Loading...
Search for:
lightweight-block-ciphers
0.004 seconds
Low-data complexity biclique cryptanalysis of block ciphers with application to piccolo and HIGHT
, Article IEEE Transactions on Information Forensics and Security ; Vol. 9, Issue. 10 , 2005 , Pages 1641-1652 ; Ahmadian, Z ; Mohajeri, J ; Aref, M. R ; Sharif University of Technology
Abstract
In this paper, we present a framework for biclique cryptanalysis of block ciphers which extremely requires a low amount of data. To that end, we enjoy a new representation of biclique attack based on a new concept of cutset that describes our attack more clearly. Then, an algorithm for choosing two differential characteristics is presented to simultaneously minimize the data complexity and control the computational complexity. Then, we characterize those block ciphers that are vulnerable to this technique and among them, we apply this attack on lightweight block ciphers Piccolo-80, Piccolo-128, and HIGHT. The data complexity of these attacks is only 16-plaintext-ciphertext pairs, which is...
Related-key impossible differential cryptanalysis of full-round HIGHT
, Article ICETE 2013 - 10th International Joint Conference on E-Business and Telecommunications; SECRYPT 2013 - 10th International Conference on Security and Cryptography, Proceedings, Reykjavik ; 2013 , Pages: 537-542 ; 9789898565730 (ISBN) ; Chafjiri, S. B ; Tabatabaei, S. A. H ; Sharif University of Technology
2013
Abstract
The HIGHT algorithm is a 64-bit block cipher with 128-bit key length, at CHES'06 as a lightweight cryptographic algorithm. In this paper, a new related-key impossible differential attack on the full-round algorithm is introduced. Our cryptanalysis requires time complexity of 2127.276 HIGHT evaluations which is slightly faster than exhaustive search attack. This is the first related-key impossible differential cryptanalysis on the full-round HIGHT block cipher. Copyright
Biclique cryptanalysis of the full-round KLEIN block cipher
, Article IET Information Security ; Volume 9, Issue 5 , 2015 , Pages 294-301 ; 17518709 (ISSN) ; Salmasizadeh, M ; Aref, M. R ; Sharif University of Technology
Institution of Engineering and Technology
2015
Abstract
In this study, the authors evaluate the security of the lightweight block cipher KLEIN-64 using biclique cryptanalysis. They first point out some new weaknesses of the diffusion layer and key schedule of this algorithm. Then they exploit them to cryptanalyst the full round version of KLEIN-64 using an asymmetric biclique. The (worst case) computations and data complexity of this cryptanalysis are 262.84 and 239, respectively. A modified version of this cryptanalysis is also presented which is slightly faster at the expense of the data required
Impossible Differential Cryptanalysis of Lightweight Blockciphers TEA and XTEA
, M.Sc. Thesis Sharif University of Technology ; Aref, Mohammad Reza (Supervisor) ; Salmasizadeh, Mohmoud (Co-Advisor)
Abstract
The lightweight blockciphers and lightweight authenticated encryptions are special kind of the symmetric schemes designed to use in cases that resources such as power, area, etc. are limited. Sensor Networks and RF-Tags are two good example of lightweight schemes application. This limitations force designers to use simpler functions and operators in comparison to conventional schemes; therefore, providing the security in this case is so important. A novel approach for evaluating security of an algorithm is to apply different kinds of attack. Impossible differential cryptanalysis is one of the shortcut cryptanalysis, using the impossible differential characteristic. Impossible differential...
Impossible differential cryptanalysis of Piccolo lightweight block cipher
, Article 2014 11th International ISC Conference on Information Security and Cryptology, ISCISC 2014 ; Sep , 2014 , p. 89-94 ; Ahmadian, Z ; Mohajeri, J ; Aref, M. R ; Sharif University of Technology
Abstract
This paper analyzes the Piccolo family of lightweight block ciphers against the impossible differential cryptanalysis. A combination of some ploys such as decreasing the S-box computations, finding an appropriate propagation of differentials, utilizing hash tables and using the linearity of the key-schedule as well as disregarding subkeys of two rounds lead to 12-round and 13-round impossible differential attack on Piccolo-80 and 15-round attack on Piccolo-128. The time and data complexity of the attack against Piccolo-80 is 255.18 and 236.34 for 12-round and 269.7 and 243.25 for 13-round, respectively. Moreover, the time and data complexity for 15 rounds cryptanalysis of Piccolo-128 are...
Zero correlation linear attack on reduced round Piccolo-80
, Article 13th International ISC Conference on Information Security and Cryptology, 7 September 2016 through 8 September 2016 ; 2016 , Pages 66-71 ; 9781509039494 (ISBN) ; Hoseini Najarkolaei, S. R ; Ahmadi, S ; Aref, M. R ; Sharif University of Technology
Institute of Electrical and Electronics Engineers Inc
Abstract
Universal deployment of lightweight block ciphers increase the importance of cryptanalysis of these ciphers. In this paper, we focus on reduced round version of Piccolo-80 as a lightweight block cipher and try to analyze it by zero correlation linear attack. As a result, we proposed a new zero correlation linear attack on 12-round Piccolo-80 without whitening keys with computational complexity of 251.4, while memory and data complexities of the attack are equal to 258.2 and 250, respectively. Also, we proposed an attack on 12-round Piccolo-80 with whitening keys and 13-round Piccolo-80 without whitening keys. To the best of our knowledge, these are the first zero correlation attacks on...
