-
Chapter and Conference Paper
New Property of Diffusion Switching Mechanism on CLEFIA and Its Application to DFA
In this paper, we show a new property for the diffusion switching mechanism (DSM) which was proposed by Shirai and Shibutani in 2006, and propose new differential fault attacks (DFAs) on CLEFIA. The DSM is an ...
-
Chapter and Conference Paper
FFT Key Recovery for Integral Attack
An integral attack is one of the most powerful attacks against block ciphers. We propose a new technique for the integral attack called the Fast Fourier Transform (FFT) key recovery. When the integral distingu...
-
Chapter and Conference Paper
Compact Representation for Division Property
The division property, which is a new method to find integral characteristics, was proposed at Eurocrypt 2015. Thereafter, some applications and improvements have been proposed. The bit-based division property...
-
Chapter and Conference Paper
Wide Trail Design Strategy for Binary MixColumns
AES is one of the most common block ciphers and many AES-like primitives have been proposed. Recently, many lightweight symmetric-key cryptographic primitives have also been proposed. Some such primitives requ...
-
Chapter and Conference Paper
Division Property: Efficient Method to Estimate Upper Bound of Algebraic Degree
We proposed the division property, which is a new method to find integral characteristics, at EUROCRYPT2015. Then, we applied this technique to analyze the full MISTY1 at CRYPTO2015. After the proposal of the ...
-
Chapter and Conference Paper
Gimli : A Cross-Platform Permutation
This paper presents Gimli, a 384-bit permutation designed to achieve high security with high performance across a broad range of platforms, including 64-bit Intel/AMD server CPUs, 64-bit and 32-bit ARM smartphone...
-
Chapter and Conference Paper
Cube Attacks on Non-Blackbox Polynomials Based on Division Property
The cube attack is a powerful cryptanalytic technique and is especially powerful against stream ciphers. Since we need to analyze the complicated structure of a stream cipher in the cube attack, the cube attac...
-
Chapter and Conference Paper
Analyzing Key Schedule of Simon: Iterative Key Differences and Application to Related-Key Impossible Differentials
The current paper analyzes the key schedule function of lightweight block cipher Simon, which was designed by NSA in 2013. In particular, a list of all iterative key differences is provided for all members of the...
-
Chapter and Conference Paper
GIFT: A Small Present
In this article, we revisit the design strategy of PRESENT, leveraging all the advances provided by the research community in construction and cryptanalysis since its publication, to push the design up to its lim...
-
Chapter and Conference Paper
Programming the Demirci-Selçuk Meet-in-the-Middle Attack with Constraints
Cryptanalysis with SAT/SMT, MILP and CP has increased in popularity among symmetric-key cryptanalysts and designers due to its high degree of automation. So far, this approach covers differential, linear, impo...
-
Chapter and Conference Paper
Several MILP-Aided Attacks Against SNOW 2.0
SNOW 2.0 is a software-oriented stream cipher and internationally standardized by ISO/IEC 18033-4. In this paper, we present three attacks on SNOW 2.0 by MILP-aided automatic search algorithms. First, we prese...
-
Chapter and Conference Paper
Lower Bounds on the Degree of Block Ciphers
Only the method to estimate the upper bound of the algebraic degree on block ciphers is known so far, but it is not useful for the designer to guarantee the security. In this paper we provide meaningful lower...
-
Chapter and Conference Paper
Modeling for Three-Subset Division Property Without Unknown Subset
A division property is a generic tool to search for integral distinguishers, and automatic tools such as MILP or SAT/SMT allow us to evaluate the propagation efficiently. In the application to stream ciphers,...
-
Chapter and Conference Paper
Out of Oddity – New Cryptanalytic Techniques Against Symmetric Primitives Optimized for Integrity Proof Systems
The security and performance of many integrity proof systems like SNARKs, STARKs and Bulletproofs highly depend on the underlying hash function. For this reason several new proposals have recently been develop...
-
Chapter and Conference Paper
Improved Differential-Linear Attacks with Applications to ARX Ciphers
We present several improvements to the framework of differential-linear attacks with a special focus on ARX ciphers. As a demonstration of their impact, we apply them to Chaskey and ChaCha and we are able to s...
-
Chapter and Conference Paper
PRINCEv2
In this work, we propose tweaks to the PRINCE block cipher that help us to increase its security without changing the number of rounds or round operations. We get substantially higher security for the same comple...
-
Chapter and Conference Paper
Massive Superpoly Recovery with Nested Monomial Predictions
Determining the exact algebraic structure or some partial information of the superpoly for a given cube is a necessary step in the cube attack – a generic cryptanalytic technique for symmetric-key primitives ...
-
Chapter and Conference Paper
Strong and Tight Security Guarantees Against Integral Distinguishers
Integral attacks belong to the classical attack vectors against any given block ciphers. However, providing arguments that a given cipher is resistant against those attacks is notoriously difficult. In this p...
-
Chapter and Conference Paper
A Modular Approach to the Incompressibility of Block-Cipher-Based AEADs
Incompressibility is one of the most fundamental security goals in white-box cryptography. Given recent advances in the design of efficient and incompressible block ciphers such as SPACE, SPNbox and WhiteBlock, w...
-
Chapter and Conference Paper
New Attacks from Old Distinguishers Improved Attacks on Serpent
Serpent was originally proposed in 1998 and is one of the most studied block ciphers. In this paper we improve knowledge of its security by providing the current best attack on this cipher, which is a 12-round...