Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Security

IWSEC 2015: Advances in Information and Computer Security pp 97–111Cite as

Improvement on the Method for Automatic Differential Analysis and Its Application to Two Lightweight Block Ciphers DESL and LBlock-s

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9241))

Abstract

With the development of the ubiquitous computing and large-scale information processing systems, the demand for lightweight block ciphers which is suitable for resource constrained computing devices is increasing. Hence, the methodology for design and analysis of block ciphers is becoming more important. In this paper, we use the Mixed-Integer Linear Programming (MILP) based tools for automatic differential cryptanalysis in a clever way to find improved single-key and related-key differential characteristics for DESL (a lightweight variant of the well known Data Encryption Standard), and obtain tighter security bound for LBlock-s (a core component of an lightweight authenticated encryption algorithm submitted to the international competition for authenticated encryption – CAESAR) against related-key differential attack. To be more specific, in searching for improved characteristics, we restrict the differential patterns allowed in the first and last rounds of the characteristics in the feasible region of an MILP problem by imposing different constraints than other rounds, and we partition the differential patterns of the DESL S-box into different sets with 2-bit more information associated with each pattern according to their probabilities. In addition, we show how to use the Gurobi optimizer combined with a known good characteristic to speed up the characteristic searching and bound proving process. Using these techniques, we managed to find the currently known best 9-round related-key differential characteristic for DESL, and the first published nontrivial related-key and single-key differential characteristics covering 10 rounds of DESL. Also, we obtain the currently known tightest security bound for LBlock-s against related-key differential attack. These techniques should be useful in analysis and design of other lightweight block ciphers.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Biryukov, A.: Impossible differential attack. In: van Tilborg, H.C.A., Jajodia, S. (eds.) Encyclopedia of Cryptography and Security, p. 597. Springer (2011)

    Google Scholar 

  2. Biryukov, A., Khovratovich, D.: Related-key cryptanalysis of the full AES-192 and AES-256. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 1–18. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  3. Biryukov, A., Nikolić, I.: Search for Related-Key Differential Characteristics in DES-Like Ciphers. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 18–34. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  4. Biryukov, A., Velichkov, V.: Automatic Search for Differential Trails in ARX Ciphers. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 227–250. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  5. Biryukov, A., De Cannière, C., Quisquater, M.: On multiple linear approximations. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 1–22. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  6. Biryukov, A., Khovratovich, D., Nikolić, I.: Distinguisher and related-key attack on the full AES-256. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 231–249. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  7. Bogdanov, A., Khovratovich, D., Rechberger, C.: Biclique Cryptanalysis of the Full AES. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 344–371. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  8. Canteaut, A., Fuhr, T., Gilbert, H., Naya-Plasencia, M., Reinhard, J.-R.: Multiple differential cryptanalysis of round-reduced PRINCE. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 591–610. Springer, Heidelberg (2015)

    Google Scholar 

  9. Canteaut, A., Fuhr, T., Gilbert, H., Naya-Plasencia, M., Reinhard, J.-R.: Multiple differential cryptanalysis of round-reduced PRINCE (full version). IACR Cryptology ePrint Archive, Report 2014/089 (2014). http://eprint.iacr.org/2014/089

  10. Aoki, K., Kobayashi, K., Moriai, S.: Best differential characteristic search of FEAL. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 41–53. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  11. Collard, B., Standaert, F.-X.: A statistical saturation attack against the block cipher PRESENT. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 195–210. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  12. Biham, E., Dunkelman, O., Keller, N.: The rectangle attack - rectangling the serpent. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 340–357. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  13. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)

    Google Scholar 

  14. Kaliski Jr, B.S., Robshaw, M.: Linear Cryptanalysis Using Multiple Approximations. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 26–39. Springer, Heidelberg (1994)

    Google Scholar 

  15. Blondeau, C., Gérard, B.: Multiple differential cryptanalysis: theory and practice. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 35–54. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  16. Blondeau, C., Nyberg, K.: Links between truncated differential and multidimensional linear properties of block ciphers and underlying attack complexities. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 165–182. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  17. Blondeau, C., Gérard, B., Nyberg, K.: Multiple differential cryptanalysis using LLR and \(\chi ^\text{2 }\) statistics. In: Visconti, I., De Prisco, R. (eds.) SCN 2012. LNCS, vol. 7485, pp. 343–360. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  18. Wagner, D.: The boomerang attack. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 156–170. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  19. Biham, E.: New types of cryptanalytic attacks using related keys. J. Cryptol. 7(4), 229–246 (1994)

    Article  MATH  Google Scholar 

  20. Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptol. 4(1), 3–72 (1991)

    Article  MathSciNet  MATH  Google Scholar 

  21. Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski Jr, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  22. Optimization, G.: Gurobi optimizer reference manual (2013). http://www.gurobi.com

  23. Knudsen, L.: DEAL-a 128-bit block cipher. Complexity 258(2), 216 (1998)

    Google Scholar 

  24. Knudsen, L.R.: Truncated and higher order differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  25. Leander, G., Paar, C., Poschmann, A., Schramm, K.: New lightweight DES variants. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 196–210. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  26. Zhang, L., Wu, W., Wang, Y., Wu, S., Zhang, J.: LAC: a lightweight authenticated encryption cipher. CAESAR submission (2014). http://competitions.cr.yp.to/round1/lacv1.pdf

  27. Liu, Y., Gu, D., Liu, Z., Li, W.: Impossible differential attacks on reduced-round LBlock. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 97–108. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  28. Hermelin, M., Nyberg, K.: Linear cryptanalysis using multiple linear approximations. IACR Cryptology ePrint Archive, Report 2011/93 (2011). https://eprint.iacr.org/2011/093

  29. Hermelin, M., Cho, J.Y., Nyberg, K.: Multidimensional linear cryptanalysis of reduced round serpent. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 203–215. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  30. Hermelin, M., Cho, J.Y., Nyberg, K.: Multidimensional extension of Matsui’s algorithm 2. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 209–227. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  31. Matsui, M.: On correlation between the order of S-Boxes and the strength of DES. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 366–375. Springer, Heidelberg (1995)

    Google Scholar 

  32. Mouha, N., Preneel, B.: Towards finding optimal differential characteristics for ARX: application to Salsa20. IACR Cryptology ePrint Archive, Report 2013/328 (2013). http://eprint.iacr.org/2013/328

  33. Mouha, N., Wang, Q., Gu, D., Preneel, B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Wu, C.-K., Yung, M., Lin, D. (eds.) Inscrypt 2011. LNCS, vol. 7537, pp. 57–76. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  34. Ohta, K., Moriai, S., Aoki, K.: Improving the search algorithm for the best linear expression. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 157–170. Springer, Heidelberg (1995)

    Google Scholar 

  35. Fouque, P.-A., Jean, J., Peyrin, T.: Structural evaluation of AES and chosen-key distinguisher of 9-round AES-128. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 183–203. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  36. Wu, S., Wang, M.: Security evaluation against differential cryptanalysis for block cipher structures. IACR Cryptology ePrint Archive, Report 2011/551 (2011). https://eprint.iacr.org/2011/551

  37. Sun, S., Hu, L., Song, L., Xie, Y., Wang, P.: Automatic security evaluation of block ciphers with S-bP structures against related-key differential attacks. In: Lin, D., Xu, S., Yung, M. (eds.) Inscrypt 2013. LNCS, vol. 8567, pp. 39–51. Springer, Heidelberg (2014)

    Google Scholar 

  38. Sun, S., Hu, L., Wang, M., Wang, P., Qiao, K., Ma, X., Shi, ., Song, L., Fu, K.: Towards finding the best characteristics of some bit-oriented block ciphers and automatic enumeration of (related-key) differential and linear characteristics with predefined properties. Cryptology ePrint Archive, Report 2014/747 (2014). http://eprint.iacr.org/2014/747