Cryptanalysis of the SIMON Lightweight Block Cipher
,
M.Sc. Thesis
Sharif University of Technology
;
Aref, Mohammad Reza
(Supervisor)
;
Salmasizadeh, Mahmud
(Co-Advisor)
Abstract
With the remarkable progress in microelectronics and low-power semiconductor technologies, Radio Frequency Identification technology (RFID) has moved from obscurity into mainstream applications, which essentially provides an indispensable foundation to realize ubiquitous computing and machine perception. However, the catching and exclusive characteristics of RFID systems introduce growing security and privacy concerns. These issues are particularly challenging for low-cost RFID systems where tags are extremely resource-constrained, so designing cryptographic algorithms which are optimized to operate in such environments with limited memory, battery supply and computing power become more and...
Fault-resilient lightweight cryptographic block ciphers for secure embedded systems
, Article IEEE Embedded Systems Letters ; Vol. 6, issue. 4 , 2014 , pp. 89-92 ; ISSN: 19430663 ; Tian, K ; Azarderakhsh, R ; Bayat Sarmadi, S ; Sharif University of Technology
Abstract
The development of extremely-constrained embedded systems having sensitive nodes such as RFID tags and nanosensors necessitates the use of lightweight block ciphers. Nevertheless, providing the required security properties does not guarantee their reliability and hardware assurance when the architectures are prone to natural and malicious faults. In this letter, error detection schemes for lightweight block ciphers are proposed with the case study of XTEA (eXtended TEA). Lightweight block ciphers such as XTEA, PRESENT, SIMON, and the like might be better suited for low-resource deeply-embedded systems compared to the Advanced Encryption Standard. Three different error detection approaches...
A new CPA resistant software implementation for symmetric ciphers with smoothed power consumption
, Article 13th International ISC Conference on Information Security and Cryptology, 7 September 2016 through 8 September 2016 ; 2016 , Pages 38-45 ; 9781509039494 (ISBN) ; Salmasizadeh, M ; Sharif University of Technology
Institute of Electrical and Electronics Engineers Inc
Abstract
In this paper we propose a new method for applying hiding countermeasure against CPA attacks. This method is for software implementation, based on smoothing power consumption of the device. We propose a new heuristic encoding scheme for implementing block cipher algorithms. Our new method includes only AND-equivalent and XOR-equivalent operations since every cryptographic algorithm can be implemented with two basic operations, namely AND, XOR. In order to practically evaluate resistance improvement against CPA, we implement the proposed coding scheme on SIMON, a lightweight block cipher, on a smartcard with ATmega163 microprocessor. The results of this implementation show a 350 times more...
Biclique cryptanalysis of Twine-128
, Article 13th International ISC Conference on Information Security and Cryptology, 7 September 2016 through 8 September 2016 ; 2016 , Pages 46-51 ; 9781509039494 (ISBN) ; Zare Ahangarkolaei, M ; Ahmadi, S ; Aref, M. R ; Sharif University of Technology
Institute of Electrical and Electronics Engineers Inc
Abstract
Security evaluation of lightweight block ciphers plays a critical role to determine security margin of these ciphers. One of the methods to find the security margin of block ciphers is biclique cryptanalysis. In this paper, we present a new schematic for biclique attack which combines asymmetric biclique and early abort technique. Then, we apply it against Twine-128 to evaluate the security margin of Twine-128. As a result, we present two cryptanalysis for Twine-128, one with 2125.75 computational complexity and 260 data complexity, and the other with 212616 computational complexity and 28 data complexity. To the best of our knowledge, our results are the best in computational and data...
Impossible differential cryptanalysis of reduced-round midori64 block cipher
, Article 2017 14th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology, ISCISC 2017, 6 September 2017 through 7 September 2017 ; 2018 , Pages 31-36 ; 9781538665602 (ISBN) ; Azimi, S. A ; Salmasizadeh, M ; Mohajeri, J ; Aref, M. R ; Sharif University of Technology
Abstract
Impossible differential attack is a well-known mean to examine robustness of block ciphers. Using impossible differential cryptanalysis, we analyze security of a family of lightweight block ciphers, named Midori, that are designed considering low energy consumption. Midori state size can be either 64 bits for Midori64 or 128 bits for Midori128; however, both versions have key size equal to 128 bits.In this paper, we mainly study security of Midori64. To this end, we use various techniques such as early-abort, memory reallocation, miss-in-the-middle and turning to account the inadequate key schedule algorithm of Midori64. We first show two new 7-round impossible differential characteristics...