Skip to main content
SpringerLink
Log in

MILP Based Differential Attack on Round Reduced WARP

  • Conference paper
  • First Online:
Security, Privacy, and Applied Cryptography Engineering (SPACE 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13162))

Abstract

WARP is a 128-bit lightweight block cipher presented by S. Banik et al. at SAC 2020. It is based on 32-nibble type-2 Generalised Feistel Network (GFN) structure and uses a permutation over nibbles to optimize the security and efficiency. The designers provided a lower bound on the number of active S-boxes but they did not provide the differential characteristics against these bounds. In this paper, we model the MILP problem for WARP and present the 18-round and 19-round differential characteristics with the probability of \(2^{-122}\) and \(2^{-132}\) respectively. We also present a key recovery attack on 21 rounds with the data complexity of \(2^{113}\) chosen plaintexts. To the best of our knowledge, this is the first key recovery attack against 21-round WARP using differential cryptanalysis.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Source code is available at https://github.com/tarunyadav/WARP-MILP.

  2. 2.

    https://github.com/tarunyadav/WARP-MILP.

  3. 3.

    In this calculation, we consider a pair (a, b) same as (b, a).

References

  1. Abdelkhalek, A., Sasaki, Y., Todo, Y., Tolba, M., Youssef, A.M.: MILP modeling for (large) S-boxes to optimize probability of differential characteristics. IACR Trans. Symmetr. Cryptol. 2017(4), 99–129 (2017). https://doi.org/10.13154/tosc.v2017.i4.99-129. ISSN 2519-173X

    Article  Google Scholar 

  2. Banik, S., et al.: WARP: revisiting GFN for lightweight 128-bit block cipher. In: Dunkelman, O., Jacobson, Jr., M.J., O’Flynn, C. (eds.) SAC 2020. LNCS, vol. 12804, pp. 535–564. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-81652-0_21

    Chapter  Google Scholar 

  3. Biham, E., Shamir, A.: Differential cryptanalysis of the full 16-round DES. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 487–496. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_34

    Chapter  Google Scholar 

  4. Bogdanov, A., et al.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_31

    Chapter  Google Scholar 

  5. CPLEX. https://www.ibm.com/analytics/cplex-optimizer

  6. Daemen, J., Rijmen, V.: The Design of Rijndael. Springer, Heidelberg (2002). https://doi.org/10.1007/978-3-662-04722-4

    Book  MATH  Google Scholar 

  7. Gohr, A.: Improving attacks on round-reduced Speck32/64 using deep learning. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11693, pp. 150–179. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26951-7_6

    Chapter  Google Scholar 

  8. Gurobi Optimizer. http://www.gurobi.com

  9. Knudsen, L., Robshaw, M.J.B.: Block Cipher Companion. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-17342-4. ISBN 978-3-642-17341-7

  10. Kumar, M., Suresh, T.S., Pal, S.K., Panigrahi, A.: Optimal Differential Trails in Lightweight Block Ciphers ANU and PICO. Cryptologia 44(1), 68–78 (2020)

    Article  Google Scholar 

  11. Logic Friday. http://sontrak.com/

  12. Matsui, M.: On correlation between the order of S-boxes and the strength of DES. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 366–375. Springer, Heidelberg (1995). https://doi.org/10.1007/BFb0053451

    Chapter  Google Scholar 

  13. Mouha, N., Wang, Q., Gu, D., Preneel, B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Wu, C.-K., Yung, M., Lin, D. (eds.) Inscrypt 2011. LNCS, vol. 7537, pp. 57–76. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34704-7_5

    Chapter  MATH  Google Scholar 

  14. National Institute of Standards and Technology: Lightweight Cryptography, Finalists, NIST (2021)

    Google Scholar 

  15. SAGE. http://www.sagemath.org/index.html

  16. Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., Song, L.: Automatic security evaluation and (related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part I. LNCS, vol. 8873, pp. 158–178. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45611-8_9

    Chapter  Google Scholar 

  17. Sun, S., et al.: Towards finding the best characteristics of some bit-oriented block ciphers and automatic enumeration of (related-key) differential and linear characteristics with predefined properties. Cryptology ePrint Archive, Report 2014/747 (2014)

    Google Scholar 

  18. Sasaki, Yu., Todo, Y.: New impossible differential search tool from design and cryptanalysis aspects. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017, Part III. LNCS, vol. 10212, pp. 185–215. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-56617-7_7

    Chapter  Google Scholar 

  19. Sasaki, Yu., Todo, Y.: New algorithm for modeling S-box in MILP based differential and division trail search. In: Farshim, P., Simion, E. (eds.) SecITC 2017. LNCS, vol. 10543, pp. 150–165. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-69284-5_11

    Chapter  Google Scholar 

  20. Yadav, T., Kumar, M.: Differential-ML distinguisher: machine learning based generic extension for differential cryptanalysis. In: Longa, P., Ràfols, C. (eds.) LATINCRYPT 2021. LNCS, vol. 12912, pp. 191–212. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-88238-9_10

    Chapter  Google Scholar 

  21. Zhu, B., Dong, X., Yu, H.: MILP-based differential attack on round-reduced GIFT. In: Matsui, M. (ed.) CT-RSA 2019. LNCS, vol. 11405, pp. 372–390. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-12612-4_19

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Scientific Analysis Group, DRDO, Metcalfe House Complex, Delhi, 110054, India

    Manoj Kumar & Tarun Yadav

Authors
  1. Manoj Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tarun Yadav
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tarun Yadav .

Editor information

Editors and Affiliations

  1. Radboud University, Nijmegen, The Netherlands

    Lejla Batina

  2. TU Delft, Delft, The Netherlands

    Stjepan Picek

  3. Indian Institute of Technology Kharagpur, Kharagpur, India

    Mainack Mondal

Appendix

Appendix

1.1 A Differential Characteristics (108) of 18-Round WARP with Probability of \(2^{-122}\)

No.

