Article information
2019 , Volume 24, ¹ 3, p.106-116
Soskov A.S., Ryabko B.Y.
The distinguishing attack on ARX-based lightweight block ciphers
The distinguishing attack on modern lightweight ARX-based block ciphers was applied. Distinguishing attack is any form of cryptanalysis on data encrypted by a cipher that allows an attacker distinguishing the encrypted data from random data. Purpose. Modern symmetric-key ciphers must be designed to be immune to such an attack. The purpose of the work was to estimate the resistance of lightweight ciphers Speck, Simon, Simeck, HIGHT, and LEA to a distinguishing attack. Methodology. We note that these ciphers are iterated block ciphers. It is means that they transform blocks of plain text into blocks of cipher text by using the cyclically repeated invertible function known as the round function where each iteration is to be referred as a round. We have experimentally found a maximum number of rounds where encrypted data looked like random bit-sequence by using statistical test “Book Stack”. Then we extrapolated the theoretical length required for a successful distinguishing attack on cipher with full-number rounds by a polynomial of a low degree. Note that cryptography attack is considered as successful if the length of the encrypted sequence is less than the length 2K (K — key size). Originality/value. Our experiments and estimations show, that Simeck with 48bit block size and 96-bit key size is not immune to distinguishing attack. We recommended increasing the number of rounds by 15–20% in order to improve the reliability of the Simeck 48/96.
[full text] [link to elibrary.ru]
Keywords: distinguishing attack, lightweight block cipher, ARX-based cipher, Speck, Simon, Simeck, HIGHT, LEA
doi: 10.25743/ICT.2019.24.3.008
Author(s): Soskov Alexandr Salyakhovich Position: Student Office: Institute of Computational Technologies Address: 630090, Russia, Novosibirsk
E-mail: sashasasha-1987@mail.ru Ryabko Boris Yakovlevich Dr. , Professor Position: Head of Laboratory Office: Federal Research Center for Information and Computational Technologies, Novosibirsk State University Address: 630090, Russia, Novosibirsk, Academician M.A. Lavrentiev avenue, 6
Phone Office: (383) 334-91-24 E-mail: boris@ryabko.net SPIN-code: 5580-5794 References: [1] Junod, P., Canteaut, A. Advanced linear cryptanalysis of block and stream ciphers. Amsterdam: IOS Press; 2011:144.
[2] Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L. The SIMON and SPECK families of lightweight block ciphers. Cryptology ePrint Archive: Report 2013/404. Available at: http://eprint.iacr.org/2013/404 (accessed 25.10.2017).
[3] Yang, G., Zhu, B., Suder, V., Aagaard, M., Gong, G. The simeck family of lightweight block ciphers. Cryptology ePrint Archive: Report 2015/612. Available at: https://eprint.iacr.org/2015/612 (accessed 25.10.2017).
[4] Hong, D., Sung, J., Hong, S., Lim, J., Lee, S., Koo, B. S., Lee, C., Chang, D., Lee, J., Jeong, K., Kim, H., Kim, J., Chee, S. HIGHT: A new block cipher suitable for low-resource device. Intern. Workshop on Cryptographic Hardware and Embedded Systems. Berlin, Heidelberg: Springer; 2006:46–59.
[5] Hong, D., Lee, J. K., Kim, D. C., Kwon, D., Ryu, K. H., Lee, D. G. LEA: A 128-bit block cipher for fast encryption on common processors. Intern. Workshop on Information Security Applications. Cham: Springer; 2013:3–27.
[6] Kunzli, S., Meier, W. Distinguishing attack on MAG. Available at: http://www.ecrypt.eu.org/stream/papersdir/053.pdf (accessed 25.10.2017).
[7] Dinur, I. Improved differential cryptanalysis of round-reduced speck. International Workshop on Selected Areas in Cryptography. Cham: Springer; 2014:147-164.
[8] Qiao, K., Hu, L., Sun, S. Differential analysis on simeck and simon with dynamic key-guessing techniques. International Conference on Information Systems Security and Privacy. Cham: Springer; 2016:64-85.
[9] Qin, L., Chen, H., Wang, X. Linear hull attack on round-reduced simeck with dynamic keyguessing techniques. Australasian Conference on Information Security and Privacy. Cham: Springer; 2016: 409-424.
[10] Doran, R. W. The Gray Code. Journal of Universal Computer Science. 2007; 13(11):1573–1597.
[11] Ryabko, B. Pestunov, A. “Book Stack” as a New Statistical Test for Random Numbers. Problems of Information Transmission. 2004; 40(1):66-71.
[12] Ryabko, B., Fionov, A. Basics of contemporary cryptography for IT practitioners. USA: World Scientific; 2005: 207.
[13] Ryabko, B., Monarev, V Using information theory approach to randomness testing. Journal of Statistical Planning and Inference. 2005; 133(1):95-110.
[14] Kendall, M. G., Styuart, A. Teoriya raspredeleniy [The advanced theory of statistics]. Moscow: Nauka; 1966; (V.1):1553. (In Russ.)
[15] Doroshenko, S., Ryabko B. The experimental distinguishing attack on RC4. Cryptology ePrint Archive: Report 2006/070. Available at: https://eprint.iacr.org/2006/070.pdf (accessed 25.10.2017).
[16] Lubkin, A., Ryabko, B. The distinguishing attack on ZK-Crypt cipher. eSTREAM, ECRYPT Stream Cipher Project, Report 2005/076. Available at: http://www.ecrypt.eu.org/stream/papersdir/076.pdf
[17] Forster E., Ronz B. Methoden der Korrelations—und Regressionsanalyse: ein Leitfaden fur Okonomen. Berlin: Verlag Die Wirtschaft; 2009: 144.
Bibliography link: Soskov A.S., Ryabko B.Y. The distinguishing attack on ARX-based lightweight block ciphers // Computational technologies. 2019. V. 24. ¹ 3. P. 106-116
|