Abstract
Midori is a family of SPN-based lightweight block ciphers designed to optimize the hardware energy consumption per bit during the encryption and decryption operations. At ASIACRYPT 2015, two variants of the cipher, namely Midori128 and Midori64, which support a 128-bit secret key and a 64/128-bit block, respectively, were proposed. Recently, a meet-in-the-middle attack and an invariant subspace attack were presented against Midori64 but both attacks cannot be applied to Midori128. In this paper, we present truncated and multiple differential cryptanalysis of round reduced Midori128. Our analysis utilizes the special structure of the S-boxes and binary linear transformation layer in order to minimize the number of active S-boxes. In particular, we consider differentials that contain only single bit differences in the input and output of the active S-boxes. To keep this single bit per S-box patterns after the MixColumn operation, we restrict the bit differences of the output of the active S-boxes, which lie in the same column after the shuffle operation, to be in the same position. Using these restrictions, we were able to find 10-round differential which holds with probability \(2^{-118}\). By adding two rounds above and one round below this differential, we obtain a 13 round truncated differential and use it to perform a key recovery attack on the 13-round reduced Midori128. The time and data complexities of the 13-round attack are \(2^{119}\) encryptions and \(2^{119}\) chosen plaintext, respectively. We also present a multiple differential attack on the 13-round Midori128, with time and data complexities of \(2^{125.7}\) encryptions and \(2^{115.7}\) chosen plaintext, respectively.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Banik, S., Bogdanov, A., Isobe, T., Shibutani, K., Hiwatari, H., Akishita, T., Regazzoni, F.: Midori: a block cipher for low energy. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9453, pp. 411–436. Springer, Heidelberg (2015). doi:10.1007/978-3-662-48800-3_17
Bogdanov, A.A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)
De Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN — a family of small and efficient hardware-oriented block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009)
Canteaut, A., Fuhr, T., Gilbert, H., Naya-Plasencia, M., Reinhard, J.-R.: Multiple differential cryptanalysis of round-reduced PRINCE. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 591–610. Springer, Heidelberg (2015)
Guo, J., Jean, J., Nikolić, I., Qiao, K., Sasaki, Y., Sim, S.M.: Invariant Subspace Attack Against Full Midori64. IACR Cryptology ePrint Archive, 2015/1189 (2015). https://eprint.iacr.org/2015/1189.pdf
Hong, D., Sung, J., Hong, S.H., Lim, J.-I., Lee, S.-J., Koo, B.-S., Lee, C.-H., Chang, D., Lee, J., Jeong, K., Kim, H., Kim, J.-S., Chee, S.: HIGHT: a new block cipher suitable for low-resource device. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 46–59. Springer, Heidelberg (2006)
Knudsen, L., Leander, G., Poschmann, A., Robshaw, M.J.B.: PRINTcipher: a block cipher for IC-printing. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 16–32. Springer, Heidelberg (2010)
Knudsen, L.R.: Truncated and higher order differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)
Leander, G., Paar, C., Poschmann, A., Schramm, K.: New lightweight DES variants. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 196–210. Springer, Heidelberg (2007)
Lim, C.H., Korkishko, T.: mCrypton – a lightweight block cipher for security of low-cost RFID tags and sensors. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 243–258. Springer, Heidelberg (2006)
Lin, L., Wu, W.: Meet-in-the-Middle Attacks on Reduced-Round Midori-64. IACR Cryptology ePrint Archive, 2015/1165 (2015). https://eprint.iacr.org/2015/1165.pdf
Shibutani, K., Isobe, T., Hiwatari, H., Mitsuda, A., Akishita, T., Shirai, T.: Piccolo: an ultra-lightweight blockcipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 342–357. Springer, Heidelberg (2011)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Tolba, M., Abdelkhalek, A., Youssef, A.M. (2016). Truncated and Multiple Differential Cryptanalysis of Reduced Round Midori128. In: Bishop, M., Nascimento, A. (eds) Information Security. ISC 2016. Lecture Notes in Computer Science(), vol 9866. Springer, Cham. https://doi.org/10.1007/978-3-319-45871-7_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-45871-7_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-45870-0
Online ISBN: 978-3-319-45871-7
eBook Packages: Computer ScienceComputer Science (R0)