Skip to main content
Springer Nature Link
Log in

Linear (Hull) and Algebraic Cryptanalysis of the Block Cipher PRESENT

  • Conference paper
Cryptology and Network Security (CANS 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5888))

Included in the following conference series:

Abstract

The contributions of this paper include the first linear hull and a revisit of the algebraic cryptanalysis of reduced-round variants of the block cipher PRESENT, under known-plaintext and ciphertext-only settings. We introduce a pure algebraic cryptanalysis of 5-round PRESENT and in one of our attacks we recover half of the bits of the key in less than three minutes using an ordinary desktop PC. The PRESENT block cipher is a design by Bogdanov et al., announced in CHES 2007 and aimed at RFID tags and sensor networks. For our linear attacks, we can attack 25-round PRESENT with the whole code book, 296.68 25-round PRESENT encryptions, 240 blocks of memory and 0.61 success rate. Further we can extend the linear attack to 26-round with small success rate. As a further contribution of this paper we computed linear hulls in practice for the original PRESENT cipher, which corroborated and even improved on the predicted bias (and the corresponding attack complexities) of conventional linear relations based on a single linear trail.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Albrecht, M., Cid, C.: Algebraic Techniques in Differential Cryptanalysis. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5565, pp. 193–208. Springer, Heidelberg (2009)

    Google Scholar 

  2. Brickenstein, M., Dreyer, A.: PolyBoRi: A framework for Gröbner basis computations with Boolean polynomials. Electronic Proceedings of MEGA (2007), http://www.ricam.oeaw.ac.at/mega2007/electronic/26.pdf

  3. Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: An ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  4. Buchberger, B.: An Algorithm for Finding the Basis Elements of the Residue Class Ring of a Zero Dimensional Polynomial Ideal. Ph.D Dissertation (1965)

    Google Scholar 

  5. Collard, B., Standaert, F.X.: A Statistical Saturation Attack against the Block Cipher PRESENT. In: CT-RSA 2009. LNCS, vol. 5473, pp. 195–210. Springer, Heidelberg (2009)

    Google Scholar 

  6. Courtois, N., Shamir, A., Patarin, J., Klimov, A.: Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations. Adv. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 392–407. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  7. Courtois, N., Pieprzyk, J.: Cryptanalysis of Block Ciphers with Overdefined Systems of Equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 267–287. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  8. Courtois, N., Meier, W.: Algebraic Attacks on Stream Ciphers with Linear Feedback. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 345–359. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Courtois, N.T., Bard, G.V.: Algebraic cryptanalysis of the data encryption standard. In: Galbraith, S.D. (ed.) Cryptography and Coding 2007. LNCS, vol. 4887, pp. 152–169. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  10. Courtois, N.T., Debraize, B.: Specific S-Box Criteria in Algebraic Attacks on Block Ciphers with Several Known Plaintexts. In: Lucks, S., Sadeghi, A.-R., Wolf, C. (eds.) WEWoRC 2007. LNCS, vol. 4945, pp. 100–113. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  11. Courtois, N.T., Bard, G.V., Wagner, D.: Algebraic and slide attacks on keeLoq. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 97–115. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  12. Courtois, N.T.: Tools for experimental algebraic cryptanalysis, http://www.cryptosystem.net/aes/tools.html

  13. Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Springer, Heidelberg (2002)

    MATH  Google Scholar 

  14. Eén, N., Sörensson, N.: MiniSat 2.0. An open-source SAT solver package, http://www.cs.chalmers.se/Cs/Research/FormalMethods/MiniSat/

  15. Faugére, J.: A new efficient algorithm for computing Gröbner bases (F4). Journal of Pure and Applied Algebra, 61–69 (1999)

    Google Scholar 

  16. Faugére, J.: A new efficient algorithm for computing Gröbner bases without reduction to zero (F5). In: Symbolic and Algebraic Computation - ISSAC, pp. 75–83 (2002)

    Google Scholar 

  17. Ghasemzadeh, M.: A New Algorithm for the Quantified Satisfiability Problem, Based on Zero-suppressed Binary Decision Diagrams and Memorization. Ph.D. thesis, Potsdam, Germany, University of Potsdam (2005), http://opus.kobv.de/ubp/volltexte/2006/637/

  18. Indesteege, S., Keller, N., Dunkelman, O., Biham, E., Preneel, B.: A practical attack on keeLoq. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 1–18. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  19. Keliher, L., Meijer, H., Tavares, S.: High Probability Linear Hulls in Q. In: Second NESSIE Conference (2001)

    Google Scholar 

  20. Kaliski, B.S., Robshaw, M.J.B.: Linear Cryptanalysis Using Multiple Approximations and FEAL. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 249–264. Springer, Heidelberg (1995)

    Google Scholar 

  21. Magma, software package, http://magma.maths.usyd.edu.au/magma/

  22. Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)

    Google Scholar 

  23. Murphy, S., Robshaw, M.J.B.: Essential Algebraic Structure within AES. Adv. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 1–16. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  24. Nyberg, K.: Linear approximation of block ciphers. Adv. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 439–444. Springer, Heidelberg (1995)

    Chapter  Google Scholar 

  25. Özen, O., Varici, K., Tezcan, C., Kocair, Ç.: Lightweight Block Ciphers Revisited: Cryptanalysis of Reduced Round PRESENT and HIGHT. In: ACISP 2009. LNCS, vol. 5594, pp. 90–107. Springer, Heidelberg (2009)

    Google Scholar 

  26. Raddum, H., Semaev, I.: New technique for solving sparse equation systems. Cryptology ePrint Archive, Report 2006/475 (2006), http://eprint.iacr.org/2006/475

  27. Shannon, C.E.: Claude Elwood Shannon collected papers. Wiley-IEEE Press, Piscataway (1993)

    MATH  Google Scholar 

  28. Selçuk, A.A., Biçak, A.: On probability of success in linear and differential cryptanalysis. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 174–185. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  29. Wang, M.: Differential Cryptanalysis of reduced-round PRESENT. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 40–49. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  30. Z’aba, M.R., Raddum, H., Henricksen, M., Dawson, E.: Bit-Pattern Based Integral Attack. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 363–381. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. EPFL, Lausanne, Switzerland

    Jorge Nakahara Jr. & Pouyan Sepehrdad

  2. Cybernetica AS, Estonia and University of Tartu, Estonia

    Bingsheng Zhang

  3. Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, 250100, China

    Meiqin Wang

Authors
  1. Jorge Nakahara Jr.
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pouyan Sepehrdad
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bingsheng Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Meiqin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. AT&T Labs Research, Florham Park, NJ, USA

    Juan A. Garay

  2. Japan Advanced Institute of Science and Technology (JAIST), Nomi, Ishikawa, Japan

    Atsuko Miyaji

  3. National Institute of Advanced Industrial Science and Technoloy (AIST), Tokyo, Japan

    Akira Otsuka

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Nakahara, J., Sepehrdad, P., Zhang, B., Wang, M. (2009). Linear (Hull) and Algebraic Cryptanalysis of the Block Cipher PRESENT. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds) Cryptology and Network Security. CANS 2009. Lecture Notes in Computer Science, vol 5888. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10433-6_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-10433-6_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-10432-9

  • Online ISBN: 978-3-642-10433-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics