Skip to main content
SpringerLink
Log in

Revamped Differential-Linear Cryptanalysis on Reduced Round ChaCha

  • Conference paper
  • First Online:
Advances in Cryptology – EUROCRYPT 2022 (EUROCRYPT 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13277))

Abstract

In this paper, we provide several improvements over the existing differential-linear attacks on ChaCha. ChaCha is a stream cipher which has 20 rounds. At CRYPTO 2020, Beierle et al. observed a differential in the 3.5-th round if the right pairs are chosen. They produced an improved attack using this, but showed that to achieve a right pair, we need \(2^5\) iterations on average. In this direction, we provide a technique to find the right pairs with the help of listing. Also, we provide a strategical improvement in PNB construction, modification of complexity calculation and an alternative attack method using two input-output pairs. Using these, we improve the time complexity, reducing it to \(2^{221.95}\) from \(2^{230.86}\) reported by Beierle et al. for 256 bit version of ChaCha. Also, after a decade, we improve existing complexity (Shi et al. ICISC 2012) for a 6-round of 128 bit version of ChaCha by more than 11 million times and produce the first-ever attack on 6.5-round ChaCha128 with time complexity \(2^{123.04}.\)

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 139.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 179.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aumasson, J.-P., Fischer, S., Khazaei, S., Meier, W., Rechberger, C.: New features of Latin dances: analysis of Salsa, ChaCha, and Rumba. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 470–488. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-71039-4_30

    Chapter  Google Scholar 

  2. Beierle, C., Leander, G., Todo, Y.: Improved differential-linear attacks with applications to ARX ciphers. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12172, pp. 329–358. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56877-1_12

    Chapter  Google Scholar 

  3. Bernstein, D.J.: Salsa20. Technical report 2005/025, eSTREAM, ECRYPT Stream Cipher Project (2005). https://www.ecrypt.eu.org/stream/papers.html

  4. Bernstein, D.J.: ChaCha, a variant of Salsa20 (2008). http://cr.yp.to/chacha.html

  5. Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. In: Menezes, A.J., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-38424-3_1

    Chapter  Google Scholar 

  6. Choudhuri, A.R., Maitra, S.: Significantly improved multi-bit differentials for reduced round Salsa and ChaCha. IACR Trans. Symmetric Cryptol. 2016(2), 261–287 (2016). https://doi.org/10.13154/tosc.v2016.i2.261-287

  7. Crowley, P.: Truncated differential cryptanalysis of five rounds of Salsa20. In: SASC 2006 - Stream Ciphers Revisited (2006). http://eprint.iacr.org/2005/375

  8. Coutinho, M., Neto, T. C. S.: New multi-bit differentials to improve attacks against chacha. IACR Cryptol. ePrint Arch. 2020, 350 (2020). https://eprint.iacr.org/2020/350

  9. Coutinho, M., Souza Neto, T.C.: Improved linear approximations to ARX ciphers and attacks against ChaCha. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12696, pp. 711–740. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77870-5_25

    Chapter  Google Scholar 

  10. Dey, S., Sarkar, S.: Improved analysis for reduced round Salsa and Chacha. Discr. Appl. Math. 227, 58–69 (2017). https://doi.org/10.1016/j.dam.2017.04.034

  11. Dey, S., Dey, C., Sarkar, S., Meier, W.: Revisiting cryptanalysis on ChaCha from CRYPTO 2020 and Eurocrypt 2021. https://eprint.iacr.org/2021/1059.pdf

  12. Dey, S., Sarkar, S.: Proving the biases of Salsa and ChaCha in differential attack. Des. Codes Cryptogr. 88(9), 1827–1856 (2020). https://doi.org/10.1007/s10623-020-00736-9

    Article  MathSciNet  MATH  Google Scholar 

  13. ECRYPT: eSTREAM, the ECRYPT Stream Cipher Project. See https://www.ecrypt.eu.org/stream/

  14. Fischer, S., Meier, W., Berbain, C., Biasse, J.-F., Robshaw, M.J.B.: Non-randomness in eSTREAM candidates Salsa20 and TSC-4. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 2–16. Springer, Heidelberg (2006). https://doi.org/10.1007/11941378_2

    Chapter  MATH  Google Scholar 

  15. Langford, S.K., Hellman, M.E.: Differential-linear cryptanalysis. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 17–25. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48658-5_3

    Chapter  Google Scholar 

  16. Lipmaa, H., Moriai, S.: Efficient algorithms for computing differential properties of addition. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 336–350. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45473-X_28

    Chapter  Google Scholar 

  17. Maitra, S.: Chosen IV Cryptanalysis on reduced round ChaCha and Salsa. Disc. Appl. Math. 208, 88–97 (2016). https://doi.org/10.1016/j.dam.2016.02.020

  18. Matsui, M., Yamagishi, A.: A new method for known plaintext attack of FEAL cipher. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 81–91. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-47555-9_7

    Chapter  Google Scholar 

  19. Miyano, H.: Addend dependency of differential/linear probability of addition. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 81(1), 106–109 (1998). https://search.ieice.org/bin/summary.php?id=e81-a_1_106

  20. Shi, Z., Zhang, B., Feng, D., Wu, W.: Improved key recovery attacks on reduced-round Salsa20 and ChaCha. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 337–351. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37682-5_24

    Chapter  Google Scholar 

  21. Shimizu, A., Miyaguchi, S.: Fast data encipherment algorithm FEAL. In: Chaum, D., Price, W.L. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 267–278. Springer, Heidelberg (1988). https://doi.org/10.1007/3-540-39118-5_24

    Chapter  Google Scholar 

  22. Siegenthaler, T.: Decrypting a class of stream ciphers using ciphertext only. IEEE Trans. Comput. 34(1), 81–85 (1985). https://doi.org/10.1109/TC.1985.1676518

  23. Wallén, J.: Linear approximations of addition modulo 2n. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 261–273. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-39887-5_20

    Chapter  Google Scholar 

  24. https://ianix.com/pub/chacha-deployment.html

  25. https://varindia.com/news/for-the-entry-level-smartphones-google-announced-a-new-encryption-solution-adiantum

Download references

Acknowledgement

We are very grateful to Dmitry Khovratovich and EUROCRYPT 2022 reviewers for their detailed comments and helpful suggestions.

Author information

Authors and Affiliations

  1. Department of Mathematics, Birla Institute of Technology and Science Pilani, Hyderabad, Jawahar Nagar, Hyderabad, 500078, India

    Sabyasachi Dey, Hirendra Kumar Garai & Nitin Kumar Sharma

  2. Department of Mathematics, Indian Institute of Technology Madras, Chennai, India

    Santanu Sarkar

Authors
  1. Sabyasachi Dey
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hirendra Kumar Garai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Santanu Sarkar
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Nitin Kumar Sharma
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Santanu Sarkar .

Editor information

Editors and Affiliations

  1. University of Haifa, Haifa, Haifa, Israel

    Orr Dunkelman

  2. University of Warsaw, Warsaw, Poland

    Stefan Dziembowski

Rights and permissions

Reprints and permissions

Copyright information

© 2022 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Dey, S., Garai, H.K., Sarkar, S., Sharma, N.K. (2022). Revamped Differential-Linear Cryptanalysis on Reduced Round ChaCha. In: Dunkelman, O., Dziembowski, S. (eds) Advances in Cryptology – EUROCRYPT 2022. EUROCRYPT 2022. Lecture Notes in Computer Science, vol 13277. Springer, Cham. https://doi.org/10.1007/978-3-031-07082-2_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-07082-2_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-07081-5

  • Online ISBN: 978-3-031-07082-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation