Related-Key Boomerang Attack on Block Cipher SQUARE

Square is an 8-round SPN structure block cipher and its round function and key schedule have been slightly modified to design building blocks of Rijndael. Key schedule of Square is simple and efficient but fully affine, so we apply a related-key attack on it. We find a 3-round related-key differential trail with probability 2-28, which has zero differences both on its input and output states, which is called local collision in [6]. By extending of this related-key differential, we construct a successful attack on full rounds of Square. In this paper, we present a key recovery attack on full rounds of Square using a related-key boomerang distinguisher. We construct a 7-round related-key boomerang distinguisher with probability 2-119 by finding local collision, and calculate its probability using ladder switch and multiple path estimation techniques. As a result, one round on top of the distinguisher is added to construct an attack on full rounds of Square which recovers 16-bit key information with 2123 encryptions and 2121 data.

[1]  Eli Biham,et al.  New Results on Boomerang and Rectangle Attacks , 2002, FSE.

[2]  David A. Wagner,et al.  Tweakable Block Ciphers , 2002, CRYPTO.

[3]  Antoine Joux,et al.  On the Security of Randomized CBC-MAC Beyond the Birthday Paradox Limit: A New Construction , 2002, FSE.

[4]  Mihir Bellare,et al.  A Theoretical Treatment of Related-Key Attacks: RKA-PRPs, RKA-PRFs, and Applications , 2003, EUROCRYPT.

[5]  Eli Biham,et al.  New types of cryptanalytic attacks using related keys , 1994, Journal of Cryptology.

[6]  Antoine Joux,et al.  Differential Collisions in SHA-0 , 1998, CRYPTO.

[7]  Bruce Schneier,et al.  Improved Cryptanalysis of Rijndael , 2000, FSE.

[8]  Eli Biham,et al.  A Related-Key Rectangle Attack on the Full KASUMI , 2005, ASIACRYPT.

[9]  Alex Biryukov,et al.  Key Recovery Attacks of Practical Complexity on AES Variants With Up To 10 Rounds , 2010, IACR Cryptol. ePrint Arch..

[10]  Stefan Lucks,et al.  New Related-Key Boomerang Attacks on AES , 2008, INDOCRYPT.

[11]  Bruce Schneier,et al.  Amplified Boomerang Attacks Against Reduced-Round MARS and Serpent , 2000, FSE.

[12]  Eli Biham,et al.  Related-Key Boomerang and Rectangle Attacks , 2005, EUROCRYPT.

[13]  Alex Biryukov,et al.  Distinguisher and Related-Key Attack on the Full AES-256 , 2009, CRYPTO.

[14]  David A. Wagner,et al.  The Boomerang Attack , 1999, FSE.

[15]  Vincent Rijmen,et al.  The Block Cipher Square , 1997, FSE.

[16]  Stefan Lucks Ciphers Secure against Related-Key Attacks , 2004, FSE.

[17]  Alex Biryukov,et al.  Related-Key Cryptanalysis of the Full AES-192 and AES-256 , 2009, ASIACRYPT.