Abstract
Quite a lot of block ciphers proposed in recent years are families of ciphers that conveniently support multiple block lengths and key lengths. The essential security requirements for a family of block ciphers are: (1) Each cipher instance from family is secure; (2) Cipher instances do not endanger each other’s security, namely, by one or more cipher instances, other instances cannot be predicted. However, traditional cryptanalysis methods always assess the security of a special member of the family cipher, such as differential cryptanalysis, linear cryptanalysis, integral cryptanalysis. Related-cipher attacks focus on the security between cipher instances. This paper researches the security of Ballet-128 and ANT-128 against related-cipher attacks. Since their key schedules do not rely on the round number of encryption, we consider the related-cipher attack with equivalent keys by limiting the 256-bit key space. As a result, we recover the secret key of the full Ballet-128/128 with just one chosen plaintext pairs and one call of Ballet-128/128 and Ballet-128/256, which means Ballet-128 is insecure against related-cipher attack. For ANT-128, we show that there exist at most 6-round related-cipher distinguishers between ANT-128/128 and ANT-128/256, and launch a 9-round key-recovery attack on ANT-128/128 based on a 6-round related-cipher distinguisher with the time complexity about \(2^{60.9}\).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
De Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN—a family of small and efficient hardware-oriented block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04138-9_20
Beaulieu, R., Shors, D., Smith, J., et al.: The SIMON and SPECK lightweight block ciphers. In: Proceedings of the 52nd Annual Design Automation Conference, pp. 1–6. Association for Computing Machinery, New York (2015) . https://doi.org/10.1145/2744769.2747946
Yang, G., Zhu, B., Suder, V., Aagaard, M.D., Gong, G.: The Simeck family of lightweight block ciphers. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 307–329. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_16
Albrecht, M.R., Rechberger, C., Schneider, T., Tiessen, T., Zohner, M.: Ciphers for MPC and FHE. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 430–454. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_17
Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, New York (1993). https://doi.org/10.1007/978-1-4613-9314-6
Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_33
Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of skipjack reduced to 31 rounds using impossible differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_2
Knudsen, L., Wagner, D.: Integral cryptanalysis. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 112–127. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45661-9_9
Demirci, H., Selçuk, A.A.: A meet-in-the-middle attack on 8-round AES. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 116–126. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-71039-4_7
Biham, E.: New types of cryptanalytic attacks using related keys. J. Cryptol. 7(4), 229–246 (1994). https://doi.org/10.1007/BF00203965
Joan, D., Vincent, R.: The Design of Rijndael: AES: The Advanced Encryption Standard. Information Security and Cryptography, Springer, Heidelberg (2002). https://doi.org/10.1007/978-3-662-04722-4
Daemen, J., Knudsen, L., Rijmen, V.: The block cipher Square. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052343
Ferguson, N., et al.: Improved cryptanalysis of Rijndael. In: Goos, G., Hartmanis, J., van Leeuwen, J., Schneier, B. (eds.) FSE 2000. LNCS, vol. 1978, pp. 213–230. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44706-7_15
Mala, H., Dakhilalian, M., Rijmen, V., Modarres-Hashemi, M.: Improved impossible differential cryptanalysis of 7-round AES-128. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 282–291. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17401-8_20
Derbez, P., Fouque, P.-A.: Exhausting Demirci-Selçuk meet-in-the-middle attacks against reduced-round AES. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 541–560. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43933-3_28
Wu, H.: Related-cipher attacks. In: Deng, R., Bao, F., Zhou, J., Qing, S. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 447–455. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36159-6_38
Sung, J., Kim, J., Lee, C.: Differential related-cipher attacks on block ciphers with flexible number of rounds. Inf. Secur. Cryptol. 15(1), 77–86 (2005)
Shao, Z. Y., Ding, L.: Related-cipher attack on Salsa20. In: 4th International Conference on Computational and Information Sciences on Proceedings, pp. 1182–1185. IEEE, Piscataway (2012)
Ding, L.: Improved related-cipher attack on Salsa20 stream cipher. IEEE Access 7, 30197–30202 (2019)
Kohno, T.: Analysis of the WinZip encryption method. IACR Cryptology ePrint Archive, pp. 78(2004). https://eprint.iacr.org/2004/078
Cui, T.T., Wang, M.Q., et al.: Ballet: a software-friendly block cipher. J. Cryptolog. Res. 6(6), 704–712 (2019)
Chen, S.Y., Fan, Y.H., Fu, Y., et al.: On the design of ANT family block ciphers. J. Cryptolog. Res. 6(6), 748–759 (2019)
Notice of National Cryptgraphic Algorithm Design Competetion (in Chinese). https://www.cacrnet.org.cn/site/content/259.html. Accessed 9 Feb 2023
Mouha, N., Luykx, A.: Multi-key security: the even-mansour construction revisited. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 209–223. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47989-6_10
Wu, W.L., Zhang, L., Zheng, Y., et al.: The block cipher uBlock. J. Cryptolog. Res. 6(6), 690–703 (2019)
Acknowledgement
The authors would like to thank Dr Mir Ali Rezazadeh Baee and the anonymous reviewers for their detailed and very helpful comments and suggestions to improve this article. This work is supported by the National Natural Science Foundation of China (No. 62072445).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Mao, Y., Wu, W., Zheng, Y., Zhang, L. (2023). Related-Cipher Attacks: Applications to Ballet and ANT. In: Simpson, L., Rezazadeh Baee, M.A. (eds) Information Security and Privacy. ACISP 2023. Lecture Notes in Computer Science, vol 13915. Springer, Cham. https://doi.org/10.1007/978-3-031-35486-1_6
Download citation
DOI: https://doi.org/10.1007/978-3-031-35486-1_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-35485-4
Online ISBN: 978-3-031-35486-1
eBook Packages: Computer ScienceComputer Science (R0)