Slender-Set Differential Cryptanalysis

This paper considers PRESENT-like ciphers with key-dependent S-boxes. We focus on the setting where the same selection of S-boxes is used in every round. One particular variant with 16 rounds, proposed in 2009, is broken in practice in a chosen plaintext/chosen ciphertext scenario. Extrapolating these results suggests that up to 28 rounds of such ciphers can be broken. Furthermore, we outline how our attack strategy can be applied to an extreme case where the S-boxes are chosen uniformly at random for each round, and where the bit permutation is key-dependent as well.

[1]  J. Hartmanis,et al.  Advances in Cryptology: Crypto, 90 : Proceedings , 1991 .

[2]  Bruce Schneier,et al.  The Twofish encryption algorithm: a 128-bit block cipher , 1999 .

[3]  Gregor Leander,et al.  A Cryptanalysis of PRINTcipher: The Invariant Subspace Attack , 2011, CRYPTO.

[4]  Joo Yeon Cho,et al.  Linear Cryptanalysis of Reduced-Round PRESENT , 2010, CT-RSA.

[5]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[6]  Bruce Schneier,et al.  Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish) , 1993, FSE.

[7]  Lars R. Knudsen,et al.  Cryptanalysis of C2 , 2009, CRYPTO.

[8]  Eli Biham,et al.  How to Strengthen DES Using Existing Hardware , 1994, ASIACRYPT.

[9]  Serge Vaudenay,et al.  On the Weak Keys of Blowfish , 1996, FSE.

[10]  Feller William,et al.  An Introduction To Probability Theory And Its Applications , 1950 .

[11]  Alex Biryukov,et al.  Structural Cryptanalysis of SASAS , 2001, Journal of Cryptology.

[12]  Henri Gilbert,et al.  A Chosen Plaintext Attack of the 16-round Khufu Cryptosystem , 1994, CRYPTO.

[13]  Ruby B. Lee,et al.  Maya: A Novel Block Encryption Function , 2009 .

[14]  Matthew J. B. Robshaw,et al.  PRINTcipher: A Block Cipher for IC-Printing , 2010, CHES.

[15]  William Feller,et al.  An Introduction to Probability Theory and Its Applications , 1967 .

[16]  Gregor Leander,et al.  Differential Cryptanalysis of Round-Reduced PRINTcipher: Computing Roots of Permutations , 2011, FSE.

[17]  Ralph C. Merkle,et al.  Fast Software Encryption Functions , 1990, CRYPTO.