  39. Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., Song, L.: Automatic security evaluation and (related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 158–178. Springer, Heidelberg (2014)

    Google Scholar 

  40. Kölbl, S.: CryptoSMT - an easy to use tool for cryptanalysis of symmetric primitives likes block ciphers or hash functions. https://github.com/kste/cryptosmt

  41. Kölbl, S., Leander, G., Tiessen, T.: Observations on the SIMON block cipher family. Cryptology ePrint Archive, Report 2015/145 (2015). http://eprint.iacr.org/2015/145

  42. Langford, S.K., Hellman, M.E.: Differential-linear cryptanalysis. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 17–25. Springer, Heidelberg (1994)

    Google Scholar 

  43. Iwata, T., Kurosawa, K.: Probabilistic higher order differential attack and higher order bent functions. In: Lam, K.-Y., Okamoto, E., Xing, C. (eds.) ASIACRYPT 1999. LNCS, vol. 1716, pp. 62–74. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  44. Van Rossum, G., et al.: Python programming language. In: USENIX Annual Technical Conference (2007)

    Google Scholar 

  45. Wang, Y., Wu, W., Yu, X., Zhang, L.: Security on LBlock against biclique cryptanalysis. In: Lee, D.H., Yung, M. (eds.) WISA 2012. LNCS, vol. 7690, pp. 1–14. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  46. Wu, W., Zhang, L.: LBlock: a lightweight block cipher. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 327–344. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  47. Zhao, X.J., Wang, T., Guo, S.Z.: Fault-propagation pattern based dfa on spn structure block ciphers using bitwise permutation, with application to PRESENT and printcipher. Technical report, IACR Cryptology ePrint Archive, Report 2011/086 (2011)

    Google Scholar 

  48. Bao, Z., Zhang, W., Lin, D.: Speeding Up the search algorithm for the best differential and best linear trails. In: Lin, D., Yung, M., Zhou, J. (eds.) Inscrypt 2014. LNCS, vol. 8957, pp. 259–285. Springer, Heidelberg (2015)

    Google Scholar 

Download references

Acknowledgements

The authors would like to thank the anonymous reviewers for their helpful comments and suggestions. The work of this paper was supported by the National Key Basic Research Program of China (2013CB834203), the National Natural Science Foundation of China (Grants 61472417, 61402469 and 61472415), the Strategic Priority Research Program of Chinese Academy of Sciences under Grant XDA06010702, and the State Key Laboratory of Information Security, Chinese Academy of Sciences.

Author information

Authors and Affiliations

  1. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China

    Siwei Sun, Lei Hu, Kexin Qiao, Xiaoshuang Ma, Jinyong Shan & Ling Song

  2. Data Assurance and Communication Security Research Center, Chinese Academy of Sciences, Beijing, 100093, China

    Siwei Sun, Lei Hu, Kexin Qiao, Xiaoshuang Ma, Jinyong Shan & Ling Song

Authors
  1. Siwei Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lei Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kexin Qiao
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xiaoshuang Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jinyong Shan
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Ling Song
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lei Hu .

Editor information

Editors and Affiliations

  1. Tokyo Institute of Technology, Tokyo, Japan

    Keisuke Tanaka

  2. Internet Initiative Japan Inc., Tokyo, Japan

    Yuji Suga

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Sun, S., Hu, L., Qiao, K., Ma, X., Shan, J., Song, L. (2015). Improvement on the Method for Automatic Differential Analysis and Its Application to Two Lightweight Block Ciphers DESL and LBlock-s. In: Tanaka, K., Suga, Y. (eds) Advances in Information and Computer Security. IWSEC 2015. Lecture Notes in Computer Science(), vol 9241. Springer, Cham. https://doi.org/10.1007/978-3-319-22425-1_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-22425-1_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-22424-4

  • Online ISBN: 978-3-319-22425-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation