Linear Cryptanalysis of PRINTcipher – Trails and Samples Everywhere

Ågren, Martin; Johansson, Thomas

doi:10.1007/978-3-642-25578-6_10

Cited by 5 publications

(5 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Трудоемкость атаки линейным методом оценивается аналогично работе [6]. При проведении атаки используется 2 2(t+1) шифрований, число пар открытых текстов и соответствующих им шифртекстов также равно 2 2(t+1) , где число атакуемых раундов есть t, t < n 2 .…”

Section: L(t(0))unclassified

“…Основная идея атаки заключается в поиске подмножеств открытых текстов и ключей шифрования, сохраняемых раундовой функцией алгоритма шифрования. Также предложены атаки на основе нескольких методов: разностного [5], линейного [6], их комбинации [7]. В работе [8] рассматривается стойкость шифрсистемы относительно алгебраического метода.…”

Section: Introductionunclassified

See 1 more Smart Citation

О Классах Слабых Ключей Обобщенной Шифрсистемы PRINT

Пудовкина¹,

Хоруженко²,

Khoruzhenko³

2013

Матем. вопр. криптогр.

View full text Add to dashboard Cite

Шифрсистема PRINT предложена на конференции CHES-2010. В настоящей работе вводится обобщенная шифрсистема PRINT (GPRINT). Для нее описывается класс ключей шифрования, для которых раундовые функции сохраняют некоторое нетривиальное подмножество блоков текстов. Также построен класс ключей, слабых относительно линейного метода. Ключевые слова: линейный метод, инвариантное подпространство, слабые ключи, блочная шифрсистема On classes of weak keys of generalized cryptosystem PRINT

show abstract

Section: L(t(0))unclassified

Section: Introductionunclassified

О Классах Слабых Ключей Обобщенной Шифрсистемы PRINT

Пудовкина¹,

Хоруженко²,

Khoruzhenko³

2013

Матем. вопр. криптогр.

View full text Add to dashboard Cite

show abstract

“…Counting the keys in the key space of PRINTcipher-48 which satisfies at least one of the conditions in Table 4 we find out that 0.036% of the key space of the PRINTcipher-48 is vulnerable to at least one of the combined characteristics. [15] = 0. Using the differential characteristic powered by linear characteristics for 28 rounds in Section 3.3 we have been able to attack on 31-round version of the cipher and recover the key bits sk 2 [25 − 22], sk 2 [19 − 16], sk 1 [47 − 39].…”

Section: Characteristics For 0036% Of the Keys Of Printcipher-48mentioning

confidence: 99%

“…Recently, Leander et al [21] have announced an attack on the full round PRINTcipher-48 for a class of 2 52 keys. Also Ågren et al [15] have applied a linear attack on 28-round PRINTcipher-48 which works for half of the keys. Differential [7] and linear cryptanalysis [25] are the most used cryptanalysis techniques for block ciphers.…”

Section: Introductionmentioning

confidence: 99%

Combined Differential and Linear Cryptanalysis of Reduced-Round PRINTcipher

Karako

Demirci

Harmanc

2012

Selected Areas in Cryptography

View full text Add to dashboard Cite

In this paper we analyze the security of PRINTcipher using a technique that combines differential and linear cryptanalysis. This technique is different from differential-linear cryptanalysis. We use linear approximations to increase the probability of differential characteristics. We show that specific choices of some of the key bits give rise to a certain differential characteristic probability, which is far higher than the best characteristic probability claimed by the designers. We give the underlying mechanism of this probability increase. We have developed attacks on 29 and 31 rounds of PRINTcipher-48 for 4.54% and 0.036% of the keys, respectively. Moreover, we have implemented the proposed attack algorithm on 20 rounds of the cipher.

show abstract

“…This block cipher is an substitution-permutation (SP)-network-based cipher and two block lengths of 48 and 96 bits are supported, denoted by PRINTCIPHER-48 and PRINTCIPHER-96, respectively. Several basic attacks such as differential cryptanalysis, linear cryptanalysis and their variants have been applied on PRINTCIPHER already [29][30][31]. In this paper, we concentrate on the security of PRINTCIPHER-48 against DFA attack.…”

Section: Introductionmentioning

confidence: 99%

Differential fault analysis on PRINT cipher

2013

View full text Add to dashboard Cite

The new block cipher PRINTCIPHER was introduced in CHES 2010 as a lightweight block cipher for 'integrated circuit' or IC-'printing' technology. The key of PRINTCIPHER consist of two sub-key components where the first sub-key is 'XORed' to the state in each round, whereas the second sub-key is used to generate the key-dependent permutations. In this study, the authors describe a new differential fault analysis on the lightweight block cipher PRINTCIPHER. The authors present two different fault models for obtaining each sub-key. The first fault model is used to obtain the second sub-key, which induces a fault on the key-dependent permutation layer so, on average, key search space is reduced from 2 32 to 2 14 , given 36 faulty cipher texts. To obtain the first sub-key, the authors induce a fault on an intermediate results then they obtain, on average, 42 bits of the first sub-key with less than 24 faulty cipher texts. In total, on average, they reduce key search space of PRINTCIPHER from 2 80 to 2 20 , given 60 faulty cipher texts. They also simulated their attack on a 1.8 GHz Celeron PC.

show abstract

Linear Cryptanalysis of PRINTcipher – Trails and Samples Everywhere

Cited by 5 publications

References 11 publications

О Классах Слабых Ключей Обобщенной Шифрсистемы PRINT

О Классах Слабых Ключей Обобщенной Шифрсистемы PRINT

Combined Differential and Linear Cryptanalysis of Reduced-Round PRINTcipher

Differential fault analysis on PRINT cipher

Contact Info

Product

Resources

About