More Web Proxy on the site http://driver.im/

Article

Cryptanalysis of ForkAES

Authors:

Subhadeep Banik,

Jannis Bossert,

Mostafizar Rahman,

Yu SasakiAuthors Info & Claims

Applied Cryptography and Network Security: 17th International Conference, ACNS 2019, Bogota, Colombia, June 5–7, 2019, Proceedings

Pages 43 - 63

https://doi.org/10.1007/978-3-030-21568-2_3

Published: 05 June 2019 Publication History

Abstract

Forkciphers are a new kind of primitive proposed recently by Andreeva et al. for efficient encryption and authentication of small messages. They fork the middle state of a cipher and encrypt it twice under two smaller independent permutations. Thus, forkciphers produce two output blocks in one primitive call.

Andreeva et al. proposed ForkAES, a tweakable AES-based forkcipher that splits the state after five out of ten rounds. While their authenticated encrypted schemes were accompanied by proofs, the security discussion for ForkAES was not provided, and founded on existing results on the AES and KIASU-BC. Forkciphers provide a unique interface called reconstruction queries that use one ciphertext block as input and compute the respective other ciphertext block. Thus, they deserve a careful security analysis.

This work fosters the understanding of the security of ForkAES with three contributions: (1) We observe that security in reconstruction queries differs strongly from the existing results on the AES. This allows to attack nine out of ten rounds with differential, impossible-differential and yoyo attacks. (2) We observe that some forkcipher modes may lack the interface of reconstruction queries, so that attackers must use encryption queries. We show that nine rounds can still be attacked with rectangle and impossible-differential attacks. (3) We present forgery attacks on the AE modes proposed by Andreeva et al. with nine-round ForkAES.

References

[1]

Andreeva, E., Reyhanitabar, R., Varici, K., Vizár, D.: Forking a blockcipher for authenticated encryption of very short messages. IACR Archive (2018). https://eprint.iacr.org/2018/916, Version: 20180926:123554

[2]

Banik, S., et al.: Cryptanalysis of ForkAES. Cryptology ePrint Archive, Report 2019/289 (2019). https://eprint.iacr.org/2019/289

[3]

Biham E, Biryukov A, Dunkelman O, Richardson E, and Shamir A Tavares S and Meijer H Initial observations on skipjack: cryptanalysis of skipjack-3XOR Selected Areas in Cryptography 1999 Heidelberg Springer 362-375

[4]

Biham E, Biryukov A, and Shamir A Stern J Cryptanalysis of skipjack reduced to 31 rounds using impossible differentials Advances in Cryptology — EUROCRYPT 99 1999 Heidelberg Springer 12-23

[5]

Biham E, Dunkelman O, and Keller N Pfitzmann B The rectangle attack - rectangling the serpent Advances in Cryptology — EUROCRYPT 2001 2001 Heidelberg Springer 340-357

[6]

Biham E, Dunkelman O, and Keller N Daemen J and Rijmen V New results on boomerang and rectangle attacks Fast Software Encryption 2002 Heidelberg Springer 1-16

[7]

Blondeau C Accurate Estimate of the Advantage of Impossible Differential Attacks IACR Trans. Symmetric Cryptol. 2017 2017 3 169-191

[8]

Boura C, Lallemand V, Naya-Plasencia M, and Suder V Making the impossible possible J. Cryptol. 2018 31 1 101-133

Digital Library

[9]

Boura C, Naya-Plasencia M, and Suder V Sarkar P and Iwata T Scrutinizing and improving impossible differential attacks: applications to CLEFIA, Camellia, LBlock and Simon Advances in Cryptology – ASIACRYPT 2014 2014 Heidelberg Springer 179-199

[10]

Cid C, Huang T, Peyrin T, Sasaki Y, and Song L Nielsen JB and Rijmen V Boomerang connectivity table: a new cryptanalysis tool Advances in Cryptology – EUROCRYPT 2018 2018 Cham Springer 683-714

[11]

Daemen J and Rijmen V The Design of Rijndael: AES - The Advanced Encryption Standard 2002 Heidelberg Springer

[12]

Derbez P Peyrin T Note on impossible differential attacks Fast Software Encryption 2016 Heidelberg Springer 416-427

Digital Library

[13]

Dobraunig C and List E Handschuh H Impossible-differential and boomerang cryptanalysis of round-reduced Kiasu-BC Topics in Cryptology – CT-RSA 2017 2017 Cham Springer 207-222

[14]

Grassi L, Rechberger C, and Rønjom S Subspace trail cryptanalysis and its applications to AES IACR Trans. Symmetric Cryptol. 2016 2016 2 192-225

[15]

Jean J, Nikolić I, and Peyrin T Sarkar P and Iwata T Tweaks and keys for block ciphers: the TWEAKEY framework Advances in Cryptology – ASIACRYPT 2014 2014 Heidelberg Springer 274-288

[16]

Kara O Chowdhury DR, Rijmen V, and Das A Reflection cryptanalysis of some ciphers Progress in Cryptology - INDOCRYPT 2008 2008 Heidelberg Springer 294-307

Digital Library

[17]

Knudsen L DEAL - a 128-bit block cipher Complexity 1998 258 2 216

[18]

Murphy S The return of the cryptographic boomerang IEEE Trans. Inf. Theory 2011 57 4 2517-2521

Digital Library

[19]

National Institute of Standards and Technology. FIPS 197. National Institute of Standards and Technology, November, pp. 1–51 (2001)

[20]

Rønjom S, Bardeh NG, and Helleseth T Takagi T and Peyrin T Yoyo tricks with AES Advances in Cryptology – ASIACRYPT 2017 2017 Cham Springer 217-243

[21]

Tolba, M., Abdelkhalek, A., Youssef, A.M.: A meet in the middle attack on reduced round Kiasu-BC. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. E99-A(10), 21–34 (2016)

[22]

Wagner D Knudsen L The boomerang attack Fast Software Encryption 1999 Heidelberg Springer 156-170

Cited By

Andreeva ECogliati BLallemand VMinier MPurnal ARoy A(2024)Masked Iterate-Fork-Iterate: A New Design Paradigm for Tweakable Expanding Pseudorandom FunctionApplied Cryptography and Network Security10.1007/978-3-031-54773-7_17(433-459)Online publication date: 5-Mar-2024
https://dl.acm.org/doi/10.1007/978-3-031-54773-7_17
Nakahashi MShiba RAnand RRahman MSakamoto KLiu FIsobe T(2023)Ghidle: Efficient Large-State Block Ciphers for Post-quantum SecurityInformation Security and Privacy10.1007/978-3-031-35486-1_18(403-430)Online publication date: 5-Jul-2023
https://dl.acm.org/doi/10.1007/978-3-031-35486-1_18
Jiang ZJin C(2022)Multiple Impossible Differential Attacks for ForkAESSecurity and Communication Networks10.1155/2022/53600322022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/5360032
Show More Cited By

Recommendations

Differential Cryptanalysis of Round-Reduced Sparx-64/128
Applied Cryptography and Network Security
Abstract
Sparx is a family of ARX-based block ciphers designed according to the long-trail strategy (LTS) that were both introduced by Dinu et al. at ASIACRYPT’16. Similar to the wide-trail strategy, the LTS allows provable upper bounds on the length of ...
$^{}$ $^{}$ $^{}$ $^{}$ $^{}$
Improved Impossible Differential Cryptanalysis of Reduced-Round Camellia
Selected Areas in Cryptography

The block cipher Camellia has now been adopted as an international standard by ISO/IEC, and it has also been selected to be Japanese CRYPTREC e-government recommended cipher and in the NESSIE block cipher portfolio. Most recently, Wu et al constructed ...
New impossible differential cryptanalysis of reduced-round camellia
CANS'11: Proceedings of the 10th international conference on Cryptology and Network Security

Camellia is one of the widely used block ciphers, which has been selected as an international standard by ISO/IEC. This paper introduces a 7-round impossible differential of Camellia including <em>FL</em> /<em>FL</em> ⁻¹ layer. Utilizing impossible ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

Applied Cryptography and Network Security: 17th International Conference, ACNS 2019, Bogota, Colombia, June 5–7, 2019, Proceedings

Jun 2019

600 pages

ISBN:978-3-030-21567-5

DOI:10.1007/978-3-030-21568-2

Editors:
Robert H. Deng
Singapore Management University, Singapore, Singapore
,
Valérie Gauthier-Umaña
Universidad del Rosario, Bogota, Colombia
,
Martín Ochoa
Cyxtera Technologies, Bogota, Colombia
,
Moti Yung
Columbia University, New York, NY, USA

© Springer Nature Switzerland AG 2019.

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 05 June 2019

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 31 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Andreeva ECogliati BLallemand VMinier MPurnal ARoy A(2024)Masked Iterate-Fork-Iterate: A New Design Paradigm for Tweakable Expanding Pseudorandom FunctionApplied Cryptography and Network Security10.1007/978-3-031-54773-7_17(433-459)Online publication date: 5-Mar-2024
https://dl.acm.org/doi/10.1007/978-3-031-54773-7_17
Nakahashi MShiba RAnand RRahman MSakamoto KLiu FIsobe T(2023)Ghidle: Efficient Large-State Block Ciphers for Post-quantum SecurityInformation Security and Privacy10.1007/978-3-031-35486-1_18(403-430)Online publication date: 5-Jul-2023
https://dl.acm.org/doi/10.1007/978-3-031-35486-1_18
Jiang ZJin C(2022)Multiple Impossible Differential Attacks for ForkAESSecurity and Communication Networks10.1155/2022/53600322022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/5360032
Rahman MSaha DPaul G(2020)Cryptanalysis of FlexAEADProgress in Cryptology - AFRICACRYPT 202010.1007/978-3-030-51938-4_8(152-171)Online publication date: 20-Jul-2020
https://dl.acm.org/doi/10.1007/978-3-030-51938-4_8
Balli FBanik S(2019)Exploring Lightweight Efficiency of ForkAESProgress in Cryptology – INDOCRYPT 201910.1007/978-3-030-35423-7_26(514-534)Online publication date: 15-Dec-2019
https://dl.acm.org/doi/10.1007/978-3-030-35423-7_26

View Options

View options

Media

Figures

Other

Tables

View Table of Contents