Input difference

Output difference

1

0x000af000faf000000a0000005f500050

0x00005000000a00070000000da7000dd0

2

0x00055000a75000000a000000aad00070

0x0000a000000f00050000000afd000aa0

3

0x000da000a5a000000a000000a5a00070

0x0000a000000f000f0000000fad0005a0

4

0x0005a000a5a0000005000000aa7000a0

0x00005000000a000a0000000a55000aa0

5

0x000aa000aa50000005000000aaa00050

0x00005000000a000a0000000aaf000ff0

6

0x000aa000aa5000000a000000daf00050

0x0000a000000a000500000005a5000da0

7

0x000ad000fa5000000a0000005ad000a0

0x0000a000000f000a0000000af7000a50

8

0x000aa000a5d000000a000000faa000d0

0x0000a000000f00050000000ff5000da0

9

0x0005a000aa70000005000000a55000a0

0x0000a0000005000a0000000faf000af0

10

0x000da000a5f00000050000007aa00070

0x0000a0000005000a000000057a000ff0

11

0x000da000a5a000000a000000a5a00070

0x0000a000000500050000000daf0005a0

12

0x0005a0005fa000000a000000adf000a0

0x0000a000000500050000000d750005a0

13

0x0005d000faa000000a000000aad00070

0x0000a000000a00050000000da5000aa0

14

0x0005a000ad50000005000000aa7000a0

0x0000a000000a000d0000000aaf000af0

15

0x000da000f5d000000a000000aaa00070

0x00005000000a00070000000dad000da0

16

0x0005f0007ad000000d000000aa5000a0

0x0000d000000a00070000000aa5000aa0

17

0x0005a000757000000d000000a57000a0

0x0000a000000a00050000000faf000da0

18

0x000aa000aaa000000a0000005a5000f0

0x0000a0000005000500000005aa000da0

19

0x0007d000a7a000000a000000dad00050

0x0000a000000a000a00000007da000aa0

20

0x000aa0005a5000000a000000aa5000f0

0x0000a000000a000500000005ad0005a0

21

0x000da000a5a000000d000000aaa000a0

0x0000a000000f00050000000ffa000ad0

22

0x000aa000a57000000d000000a5a000f0

0x0000a000000f000a00000005aa000da0

23

0x0005a000ad7000000d000000ad7000a0

0x000070000005000d0000000faa000da0

24

0x000aa000555000000a000000daa000a0

0x0000a000000d000500000005aa000ad0

25

0x000da000a5a000000a000000ada000a0

0x0000a000000f000500000005a5000aa0

26

0x000aa000aa7000000a000000dd500050

0x0000a000000d00050000000fad000aa0

27

0x000aa0007d70000005000000a5a00050

0x0000a000000a000f0000000da5000aa0

28

0x0005a000757000000d000000a5a000a0

0x0000a000000a000a00000005ad000aa0

29

0x000aa000aa70000005000000ad5000a0

0x0000f000000a000f00000007dd0005a0

30

0x0005a000daa000000a000000a55000a0

0x0000a000000f000d0000000daf000af0

31

0x000aa000dda000000a000000aa700050

0x0000a000000d000a0000000d7f000af0

32

0x000aa000a5a000000a000000daa000f0

0x0000a000000f00050000000fff000af0

33

0x000af0005aa000000a0000005a500050

0x0000a000000d000500000005a7000a50

34

0x000da000755000000d0000007aa00070

0x0000a0000005000f0000000aad000aa0

35

0x000aa000ada0000005000000aa700050

0x0000a000000a00050000000dad000aa0

36

0x0005a000ad50000005000000aaa000a0

0x0000a0000005000d0000000aaf000ff0

37

0x0005a0007da000000d000000ad7000a0

0x0000a000000f000a0000000aad000da0

38

0x000aa000aa70000005000000add00050

0x0000a0000005000500000005aa000aa0

39

0x000aa0007df0000005000000af7000a0

0x0000f000000f000a00000005aa000aa0

40

0x000aa000adf000000a0000005a700050

0x0000a000000a00050000000a5a000aa0

41

0x000aa000aaa000000a0000005f500050

0x0000a000000a000f00000005a50005a0

42

0x0007a000d5a00000070000005a700050

0x000050000007000a00000007dd000aa0

43

0x000aa000fa7000000a000000ddd00050

0x0000a000000a000500000005aa0005a0

44

0x000da0005aa000000a000000aa500070

0x0000a000000f000500000005aa000aa0

45

0x000a5000da5000000a000000aa500050

0x0000a0000005000d0000000fa7000ad0

46

0x000aa0005a7000000a0000005d500050

0x0000700000050005000000057f000af0

47

0x000aa000d5f000000a0000005aa00050

0x0000a000000f000500000005af000aa0

48

0x000aa000ada000000f000000f5a00050

0x0000f000000f000a0000000afd000aa0

49

0x000aa0005aa000000a000000a5a00050

0x0000a0000005000a0000000d7f000aa0

50

0x0005a000a5a000000d000000ada000a0

0x0000a0000005000d0000000d7d000d70

51

0x0005a000aa5000000f000000aad000a0

0x0000a000000a000a0000000daa000a50

52

0x000ad000da5000000a0000005aa00050

0x0000a000000a000a0000000af7000ad0

53

0x000da000a5f00000050000007a700070

0x0000a000000f000a00000005af000af0

54

0x000aa00055a000000a0000005a700050

0x0000a000000f000d0000000ff5000da0

55

0x000aa000aa5000000f000000fad000a0

0x0000f000000a000f0000000a55000aa0

56

0x000fa000a570000005000000ad7000f0

0x0000d000000a00070000000a57000a50

57

0x0005a000aff000000a000000aaa000a0

0x0000a000000d000f0000000d75000aa0

58

0x000aa000a550000005000000aaa000d0

0x0000a000000a000d0000000ad50005a0

