3,988 Hits in 6.7 sec

Related-Key Linear Cryptanalysis on SIMON [article]

Jung-Keun Lee, Bonwook Koo, Woo-Hwan Kim
2018 IACR Cryptology ePrint Archive  
that is the xor of the key to be recovered and the specified key difference.  ...  We present a general framework for the related-key linear attack that can be applied to iterative block ciphers with linear key schedules.  ...  We are grateful to the anonymous reviewers for their help in improving the quality of the paper.  ... 
dblp:journals/iacr/LeeKK18 fatcat:2nv7ncz53fhd5g2m2ck5vvm2f4

Improved Differential Attacks on Reduced SIMON Versions [article]

Ning Wang, Xiaoyun Wang, Keting Jia, Jingyuan Zhao
2014 IACR Cryptology ePrint Archive  
It has totally 10 versions corresponding to different block size 2n and key length l k , named as SIMON2n/l k .  ...  Our attacks work on the reduced SIMON of all 10 suggested versions, which improve the best previous results by 2 to 4 rounds.  ...  Differential cryptanalysis aims to analyze how particular XOR differences in plaintext pairs affect the XOR differences of the resultant ciphertext pairs.  ... 
dblp:journals/iacr/WangWJZ14 fatcat:eqpk47twxnhbtbxrhdnuf5xype

Scrutinizing and Improving Impossible Differential Attacks: Applications to CLEFIA, Camellia, LBlock and Simon [chapter]

Christina Boura, María Naya-Plasencia, Valentin Suder
2014 Lecture Notes in Computer Science  
Impossible differential cryptanalysis has shown to be a very powerful form of cryptanalysis against block ciphers.  ...  These advances lead to the improvement of previous attacks against well known ciphers such as CLEFIA-128 and Camellia, while also to new attacks against 23-round LBlock and all members of the Simon family  ...  The way that the different key bits in the target set are related is determined by the key schedule.  ... 
doi:10.1007/978-3-662-45611-8_10 fatcat:dkoq7okngncznadjy3r7f4bor4

Deep Learning Assisted Differential Cryptanalysis for the Lightweight Cipher SIMON

2021 KSII Transactions on Internet and Information Systems  
In this paper, we are committed to evaluating the safety of SIMON cipher under the neural differential cryptanalysis.  ...  For the key-recovery attack, the correct key was recovered with a success rate of 23%, and the data complexity and computation complexity are as low as 2 8 and 2 20.1 respectively.  ...  As the key schedule is irrelevant to our differential analysis, we omit its description and refer the readers to [19] .  ... 
doi:10.3837/tiis.2021.02.012 fatcat:6ivrb3nmabau5cqv7b4moamy6q

Automatic Security Evaluation and (Related-key) Differential Characteristic Search: Application to SIMON, PRESENT, LBlock, DES(L) and Other Bit-Oriented Block Ciphers [chapter]

Siwei Sun, Lei Hu, Peng Wang, Kexin Qiao, Xiaoshuang Ma, Ling Song
2014 Lecture Notes in Computer Science  
The application of the methods to PRESENT80/128, LBlock, SIMON, DES(L) and example source code are presented in Appendices.  ...  We successfully prove that the 24-round PRESENT-80 is secure enough to resist against standard related-key differential attacks based on differential characteristic, and the probability of the best related-key  ...  s method [12] is only applicable to ciphers with linear key schedule.  ... 
doi:10.1007/978-3-662-45611-8_9 fatcat:cpqyacb5evf5fojnbowdaly4im

Rotational-XOR Rectangle Cryptanalysis on Round-Reduced Simon

Bonwook Koo, Younghoon Jung, Woo-Hwan Kim
2020 Security and Communication Networks  
Finally, we construct related-key rectangle distinguishers for round-reduced versions of Simon with block lengths of 32, 48, and 64, and we suggest a five- or six-round key recovery attack.  ...  In this paper, we apply the Rotational-XOR-difference (RXD) approach to a non-ARX cipher Simon and evaluate its security.  ...  rotational attack is basically in the related-key model and the δ values (RXDs) of the round keys vary according to the round constants z i 's XORed in the key schedule  ... 
doi:10.1155/2020/5968584 fatcat:fyxvwxqfajgbjhx4clfcdrbiei

Truncated differential based known-key attacks on round-reduced SIMON

Yonglin Hao, Willi Meier
2016 Designs, Codes and Cryptography  
To the best of our knowledge, these are the first known-key results on the block cipher Simon.  ...  With these techniques, we launch basic known-key attacks on round-reduced Simon. We also involve some key guessing technique and further extend the basic attacks to more rounds.  ...  The key schedule as well as other details of Simon is not used in this paper and we refer interested readers to [10] .  ... 
doi:10.1007/s10623-016-0242-3 fatcat:bt4o5a7acjcujibz5u2aj4m3ye

Conditional Differential Cryptanalysis of Trivium and KATAN [chapter]

Simon Knellwolf, Willi Meier, María Naya-Plasencia
2012 Lecture Notes in Computer Science  
For the KATAN family we focus on its security in the related-key scenario and obtain practical key-recovery attacks for 120, 103 and 90 of 254 rounds of KATAN32, KATAN48 and KATAN64, respectively.  ...  We improve the technique by using automatic tools to find and analyze the involved conditions.  ...  We thank the reviewers of SAC 2011 for their helpful comments encouraging us to describe our analysis in more detail.  ... 
doi:10.1007/978-3-642-28496-0_12 fatcat:7b2mapgg2bfzziqhcairvvrw4m

