Improved Linear Sieving Techniques with Applications to Step-Reduced LED-64

In this paper, we present advanced meet-in-the-middle (MITM) attacks against the lightweight block cipher LED-64, improving the best known attacks on several step-reduced variants of the cipher in both single-key and related-key models. In particular, we present a known-plaintext attack on 2-step LED-64 with complexity of \(2^{48}\) and a related-key attack on 3-step LED-64 with complexity of \(2^{49}\). In both cases, the previously known attacks have complexity of \(2^{60}\), i.e., only 16 times faster than exhaustive key search.

[1]  Adi Shamir,et al.  Key Recovery Attacks on 3-round Even-Mansour, 8-step LED-128, and Full AES2 , 2013, IACR Cryptol. ePrint Arch..

[2]  Vincent Rijmen,et al.  Rebound Distinguishers: Results on the Full Whirlpool Compression Function , 2009, ASIACRYPT.

[3]  John P. Steinberger,et al.  Key-Alternating Ciphers in a Provable Setting: Encryption Using a Small Number of Public Permutations , 2012, IACR Cryptol. ePrint Arch..

[4]  Vincent Rijmen,et al.  Understanding Two-Round Differentials in AES , 2006, SCN.

[5]  Yishay Mansour,et al.  A construction of a cipher from a single pseudorandom permutation , 1997, Journal of Cryptology.

[6]  Yu Sasaki Meet-in-the-Middle Preimage Attacks on AES Hashing Modes and an Application to Whirlpool , 2013 .

[7]  Yu Sasaki,et al.  Preimage Attacks on One-Block MD4, 63-Step MD5 and More , 2009, Selected Areas in Cryptography.

[8]  Bart Preneel,et al.  Improved Meet-in-the-Middle Attacks on Reduced-Round DES , 2007, INDOCRYPT.

[9]  Kyoji Shibutani,et al.  Security Analysis of the Lightweight Block Ciphers XTEA, LED and Piccolo , 2012, ACISP.

[10]  Anne Canteaut,et al.  Sieve-in-the-Middle: Improved MITM Attacks (Full Version) , 2013, IACR Cryptol. ePrint Arch..

[11]  Anne Canteaut,et al.  PRINCE - A Low-Latency Block Cipher for Pervasive Computing Applications - Extended Abstract , 2012, ASIACRYPT.

[12]  Thomas Peyrin,et al.  Super-Sbox Cryptanalysis: Improved Attacks for AES-Like Permutations , 2010, FSE.

[13]  Yu Sasaki,et al.  Meet-in-the-Middle Preimage Attacks Against Reduced SHA-0 and SHA-1 , 2009, CRYPTO.

[14]  Kazue Sako,et al.  Advances in cryptology -- ASIACRYPT 2012 : 18th International Conference on the Theory and Application of Cryptology and Information Security, Beijing, China, December 2-6 2012 : proceedings , 2012 .

[15]  Thomas Peyrin,et al.  The LED Block Cipher , 2011, IACR Cryptol. ePrint Arch..

[16]  Dmitry Khovratovich,et al.  New Preimage Attacks against Reduced SHA-1 , 2012, CRYPTO.

[17]  Martin E. Hellman,et al.  On the security of multiple encryption , 1981, CACM.

[18]  María Naya-Plasencia,et al.  Block Ciphers That Are Easier to Mask: How Far Can We Go? , 2013, CHES.

[19]  Hongjun Wu,et al.  Improved Meet-in-the-Middle Cryptanalysis of KTANTAN (Poster) , 2011, ACISP.

[20]  Vincent Rijmen,et al.  Differential Analysis of the LED Block Cipher , 2012, IACR Cryptol. ePrint Arch..

[21]  Pierre-Alain Fouque,et al.  Automatic Search of Attacks on round-reduced AES and Applications , 2011, IACR Cryptol. ePrint Arch..

[22]  Yu Sasaki,et al.  Preimage Attacks on Step-Reduced MD5 , 2008, ACISP.