Related-Key Impossible Differential Analysis of Full Khudra

Khudra is a block cipher proposed by Souvik Kolay and Debdeep Mukhopadhyay in the SPACE 2014 conference which is applicable to Field Programmable Gate Arrays (FPGAs). It is an 18-round lightweight cipher based on recursive Feistel structure, with a 64-bit block size and 80-bit key size. The designers indicated that 18 rounds of Khudra provide sufficient security margin for related key attacks. But in this paper, we obtain \(2^{16}\) 14-round related-key impossible differentials of Khudra, and based on these related-key impossible differentials for 32 related keys, we launch an attack on the full Khudra with data complexity of \(2^{63}\) related-key chosen-plaintexts, time complexity of about \(2^{68.46}\) encryptions and memory complexity of \(2^{64}\). This is the first known attack on full Khudra.

[1]  Amr M. Youssef,et al.  Meet-in-the-Middle Attacks on Round-Reduced Khudra , 2015, SPACE.

[2]  Lars R. Knudsen,et al.  Truncated and Higher Order Differentials , 1994, FSE.

[3]  Mingsheng Wang,et al.  Automatic Search of Truncated Impossible Differentials for Word-Oriented Block Ciphers , 2012, INDOCRYPT.

[4]  Wenling Wu,et al.  LBlock: A Lightweight Block Cipher , 2011, ACNS.

[5]  Eli Biham,et al.  New types of cryptanalytic attacks using related keys , 1994, Journal of Cryptology.

[6]  Anne Canteaut,et al.  PRINCE - A Low-Latency Block Cipher for Pervasive Computing Applications - Extended Abstract , 2012, ASIACRYPT.

[7]  Alex Biryukov,et al.  Impossible Differential Attack , 2005, Encyclopedia of Cryptography and Security.

[8]  Chao Li,et al.  Impossible differential cryptanalysis of SPN ciphers , 2011, IET Inf. Secur..

[9]  Jongsung Kim,et al.  Impossible Differential Cryptanalysis for Block Cipher Structures , 2003, INDOCRYPT.

[10]  Mohammad Dakhilalian,et al.  Impossible differential cryptanalysis of reduced-round Camellia-256 , 2011, IET Inf. Secur..

[11]  Susan K. Langford,et al.  Differential-Linear Cryptanalysis , 1994, CRYPTO.

[12]  María Naya-Plasencia,et al.  Scrutinizing and Improving Impossible Differential Attacks: Applications to CLEFIA, Camellia, LBlock and Simon (Full Version) , 2014, IACR Cryptol. ePrint Arch..

[13]  David A. Wagner,et al.  The Boomerang Attack , 1999, FSE.

[14]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[15]  Alex Biryukov,et al.  Advanced Slide Attacks , 2000, EUROCRYPT.

[16]  Eli Biham,et al.  Cryptanalysis of Skipjack Reduced to 31 Rounds Using Impossible Differentials , 1999, Journal of Cryptology.

[17]  Xuejia Lai,et al.  Impossible differential cryptanalysis of MARS-like structures , 2015, IET Inf. Secur..

[18]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[19]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[20]  Shaozhen Chen,et al.  Security analysis of Khudra: a lightweight block cipher for FPGAs , 2016, Secur. Commun. Networks.

[21]  Yvo Desmedt,et al.  Related-Key Differential Cryptanalysis of 192-bit Key AES Variants , 2003, Selected Areas in Cryptography.

[22]  Pulak Mishra,et al.  Mergers, Acquisitions and Export Competitive- ness: Experience of Indian Manufacturing Sector , 2012 .

[23]  Kexin Qiao,et al.  Related-Key Rectangle Attack on Round-reduced Khudra Block Cipher , 2015, NSS.

[24]  Thomas Peyrin,et al.  The LED Block Cipher , 2011, IACR Cryptol. ePrint Arch..

[25]  Mehmet Ozen,et al.  A Guess-and-Determine Attack on Reduced-Round Khudra and Weak Keys of Full Cipher , 2015, IACR Cryptol. ePrint Arch..

[26]  Debdeep Mukhopadhyay,et al.  Khudra: A New Lightweight Block Cipher for FPGAs , 2014, SPACE.

[27]  Jason Smith,et al.  The SIMON and SPECK Families of Lightweight Block Ciphers , 2013, IACR Cryptol. ePrint Arch..

[28]  Guang Gong,et al.  A unified method for finding impossible differentials of block cipher structures , 2014, Inf. Sci..

[29]  Behnam Bahrak,et al.  Impossible differential attack on seven-round AES-128 , 2008, IET Inf. Secur..