59

0x0005a000a57000000a000000ad7000a0

0x0000a0000005000f0000000d77000ad0

60

0x0005a0005aa000000a000000aa5000a0

0x0000a000000d000a0000000d77000ad0

61

0x0005a000a5a000000f000000afa000a0

0x0000a0000005000d0000000daa000fd0

62

0x0005a00075a000000d000000aaa000a0

0x0000a000000500050000000fa70005d0

63

0x000aa000a5d000000a0000005aa00050

0x0000a000000d000d0000000d7a000a50

64

0x000aa000d5d0000007000000daa00050

0x0000f000000a000a0000000aaa000a50

65

0x000fa000aa7000000d000000ada000f0

0x0000a0000005000d00000005ad0005a0

66

0x000aa000f57000000a0000005da00050

0x0000d000000a00070000000755000fa0

67

0x000dd000aaa000000a000000aaa000a0

0x0000a000000f000d0000000daa000a50

68

0x000a5000a7a000000d000000aad000f0

0x00005000000a000a0000000aaa000a50

69

0x0005a000a570000005000000ada000a0

0x0000a000000500050000000faf000aa0

70

0x000aa000ffa000000a000000d5f00050

0x00005000000a000a0000000a5a000a50

71

0x000a5000aa5000000a000000da500050

0x0000f000000f000a0000000da7000ad0

72

0x0005a000f5a000000a000000a5a000a0

0x0000a000000a00050000000a5a000a50

73

0x0005a000ad5000000a000000aa7000a0

0x0000a000000f000d00000005aa000aa0

74

0x000aa00055a000000a000000dda00050

0x00005000000a00070000000add000aa0

75

0x000aa000a57000000a0000005da00050

0x0000a0000005000f00000005af000af0

76

0x000aa000d57000000a000000a5a000a0

0x0000a000000a000f00000005a7000f50

77

0x0005f000afa0000005000000aff000a0

0x00005000000a000a00000005aa000ad0

78

0x000aa000aaa000000a000000d5a00050

0x0000a00000050005000000057a000aa0

79

0x000aa000aa5000000f000000fa500050

0x0000a0000005000d0000000faf000af0

80

0x000aa00055a000000a0000005da00050

0x0000f000000f000a0000000daa0005d0

81

0x000aa000ad7000000d000000ad700050

0x000070000005000d0000000d7a0005a0

82

0x000aa0007aa0000005000000a5500050

0x0000a000000f000f00000005aa000da0

83

0x000aa000aaa000000a0000005a500050

0x0000a000000a000a0000000daa000ad0

84

0x000aa000d5a000000a000000daa000f0

0x0000d000000a00070000000ad7000a50

85

0x000aa0005aa000000a000000d5500050

0x0000a0000005000500000005ad000fa0

86

0x000aa0005aa000000a000000d5500050

0x0000a000000f000a0000000aaf0005a0

87

0x0005a000aaa0000005000000a55000a0

0x0000a0000005000a00000005af000aa0

88

0x000aa000ada000000d000000a57000d0

0x0000a0000005000f00000005aa000da0

89

0x0005a000aaa0000005000000a5d000a0

0x0000a000000a00050000000a5a000aa0

90

0x000aa000dd5000000a000000daa000d0

0x0000f000000a000a00000005ad000aa0

91

0x000aa000a5a000000a000000aaa00050

0x0000a000000a000f00000007d5000aa0

92

0x000aa0005f7000000a00000055a00050

0x0000a000000500050000000d77000fd0

93

0x0007a000dff000000a000000daa000d0

0x0000a0000005000d0000000aa7000a50

94

0x000aa000dda000000a000000fa700050

0x0000a000000a000a0000000fa5000da0

95

0x000ad000aa50000005000000aa500050

0x0000a000000a00050000000a5d0005a0

96

0x0005a0007d700000050000007d7000a0

0x0000a0000005000a00000005a50005a0

97

0x000aa000ad5000000a0000005aa00050

0x0000a000000a000a0000000a5a000aa0

98

0x000df000aaf000000d000000afd00070

0x0000a000000500050000000d75000aa0

99

0x000aa000a57000000a000000dda00050

0x0000a000000a000a0000000ada000af0

100

0x0005a000a57000000d000000a5a00070

0x00005000000a000a0000000a5a000aa0

101

0x000da000a5a000000a000000afa000a0

0x0000a0000005000f00000005ad000aa0

102

0x000a500057a000000a000000aad000a0

0x0000a000000a000f0000000aa5000aa0

103

0x00055000aaa000000d0000007af000a0

0x0000a000000a00050000000a55000fa0

104

0x0005f000aaf000000a000000af5000a0

0x0000a0000005000d0000000faa000aa0

105

0x0005a000a5f000000a000000afa000a0

0x00005000000a000a00000007da000aa0

106

0x000aa000aaa000000a00000055500050

0x0000a000000a000a0000000a55000aa0

107

0x0005a00075a000000d000000ada000a0

0x0000a000000f00050000000af5000aa0

108

0x000aa000a5a000000a0000005aa00050

0x0000a000000a00050000000755000aa0

Rights and permissions

Reprints and permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kumar, M., Yadav, T. (2022). MILP Based Differential Attack on Round Reduced WARP. In: Batina, L., Picek, S., Mondal, M. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2021. Lecture Notes in Computer Science(), vol 13162. Springer, Cham. https://doi.org/10.1007/978-3-030-95085-9_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-95085-9_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-95084-2

  • Online ISBN: 978-3-030-95085-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation