http://iet.metastore.ingenta.com
1887

All-subkeys-recovery attacks on a variation of Feistel-2 block ciphers

All-subkeys-recovery attacks on a variation of Feistel-2 block ciphers

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

The Feistel-2 cipher is a type of Feistel ciphers proposed by Isobe and Shibutani at Asiacrypt 2013. Its round functions consist of a public F-function and a subkey XORed before the F-function. Recently, a variation of the Feistel-2 cipher, in which the subkey is XORed after the F-function, has been widely used in proposals such as SIMON and Simeck. The authors denote this type of Feistel ciphers as Feistel-2. In this study, they study the security of Feistel-2* ciphers. First, they propose the differential function reduction technique. Then, they present all-subkeys-recovery attacks against Feistel-2* ciphers based on this technique. Let z be the key size to block size ratio of block ciphers. It is shown that their attacks can break up 6, 8 and 10 rounds of the Feistel-2* cipher for z = 1, 3/2 and 2, respectively. Thanks to the meet-in-the-middle approach, their attacks only need a few chosen plaintexts. Moreover, with higher-data complexity, all attacks can be improved by one round. This implies that a secure Feistel-2* cipher should at least iterate 8, 10 and 12 rounds for z = 1, 3/2 and 2, respectively.

References

    1. 1)
      • D. Coppersmith .
        1. Coppersmith, D.: ‘The data encryption standard (DES) and its strength against attacks’, IBM J. Res. Dev., 1994, 38, (3), pp. 243250.
        . IBM J. Res. Dev. , 3 , 243 - 250
    2. 2)
      • (2010)
        2. ISO/IEC: ‘Information technology – security techniques – encryption algorithms – part 3: block ciphers’. 2010.
        .
    3. 3)
      • C. Adams .
        3. Adams, C.: ‘The CAST-128 encryption algorithm’. RFC-2144, May 1997.
        .
    4. 4)
      • K. Aoki , T. Ichikawa , M. Kanda .
        4. Aoki, K., Ichikawa, T., Kanda, M., et al: ‘Camellia: a 128 bit block cipher suitable for multiple platforms – design and analysis’. Proc. Selected Areas in Cryptography – SAC 2001, Toronto, ON, Canada, 16–17 August 2001 (LNCS, 2012), pp. 3956.
        . Proc. Selected Areas in Cryptography – SAC 2001 , 39 - 56
    5. 5)
      • W. Wu , L. Zhang .
        5. Wu, W., Zhang, L.: ‘LBlock: a lightweight block cipher’. Proc. Applied Cryptography and Network Security – ACNS 2011, Nerja, Spain, 7–10 June 2011, (LNCS, 6715), pp. 327344.
        . Proc. Applied Cryptography and Network Security – ACNS 2011 , 327 - 344
    6. 6)
      • R. Beaulieu , D. Shors , J. Smith .
        6. Beaulieu, R., Shors, D., Smith, J., et al: ‘The SIMON and SPECK families of lightweight block ciphers’. Available at http://www.eprint.iacr.org/2013/404.pdf, accessed December 2015.
        .
    7. 7)
      • G. Yang , B. Zhu , V. Suder .
        7. Yang, G., Zhu, B., Suder, V., et al: ‘The Simeck family of lightweight block ciphers’. Proc. in Cryptographic Hardware and Embedded Systems – CHES 2015, Saint-Malo, France, 13–16 September 2015 (LNCS, 9293), pp. 307329.
        . Proc. in Cryptographic Hardware and Embedded Systems – CHES 2015 , 307 - 329
    8. 8)
      • T. Isobe , K. Shibutani .
        8. Isobe, T., Shibutani, K.: ‘Generic key recovery attack on Feistel scheme’. Proc. Advances in Cryptology – ASIACRYPT 2013, Bengaluru, India, 1–5 December 2013 (LNCS, 8269), pp. 464485.
