A Note on the Empirical Evaluation of Security Margins against Algebraic Attacks (with Application to Low Cost-Ciphers LED and Piccolo)

Algebraic attacks are an important class of cryptanalytic techniques. Yet, precisely estimating the security margins that a block cipher may provide against them is generally difficult, as sound theoretical tools are missing for this purpose. Therefore, most recent block cipher proposals combine different heuristic arguments in order to argue about their practical security against such attacks. In this paper, we discuss the relevance and correlation of these arguments, with a practical case-study based on the lightweight ciphers LED and Piccolo.

[1]  Chris Christensen,et al.  Algebraic Cryptanalysis of SMS4: Gröbner Basis Attack and SAT Attack Compared , 2009, ICISC.

[2]  Josef Pieprzyk,et al.  Cryptanalysis of Block Ciphers with Overdefined Systems of Equations , 2002, ASIACRYPT.

[3]  François-Xavier Standaert,et al.  Algebraic Side-Channel Attacks on the AES: Why Time also Matters in DPA , 2009, CHES.

[4]  Kyoji Shibutani,et al.  Piccolo: An Ultra-Lightweight Blockcipher , 2011, CHES.

[5]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[6]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[7]  Alex Biryukov,et al.  Slide Attacks , 1999, FSE.

[8]  Alex Biryukov,et al.  Block Ciphers and Systems of Quadratic Equations , 2003, FSE.

[9]  Nicolas Courtois,et al.  The Dark Side of Security by Obscurity - and Cloning MiFare Classic Rail and Building Passes, Anywhere, Anytime , 2009, SECRYPT.

[10]  Vincent Rijmen,et al.  The Wide Trail Design Strategy , 2001, IMACC.

[11]  Anne Canteaut,et al.  Higher-Order Differential Properties of Keccak and Luffa , 2011, FSE.

[12]  Matthew J. B. Robshaw,et al.  Essential Algebraic Structure within the AES , 2002, CRYPTO.

[13]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[14]  Tsuyoshi Takagi,et al.  Cryptographic Hardware and Embedded Systems - CHES 2011 - 13th International Workshop, Nara, Japan, September 28 - October 1, 2011. Proceedings , 2011, CHES.

[15]  Gregory V. Bard,et al.  Efficient Methods for Conversion and Solution of Sparse Systems of Low-Degree Multivariate Polynomials over GF(2) via SAT-Solvers , 2007, IACR Cryptol. ePrint Arch..

[16]  François-Xavier Standaert,et al.  Algebraic Side-Channel Attacks , 2009, Inscrypt.

[17]  Gaëtan Leurent,et al.  An Analysis of the XSL Algorithm , 2005, ASIACRYPT.

[18]  Niklas Sörensson,et al.  An Extensible SAT-solver , 2003, SAT.

[19]  Johannes A. Buchmann,et al.  Block Ciphers Sensitive to Gröbner Basis Attacks , 2006, CT-RSA.

[20]  Gregory V. Bard,et al.  Algebraic and Slide Attacks on KeeLoq , 2008, FSE.

[21]  Tim Güneysu,et al.  Compact Implementation and Performance Evaluation of Block Ciphers in ATtiny Devices , 2012, AFRICACRYPT.

[22]  Willi Meier,et al.  Cube Testers and Key Recovery Attacks on Reduced-Round MD6 and Trivium , 2009, FSE.

[23]  David A. Wagner,et al.  Integral Cryptanalysis , 2002, FSE.