Improved Multidimensional Zero-Correlation Linear Cryptanalysis and Applications to LBlock and TWINE

Zero-correlation linear cryptanalysis is a new method based on the linear approximations with correlation zero. In this paper, we propose a new model of multidimensional zero-correlation linear cryptanalysis by taking the equivalent relations of round keys into consideration. The improved attack model first finds out all the longest multidimensional zero-correlation linear distinguishers, then regards the distinguishers with the least independent guessed keys as the optimal distinguishers and finally chooses one optimal distinguisher to recover the secret key of cipher by using the partial-compression technique. Based on the improved attack model, we extend the original 22-round zero-correlation linear attack on LBlock and first evaluate the security of TWINE against the zero-correlation linear cryptanalysis. There are at least 8×8 classes of multidimensional zero-correlation linear distinguishers for 14-round LBlock and TWINE. After determining the corresponding optimal distinguisher, we carefully choose the order of guessing keys and guess each subkey nibble one after another to achieve an attack on 23-round LBlock, an attack on 23-round TWINE-80 and another attack on 25-round TWINE-128. As far as we know, these results are the currently best results on LBlock and TWINE in the single key scenario except the optimized brute force attack.

[1]  Ferhat Karakoç,et al.  Multidimensional Meet-in-the-Middle Attacks on Reduced-Round TWINE-128 , 2013, LightSec.

[2]  Andrey Bogdanov,et al.  Zero Correlation Linear Cryptanalysis with Reduced Data Complexity , 2012, FSE.

[3]  Daesung Kwon,et al.  Information Security and Cryptology – ICISC 2012 , 2012, Lecture Notes in Computer Science.

[4]  Ingrid Verbauwhede,et al.  Cryptographic hardware and embedded systems : CHES 2007 : 9th International Workshop, Vienna, Austria, September 10-13, 2007 : proceedings , 2007 .

[5]  Martijn Stam,et al.  Understanding Adaptivity: Random Systems Revisited , 2012, ASIACRYPT.

[6]  Thomas Peyrin,et al.  The LED Block Cipher , 2011, IACR Cryptol. ePrint Arch..

[7]  Kazuhiko Minematsu,et al.  $\textnormal{\textsc{TWINE}}$ : A Lightweight Block Cipher for Multiple Platforms , 2012, Selected Areas in Cryptography.

[8]  Kyoji Shibutani,et al.  Piccolo: An Ultra-Lightweight Blockcipher , 2011, CHES.

[9]  Vincent Rijmen,et al.  Linear hulls with correlation zero and linear cryptanalysis of block ciphers , 2014, Des. Codes Cryptogr..

[10]  Kaisa Nyberg,et al.  Zero-correlation linear cryptanalysis of reduced-round LBlock , 2012, Des. Codes Cryptogr..

[11]  Yu Sasaki,et al.  Comprehensive Study of Integral Analysis on 22-Round LBlock , 2012, ICISC.

[12]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[13]  Mark Manulis,et al.  Cryptology and Network Security , 2012, Lecture Notes in Computer Science.

[14]  Ferhat Karakoç,et al.  Biclique Cryptanalysis of TWINE , 2012, CANS.

[15]  Tsuyoshi Takagi,et al.  Cryptographic Hardware and Embedded Systems - CHES 2011 - 13th International Workshop, Nara, Japan, September 28 - October 1, 2011. Proceedings , 2011, CHES.

[16]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[17]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[18]  Xiaoli Yu,et al.  Security on LBlock against Biclique Cryptanalysis , 2012, WISA.

[19]  Wenling Wu,et al.  LBlock: A Lightweight Block Cipher , 2011, ACNS.

[20]  Andrey Bogdanov,et al.  Integral and Multidimensional Linear Distinguishers with Correlation Zero , 2012, ASIACRYPT.

[21]  A. E. Harmanci,et al.  Impossible Differential Cryptanalysis of Reduced-Round LBlock , 2012, WISTP.

[22]  Suhap Sahin,et al.  RoadRunneR: A Small and Fast Bitslice Block Cipher for Low Cost 8-Bit Processors , 2015, LightSec.

[23]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[24]  Patel,et al.  Information Security: Theory and Practice , 2008 .