Skip to main content
Springer Nature Link
Log in

Improved Attacks on GIFT-64

  • Conference paper
  • First Online:
Selected Areas in Cryptography (SAC 2021)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13203))

Included in the following conference series:

Abstract

One of the well-known superiorities of GIFT-64 over PRESENT lies in the correction of the strong linear hull effect. However, apart from the investigation of the 9-round linear hull effect in the design document, we find no linear attack result on GIFT-64. Although we do not doubt the security of GIFT-64 regarding the linear cryptanalysis, the actual resistance of the cipher to the linear attack should be evaluated since it promotes a comprehensive perception of the soundness of GIFT-64. Motivated by this observation, we implement an automatic search and find a 12-round linear distinguisher whose dominating trail is an optimal linear characteristic. Following that, the first 19-round linear attack is launched by utilising the newly identified distinguisher. On the other side, we notice that the previous differential attack of GIFT-64 covering 20 rounds claims the entire codebook. To reduce the data complexity of the 20-round attack, we apply the automatic method to exhaustively check 13-round differential trails with probabilities no less than \(2^{-64}\) and identify multiple 13-round differentials facilitating 20-round attacks without using the full codebook. One of the candidate differentials with the maximum probability and the minimum number of guessed subkey bits is then employed to realise the first 20-round differential attack without relying on the complete codebook. Given the newly obtained results, we conjecture that the resistances of GIFT-64 against differential and linear attacks do not have a significant gap. Also, we note that the attack results in this paper are far from threatening the security of GIFT-64.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://csrc.nist.gov/projects/lightweight-cryptography.

  2. 2.

    \(\mathbb {R}\) stands for the rational number field.

References

  1. Ankele, R., Kölbl, S.: Mind the gap - a closer look at the security of block ciphers against differential cryptanalysis. In: Selected Areas in Cryptography - SAC 2018 - 25th International Conference, Calgary, AB, Canada, 15–17 August 2018, Revised Selected Papers, pp. 163–190. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-10970-7_8

  2. Banik, S., et al.: SUNDAE-GIFT. Submission to Round 1 (2019)

    Google Scholar 

  3. Banik, S., et al.: GIFT-COFB. IACR Cryptol. ePrint Arch. 2020, 738 (2020). https://eprint.iacr.org/2020/738

  4. Banik, S., Pandey, S.K., Peyrin, T., Sasaki, Yu., Sim, S.M., Todo, Y.: GIFT: a small present. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 321–345. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_16

    Chapter  Google Scholar 

  5. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. IACR Cryptol. ePrint Arch. 2013, 404 (2013)

    MATH  Google Scholar 

  6. Beierle, C., et al.: The SKINNY family of block ciphers and its low-latency variant MANTIS. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 123–153. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53008-5_5

    Chapter  Google Scholar 

  7. Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. In: Menezes, A.J., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-38424-3_1

    Chapter  Google Scholar 

  8. Blondeau, C., Gérard, B., Tillich, J.: Accurate estimates of the data complexity and success probability for various cryptanalyses. Des. Codes Cryptogr. 59(1–3), 3–34 (2011). https://doi.org/10.1007/s10623-010-9452-2

    Article  MathSciNet  MATH  Google Scholar 

  9. Blondeau, C., Nyberg, K.: Joint data and key distribution of simple, multiple, and multidimensional linear cryptanalysis test statistic and its impact to data complexity. Des. Codes Cryptogr. 82(1), 319–349 (2016). https://doi.org/10.1007/s10623-016-0268-6

    Article  MathSciNet  MATH  Google Scholar 

  10. Bogdanov, A., et al.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74735-2_31

    Chapter  Google Scholar 

  11. Chakraborti, A., Datta, N., Jha, A., Lopez, C.M., Nandi, M., Sasaki, Y.: LOTUS-AEAD and LOCUS-AEAD. Submission to the NIST Lightweight Cryptography project (2019)

    Google Scholar 

  12. Chakraborti, A., Datta, N., Jha, A., Nandi, M.: HYENA. Submission to the NIST Lightweight Cryptography project (2019)

    Google Scholar 

  13. Chen, H., Zong, R., Dong, X.: Improved differential attacks on GIFT-64. In: Zhou, J., Luo, X., Shen, Q., Xu, Z. (eds.) ICICS 2019. LNCS, vol. 11999, pp. 447–462. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-41579-2_26

    Chapter  Google Scholar 

  14. Cho, J.Y.: Linear cryptanalysis of reduced-round PRESENT. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 302–317. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-11925-5_21

    Chapter  Google Scholar 

  15. Cook, S.A.: The complexity of theorem-proving procedures. In: Proceedings of the 3rd Annual ACM Symposium on Theory of Computing, Shaker Heights, Ohio, USA, 3–5 May 1971, pp. 151–158 (1971). https://doi.org/10.1145/800157.805047

  16. Ji, F., Zhang, W., Zhou, C., Ding, T.: Improved (related-key) differential cryptanalysis on GIFT. In: Dunkelman, O., Jacobson, Jr., M.J., O’Flynn, C. (eds.) SAC 2020. LNCS, vol. 12804, pp. 198–228. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-81652-0_8

    Chapter  Google Scholar 

  17. Kölbl, S., Leander, G., Tiessen, T.: Observations on the SIMON block cipher family. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 161–185. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47989-6_8

    Chapter  Google Scholar 

  18. Lai, X., Massey, J.L., Murphy, S.: Markov ciphers and differential cryptanalysis. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 17–38. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-46416-6_2

    Chapter  Google Scholar 

  19. Liu, Y., Sasaki, Yu.: Related-key boomerang attacks on GIFT with automated trail search including BCT effect. In: Jang-Jaccard, J., Guo, F. (eds.) ACISP 2019. LNCS, vol. 11547, pp. 555–572. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-21548-4_30

    Chapter  Google Scholar 

  20. Liu, Y., Wang, Q., Rijmen, V.: Automatic search of linear trails in ARX with applications to SPECK and Chaskey. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 485–499. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39555-5_26

    Chapter  Google Scholar 

  21. Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_33

    Chapter  Google Scholar 

  22. Rickmann, S.: Logic Friday (version 1.1. 3) [bibcomputer software] (2011)

    Google Scholar 

  23. Sasaki, Yu.: Integer linear programming for three-subset meet-in-the-middle attacks: application to GIFT. In: Inomata, A., Yasuda, K. (eds.) IWSEC 2018. LNCS, vol. 11049, pp. 227–243. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-97916-8_15

    Chapter  Google Scholar 

  24. Selçuk, A.A.: on probability of success in linear and differential cryptanalysis. J. Cryptol. 21(1), 131–147 (2007). https://doi.org/10.1007/s00145-007-9013-7

    Article  MathSciNet  MATH  Google Scholar 

  25. Sinz, C.: Towards an optimal CNF encoding of Boolean cardinality constraints. In: van Beek, P. (ed.) CP 2005. LNCS, vol. 3709, pp. 827–831. Springer, Heidelberg (2005). https://doi.org/10.1007/11564751_73

    Chapter  MATH  Google Scholar 

  26. Soleimany, H., Nyberg, K.: Zero-correlation linear cryptanalysis of reduced-round LBlock. Des. Codes Cryptogr. 73(2), 683–698 (2014). https://doi.org/10.1007/s10623-014-9976-y

    Article  MathSciNet  MATH  Google Scholar 

  27. Song, L., Huang, Z., Yang, Q.: Automatic differential analysis of ARX block ciphers with application to SPECK and LEA. In: Liu, J.K., Steinfeld, R. (eds.) ACISP 2016. LNCS, vol. 9723, pp. 379–394. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40367-0_24

    Chapter  Google Scholar 

  28. Soos, M., Nohl, K., Castelluccia, C.: Extending SAT solvers to cryptographic problems. In: Kullmann, O. (ed.) SAT 2009. LNCS, vol. 5584, pp. 244–257. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02777-2_24

    Chapter  Google Scholar 

  29. Sun, L., Wang, W., Wang, M.: More accurate differential properties of LED64 and Midori64. IACR Trans. Symmetric Cryptol. 2018(3), 93–123 (2018). https://doi.org/10.13154/tosc.v2018.i3.93-123

  30. Sun, L., Wang, W., Wang, M.: Accelerating the search of differential and linear characteristics with the SAT method. IACR Trans. Symmetric Cryptol. 2021(1), 269–315 (2021). https://doi.org/10.46586/tosc.v2021.i1.269-315

  31. Sun, L., Wang, W., Wang, M.: Improved attacks on GIFT-64. IACR Cryptol. ePrint Arch., 1179 (2021). https://eprint.iacr.org/2021/1179

  32. Zhu, B., Dong, X., Yu, H.: MILP-based differential attack on round-reduced GIFT. In: Matsui, M. (ed.) CT-RSA 2019. LNCS, vol. 11405, pp. 372–390. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-12612-4_19

    Chapter  Google Scholar 

Download references

Acknowledgements

The authors would like to thank the shepherd Kalikinkar Mandal and the anonymous reviewers for their valuable comments and suggestions to improve the quality of the paper. The authors also would like to thank Yong Fu for the kind discussion. The research leading to these results has received funding from the National Natural Science Foundation of China (Grant No. 62002201, Grant No. 62032014), the National Key Research and Development Program of China (Grant No. 2018YFA0704702), the Major Scientific and Technological Innovation Project of Shandong Province, China (Grant No. 2019JZZY010133), the Major Basic Research Project of Natural Science Foundation of Shandong Province, China (Grant No. ZR202010220025), and the Qingdao Postdoctor Application Research Project (Grant No. 61580070311101).

Author information

Authors and Affiliations

  1. Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China

    Ling Sun, Wei Wang & Meiqin Wang

  2. State Key Laboratory of Cryptology, P. O. Box 5159, Beijing, 100878, China

    Ling Sun

  3. School of Cyber Science and Technology, Shandong University, Qingdao, China

    Ling Sun, Wei Wang & Meiqin Wang

Authors
  1. Ling Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wei Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Meiqin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Meiqin Wang .

Editor information

Editors and Affiliations

  1. University of Victoria, Victoria, BC, Canada

    Riham AlTawy

  2. Eindhoven University of Technology, Eindhoven, The Netherlands

    Andreas HĂĽlsing

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Sun, L., Wang, W., Wang, M. (2022). Improved Attacks on GIFT-64. In: AlTawy, R., HĂĽlsing, A. (eds) Selected Areas in Cryptography. SAC 2021. Lecture Notes in Computer Science, vol 13203. Springer, Cham. https://doi.org/10.1007/978-3-030-99277-4_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-99277-4_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-99276-7

  • Online ISBN: 978-3-030-99277-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics