Skip to main content
SpringerLink
Log in

Impossible differential attack on Simpira v2

  • Research Paper
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

Abstract

Simpira v2 is a family of cryptographic permutations proposed at ASIACRYPT 2016, and can be used to construct high throughput block ciphers by using the Even-Mansour construction, permutationbased hashing, and wide-block authenticated encryption. This paper shows a 9-round impossible differential of Simpira-4. To the best of our knowledge, this is the first 9-round impossible differential. To determine some efficient key recovery attacks on its block cipher mode (Even-Mansour construction with Simpira-4), we use some 6/7-round shrunken impossible differentials. Based on eight 6-round impossible differentials, we propose a series of 7-round key recovery attacks on the block cipher mode; each 6-round impossible differential helps recover 32 bits of the master key (512 bits), and in total, half of the master key bits are recovered. The attacks require 257 chosen plaintexts and 257 7-round encryptions. Furthermore, based on ten 7-round impossible differentials, we add one round on the top or at the bottom to mount ten 8-round key recovery attacks on the block cipher mode. This helps recover the full key space (512 bits) with a data complexity of 2170 chosen plaintexts and time complexity of 2170 8-round encryptions. Those are the first attacks on the round-reduced Simpira v2 and do not threaten the Even-Mansour mode with the full 15-round Simpira-4.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Daemen J, Rijmen V. The Design of Rijndael. Berlin: Springer, 2002

    Book  MATH  Google Scholar 

  2. Mala H, Dakhilailian M, Rijmen V, et al. Improved impossible differential cryptanalysis of 7-round AES-128. In: Proceedings of International Conference on Cryptology in India. Berlin: Springer-Verlag, 2010. 282–291

    MATH  Google Scholar 

  3. Lu J Q, Dunkelman O, Keller N, et al. New impossible differential attacks on AES. In: Proceedings of International Conference on Cryptology in India. Berlin: Springer-Verlag, 2008. 279–293

    MATH  Google Scholar 

  4. Zhang W T, Wu W L, Feng D G. New results on impossible differential cryptanalysis of reduced AES. In: Proceedings of International Conference on Information Security and Cryptology. Berlin: Springer-Verlag, 2007. 239–250

    MATH  Google Scholar 

  5. Daemen J, Knudsen L, Rijmen V. The block cipher Square. In: Proceedings of International Workshop on Fast Software Encryption. Berlin: Springer-Verlag, 1997. 149–165

    Google Scholar 

  6. Gilber H, Minier M. A collision attack on 7 rounds of Rijndael. In: Proceedings of AES Candidate Conference, New York, 2000. 230–241

    Google Scholar 

  7. Dunkelman O, Keller N, Shamir A. Improved single-key attacks on 8-round AES-192 and AES-256. In: Advances in Cryptology — ASIACRYPT 2010. Berlin: Springer-Verlag, 2010. 158–176

    MATH  Google Scholar 

  8. Derbez P, Fouque P, Jean J. Improved key recovery attacks on reduced-round AES in the single-key setting. In: Advances in Cryptology — EUROCRYPT 2013. Berlin: Springer-Verlag, 2013. 371–387

    MATH  Google Scholar 

  9. Li L B, Jia K T, Wang X Y. Improved single-key attacks on 9-round AES-192/256. In: Fast Software Encryption. Berlin: Springer-Verlag, 2015. 127–146

    MATH  Google Scholar 

  10. Biryukov A, Khovratovich D. Related-key cryptanalysis of the full AES-192 and AES-256. In: Advances in Cryptology — ASIACRYPT 2009. Berlin: Springer-Verlag, 2009. 1–18

    MATH  Google Scholar 

  11. Biryukov A, Khovratovich D, Nikolić I. Distingsuiher and related-key attack on the full AES-256. In: Advances in Cryptology — CRYPTO 2009. Berlin: Springer-Verlag, 2009. 231–249

    MATH  Google Scholar 

  12. Sun B, Liu M C, Guo J, et al. New insights on AES-like SPN ciphers. In: Advances in Cryptology — CRYPTO 2016. Berlin: Springer-Verlag, 2016. 605–624

    MATH  Google Scholar 

  13. Grassi L, Rechberger C, Rønjom S. Subspace trail cryptanalysis and its applications to AES. IACR Trans Symmetric Cryptol, 2016, 2016: 192–225

    Google Scholar 

  14. Gueron S, Mouha N. Simpira v2: a family of efficient permutations using the AES round function. In: Advances in Cryptology — ASIACRYPT 2016. Berlin: Springer-Verlag, 2016. 95–125

    MATH  Google Scholar 

  15. Dunkelman O, Keller N, Shamir A. Minimalism in cryptography: the Even-Mansour scheme revisited. In: Advances in Cryptology — EUROCRYPT 2012. Berlin: Springer-Verlag, 2012. 336–354

    MATH  Google Scholar 

  16. Even S, Mansour Y. A construction of a cipher from a single pseudorandom permutation. J Cryptology, 1997, 10: 151–161

    Article  MathSciNet  MATH  Google Scholar 

  17. Dobraunig C, Eichlseder M, Mendel F. Cryptanalysis of Simpira v1. In: Selected Areas in Cryptography, Newfoundland, 2016, in press

    MATH  Google Scholar 

  18. Rønjom S. Invariant subspaces in Simpira. Cryptology ePrint Archive, Report, 2016. http://eprint.iacr.org/2016/248. pdf

    Google Scholar 

  19. Knudsen L R. DEAL — a 128-bit block cipher. Complexity, 1998, 258: 216

    Google Scholar 

  20. Biham E, Biryukov A, Shamir A. Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials. In: Advances in Cryptology — EUROCRYPT 1999. Berlin: Springer-Verlag, 1999. 12–23

    MATH  Google Scholar 

  21. Sun S W, Hu L, Wang M Q, et al. Constructing mixed-integer programming models whose feasible region is exactly the set of all valid differential characteristics of SIMON. Cryptology ePrint Archive, Report, 2015. http://eprint.iacr.org/2015/122.pdf

    Google Scholar 

  22. Sun S W, Hu L, Wang M Q, et al. Mixed integer programming models for finite automaton and its application to additive differential patterns of exclusive-or. Cryptology ePrint Archive, Report, 2016. http://eprint.iacr.org/2016/338.pdf

    Google Scholar 

  23. Cui T T, Jia K T, Fu K, et al. New automatic search tool for impossible differentials and zero-correlation linear approximations. Cryptology ePrint Archive, Report, 2016. http://eprint.iacr.org/2016/689.pdf

    Google Scholar 

  24. Daemen J, Rijmen V. Understanding two-round differentials in aes. In: Proceedings of International Conference on Security and Crytography for Networks. Berlin: Springer-Verlag, 2006. 78–94

    MATH  Google Scholar 

Download references

Acknowledgements

This work was supported by National Basic Research Program of China (973 Program) (Grant No. 2013CB834205), National Natural Science Foundation of China (Grant No. 61672019), Fundamental Research Funds of Shandong University (Grant No. 2016JC029), and Foundation of Science and Technology on Information Assurance Laboratory (Grant No. KJ-15-002).

Author information

Authors and Affiliations

  1. Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, 250100, China

    Rui Zong, Xiaoyang Dong & Xiaoyun Wang

  2. Institute for Advanced Study, Tsinghua University, Beijing, 100084, China

    Xiaoyang Dong & Xiaoyun Wang

Authors
  1. Rui Zong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xiaoyang Dong
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xiaoyun Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xiaoyang Dong.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zong, R., Dong, X. & Wang, X. Impossible differential attack on Simpira v2. Sci. China Inf. Sci. 61, 032106 (2018). https://doi.org/10.1007/s11432-016-9075-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11432-016-9075-6

Keywords

Search

Navigation