Skip to main content
SpringerLink
Log in

Integral characteristics by keyspace partitioning

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

In this work, we introduce a new method we call integral by keyspace partitioning to construct integral characteristics for some block ciphers by introducing new integral properties. We introduce the concepts of active with constant difference and identically active integral properties. Then, we divide the key space into equivalence classes and construct integral characteristics for each equivalence class individually by using these integral properties. We exploit the binary diffusion layer and key schedule algorithm of a block cipher to propagate these integral properties through rounds. We apply the new method to the Byte-oriented Substitution-Permutation Network (BSPN) cipher and Midori64 to show its effectiveness. We construct the first iterative integral characteristic for a block cipher to the best of our knowledge. We extend this iterative characteristic for the (Mn)-(BSPN) block cipher where each block of BSPN contains M number of \(n \times n\) S-Boxes with the block and key sizes \(M \cdot n\). Using at most \(\left( {\begin{array}{c}M-1\\ 2\end{array}}\right) +1\) (only 106 when \(M=16\)) chosen plaintexts, we mount key recovery attacks for the first time on BSPN and recover the key for the full round. The time complexity of the key recovery is almost independent of the number of rounds. We also use our method to construct an integral characteristic for Midori64, which can be utilized for a key recovery attack on 11-round Midori64. Our results impose a new security criteria for the design of the key schedule algorithm for some block ciphers.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

Notes

  1. Related key attacks are ignored.

References

  1. Ankele R., Kölbl S.: Mind the gap-a closer look at the security of block ciphers against differential cryptanalysis. In: International Conference on Selected Areas in Cryptography, pp. 163–190. Springer (2018)

  2. Banik S., Bogdanov A., Isobe T., Shibutani K., Hiwatari H., Akishita T., Regazzoni F.: Midori: A block cipher for low energy. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 411–436. Springer (2015)

  3. Barreto P., Rijmen V.: The Khazad legacy-level block cipher. Primitive submitted to NESSIE 97, 106 (2000)

  4. Barreto P., Simplicio M.: CURUPIRA, a block cipher for constrained platforms. Anais do 25o Simpsio Brasileiro de Redes de Computadores e Sistemas Distribudos-SBRC 1, 61–74 (2007).

    Google Scholar 

  5. Beyne T.: Block cipher invariants as eigenvectors of correlation matrices. J. Cryptol. 33, 1–28 (2020).

    Article  MathSciNet  Google Scholar 

  6. Biham E., Shamir A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptol. 4(1), 3–72 (1991).

    Article  MathSciNet  Google Scholar 

  7. Biryukov A., Shamir A.: Structural cryptanalysis of SASAS. J. Cryptol. 23(4), 505–518 (2010).

    Article  MathSciNet  Google Scholar 

  8. Chen Z., Wang X.: Impossible differential cryptanalysis of Midori. In: Mechatronics and Automation Engineering: Proceedings of the International Conference on Mechatronics and Automation Engineering (ICMAE2016), pp. 221–229. World Scientific (2017)

  9. Daemen J., Rijmen V.: Aes proposal: Rijndael (1999)

  10. Daemen J., Knudsen L., Rijmen V.: The block cipher SQUARE. In: International Workshop on Fast Software Encryption, pp. 149–165. Springer (1997)

  11. Derbez P., Fouque P.A.: Increasing precision of division property. IACR Trans. Symmetric Cryptol. 2020(4), 173–194 (2020).

    Article  Google Scholar 

  12. Eskandari Z., Kidmose A.B., Kölbl S., Tiessen T.: Finding integral distinguishers with ease. In: International Conference on Selected Areas in Cryptography, pp. 115–138. Springer (2018)

  13. Ferguson N., Kelsey J., Lucks S., Schneier B., Stay M., Wagner D., Whiting D.: Improved cryptanalysis of Rijndael. In: International Workshop on Fast Software Encryption, pp. 213–230. Springer (2000)

  14. Guo J., Jean J., Nikolic I., Qiao K., Sasaki Y., Sim S.M.: Invariant subspace attack against Midori64 and the resistance criteria for S-box designs. IACR Trans. Symmetric Cryptol. 2016, 33–56 (2016).

    Article  Google Scholar 

  15. Heys H.: Integral cryptanalysis of the BSPN block cipher. In: 2014 27th Biennial Symposium on Communications (QBSC), pp. 153–158. IEEE (2014)

  16. Keliher L.: Differential cryptanalysis of the BSPN block cipher structure (2015)

  17. Knudsen L., Wagner D.: Integral cryptanalysis. In: International Workshop on Fast Software Encryption, pp. 112–127. Springer (2002)

  18. Leander G., Abdelraheem M.A., AlKhzaimi H., Zenner E.: A cryptanalysis of PRINTcipher: The invariant subspace attack. In: P. Rogaway (ed.) Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Santa Barbara, CA, USA, August 14–18, 2011. Proceedings, Lecture Notes in Computer Science, vol. 6841, pp. 206–221. Springer (2011). https://doi.org/10.1007/978-3-642-22792-9_12

  19. Li Y., Wang M., Ou H., Wang S.: Improved integral analysis on lightweight block cipher Midori. In: 2019 IEEE 5th International Conference on Computer and Communications (ICCC), pp. 1494–1498. IEEE (2019)

  20. Lin L., Wu W.: Meet-in-the-middle attacks on reduced-round Midori64. IACR Trans. Symmetric Cryptol. 2017, 215–239 (2017).

