全方位FRIET的实际攻击

IF 1.7 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

IACR Transactions on Symmetric Cryptology Pub Date : 2022-12-07 DOI:10.46586/tosc.v2022.i4.105-119

Senpeng Wang, D. Feng, Bin Hu, Jie Guan, Tairong Shi

{"title":"全方位FRIET的实际攻击","authors":"Senpeng Wang, D. Feng, Bin Hu, Jie Guan, Tairong Shi","doi":"10.46586/tosc.v2022.i4.105-119","DOIUrl":null,"url":null,"abstract":"FRIET is a duplex-based authenticated encryption scheme proposed at EUROCRYPT 2020. It follows a novel design approach for built-in countermeasures against fault attacks. By a judicious choice of components, the designers propose the permutation FRIET-PC that can be used to build an authenticated encryption cipher denoted as FRIET-AE. And FRIET-AE provides a 128-bit security claim for integrity and confidentiality. In this paper, we research the propagation of pairs of differences and liner masks through the round function of FRIET-PC. For the full-round FRIET-PC, we can construct a differential distinguisher whose probability is 1 and a linear distinguisher whose absolute value of correlation is 1. Moreover, we use the differential distinguisher with probability 1 to construct a set consisting of valid tags and ciphertexts which are not created by legal users. This breaks FRIET-AE’s security claim for integrity and confidentiality. As far as we know, this is the first practical attack that threatens the security of FRIET-AE.","PeriodicalId":37077,"journal":{"name":"IACR Transactions on Symmetric Cryptology","volume":"85 1","pages":"105-119"},"PeriodicalIF":1.7000,"publicationDate":"2022-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Practical Attacks on Full-round FRIET\",\"authors\":\"Senpeng Wang, D. Feng, Bin Hu, Jie Guan, Tairong Shi\",\"doi\":\"10.46586/tosc.v2022.i4.105-119\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"FRIET is a duplex-based authenticated encryption scheme proposed at EUROCRYPT 2020. It follows a novel design approach for built-in countermeasures against fault attacks. By a judicious choice of components, the designers propose the permutation FRIET-PC that can be used to build an authenticated encryption cipher denoted as FRIET-AE. And FRIET-AE provides a 128-bit security claim for integrity and confidentiality. In this paper, we research the propagation of pairs of differences and liner masks through the round function of FRIET-PC. For the full-round FRIET-PC, we can construct a differential distinguisher whose probability is 1 and a linear distinguisher whose absolute value of correlation is 1. Moreover, we use the differential distinguisher with probability 1 to construct a set consisting of valid tags and ciphertexts which are not created by legal users. This breaks FRIET-AE’s security claim for integrity and confidentiality. As far as we know, this is the first practical attack that threatens the security of FRIET-AE.\",\"PeriodicalId\":37077,\"journal\":{\"name\":\"IACR Transactions on Symmetric Cryptology\",\"volume\":\"85 1\",\"pages\":\"105-119\"},\"PeriodicalIF\":1.7000,\"publicationDate\":\"2022-12-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IACR Transactions on Symmetric Cryptology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.46586/tosc.v2022.i4.105-119\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, SOFTWARE ENGINEERING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IACR Transactions on Symmetric Cryptology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.46586/tosc.v2022.i4.105-119","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

摘要

FRIET是在EUROCRYPT 2020上提出的基于双工的身份验证加密方案。它采用了一种新颖的设计方法来内置对抗故障攻击的对策。通过对组件的明智选择，设计人员提出了可用于构建标识为FRIET-AE的认证加密密码的FRIET-PC排列。FRIET-AE为完整性和机密性提供了128位的安全声明。本文通过FRIET-PC的圆函数研究了差分对和线性掩模的传播。对于全圆FRIET-PC，我们可以构造一个概率为1的微分区分器和一个相关绝对值为1的线性区分器。此外，我们使用概率为1的微分区分符构造了一个由合法用户创建的有效标签和密文组成的集合。这打破了FRIET-AE对完整性和保密性的安全要求。据我们所知，这是第一次威胁到FRIET-AE安全的实际攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Practical Attacks on Full-round FRIET

FRIET is a duplex-based authenticated encryption scheme proposed at EUROCRYPT 2020. It follows a novel design approach for built-in countermeasures against fault attacks. By a judicious choice of components, the designers propose the permutation FRIET-PC that can be used to build an authenticated encryption cipher denoted as FRIET-AE. And FRIET-AE provides a 128-bit security claim for integrity and confidentiality. In this paper, we research the propagation of pairs of differences and liner masks through the round function of FRIET-PC. For the full-round FRIET-PC, we can construct a differential distinguisher whose probability is 1 and a linear distinguisher whose absolute value of correlation is 1. Moreover, we use the differential distinguisher with probability 1 to construct a set consisting of valid tags and ciphertexts which are not created by legal users. This breaks FRIET-AE’s security claim for integrity and confidentiality. As far as we know, this is the first practical attack that threatens the security of FRIET-AE.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IACR Transactions on Symmetric Cryptology Mathematics-Applied Mathematics

CiteScore

5.50

自引率

22.90%

发文量