Abstract
In this paper, we provide several improvements over the existing differential-linear attacks on ChaCha. ChaCha is a stream cipher which has 20 rounds. At CRYPTO 2020, Beierle et al. observed a differential in the 3.5-th round if the right pairs are chosen. They produced an improved attack using this, but showed that to achieve a right pair, we need \(2^5\) iterations on average. In this direction, we provide a technique to find the right pairs with the help of listing. Also, we provide a strategical improvement in PNB construction, modification of complexity calculation and an alternative attack method using two input-output pairs. Using these, we improve the time complexity, reducing it to \(2^{221.95}\) from \(2^{230.86}\) reported by Beierle et al. for 256 bit version of ChaCha. Also, after a decade, we improve existing complexity (Shi et al. ICISC 2012) for a 6-round of 128 bit version of ChaCha by more than 11 million times and produce the first-ever attack on 6.5-round ChaCha128 with time complexity \(2^{123.04}.\)
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aumasson, J.-P., Fischer, S., Khazaei, S., Meier, W., Rechberger, C.: New features of Latin dances: analysis of Salsa, ChaCha, and Rumba. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 470–488. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-71039-4_30
Beierle, C., Leander, G., Todo, Y.: Improved differential-linear attacks with applications to ARX ciphers. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12172, pp. 329–358. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56877-1_12
Bernstein, D.J.: Salsa20. Technical report 2005/025, eSTREAM, ECRYPT Stream Cipher Project (2005). https://www.ecrypt.eu.org/stream/papers.html
Bernstein, D.J.: ChaCha, a variant of Salsa20 (2008). http://cr.yp.to/chacha.html
Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. In: Menezes, A.J., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991). https://doi.org/10.1007/3-540-38424-3_1
Choudhuri, A.R., Maitra, S.: Significantly improved multi-bit differentials for reduced round Salsa and ChaCha. IACR Trans. Symmetric Cryptol. 2016(2), 261–287 (2016). https://doi.org/10.13154/tosc.v2016.i2.261-287
Crowley, P.: Truncated differential cryptanalysis of five rounds of Salsa20. In: SASC 2006 - Stream Ciphers Revisited (2006). http://eprint.iacr.org/2005/375
Coutinho, M., Neto, T. C. S.: New multi-bit differentials to improve attacks against chacha. IACR Cryptol. ePrint Arch. 2020, 350 (2020). https://eprint.iacr.org/2020/350
Coutinho, M., Souza Neto, T.C.: Improved linear approximations to ARX ciphers and attacks against ChaCha. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12696, pp. 711–740. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77870-5_25
Dey, S., Sarkar, S.: Improved analysis for reduced round Salsa and Chacha. Discr. Appl. Math. 227, 58–69 (2017). https://doi.org/10.1016/j.dam.2017.04.034
Dey, S., Dey, C., Sarkar, S., Meier, W.: Revisiting cryptanalysis on ChaCha from CRYPTO 2020 and Eurocrypt 2021. https://eprint.iacr.org/2021/1059.pdf
Dey, S., Sarkar, S.: Proving the biases of Salsa and ChaCha in differential attack. Des. Codes Cryptogr. 88(9), 1827–1856 (2020). https://doi.org/10.1007/s10623-020-00736-9
ECRYPT: eSTREAM, the ECRYPT Stream Cipher Project. See https://www.ecrypt.eu.org/stream/
Fischer, S., Meier, W., Berbain, C., Biasse, J.-F., Robshaw, M.J.B.: Non-randomness in eSTREAM candidates Salsa20 and TSC-4. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 2–16. Springer, Heidelberg (2006). https://doi.org/10.1007/11941378_2
Langford, S.K., Hellman, M.E.: Differential-linear cryptanalysis. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 17–25. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48658-5_3
Lipmaa, H., Moriai, S.: Efficient algorithms for computing differential properties of addition. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 336–350. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45473-X_28
Maitra, S.: Chosen IV Cryptanalysis on reduced round ChaCha and Salsa. Disc. Appl. Math. 208, 88–97 (2016). https://doi.org/10.1016/j.dam.2016.02.020
Matsui, M., Yamagishi, A.: A new method for known plaintext attack of FEAL cipher. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 81–91. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-47555-9_7
Miyano, H.: Addend dependency of differential/linear probability of addition. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 81(1), 106–109 (1998). https://search.ieice.org/bin/summary.php?id=e81-a_1_106
Shi, Z., Zhang, B., Feng, D., Wu, W.: Improved key recovery attacks on reduced-round Salsa20 and ChaCha. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 337–351. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37682-5_24
Shimizu, A., Miyaguchi, S.: Fast data encipherment algorithm FEAL. In: Chaum, D., Price, W.L. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 267–278. Springer, Heidelberg (1988). https://doi.org/10.1007/3-540-39118-5_24
Siegenthaler, T.: Decrypting a class of stream ciphers using ciphertext only. IEEE Trans. Comput. 34(1), 81–85 (1985). https://doi.org/10.1109/TC.1985.1676518
Wallén, J.: Linear approximations of addition modulo 2n. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 261–273. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-39887-5_20
Acknowledgement
We are very grateful to Dmitry Khovratovich and EUROCRYPT 2022 reviewers for their detailed comments and helpful suggestions.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 International Association for Cryptologic Research
About this paper
Cite this paper
Dey, S., Garai, H.K., Sarkar, S., Sharma, N.K. (2022). Revamped Differential-Linear Cryptanalysis on Reduced Round ChaCha. In: Dunkelman, O., Dziembowski, S. (eds) Advances in Cryptology – EUROCRYPT 2022. EUROCRYPT 2022. Lecture Notes in Computer Science, vol 13277. Springer, Cham. https://doi.org/10.1007/978-3-031-07082-2_4
Download citation
DOI: https://doi.org/10.1007/978-3-031-07082-2_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-07081-5
Online ISBN: 978-3-031-07082-2
eBook Packages: Computer ScienceComputer Science (R0)