[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

Cryptanalysis of Ascon

  • Conference paper
  • First Online:
Topics in Cryptology –- CT-RSA 2015 (CT-RSA 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9048))

Included in the following conference series:

Abstract

We present a detailed security analysis of the CAESAR candidate Ascon. Amongst others, cube-like, differential and linear cryptanalysis are used to evaluate the security of Ascon. Our results are practical key-recovery attacks on round-reduced versions of Ascon-128, where the initialization is reduced to 5 out of 12 rounds. Theoretical key-recovery attacks are possible for up to 6 rounds of initialization. Moreover, we present a practical forgery attack for 3 rounds of the finalization, a theoretical forgery attack for 4 rounds finalization and zero-sum distinguishers for the full 12-round Ascon permutation. Besides, we present the first results regarding linear cryptanalysis of Ascon, improve upon the results of the designers regarding differential cryptanalysis, and prove bounds on the minimum number of (linearly and differentially) active S-boxes for the Ascon permutation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 35.99
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 44.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Aumasson, J.P., Meier, W.: Zero-sum distinguishers for reduced Keccak-\(f\) and for the core functions of Luffa and Hamsi. CHES rump session (2009)

    Google Scholar 

  2. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak Specifications. Submission to NIST (Round 3) (2011). http://keccak.noekeon.org

  3. Biere, A.: Lingeling, Plingeling and Treengeling entering the SAT Competition 2013. In: Balint, A., Belov, A., Heule, M., Järvisalo, M. (eds.) SAT competition 2013. vol. B-2013-1, pp. 51–52 (2013). http://fmv.jku.at/lingeling/

  4. Biham, E., Dunkelman, O., Keller, N.: Enhancing Differential-Linear Cryptanalysis. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 254–266. Springer, Heidelberg (2002)

    Google Scholar 

  5. Biham, E., Shamir, A.: Differential Cryptanalysis of DES-like Cryptosystems. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991)

    Google Scholar 

  6. Boura, C., Canteaut, A.: A zero-sum property for the Keccak-\(f\) permutation with 18 rounds. In: IEEE International Symposium on Information Theory, pp. 2488–2492. IEEE (2010)

    Google Scholar 

  7. Boura, C., Canteaut, A., De Cannière, C.: Higher-order differential properties of keccak and Luffa. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 252–269. Springer, Heidelberg (2011)

    Google Scholar 

  8. Daemen, J.: Permutation-based Encryption. Authentication and Authenticated Encryption, DIAC - Directions in Authenticated Ciphers (2012)

    Google Scholar 

  9. Dinur, I., Morawiecki, P., Pieprzyk, J., Srebrny, M., Straus, M.: Cube Attacks and Cube-attack-like Cryptanalysis on the Round-reduced Keccak Sponge Function. IACR Cryptology ePrint Archive 2014, 736 (2014). http://eprint.iacr.org/2014/736

  10. Dinur, I., Shamir, A.: Cube Attacks on Tweakable Black Box Polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278–299. Springer, Heidelberg (2009)

    Google Scholar 

  11. Dobraunig, C., Eichlseder, M., Mendel, F., Schläffer, M.: Ascon. Submission to the CAESAR competition (2014). http://ascon.iaik.tugraz.at

  12. Dunkelman, O., Indesteege, S., Keller, N.: A Differential-Linear Attack on 12-Round Serpent. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 308–321. Springer, Heidelberg (2008)

    Google Scholar 

  13. Ganesh, V., Dill, D.L.: A decision procedure for bit-vectors and arrays. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 519–531. Springer, Heidelberg (2007)

    Google Scholar 

  14. Huang, T., Wu, H., Tjuawinata, I.: Practical State Recovery Attack on ICEPOLE. http://www3.ntu.edu.sg/home/huangtao/icepole/icepole_attack.pdf

  15. Jovanovic, P., Luykx, A., Mennink, B.: Beyond 2\(^{\mathit{c}/2}\) Security in Sponge-Based Authenticated Encryption Modes. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 85–104. Springer, Heidelberg (2014)

    Google Scholar 

  16. Langford, S.K.: Differential-linear cryptanalysis and threshold signatures. Ph.D. thesis, Stanford University (1995)

    Google Scholar 

  17. Langford, S.K., Hellman, M.E.: Differential-linear cryptanalysis. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 17–25. Springer, Heidelberg (1994)

    Google Scholar 

  18. Matsui, M., Yamagishi, A.: A New Method for Known Plaintext Attack of FEAL Cipher. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 81–91. Springer, Heidelberg (1993)

    Google Scholar 

  19. National Institute of Standards and Technology: FIPS PUB 180–4: Secure Hash Standard. Federal Information Processing Standards Publication 180–4, U.S. Department of Commerce (March 2012). http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf

  20. The CAESAR committee: CAESAR: Competition for authenticated encryption: Security, applicability, and robustness (2014). http://competitions.cr.yp.to/caesar.html

Download references

Author information

Authors and Affiliations

  1. IAIK, Graz University of Technology, Graz, Austria

    Christoph Dobraunig, Maria Eichlseder & Florian Mendel

  2. Infineon Technologies AG, Villach, Austria

    Martin Schläffer

Authors
  1. Christoph Dobraunig
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maria Eichlseder
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Florian Mendel
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Martin Schläffer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Christoph Dobraunig .

Editor information

Editors and Affiliations

  1. Aalto University School of Science, Espoo, Finland

    Kaisa Nyberg

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Dobraunig, C., Eichlseder, M., Mendel, F., Schläffer, M. (2015). Cryptanalysis of Ascon . In: Nyberg, K. (eds) Topics in Cryptology –- CT-RSA 2015. CT-RSA 2015. Lecture Notes in Computer Science(), vol 9048. Springer, Cham. https://doi.org/10.1007/978-3-319-16715-2_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-16715-2_20

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-16714-5

  • Online ISBN: 978-3-319-16715-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics