[go: up one dir, main page]

What a lovely hat

Is it made out of tin foil?

Paper 2021/1310

Related-Tweak Impossible Differential Cryptanalysis of Reduced-Round TweAES

Chao Niu, Muzhou Li, Meiqin Wang, Qingju Wang, and Siu-Ming Yiu

Abstract

We consider the related-tweak impossible differential cryptanalysis of \texttt{TweAES}. It is one of the underlying primitives of Authenticated Encryption with Associated Data (AEAD) scheme \texttt{ESTATE} which was accepted as one of second-round candidates in the NIST Lightweight Cryptography Standardization project. Firstly, we reveal several properties of \texttt{TweAES}, which show what kinds of distinguishers are more effective in recovering keys. With the help of automatic solver Simple Theorem Prover (STP), we achieve many 5.5-round related-tweak impossible differentials with fixed input differences and output differences that just have one active byte. Then, we implement 8-round key recovery attacks against \texttt{TweAES} based on one of these 5.5-round distinguishes. Moreover, another 5.5-round distinguisher that has four active bytes at the end is utilized to mount a 7-round key recovery attack against \texttt{TweAES}, which needs much lower attack complexities than the 6-round related-tweak impossible differential attack of \texttt{TweAES} in the design document. Our 8-round key recovery attack is the best one against \texttt{TweAES} in terms of the number of rounds and complexities so far.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. SAC 2021
Keywords
TweAESTweakable block ciphersRelated-tweakImpossible differential cryptanalysis
Contact author(s)
mqwang @ sdu edu cn
History
2021-09-28: received
Short URL
https://ia.cr/2021/1310
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/1310,
      author = {Chao Niu and Muzhou Li and Meiqin Wang and Qingju Wang and Siu-Ming Yiu},
      title = {Related-Tweak Impossible Differential Cryptanalysis of Reduced-Round {TweAES}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/1310},
      year = {2021},
      url = {https://eprint.iacr.org/2021/1310}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.