Abstract
Khudra is a recently proposed lightweight block cipher specifically dedicated for Field Programmable Gate Arrays (FPGAs) implementation. It is a 4-branch type-2 generalized Feistel structure (GFS) of 18 rounds with 64-bit block size and 80-bit security margin. This paper studies the security of Khudra against impossible differential cryptanalysis. In the single-key scenario, the best impossible differential attack given by the designers works for 11 rounds with \(2^{57}\) chosen plaintexts and \(2^{61}\) encryptions. In this paper, by exploiting the structure of Khudra and the redundancy in its key schedule, we significantly improve previously known results. First, we propose an impossible differential attack on 14-round Khudra with \(2^{54.06}\) chosen plaintexts, \(2^{50.26}\) encryptions and \(2^{49}\) memory. Then, we extend the attack by including pre-whitening keys with \(2^{59.03}\) known plaintexts, \(2^{67.06}\) time and \(2^{59.03}\) memory complexities. Finally, we present an impossible differential attack against 16-round Khudra where whitening-keys are omitted. The 16-round attack requires \(2^{49.58}\) chosen plaintexts, \(2^{79.26}\) encryptions and \(2^{64}\) memory. To the best of our knowledge, these attacks are the best known attacks in the single-key scenario.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Adams, C., Gilchrist, J.: The CAST-256 encryption algorithm. Technical report (1999)
Baysal, A., Şahin, S.: RoadRunneR: a small and fast bitslice block cipher for low cost 8-bit processors. In: Güneysu, T., Leander, G., Moradi, A. (eds.) LightSec 2015. LNCS, vol. 9542, pp. 58–76. Springer, Cham (2016). doi:10.1007/978-3-319-29078-2_4
Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. IACR Cryptology ePrint Archive 2013, 404 (2013). http://eprint.iacr.org/2013/404
Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of skipjack reduced to 31 rounds using impossible differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999). doi:10.1007/3-540-48910-X_2
Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74735-2_31
Borghoff, J., et al.: PRINCE – a low-latency block cipher for pervasive computing applications. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 208–225. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34961-4_14
Bouillaguet, C., Dunkelman, O., Fouque, P.-A., Leurent, G.: New insights on impossible differential cryptanalysis. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 243–259. Springer, Heidelberg (2012). doi:10.1007/978-3-642-28496-0_15
Burwick, C., Coppersmith, D., DAvignon, E., Gennaro, R., Halevi, S., Jutla, C., Matyas, S.M., OConnor, L., Peyravian, M., Safford, D., et al.: The Mars Encryption Algorithm. IBM, 27 August 1999
Cannière, C., Dunkelman, O., Knežević, M.: KATAN and KTANTAN — a family of small and efficient hardware-oriented block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272–288. Springer, Heidelberg (2009). doi:10.1007/978-3-642-04138-9_20
Dai, Y., Chen, S.: Security analysis of Khudra: a lightweight block cipher for FPGAs. Secur. Commun. Netw. 9(10), 1173–1185 (2016). http://dx.doi.org/10.1002/sec.1409
Dunkelman, O., Keller, N., Shamir, A.: Improved single-key attacks on 8-Round AES-192 and AES-256. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 158–176. Springer, Heidelberg (2010). doi:10.1007/978-3-642-17373-8_10
Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.: The LED block cipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 326–341. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23951-9_22
Hoang, V.T., Rogaway, P.: On generalized feistel networks. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 613–630. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14623-7_33
Karakoç, F., Demirci, H., Harmancı, A.E.: ITUbee: a software oriented lightweight block cipher. In: Avoine, G., Kara, O. (eds.) LightSec 2013. LNCS, vol. 8162, pp. 16–27. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40392-7_2
Knudsen, L.: DEAL - a 128-bit Block Cipher. Technical report no. 151 (1998)
Kolay, S., Mukhopadhyay, D.: Khudra: a new lightweight block cipher for FPGAs. In: Chakraborty, R.S., Matyas, V., Schaumont, P. (eds.) SPACE 2014. LNCS, vol. 8804, pp. 126–145. Springer, Cham (2014). doi:10.1007/978-3-319-12060-7_9
Ma, X., Qiao, K.: Related-key rectangle attack on round-reduced khudra block cipher. In: Qiu, M., Xu, S., Yung, M., Zhang, H. (eds.) NSS 2015. LNCS, vol. 9408. Springer, Cham (2015). doi:10.1007/978-3-319-25645-0_22
Özen, M., Çoban, M., Karakoç, F.: A guess-and-determine attack on reduced-round khudra and weak keys of full cipher. IACR Cryptology ePrint Archive 2015, 1163 (2015). http://eprint.iacr.org/2015/1163
Rivest, R.L., Robshaw, M., Sidney, R., Yin, Y.L.: The RC6TM block cipher. In: First Advanced Encryption Standard (AES) Conference (1998)
Suzaki, T., Minematsu, K., Morioka, S., Kobayashi, E.: \(\mathit{TWINE}\): a lightweight block cipher for multiple platforms. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 339–354. Springer, Heidelberg (2013). doi:10.1007/978-3-642-35999-6_22
Tolba, M., Abdelkhalek, A., Youssef, A.M.: Meet-in-the-middle attacks on round-reduced khudra. In: Chakraborty, R.S., Schwabe, P., Solworth, J. (eds.) SPACE 2015. LNCS, vol. 9354, pp. 127–138. Springer, Cham (2015). doi:10.1007/978-3-319-24126-5_8
Wu, W., Zhang, L.: LBlock: a lightweight block cipher. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 327–344. Springer, Heidelberg (2011). doi:10.1007/978-3-642-21554-4_19
Yang, Q., Hu, L., Sun, S., Song, L.: Related-key impossible differential analysis of full khudra. IACR Cryptology ePrint Archive 2015, 840 (2015). http://eprint.iacr.org/2015/840
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Karakoç, F., Sağdıçoğlu, Ö.M., Gönen, M.E., Ersoy, O. (2017). Impossible Differential Cryptanalysis of 16/18-Round Khudra. In: Bogdanov, A. (eds) Lightweight Cryptography for Security and Privacy. LightSec 2016. Lecture Notes in Computer Science(), vol 10098. Springer, Cham. https://doi.org/10.1007/978-3-319-55714-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-55714-4_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-55713-7
Online ISBN: 978-3-319-55714-4
eBook Packages: Computer ScienceComputer Science (R0)