the method to estimate the upper bound of the algebraic degree on block ciphers is known so far, but it is not useful for the designer to guarantee the security. In this paper we provide meaningful lower...
-
Chapter and Conference Paper
Modeling for Three-Subset Division Property Without Unknown Subset
A division property is a generic tool to search for integral distinguishers, and automatic tools such as MILP or SAT/SMT allow us to evaluate the propagation efficiently. In the application to stream ciphers,...
-
Chapter and Conference Paper
Out of Oddity – New Cryptanalytic Techniques Against Symmetric Primitives Optimized for Integrity Proof Systems
The security and performance of many integrity proof systems like SNARKs, STARKs and Bulletproofs highly depend on the underlying hash function. For this reason several new proposals have recently been develop...
-
Chapter and Conference Paper
Improved Differential-Linear Attacks with Applications to ARX Ciphers
We present several improvements to the framework of differential-linear attacks with a special focus on ARX ciphers. As a demonstration of their impact, we apply them to Chaskey and ChaCha and we are able to s...
-
Chapter and Conference Paper
Low-Data Complexity Attacks on Camellia
In this paper, we propose low-data complexity attacks on reduced-round Camellia. Our attacks are based on deterministic truncated differential characteristics exploiting properties of binaries matrices and dif...
-
Chapter and Conference Paper
Improved Integral Attack on HIGHT
HIGHT is a lightweight block cipher with 64-bit block length and 128-bit security, and it is based on the ARX-based generalized Feistel network. HIGHT became a standard encryption algorithm in South Korea and ...
-
Chapter and Conference Paper
Cube Attacks on Non-Blackbox Polynomials Based on Division Property
The cube attack is a powerful cryptanalytic technique and is especially powerful against stream ciphers. Since we need to analyze the complicated structure of a stream cipher in the cube attack, the cube attac...
-
Chapter and Conference Paper
Analyzing Key Schedule of Simon: Iterative Key Differences and Application to Related-Key Impossible Differentials
The current paper analyzes the key schedule function of lightweight block cipher Simon, which was designed by NSA in 2013. In particular, a list of all iterative key differences is provided for all members of the...
-
Chapter and Conference Paper
New Differential Bounds and Division Property of Lilliput: Block Cipher with Extended Generalized Feistel Network
This paper provides security analysis of lightweight block cipher Lilliput, which is an instantiation of extended generalized Feistel network (EGFN) developed by Berger et al. at SAC 2013. Its round function upda...
-
Chapter and Conference Paper
New Impossible Differential Search Tool from Design and Cryptanalysis Aspects
In this paper, a new tool searching for impossible differentials is presented. Our tool can detect any contradiction between input and output differences. It can also take into account the property inside the ...
-
Chapter and Conference Paper
Nonlinear Invariant Attack
In this paper we introduce a new type of attack, called nonlinear invariant attack. As application examples, we present new attacks that are able to distinguish the full versions of the (tweakable) block ciphers
-
Chapter and Conference Paper
Compact Representation for Division Property
The division property, which is a new method to find integral characteristics, was proposed at Eurocrypt 2015. Thereafter, some applications and improvements have been proposed. The bit-based division property...
-
Chapter and Conference Paper
Bit-Based Division Property and Application to Simon Family
Ciphers that do not use S-boxes have been discussed for the demand on lightweight cryptosystems, and their round functions consist of and, rotation, and xor. Especially, the Simon family is one of the most famous...
-
Chapter and Conference Paper
Wide Trail Design Strategy for Binary MixColumns
AES is one of the most common block ciphers and many AES-like primitives have been proposed. Recently, many lightweight symmetric-key cryptographic primitives have also been proposed. Some such primitives requ...
-
Chapter and Conference Paper
How Much Can Complexity of Linear Cryptanalysis Be Reduced?
The linear cryptanalysis proposed by Matsui is one of the most effective attacks on block ciphers, and he demonstrated an experimental cryptanalysis against DES at CRYPTO 1994. In this paper, we show how to op...
-
Chapter and Conference Paper
Integral Cryptanalysis on Full MISTY1
MISTY1 is a block cipher designed by Matsui in 1997. It was well evaluated and standardized by projects, such as CRYPTREC, ISO/IEC, and NESSIE. In this paper, we propose a key recovery attack on the full MISTY...