        . Proc. Advances in Cryptology – ASIACRYPT 2013 , 464 - 485
    9. 9)
      • T. Isobe , K. Shibutani .
        9. Isobe, T., Shibutani, K.: ‘All subkeys recovery attack on block ciphers: extending meet-in-the-middle approach’. Proc. Selected Areas in Cryptography – SAC 2012, Windsor, ON, Canada, 15–16 August 2012 (LNCS, 7707), pp. 202221.
        . Proc. Selected Areas in Cryptography – SAC 2012 , 202 - 221
    10. 10)
      • L.R. Knudsen .
        10. Knudsen, L.R.: ‘The security of Feistel ciphers with six rounds or less’, J. Cryptol., 2002, 15, (3), pp. 207222.
        . J. Cryptol. , 3 , 207 - 222
    11. 11)
      • E. Biham , A. Biryukov , A. Shamir .
        11. Biham, E., Biryukov, A., Shamir, A.: ‘Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials’. Proc. Advances in Cryptology – EUROCRYPT 1999, Czech Republic, 2–6 May 1999 (LNCS, 1592), pp. 1223.
        . Proc. Advances in Cryptology – EUROCRYPT 1999 , 12 - 23
    12. 12)
      • J. Patarin .
        12. Patarin, J.: ‘Security of random Feistel schemes with 5 or more rounds’. Proc. Advances in Cryptology – CRYPTO 2004, Santa Barbara, CA, USA, 15–19 August 2004 (LNCS, 3152), pp. 106122.
        . Proc. Advances in Cryptology – CRYPTO 2004 , 106 - 122
    13. 13)
      • Y. Todo .
        13. Todo, Y.: ‘Upper bounds for the security of several Feistel networks’. Proc. Information Security and Privacy – ACISP 2013, Brisbane, Australia, 1–3 July 2013 (LNCS, 7959), pp. 302317.
        . Proc. Information Security and Privacy – ACISP 2013 , 302 - 317
    14. 14)
      • A. Bogdanov , V. Rijmen .
        14. Bogdanov, A., Rijmen, V.: ‘Linear hulls with correlation zero and linear cryptanalysis of block ciphers’, Des. Codes Cryptogr., 2014, 70, (3), pp. 369383.
        . Des. Codes Cryptogr. , 3 , 369 - 383
    15. 15)
      • J. Guo , J. Jean , I. Nikolić .
        15. Guo, J., Jean, J., Nikolić, I., et al: ‘Meet-in-the-middle attacks on generic Feistel constructions’. Proc. Advances in Cryptology – AISACRYPT 2014, Kaoshiung, Taiwan, 7–11 December 2014 (LNCS, 8873), pp. 458477.
        . Proc. Advances in Cryptology – AISACRYPT 2014 , 458 - 477
    16. 16)
      • T. Isobe , K. Shibutani .
        16. Isobe, T., Shibutani, K.: ‘Improved all-subkeys recovery attacks on FOX, KATAN and SHACAL-2 block ciphers’. Proc. Fast Software Encryption – FSE 2014, London, UK, 3–5 March 2014 (LNCS, 8540), pp. 104126.
        . Proc. Fast Software Encryption – FSE 2014 , 104 - 126
    17. 17)
      • K. Suzuki , D. Tonien , K. Kurosawa .
        17. Suzuki, K., Tonien, D., Kurosawa, K., et al: ‘Birthday paradox for multi-collisions’. Proc. Information Security and Cryptology – ICISC 2006, Busan, Korea, 30 November–1 December 2006 (LNCS, 4296), pp. 2940.
        . Proc. Information Security and Cryptology – ICISC 2006 , 29 - 40
    18. 18)
      • C. Bouillaguet , P. Derbez , P.-A. Fouque .
        18. Bouillaguet, C., Derbez, P., Fouque, P.-A.: ‘Automatic search of attacks on round-reduced AES and applications’. Proc. Advances in Cryptology – CRYPTO 2011, Sanra Barbara, CA, USA, 14–18 August 2011 (LNCS, 6841), pp. 169187.
        . Proc. Advances in Cryptology – CRYPTO 2011 , 169 - 187
    19. 19)
      • C. Bouillaguet , P. Derbez , O. Dunkelman .
        19. Bouillaguet, C., Derbez, P., Dunkelman, O., et al: ‘Low-data complexity attacks on AES’, IEEE Trans. Inf. Theory, 201, 58, (11), pp. 70027017.
        . IEEE Trans. Inf. Theory , 11 , 7002 - 7017