Bright - Proposed Family of Lightweight Block Ciphers for IoT-Enabled Smart Environment

Round permutation in BRIGHT results in stronger and faster diffusion and provides resistance against linear, differential, impossible differential, related-key rectangle, biclique, MITM, and statistical  ...  For this, we have used the concept of key whitening that helps to resist against attacks like MITM and brute-force.  ...  Differential Cryptanalysis It is also known as a chosen-plaintext attack which is used mainly in block ciphers to analyze how input differences lead to output differences.  ... 
doi:10.35940/ijitee.i7778.078919 fatcat:4w7yxfomwnaazl63fsb6i3hvcy

Revisiting Lightweight Block Ciphers: Review, Taxonomy and Future directions [article]

Aaqib Bashir Dar, Mashhood Jeelani Lone, Nuzhat Hussain
2021 IACR Cryptology ePrint Archive  
the field and has been a go-to option ever since.  ...  Over the period of past two decades or so, a bulk of lightweight block ciphers have been proposed due to the growing need and demand in lightweight cryptography.  ...  The permutation in the key scheduling is carefully chosen in order for the cipher to be secure in opposition to related-key differential attacks and MITM attacks.  ... 
dblp:journals/iacr/DarLH21 fatcat:e7degswt35gefavnsbmu53r7ky

CHAM: A Family of Lightweight Block Ciphers for Resource-Constrained Devices [chapter]

Bonwook Koo, Dongyoung Roh, Hyeonjin Kim, Younghoon Jung, Dong-Geon Lee, Daesung Kwon
2018 Lecture Notes in Computer Science  
-Numbers of round keys are far fewer than the numbers of rounds, and round functions reuse them iteratively. This reduces the memory size necessary to store the round keys.  ...  Bearing this in mind, we analyze the security of CHAM against various attacks, including differential cryptanalysis and linear cryptanalysis.  ...  We denote a (RK) differential characteristic by (∆ key ), ∆ in → ∆ out , where ∆ key is the difference of the secret key, and ∆ in and ∆ out are the input and output differences, respectively.  ... 
doi:10.1007/978-3-319-78556-1_1 fatcat:fcilmpcigjd27bujxww2kicu24

The Simeck Family of Lightweight Block Ciphers [chapter]

Gangqiang Yang, Bo Zhu, Valentin Suder, Mark D. Aagaard, Guang Gong
2015 Lecture Notes in Computer Science  
In addition, we also give the security evaluation of Simeck with respect to many traditional cryptanalysis methods, including differential attacks, linear attacks, impossible differential attacks, meet-in-the-middle  ...  We use a slightly modified version of Simon's round function, and reuse it in the key schedule like Speck does.  ...  Acknowledgments The authors would like to thank the anonymous reviewers for their helpful and constructive comments that greatly contributed to improving the final version of the paper.  ... 
doi:10.1007/978-3-662-48324-4_16 fatcat:npxwugbsdbddvkdcqxky7z4qai

STP Models of Optimal Differential and Linear Trail for S-box Based Ciphers [article]

Yu Liu, Huicong Liang, Muzhou Li, Luning Huang, Kai Hu, Chenhe Yang, Meiqin Wang
2019 IACR Cryptology ePrint Archive  
And we found that there is no 5-round AES-128 single-key truncated impossible differential considering key schedule, where input and output differences have only one active byte respectively.  ...  Meanwhile, the STP-based model for single-key impossible differentials considering key schedule is proposed, which traces the propagation of values from plaintext to ciphertext instead of propagations  ...  Applications to Word-Oriented Block Ciphers Truncated Impossible Differentials for AES-128 under Key Schedule.  ... 
dblp:journals/iacr/LiuLLHHYW19 fatcat:u5c2s4y5ujb6zadbcyi7m5srnq

Lightweight Cryptography Algorithms for Resource-Constrained IoT Devices: A Review, Comparison and Research Opportunities

Vishal A. Thakor, Mohammad Abdur Razzaque, Muhammad R. A. Khandaker
2021 IEEE Access  
IoT is becoming more common and popular due to its wide range of applications in various domains. They collect data from the real environment and transfer it over the networks.  ...  To provide a holistic view of the area, in this paper, we have compared the existing algorithms in terms of implementation cost, hardware and software performances and attack resistance properties.  ...  The optimized sub-key generation technique of EPCBC enhances its immunity against related-key differential attacks.  ... 
doi:10.1109/access.2021.3052867 fatcat:lidatyjdtrh4jirpxnnvgwsupi

Improved Top-Down Techniques in Differential Cryptanalysis [chapter]

Itai Dinur, Orr Dunkelman, Masha Gutman, Adi Shamir
2015 Lecture Notes in Computer Science  
In addition, we show how to use our new techniques to attack a 1-key version of the iterated Even-Mansour scheme in the related key setting, obtaining the first generic attack on 4 rounds of this well-studied  ...  The fundamental problem of differential cryptanalysis is to find the highest entries in the Difference Distribution Table ( DDT ) of a given mapping F over n-bit values, and in particular to find the highest  ...  One such algorithm is impossible differential cryptanalysis of Feistel structures [18] and its various extensions, which use a data structure similar to H to iterate over pairs with related input and  ... 
doi:10.1007/978-3-319-22174-8_8 fatcat:7vrlssyjr5bsrllghs2ebmggky
« Previous Showing results 1 — 15 out of 3,988 results