Differential Cryptanalysis of 18-Round PRIDE

The rapid growth of the Internet of Things together with the increasing popularity of connected objects have created a need for secure, efficient and lightweight ciphers. Among the multitude of candidates, the block cipher PRIDE is, to this day, one of the most efficient solutions for 8-bit micro-controllers. In this paper, we provide new insights and a better understanding of differential attacks of PRIDE. First, we show that two previous attacks are incorrect, and describe (new and old) properties of the cipher that make such attacks intricate. Based on this understanding, we show how to properly mount a differential attack. Our proposal is the first single key differential attack that reaches 18 rounds out of 20. It requires \(2^{61}\) chosen plaintexts and recovers the 128-bit key with a final time complexity of \(2^{63.3}\) encryptions, while requiring a memory of about \(2^{35}\) blocks of 64 bits.

[1]  Cihangir Tezcan Improbable differential attacks on Present using undisturbed bits , 2014, J. Comput. Appl. Math..

[2]  Yee Wei Law,et al.  KLEIN: A New Family of Lightweight Block Ciphers , 2010, RFIDSec.

[3]  A. E. Harmanci,et al.  ITUbee: A Software Oriented Lightweight Block Cipher , 2013, LightSec.

[4]  Nicky Mouha,et al.  More Rounds, Less Security? , 2015, IACR Cryptol. ePrint Arch..

[5]  Christof Paar,et al.  Block Ciphers - Focus on the Linear Layer (feat. PRIDE) , 2014, CRYPTO.

[6]  Jason Smith,et al.  The SIMON and SPECK lightweight block ciphers , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[7]  Lei Hu,et al.  Improved Differential Analysis of Block Cipher PRIDE , 2015, IACR Cryptol. ePrint Arch..

[8]  Nazife Baykal,et al.  Differential Attacks on Lightweight Block Ciphers PRESENT, PRIDE, and RECTANGLE Revisited , 2016, LightSec.

[9]  Meiqin Wang,et al.  Differential Analysis on Block Cipher PRIDE , 2014, IACR Cryptol. ePrint Arch..

[10]  Joe Kilian,et al.  How to Protect DES Against Exhaustive Key Search (an Analysis of DESX) , 2015, Journal of Cryptology.

[11]  Anne Canteaut,et al.  A First DFA on PRIDE: From Theory to Practice , 2016, CRiSIS.

[12]  Jean-Jacques Quisquater,et al.  SEA: A Scalable Encryption Algorithm for Small Embedded Applications , 2006, CARDIS.

[13]  Ferruh Özbudak,et al.  Differential Factors: Improved Attacks on SERPENT , 2014, LightSec.

[14]  Itai Dinur,et al.  Cryptanalytic Time-Memory-Data Tradeoffs for FX-Constructions with Applications to PRINCE and PRIDE , 2015, EUROCRYPT.

[15]  Shaozhen Chen,et al.  Cryptanalysis of full PRIDE block cipher , 2015, Science China Information Sciences.