    20. 20)
      • F. Abed , E. List , S. Lucks .
        20. Abed, F., List, E., Lucks, S., et al: ‘Differential and linear cryptanalysis of reduced-round SIMON’. Cryptology ePrint Archive, Report 2013/526, 2013.
        .
    21. 21)
      • F. Abed , E. List , S. Lucks .
        21. Abed, F., List, E., Lucks, S., et al: ‘Differential cryptanalysis of round-reduced SIMON and SPECK’. Proc. Fast Software Encryption – FSE 2014, London, UK, 3–5 March 2014 (LNCS, 8540), pp. 525545.
        . Proc. Fast Software Encryption – FSE 2014 , 525 - 545
    22. 22)
      • A. Biryukov , A. Roy , V. Velichkov .
        22. Biryukov, A., Roy, A., Velichkov, V.: ‘Differential analysis of block ciphers SIMON and SPECK’. Proc. Fast Software Encryption – FSE 2014, London, UK, 3–5 March 2014 (LNCS, 8540), pp. 546570.
        . Proc. Fast Software Encryption – FSE 2014 , 546 - 570
    23. 23)
      • S. Kolbl , G. Leander , T. Tiessen .
        23. Kolbl, S., Leander, G., Tiessen, T.: ‘Observations on the SIMON block cipher family’. Proc. Advances in Cryptology – CRYPTO 2015, Santa Barbara, CA, USA, 16–20 August 2015 (LNCS, 9215), pp. 161185.
        . Proc. Advances in Cryptology – CRYPTO 2015 , 161 - 185
    24. 24)
      • N. Bagheri .
        24. Bagheri, N.: ‘Linear cryptanalysis of reduced-round SIMECK variants’. Proc. Progress in Cryptology – INDOCRYPT 2015, Bangalore, India, 6–9 December 2015 (LNCS, 9462), pp. 140152.
        . Proc. Progress in Cryptology – INDOCRYPT 2015 , 140 - 152
    25. 25)
      • H.A. Alkhzaimi , M.M. Lauridsen .
        25. Alkhzaimi, H.A., Lauridsen, M.M.: ‘Cryptanalysis of the SIMON family of block ciphers’. Cryptology ePrint Archive, Report 2013/543, 2013.
        .
    26. 26)
      • C. Boura , M. Naya-Plasencia , V. Suder .
        26. Boura, C., Naya-Plasencia, M., Suder, V.: ‘Scrutinizing and improving impossible differential attacks: applications to CLEFIA, Camellia, LBlock and SIMON’. Proc. Advances in Cryptology – AISACRYPT 2014, Kaoshiung, Taiwan, 7–11 December 2014 (LNCS, 8873), pp. 179199.
        . Proc. Advances in Cryptology – AISACRYPT 2014 , 179 - 199
    27. 27)
      • X. Yu , W. Wu , Z. Shi .
        27. Yu, X., Wu, W., Shi, Z., et al: ‘Zero-correlation linear cryptanalysis of reduced-round SIMON’, J. Comput. Sci. Technol., 2015, 30, (6), pp. 13581369.
        . J. Comput. Sci. Technol. , 6 , 1358 - 1369
    28. 28)
      • Q. Wang , Z. Liu , K. Varıcı .
        28. Wang, Q., Liu, Z., Varıcı, K., et al: ‘Cryptanalysis of reduced-round SIMON32 and SIMON48’. INDOCRYPT 2014, 2014 (LNCS, 8885), pp. 143160, doi: 10.1007/978-3-319-13039-29.
        . INDOCRYPT 2014 , 143 - 160
    29. 29)
      • Y. Todo .
        29. Todo, Y.: ‘Structural evaluation by generalized integral property’. Proc. Advances in Cryptology – EUROCRYPT 2015, Sofia, Bulgaria, 26–30 April 2015 (LNCS, 9056), pp. 287314.
        . Proc. Advances in Cryptology – EUROCRYPT 2015 , 287 - 314
    30. 30)
      • L. Song , L. Hu , B. Ma .
        30. Song, L., Hu, L., Ma, B., et al: ‘Match box meet-in-the-middle attacks on the SIMON family of block ciphers’. LightSec 2014, Istanbul, Turkey, 1–2 September 2014 (LNCS, 8898), pp. 140151.
        . LightSec 2014 , 140 - 151
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2016.0014
Loading

Related content

content/journals/10.1049/iet-ifs.2016.0014
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address