Cryptanalysis of Round-Reduced Fantomas, Robin and iSCREAM

In this work, we focus on LS-design ciphers Fantomas, Robin, and iSCREAM. LS-designs are a family of bitslice ciphers aimed at efficient masked implementations against side-channel analysis. We have analyzed Fantomas and Robin with a technique that previously has not been applied to both algorithms or linear cryptanalysis. The idea behind linear cryptanalysis is to build a linear characteristic that describes the relation between plaintext and ciphertext bits. Such a relationship should hold with probability 0.5 (bias is zero) for a secure cipher. Therefore, we try to find a linear characteristic between plaintext and ciphertext where bias is not equal to zero. This non-random behavior of cipher could be converted to some key-recovery attack. For Fantomas and Robin, we find 5 and 7-round linear characteristics. Using these characteristics, we attack both the ciphers with reduced rounds and recover the key for the same number of rounds. We also apply linear cryptanalysis to the famous CAESAR candidate iSCREAM and the closely related LS-design Robin. For iScream, we apply linear cryptanalysis to the round-reduced cipher and find a 7-round best linear characteristics. Based on those linear characteristics we extend the path in the related-key scenario for a higher number of rounds.

[1]  Ashutosh Dhar Dwivedi,et al.  Differential-linear and Impossible Differential Cryptanalysis of Round-reduced Scream , 2017, SECRYPT.

[2]  David A. Wagner,et al.  Tweakable Block Ciphers , 2002, CRYPTO.

[3]  Feng Hao,et al.  Cryptanalysis of a Chaotic Image Encryption Algorithm Based on Information Entropy , 2018, IEEE Access.

[4]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[5]  François-Xavier Standaert,et al.  LS-Designs: Bitslice Encryption for Efficient Masked Software Implementations , 2014, FSE.

[6]  Howard M. Heys,et al.  A TUTORIAL ON LINEAR AND DIFFERENTIAL CRYPTANALYSIS , 2002, Cryptologia.

[7]  Chao Li,et al.  Impossible Differential Cryptanalysis of Fantomas and Robin , 2018, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[8]  Kapil Sharma,et al.  Cryptanalysis of image encryption scheme based on a new 1D chaotic system , 2018, Signal Process..

[9]  Ashutosh Dhar Dwivedi,et al.  Differential-linear and related key cryptanalysis of round-reduced scream , 2018, Inf. Process. Lett..

[10]  Saibal K. Pal,et al.  A chaos-based probabilistic block cipher for image encryption , 2018, J. King Saud Univ. Comput. Inf. Sci..

[11]  Josef Pieprzyk,et al.  SAT-based Cryptanalysis of Authenticated Ciphers from the CAESAR Competition , 2016, IACR Cryptol. ePrint Arch..

[12]  Gautam Srivastava,et al.  Differential Cryptanalysis in ARX Ciphers with specific applications to LEA , 2018 .

[13]  Dongdong Lin,et al.  Cryptanalyzing an Image Encryption Algorithm Based on Autoblocking and Electrocardiography , 2017, IEEE MultiMedia.

[14]  Ashutosh Dhar Dwivedi,et al.  Differential cryptanalysis in ARX ciphers, Application to SPECK , 2018, IACR Cryptol. ePrint Arch..

[15]  Kaisa Nyberg,et al.  Joint data and key distribution of simple, multiple, and multidimensional linear cryptanalysis test statistic and its impact to data complexity , 2017, Des. Codes Cryptogr..

[16]  Ashutosh Dhar Dwivedi,et al.  Finding Differential Paths in ARX Ciphers through Nested Monte-Carlo Search , 2018 .

[17]  Gautam Srivastava,et al.  Differential Cryptanalysis of Round-Reduced LEA , 2018, IEEE Access.

[18]  Ashutosh Dhar Dwivedi,et al.  Differential and Rotational Cryptanalysis of Round-reduced MORUS , 2017, SECRYPT.

[19]  Brice Minaud,et al.  A Generic Approach to Invariant Subspace Attacks: Cryptanalysis of Robin, iSCREAM and Zorro , 2015, EUROCRYPT.