    Article  Google Scholar 

  21. Matsui M.: Linear cryptanalysis method for DES cipher. In: Workshop on the Theory and Application of of Cryptographic Techniques, pp. 386–397. Springer (1993)

  22. Moghaddam A.E., Ahmadian Z.: New automatic search method for truncated-differential characteristics application to Midori. SKINNY CRAFT. Comput. J. 63(12), 1813–1825 (2020). https://doi.org/10.1093/comjnl/bxaa004.

    Article  MathSciNet  Google Scholar 

  23. Pub N.F.: 197: Advanced encryption standard (AES). Federal information processing standards publication 197(441), 0311 (2001).

    Google Scholar 

  24. Sasaki Y., Wang L.: Comprehensive study of integral analysis on 22-round LBlock. In: International Conference on Information Security and Cryptology, pp. 156–169. Springer (2012)

  25. Sasaki Y., Wang L.: Meet-in-the-middle technique for integral attacks against Feistel ciphers. In: International Conference on Selected Areas in Cryptography, pp. 234–251. Springer (2012)

  26. Sun L., Wang W., Wang M.Q.: MILP-aided bit-based division property for primitives with non-bit-permutation linear layers. IET Inf. Secur. 14(1), 12–20 (2019).

    Article  Google Scholar 

  27. Takahashi Y., Igarashi Y., Kaneko T.: The 12th-order differential attack on the 10-round variants of Midori64 block cipher. In: 2017 IEEE 31st International Conference on Advanced Information Networking and Applications (AINA), pp. 925–930. IEEE (2017)

  28. Todo Y.: Structural evaluation by generalized integral property. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 287–314. Springer (2015)

  29. Todo Y., Leander G., Sasaki Y.: Nonlinear invariant attack: Practical attack on full SCREAM, iSCREAM, and Midori64. J. Cryptol. 32(4), 1383–1422 (2019).

    Article  MathSciNet  Google Scholar 

  30. Youssef A., Tavares S., Heys H.: A new class of substitution-permutation networks. In: Workshop on Selected Areas in Cryptography, SAC, vol. 96, pp. 132–147 (1996)

  31. Z’aba M.R., Raddum H., Henricksen M., Dawson E.: Bit-pattern based integral attack. In: International Workshop on Fast Software Encryption, pp. 363–381. Springer (2008)

  32. Zhang W., Rijmen V.: Division cryptanalysis of block ciphers with a binary diffusion layer. IET Inf. Secur. 13(2), 87–95 (2018).

    Article  Google Scholar 

  33. Zhang X., Heys H.M., Li C.: Energy efficiency of symmetric key cryptographic algorithms in wireless sensor networks. In: 2010 25th Biennial symposium on communications, pp. 168–172. IEEE (2010)

  34. Zhang W., Su B., Wu W., Feng D., Wu C.: Extending higher-order integral: an efficient unified algorithm of constructing integral distinguishers for block ciphers. In: International Conference on Applied Cryptography and Network Security, pp. 117–134. Springer (2012)

  35. Zhang X., Heys H.M., Li C.: Energy efficiency of encryption schemes applied to wireless sensor networks. Secur. Commun. Netw. 5(7), 789–808 (2012).

    Article  Google Scholar 

Download references

Acknowledgements

We are grateful to the anonymous reviewers for their constructive comments. Moreover, we would like to thank Mehmet Sabır Kiraz, Ferhat Karakoç and Ali Aydın Selçuk for reading the manuscript and providing us helpful comments.

Author information

Authors and Affiliations

  1. TUBITAK BILGEM National Research Institute of Electronics and Cryptology, Gebze, 41470, Izmit, Turkey

    Fatih Demirbaş & Orhun Kara

  2. Institute of Pure and Applied Sciences, Marmara University, Kadıköy, 34722, Istanbul, Turkey

    Fatih Demirbaş

  3. Faculty of Science, Department of Mathematics, İzmir Institute of Technology, Urla, 35430, Izmir, Turkey

    Orhun Kara

Authors
  1. Fatih Demirbaş
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Orhun Kara
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Orhun Kara.

Additional information

Communicated by F. Mendel.

The second author is partially supported by TUBITAK 1001 Project under the Grant Number 121E228.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Demirbaş, F., Kara, O. Integral characteristics by keyspace partitioning. Des. Codes Cryptogr. 90, 443–472 (2022). https://doi.org/10.1007/s10623-021-00989-y

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-021-00989-y

Keywords

Mathematics Subject Classification

Search

Navigation