Weak Tweak-Keys for the CRAFT Block Cipher

IF 1.7 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

IACR Transactions on Symmetric Cryptology Pub Date : 2022-03-11 DOI:10.46586/tosc.v2022.i1.38-63

G. Leander, Shahram Rasoolzadeh

{"title":"Weak Tweak-Keys for the CRAFT Block Cipher","authors":"G. Leander, Shahram Rasoolzadeh","doi":"10.46586/tosc.v2022.i1.38-63","DOIUrl":null,"url":null,"abstract":"CRAFT is a lightweight tweakable Substitution-Permutation-Network (SPN) block cipher optimized for efficient protection of its implementations against Differential Fault Analysis (DFA) attacks. In this paper, we present an equivalent description of CRAFT up to a simple mapping on the plaintext, ciphertext and round tweakeys. We show that the new representation, for a sub-class of keys, leads to a new structure which is a Feistel network, with non-linear operation and key addition only on half the state. Consequently, it reveals a class of weak keys for which CRAFT is less resistant against differential and linear cryptanalyses. As a result, we present one weak-key single-tweak differential attack on 23 rounds (with time complexity of 294 encryptions and data complexity of 274 chosen plaintext/tweak/ciphertext tuples and works for 2112 weak keys) and one weak-key related-tweak attack on 26 rounds of the cipher (with time complexity of 2105 encryptions and data complexity 273 chosen plaintext/tweak/ciphertext tuples and works for 2108 weak keys). Note that these attacks do not break the security claim of the CRAFT block cipher.","PeriodicalId":37077,"journal":{"name":"IACR Transactions on Symmetric Cryptology","volume":"13 1","pages":"38-63"},"PeriodicalIF":1.7000,"publicationDate":"2022-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IACR Transactions on Symmetric Cryptology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.46586/tosc.v2022.i1.38-63","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 1

Abstract

CRAFT is a lightweight tweakable Substitution-Permutation-Network (SPN) block cipher optimized for efficient protection of its implementations against Differential Fault Analysis (DFA) attacks. In this paper, we present an equivalent description of CRAFT up to a simple mapping on the plaintext, ciphertext and round tweakeys. We show that the new representation, for a sub-class of keys, leads to a new structure which is a Feistel network, with non-linear operation and key addition only on half the state. Consequently, it reveals a class of weak keys for which CRAFT is less resistant against differential and linear cryptanalyses. As a result, we present one weak-key single-tweak differential attack on 23 rounds (with time complexity of 294 encryptions and data complexity of 274 chosen plaintext/tweak/ciphertext tuples and works for 2112 weak keys) and one weak-key related-tweak attack on 26 rounds of the cipher (with time complexity of 2105 encryptions and data complexity 273 chosen plaintext/tweak/ciphertext tuples and works for 2108 weak keys). Note that these attacks do not break the security claim of the CRAFT block cipher.

查看原文本刊更多论文

弱调整键为工艺块密码

CRAFT是一种轻量级可调整的替换置换网络(SPN)分组密码，针对差分故障分析(DFA)攻击进行了优化，可有效保护其实现。在本文中，我们给出了CRAFT的等价描述，直到在明文，密文和圆形微调上的简单映射。我们证明了新的表示，对于一个子类的密钥，导致一个新的结构，这是一个Feistel网络，非线性操作和密钥添加仅在一半的状态。因此，它揭示了一类弱密钥，其中CRAFT对微分和线性密码分析的抵抗力较弱。因此，我们提出了一个针对23轮的弱密钥单微调差分攻击(时间复杂度为294个加密，数据复杂度为274个选择的明文/微调/密文元组，适用于2112个弱密钥)和一个针对26轮密码的弱密钥相关微调攻击(时间复杂度为2105个加密，数据复杂度为273个选择的明文/微调/密文元组，适用于2108个弱密钥)。请注意，这些攻击不会破坏CRAFT分组密码的安全性声明。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IACR Transactions on Symmetric Cryptology Mathematics-Applied Mathematics

CiteScore

5.50

自引率

22.90%

发文量