The Cryptanalysis of Reduced-Round SMS4

Etrog, Jonathan; Robshaw, Matthew J. B.

doi:10.1007/978-3-642-04159-4_4

Cited by 18 publications

(18 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, the key point is to search for the linear approximation of SM4. As far as we know, some methods to search for linear approximations of SM4 have been considered in [3,4,9,19]. The search method in [3] is to construct linear approximations for reduced-round SM4 by identifying a one-round linear approximation with the same input and output masks for the function.…”

Section: Search For the Linear Approximations Of Sm4mentioning

confidence: 99%

See 1 more Smart Citation

New Linear Cryptanalysis of Chinese Commercial Block Cipher Standard SM4

Liu

Liang

Wang

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

SM4 is a Chinese commercial block cipher standard used for wireless communication in China. In this paper, we use the partial linear approximation table of S-box to search for three rounds of iterative linear approximations of SM4, based on which the linear approximation for 20-round SM4 has been constructed. However, the best previous identified linear approximation only covers 19 rounds. At the same time, a linear approximation for 19-round SM4 is obtained, which is better than the known results. Furthermore, we show the key recovery attack on 24-round SM4 which is the best attack according to the number of rounds.

show abstract

Section: Search For the Linear Approximations Of Sm4mentioning

confidence: 99%

“…In [3], the rectangle and boomerang attacks on 18-round SM4 and the linear and differential attacks on 22-round SM4 have been presented. Using multiple linear attack, Etrog and Robshaw gave an attack on 23-round SM4 in [4]. Besides these, the differential attack and the multiple linear attack on 22-round SM4 have been introduced in [5,6].…”

Section: Introductionmentioning

confidence: 99%

New Linear Cryptanalysis of Chinese Commercial Block Cipher Standard SM4

Liu

Liang

Wang

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…In this subsection, we propose a new method to search for the linear approximations of SMS4. The purpose of our method is to seek for the linear approximations with as few active S-boxes as possible, which results in non-iterative ones that are different from those in [5,10,17,19]. We use a two-step procedure to achieve this goal.…”

Section: A Novel Way To Find the Linear Approximations Of Sms4mentioning

confidence: 99%

“…In Table 2, the fourth and the fifth columns stand for the output and input masks of the S-box layer, respectively; the sixth column indicates the bias of the round, the rest of the columns give the masks of the intermediate values. We learn from [10] that the piling-up lemma [21] works quite well for SMS4, so the bias of the linear approximation in Table 2 is about 2 −62.27 .…”

Section: A Novel Way To Find the Linear Approximations Of Sms4mentioning

confidence: 99%

See 1 more Smart Citation

Improved Linear Attacks on the Chinese Block Cipher Standard

Liu

Chen

2014

J. Comput. Sci. Technol.

View full text Add to dashboard Cite

Abstract. The block cipher used in the Chinese Wireless LAN Standard (WAPI), SMS4, was recently renamed as SM4, and became the block cipher standard issued by the Chinese government 3 . This paper improves the previous linear cryptanalysis of SMS4 by giving the first 19-round onedimensional approximations. The 19-round approximations hold with bias 2 −62.27 ; we use one of them to leverage a linear attack on 23-round SMS4. Our attack improves the previous 23-round attacks by reducing the time complexity. Furthermore, the data complexity of our attack is further improved by the multidimensional linear approach.

show abstract

Improving Key-Recovery in Linear Attacks: Application to 28-Round PRESENT

Flórez-Gutiérrez

Naya-Plasencia

2020

Advances in Cryptology – EUROCRYPT 2020

View full text Add to dashboard Cite

Linear cryptanalysis is one of the most important tools in use for the security evaluation of symmetric primitives. Many improvements and refinements have been published since its introduction, and many applications on different ciphers have been found. Among these upgrades, Collard et al. proposed in 2007 an acceleration of the key-recovery part of Algorithm 2 for last-round attacks based on the FFT. In this paper we present a generalized, matrix-based version of the previous algorithm which easily allows us to take into consideration an arbitrary number of key-recovery rounds. We also provide efficient variants that exploit the key-schedule relations and that can be combined with multiple linear attacks. Using our algorithms we provide some new cryptanalysis on PRESENT, including, to the best of our knowledge, the first attack on 28 rounds.

show abstract

The Cryptanalysis of Reduced-Round SMS4

Cited by 18 publications

References 20 publications

New Linear Cryptanalysis of Chinese Commercial Block Cipher Standard SM4

New Linear Cryptanalysis of Chinese Commercial Block Cipher Standard SM4

Improved Linear Attacks on the Chinese Block Cipher Standard

Improving Key-Recovery in Linear Attacks: Application to 28-Round PRESENT

Contact Info

Product

Resources

About