Multidimensional meet-in-the-middle attack and its applications to KATAN32/48/64

Zhu, Bo; Gong, Guang

doi:10.1007/s12095-014-0102-9

Cited by 30 publications

(26 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…There are some extensions of MITM attack such as multidimensional MITM [48], Demirci-Selçuk attack [18], and MITM attacks with tabulation and differential enumeration techniques [22]. These attacks generally uses truncated differential characteristics with high probability over multiple rounds.…”

Section: Mitm-type Attacksmentioning

confidence: 99%

RoadRunneR: A Small and Fast Bitslice Block Cipher for Low Cost 8-Bit Processors

Baysal

Şahin

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Designing block ciphers targeting resource constrained 8-bit CPUs is a challenging problem. There are many recent lightweight ciphers designed for better performance in hardware. On the other hand, most software efficient lightweight ciphers either lack a security proof or have a low security margin. To fill the gap, we present RoadRunneR which is an efficient block cipher in 8-bit software, and its security is provable against differential and linear attacks. RoadRunneR has lowest code size in Atmel's ATtiny45, except NSA's design SPECK, which has no security proof. Moreover, we propose a new metric for the fair comparison of block ciphers. This metric, called ST/A, is the first metric to use key length as a parameter to rank ciphers of different key length in a fair way. By using ST/A and other metrics in the literature, we show that RoadRunneR is competitive among existing ciphers on ATtiny45.

show abstract

Section: Mitm-type Attacksmentioning

confidence: 99%

RoadRunneR: A Small and Fast Bitslice Block Cipher for Low Cost 8-Bit Processors

Baysal

Şahin

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…The TripleDES standard defines three distinct keying option with various security [1]. Option number 1 uses 3 independent keys of size 56 bits, however due to Meet-in-the-middle attack [2], [11], [12], the effective security of this options is only 112 bits. Option number 2 uses only 2 keys with length of 56 bits making final key length 112 bits.…”

Section: Used Ciphermentioning

confidence: 99%

Secure High Level Communication Protocol for CAN Bus

Došek¹,

Janku²,

Bliznak³

et al. 2016

DAAAM Proceedings

View full text Add to dashboard Cite

The Controller Area Network (CAN bus) is a bus based on differential signalling originally developed for automotive industry. The bus was later standardized under ISO 11898 and the standard describes data link layer as well as physical signalling. CAN bus allows precise settings of bus timing and sampling points, which makes it usable for varying ranges and baudrates. It also has a number of properties such as: message acknowledgement, collision avoidance, message filtering and automatic retransmit of faulty messages. These properties make it suitable for many applications. Furthermore, the bus is also well supported on microcontrollers and can even be found on larger SoCs. This makes the CAN bus ideal for microcontroller networks in buildings. Unfortunately, the CAN protocol itself has no support for node authentication and message encryption so these requirements has to be solved on higher layer. We present a high-level protocol for CAN bus that supports authentication and encryption and therefore allows usage of CAN bus in security dependent systems such as an access management system or in industrial automation.

show abstract

“…KATAN has received a substantial amount of cryptanalysis since it was presented. Previous work on KATAN in the single key setting includes algebraic and cube attacks [2], conditional differential [3], differential [5], all subkeys recovery (ASR) MITM [4], [6], match-box MITM [7], multidimensional (MD)MITM [8] and dynamic cube [9]. These are all summarized in Table 1, where we also include the work of this paper.…”

Section: Introductionmentioning

confidence: 99%

Improved Multi-Dimensional Meet-in-the-Middle Cryptanalysis of Katan

Rasoolzadeh

Raddum

2016

Tatra Mountains Mathematical Publications

View full text Add to dashboard Cite

We study multidimensional meet-in-the-middle attacks on the KATAN block cipher family. Several improvements to the basic attacks are explained. The most noteworthy of these is the technique of guessing only non-linearly involved key bits, which reduces the search space by a significant factor. The optimization decreases the complexity of multidimensional meet-in-the-middle attacks, allowing more rounds of KATAN to be efficiently attacked than previously reported.

show abstract

Multidimensional meet-in-the-middle attack and its applications to KATAN32/48/64

Cited by 30 publications

References 19 publications

RoadRunneR: A Small and Fast Bitslice Block Cipher for Low Cost 8-Bit Processors

RoadRunneR: A Small and Fast Bitslice Block Cipher for Low Cost 8-Bit Processors

Secure High Level Communication Protocol for CAN Bus

Improved Multi-Dimensional Meet-in-the-Middle Cryptanalysis of Katan

Contact Info

Product

Resources

About