Abstract
To estimate the security of block ciphers against linear attacks, we introduce a kind of word-wise permutation which is used to construct equivalent linear trails from known ones for bit-oriented SPN block ciphers. Particularly, we find such word-wise permutations for GIFT-64, and use one of them to construct equivalent linear trails for 12-round GIFT-64. With five of these linear trails, we further present a 19-round multiple linear attack on GIFT-64 using Flórez-Gutiérrez et al.’s improved key-recovery algorithm.
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-022-00298-7/MediaObjects/13389_2022_298_Fig1_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-022-00298-7/MediaObjects/13389_2022_298_Fig2_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-022-00298-7/MediaObjects/13389_2022_298_Fig3_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-022-00298-7/MediaObjects/13389_2022_298_Fig4_HTML.png)
Similar content being viewed by others
References
Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Cryptographic hardware and embedded systems—CHES 2007, LNCS, 4727, pp. 450–466. Springer (2007)
Wu, W., Zhang, L.: LBlock: A Lightweight Block Cipher. In: Applied cryptography and network security—9th international conference, ACNS 2011, LNCS, 6715, pp. 327–344. Springer (2011)
Beaulieu, R., Shors, D., Smith, J., et al.: The SIMON and SPECK families of lightweight block ciphers. IACR Cryptol. ePrint Arch, 404 (2013)
Zhang, W., Bao, Z., et al.: RECTANGLE: a bit-slice ultra-lightweight block cipher suitable for multiple platforms, IACR Cryptol. ePrint Arch, 84 (2014)
Beierle, C., Jean, J., Kölbl, S., et al.: The skinny family of block ciphers and its low-latency variant MANTIS. In: Advances in cryptology—CRYPTO 2016—36th annual international cryptology conference, LNCS, 9815, pp. 123–153. Springer (2016)
Banik, S., Pandey, S., Peyrin, T., Sasaki, Y., Sim, S., Todo, Y.: GIFT: a small present - towards reaching the limit of lightweight encryption. In: Cryptographic hardware and embedded systems—CHES 2017, LNCS, 10529, pp. 321–345. Springer (2017)
Banik, S., Chakraborti, A., Iwata, T., Minematsu, K., Nandi, M., et al.: “GIFT-COFB”, IACR Cryptol. ePrint Arch, 738 (2020)
The specilcation of SUNDAE-GIFT, Last accessed 29 March 2019, https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/round-2/spec-doc-rnd2/SUNDAE-GIFT-spec-round2.pdf
The specilcation of HYENA, Last accessed 29 March 2019, https://csrc.nist.gov/CSRC/media/Projects/lightweight-cryptography/documents/round-2/spec-doc-rnd2/hyena-spec-round2.pdf
Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptol. 4(1), 3–71 (1991)
Matsui, M.: Linear cryptanalysis method for DES cipher. In: Advances in cryptology—EUROCRYPT ’93, LNCS, 765, pp. 386–397. Springer (1993)
Kaliski, B.S., Robshaw, M.J.B.: Linear cryptanalysis using multiple approximations. In: Advances in cryptology—CRYPTO ’94, LNCS, 839, pp. 26–39. Springer (1994)
Biryukov, A., De Cannière, C., Quisquater, M.: On multiple linear approximations. In: Advances in cryptology—CRYPTO 2004, LNCS, 3152, pp. 1–22. Springer (2004)
Hermelin, M., Cho, J.Y., Nyberg, k.: Multidimensional Linear cryptanalysis of reduced round serpent. In: Information security and privacy, 13th Australasian conference, ACISP, LNCS, 5107, pp. 203–215. Springer (2008)
Hermelin, M., Cho, J.Y., Nyberg, K.: Multidimensional extension of matsui’s algorithm 2. In: Fast software encryption, 16th international workshop, FSE, LNCS, 5665, pp. 209–227. Springer (2009)
Flórez-Gutiérrez, A., Naya-Plasencia, M.: Improving key-recovery in linear attacks: application to 28-round PRESENT. In: Advances in cryptology—EUROCRYPT 2020, LNCS, 12105, pp. 221–249. Springer (2020)
Mouha, N., Wang, Q., Gu, D., Preneel, B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Information security and cryptology—7th international conference, Inscrypt 2011, LNCS, 7537, pp. 57–76. Springer (2011)
Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., Song, L.: Automatic security evaluation and (Related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In: Advances in Cryptology—ASIACRYPT 2014, LNCS, 8873, pp. 158–178. Springer (2014)
Fu, K., Wang, M., Guo, Y., Sun, S., Hu, L.: MILP-Based Automatic Search Algorithms for Differential and Linear Trails for Speck. In: Fast software encryption—23rd international conference, FSE 2016, LNCS, 9783, pp. 268–288. Springer (2016)
Zhou, C., Zhang, W., Ding, T., Xiang, Z.: Improving the MILP-based security evaluation algorithm against differential/linear cryptanalysis using a divide-and-conquer approach. IACR Trans. Symmetric Cryptol. 2019(4), 438–469 (2019)
Kölbl, S., Leander,G., Tiessen, T.: Observations on the SIMON block cipher family. In: Advances in cryptology—CRYPTO 2015, LNCS, 9215, pp. 161–185. Springer (2015)
Liu, Y., Wang, Q., Rijmen, V.: Automatic search of linear trails in ARX with applications to SPECK and Chaskey. In: Applied cryptography and networks security—ACNS 2016, LNCS, 9696, pp. 485–499. Springer (2016)
Sun, L., Wang, W., Wang, M.: More accurate differential properties of LED64 and Midori64. IACR Trans. Symmetric Cryptol. 2018(3), 93–123 (2018)
Sun, L., Wang, W., Wang, W.: Accelerating the Search of Differential and Linear Characteristics with the SAT Method. IACR Trans. Symmetric Cryptol. 2021(1), 269–315 (2021)
Cui, Y., Xu, H., Qi, W.: MILP-based linear attacks on round-reduced GIFT. Chin. J. Electron. (2020). https://doi.org/10.1049/cje.2020.00.113
Sun, L., Wang, W., Wang, M.: Improved atacks on GIFT-64. In: Selected areas in cryptography—28th international conference, SAC 2021, LNCS, 3203, pp.246–265 Springer (2021)
Zhu, B., Dong, X., Yu, H.: MILP-based differential attack on round-reduced GIFT. Topics in Cryptology —CT-RSA 2019, LNCS, 11405, pp. 372–390. Springer (2019)
Chen, H., Zong, R., Dong, X.: Improved differential attacks on GIFT-64. In: Information and communications security—21st international conference, LNCS, 11999, pp. 447–462. Springer (2019)
Blondeau, C., Nyberg, K.: Joint data and key distribution of simple, multiple, and multidimensional linear cryptanalysis test statistic and its impact to data complexity. Des. Codes Cryptogr. 82(1–2), 319–349 (2017)
Acknowledgements
This work was partially supported by the National Natural Science Foundation of China (No.61872383, No.61802430) and the National Cryptography Development Fund of China (MMJJ20180204, MMJJ20170103).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Cui, Y., Xu, H., Tan, L. et al. Construction of equivalent linear trails and multiple linear attack on reduced-round GIFT-64. J Cryptogr Eng 13, 223–234 (2023). https://doi.org/10.1007/s13389-022-00298-7
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-022-00298-7