Skip to main content
SpringerLink
Log in

Probabilistic Related-Key Statistical Saturation Cryptanalysis

  • Conference paper
  • First Online:
Selected Areas in Cryptography – SAC 2023 (SAC 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14201))

Included in the following conference series:

  • 133 Accesses

Abstract

The related-key statistical saturation (RKSS) attack is a cryptanalysis method proposed by Li et al. at FSE 2019. It can be seen as the extension of previous statistical saturation attacks under the related-key setting. The attack takes advantage of a set of plaintexts with some bits fixed, while the other bits take all possible values, and considers the relation between the value distributions of a part of the ciphertext bits generated under related keys. Usually, RKSS distinguishers exploit the property that the value distribution stays invariant under the modification of the key. However, this property can only be deterministically verified if the plaintexts cover all possible values of a selection of bits. In this paper, we propose the probabilistic RKSS cryptanalysis which avoids iterating over all non-fixed plaintext bits by applying a statistical method on top of the original RKSS distinguisher. Compared to the RKSS attack, this newly proposed attack has a significantly lower data complexity and has the potential of attacking more rounds. As an illustration, for reduced-round Piccolo, we obtain the best key recovery attacks (considering both pre- and post-whitening keys) on both versions in terms of the number of rounds. Note that these attacks do not threaten the full-round security of Piccolo.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 79.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In our experimental verification, \(s=12\) and it is enough to ensure the validity of this hypothesis, as well as other assumptions used in this paper.

  2. 2.

    SmallSPN has a structure that is similar to Mini-AES, but they have a different number of rounds, S-box, linear matrix, and key schedule.

  3. 3.

    http://stp.github.io/.

References

  1. Ahangarkolaei, M.Z., Najarkolaei, S.R.H., Ahmadi, S., Aref, M.R.: Zero correlation linear attack on reduced round Piccolo-80. In: ISCISC 2016, pp. 66–71. IEEE (2016). https://doi.org/10.1109/ISCISC.2016.7736453

  2. Ashur, T., Dunkelman, O., Masalha, N.: Linear cryptanalysis reduced round of Piccolo-80. In: Dolev, S., Hendler, D., Lodha, S., Yung, M. (eds.) CSCML 2019. LNCS, vol. 11527, pp. 16–32. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-20951-3_2

    Chapter  Google Scholar 

  3. Avanzi, R.: The QARMA block cipher family. Almost MDS matrices over rings with zero divisors, nearly symmetric Even-Mansour constructions with non-involutory central rounds, and search heuristics for low-latency S-boxes. IACR Trans. Symmetric Cryptol. 2017(1), 4–44 (2017). https://doi.org/10.13154/tosc.v2017.i1.4-44

  4. Azimi, S.A., Ahmadian, Z., Mohajeri, J., Aref, M.R.: Impossible differential cryptanalysis of Piccolo lightweight block cipher. In: ISCISC 2014, pp. 89–94. IEEE (2014). https://doi.org/10.1109/ISCISC.2014.6994028

  5. Barrett, C.W., Sebastiani, R., Seshia, S.A., Tinelli, C.: Satisfiability modulo theories. In: Biere, A., Heule, M., van Maaren, H., Walsh, T. (eds.) Handbook of Satisfiability, Frontiers in Artificial Intelligence and Applications, vol. 185, pp. 825–885. IOS Press (2009). https://doi.org/10.3233/978-1-58603-929-5-825

  6. Bogdanov, A., Boura, C., Rijmen, V., Wang, M., Wen, L., Zhao, J.: Key difference invariant bias in block ciphers. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 357–376. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-42033-7_19

    Chapter  Google Scholar 

  7. Collard, B., Standaert, F.-X.: A statistical saturation attack against the block cipher PRESENT. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 195–210. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00862-7_13

    Chapter  Google Scholar 

  8. Cook, S.A.: The complexity of theorem-proving procedures. In: Harrison, M.A., Banerji, R.B., Ullman, J.D. (eds.) Proceedings of the 3rd Annual ACM Symposium on Theory of Computing, Shaker Heights, Ohio, USA, 3–5 May 1971, pp. 151–158. ACM (1971). https://doi.org/10.1145/800157.805047

  9. Daemen, J., Knudsen, L., Rijmen, V.: The block cipher square. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052343

    Chapter  Google Scholar 

  10. Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security and Cryptography. Springer, Cham (2002). https://doi.org/10.1007/978-3-662-04722-4

    Book  Google Scholar 

  11. Daemen, J., Rijmen, V.: Probability distributions of correlation and differentials in block ciphers. J. Math. Cryptol. 1(3), 221–242 (2007). https://doi.org/10.1515/JMC.2007.011

    Article  MathSciNet  Google Scholar 

  12. DasGupta, A.: Asymptotic Theory of Statistics and Probability. Springer, New York (2008). https://doi.org/10.1007/978-0-387-75971-5

    Book  Google Scholar 

  13. Dobraunig, C., Eichlseder, M., Mendel, F.: Square attack on 7-round Kiasu-BC. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 500–517. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39555-5_27

    Chapter  Google Scholar 

  14. Fouque, P.-A., Karpman, P.: Security amplification against meet-in-the-middle attacks using whitening. In: Stam, M. (ed.) IMACC 2013. LNCS, vol. 8308, pp. 252–269. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-45239-0_15

    Chapter  Google Scholar 

  15. Fu, L., Jin, C., Li, X.: Multidimensional zero-correlation linear cryptanalysis of lightweight block cipher Piccolo-128. Secur. Commun. Netw. 9(17), 4520–4535 (2016). https://doi.org/10.1002/sec.1644

    Article  Google Scholar 

  16. Isobe, T., Shibutani, K.: Security analysis of the lightweight block ciphers XTEA, LED and Piccolo. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 71–86. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31448-3_6

    Chapter  Google Scholar 

  17. Jeong, K., Kang, H., Lee, C., Sung, J., Hong, S.: Biclique cryptanalysis of lightweight block ciphers PRESENT, Piccolo and LED. Cryptology ePrint Archive, Paper 2012/621 (2012). https://eprint.iacr.org/2012/621

  18. Knudsen, L., Wagner, D.: Integral cryptanalysis. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 112–127. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45661-9_9

    Chapter  Google Scholar 

  19. Li, M., Hu, K., Wang, M.: Related-tweak statistical saturation cryptanalysis and its application on QARMA. IACR Trans. Symmetric Cryptol. 2019(1), 236–263 (2019). https://doi.org/10.13154/tosc.v2019.i1.236-263

  20. Li, M., Mouha, N., Sun, L., Wang, M.: Probabilistic related-key statistical saturation cryptanalysis. IACR Cryptology ePrint Archive, p. 1245 (2023). https://eprint.iacr.org/2023/1245

  21. Liu, Y., Cheng, L., Liu, Z., Li, W., Wang, Q., Gu, D.: Improved meet-in-the-middle attacks on reduced-round Piccolo. Sci. China Inf. Sci. 61(3), 032108:1–032108:13 (2018). https://doi.org/10.1007/s11432-016-9157-y

  22. Liu, Y., et al.: New analysis of reduced-version of Piccolo in the single-key scenario. KSII Trans. Internet Inf. Syst. 13(9), 4727–4741 (2019). https://doi.org/10.3837/tiis.2019.09.022

    Article  Google Scholar 

  23. Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48285-7_33

    Chapter  Google Scholar 

  24. Maxwell, A.E.: Comparing the classification of subjects by two independent judges. Br. J. Psychiatry 116, 651–655 (1970). https://doi.org/10.1192/bjp.116.535.651

    Article  Google Scholar 

  25. Minier, M.: On the security of Piccolo lightweight block cipher against related-key impossible differentials. In: Paul, G., Vaudenay, S. (eds.) INDOCRYPT 2013. LNCS, vol. 8250, pp. 308–318. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-03515-4_21

    Chapter  Google Scholar 

  26. Mouha, N., Preneel, B.: Towards finding optimal differential characteristics for ARX: application to Salsa20. Cryptology ePrint Archive, Paper 2013/328 (2013). https://eprint.iacr.org/2013/328

  27. Nyberg, K.: Linear approximation of block ciphers. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 439–444. Springer, Heidelberg (1995). https://doi.org/10.1007/BFb0053460

    Chapter  Google Scholar 

  28. Phan, R.C.: Mini advanced encryption standard (Mini-AES): a testbed for cryptanalysis students. Cryptologia 26(4), 283–306 (2002). https://doi.org/10.1080/0161-110291890948

    Article  Google Scholar 

  29. Shibutani, K., Isobe, T., Hiwatari, H., Mitsuda, A., Akishita, T., Shirai, T.: Piccolo: an ultra-lightweight blockcipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 342–357. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_23

    Chapter  Google Scholar 

  30. Stuart, A.: A test for homogeneity of the marginal distribution of a two-way classification. Biometrika 42, 412–416 (1955). https://doi.org/10.1093/biomet/42.3-4.412

    Article  MathSciNet  Google Scholar 

  31. Todo, Y.: Impossible differential attack against 14-round Piccolo-80 without relying on full code book. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 99-A(1), 154–157 (2016). https://doi.org/10.1587/transfun.E99.A.154

  32. Tolba, M., Abdelkhalek, A., Youssef, A.M.: Meet-in-the-middle attacks on reduced round Piccolo. In: Güneysu, T., Leander, G., Moradi, A. (eds.) LightSec 2015. LNCS, vol. 9542, pp. 3–20. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29078-2_1

    Chapter  Google Scholar 

  33. Wang, M., Cui, T., Chen, H., Sun, L., Wen, L., Bogdanov, A.: Integrals go statistical: cryptanalysis of full skipjack variants. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 399–415. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-52993-5_20

    Chapter  Google Scholar 

  34. Wang, Y., Wu, W., Yu, X.: Biclique cryptanalysis of reduced-round piccolo block cipher. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 337–352. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29101-2_23

    Chapter  Google Scholar 

Download references

Acknowledgments

The authors would like to thank the anonymous reviewers whose comments greatly improved this paper. Also thanks to Giovanni Uchoa de Assis for editorial improvements. This work was supported by Qingdao Innovation project (Grant No. QDBSH20230101008), Quan Cheng Laboratory (Grant No. QCLZD202306), the National Key Research and Development Program of China (Grant No. 2018YFA0704702), the Major Basic Research Project of Natural Science Foundation of Shandong Province, China (Grant No. ZR202010220025), the National Natural Science Foundation of China (Grant No. 62032014), and the Program of Qilu Young Scholars (Grant No. 61580082063088) of Shandong University.

Author information

Authors and Affiliations

  1. School of Cyber Science and Technology, Shandong University, Qingdao, China

    Muzhou Li, Ling Sun & Meiqin Wang

  2. Quan Cheng Shandong Laboratory, Jinan, China

    Ling Sun & Meiqin Wang

  3. Strativia, Largo, MD, USA

    Nicky Mouha

  4. Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China

    Muzhou Li, Ling Sun & Meiqin Wang

  5. State Key Laboratory of Cryptology, P.O. Box 5159, Beijing, 100878, China

    Ling Sun

Authors
  1. Muzhou Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nicky Mouha
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ling Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Meiqin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Meiqin Wang .

Editor information

Editors and Affiliations

  1. University Paris 8, Paris, France

    Claude Carlet

  2. University of New Brunswick, Fredericton, NB, Canada

    Kalikinkar Mandal

  3. University of Leuven and University of Bergen, Heverlee, Belgium

    Vincent Rijmen

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Li, M., Mouha, N., Sun, L., Wang, M. (2024). Probabilistic Related-Key Statistical Saturation Cryptanalysis. In: Carlet, C., Mandal, K., Rijmen, V. (eds) Selected Areas in Cryptography – SAC 2023. SAC 2023. Lecture Notes in Computer Science, vol 14201. Springer, Cham. https://doi.org/10.1007/978-3-031-53368-6_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-53368-6_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-53367-9

  • Online ISBN: 978-3-031-53368-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation