Linear(hull) Cryptanalysis of Round-reduced Versions of KATAN

Danping Shi, Lei Hu, Siwei Sun, Ling Song

Abstract

KATAN is a family of block ciphers published at CHES 2009. Based on the Mixed-integer linear programming(MILP) technique, we propose the first third-party linear cryptanalysis on KATAN. Furthermore, we evaluate the security of KATAN against the linear attack without ignoring the dependence of the input bits of the 2 × 1 S-box(the AND operation). Note that in previous analysis, the dependence is not considered, and therefore the previous results are not accurate. Furthermore, the mounted 131/120-round attack on KATAN32/48 respectively by our 84/90-round linear hull is the best single-key known-plaintext attack. In addition, a best 94-round linear hull attack is mounted on KATAN64 by our 76-round linear hull.

References

  1. Ahmadian, Z., Rasoolzadeh, S., Salmasizadeh, M., and Aref, M. R. (2015). Automated dynamic cube attack on block ciphers: Cryptanalysis of simon and katan. IACR Cryptology ePrint Archive, 2015, page 040.
  2. Albrecht, M. R., Driessen, B., Kavun, E. B., Leander, G., Paar, C., and Yalc¸in, T. (2014). Block ciphers - focus on the linear layer (feat. PRIDE). In Advances in Cryptology - CRYPTO 2014 - 34th Annual Cryptology Conference, Santa Barbara, CA, USA, August 17-21, 2014, Proceedings, Part I, pages 57-76.
  3. Albrecht, M. R. and Leander, G. (2012). An all-inone approach to differential cryptanalysis for small block ciphers. In Selected Areas in Cryptography, 19th International Conference, SAC 2012, Windsor, ON, Canada, August 15-16, 2012, Revised Selected Papers, pages 1-15.
  4. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., and Wingers, L. (2013). The simon and speck families of lightweight block ciphers. IACR Cryptology ePrint Archive, 2013, 2013:404.
  5. Bogdanov, A., Knudsen, L., Leander, G., Paar, C., Poschmann, A., Robshaw, M., Seurin, Y., and Vikkelsoe, C. (2007). Present: An ultra-lightweight block cipher. In Paillier, P. and Verbauwhede, I., editors, Cryptographic Hardware and Embedded Systems - CHES 2007, volume 4727 of Lecture Notes in Computer Science, pages 450-466. Springer Berlin Heidelberg.
  6. Bogdanov, A. and Rijmen, V. (2014). Linear hulls with correlation zero and linear cryptanalysis of block ciphers. Designs, Codes and Cryptography, 2014, 70(3):369-383.
  7. Cannière, C. D., Dunkelman, O., and Knezevic, M. (2009). KATAN and KTANTAN - A family of small and efficient hardware-oriented block ciphers. In Cryptographic Hardware and Embedded Systems - CHES 2009, 11th International Workshop, Lausanne, Switzerland, September 6-9, 2009, Proceedings, pages 272-288.
  8. Fuhr, T. and Minaud, B. (2014). Match box meet-inthe-middle attack against KATAN. In Fast Software Encryption - 21st International Workshop, FSE 2014, London, UK, March 3-5, 2014. Revised Selected Papers, pages 61-81.
  9. Guo, J., Peyrin, T., Poschmann, A., and Robshaw, M. (2011). The led block cipher. In Preneel, B. and Takagi, T., editors, Cryptographic Hardware and Embedded Systems, CHES 2011, volume 6917 of Lecture Notes in Computer Science, pages 326-341. Springer Berlin Heidelberg.
  10. Isobe, T. and Shibutani, K. (2012). All subkeys recovery attack on block ciphers: Extending meet-in-themiddle approach. In Selected Areas in Cryptography, 19th International Conference, SAC 2012, Windsor, ON, Canada, August 15-16, 2012, Revised Selected Papers, pages 202-221.
  11. Knellwolf, S., Meier, W., and Naya-Plasencia, M. (2010). Conditional differential cryptanalysis of nlfsrbased cryptosystems. In Advances in Cryptology - ASIACRYPT 2010 - 16th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 5-9, 2010. Proceedings, pages 130-145.
  12. Matsui, M. (1993). Linear cryptanalysis method for des cipher. In Helleseth, T., editor, Advances in Cryptology, EUROCRYPT 1993, volume 765 of Lecture Notes in Computer Science, pages 386-397. Springer Berlin Heidelberg.
  13. Nyberg, K. (1994). Linear approximation of block ciphers. In Advances in CryptologylEUROCRYPT'94, pages 439-444. Springer.
  14. Shi, D., Hu, L., Sun, S., Song, L., Qiao, K., and Ma, X. (2014). Improved linear (hull) cryptanalysis of roundreduced versions of SIMON. volume 2014, page 973.
  15. Sun, S., Hu, L., Wang, M., Wang, P., Qiao, K., Ma, X., Shi, D., Song, L., and Fu, K. (2014a). Towards finding the best characteristics of some bit-oriented block ciphers and automatic enumeration of (related-key) differential and linear characteristics with predefined properties. IACR Cryptology ePrint Archive, 2014, 2014:747.
  16. Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., and Song, L. (2014b). Automatic security evaluation and (relatedkey) differential characteristic search: Application to simon, present, lblock, des(l) and other bit-oriented block ciphers. In Sarkar, P. and Iwata, T., editors, Advances in Cryptology, ASIACRYPT 2014, volume 8873 of Lecture Notes in Computer Science, pages 158-178. Springer Berlin Heidelberg.
  17. Wu, W. and Zhang, L. (2011). Lblock: A lightweight block cipher. In Lopez, J. and Tsudik, G., editors, Applied Cryptography and Network Security,2011, input masks of register L1 1000010001000 0000000000000
Download


Paper Citation


in Harvard Style

Shi D., Hu L., Sun S. and Song L. (2016). Linear(hull) Cryptanalysis of Round-reduced Versions of KATAN . In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 364-371. DOI: 10.5220/0005739103640371


in Bibtex Style

@conference{icissp16,
author={Danping Shi and Lei Hu and Siwei Sun and Ling Song},
title={Linear(hull) Cryptanalysis of Round-reduced Versions of KATAN},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2016},
pages={364-371},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005739103640371},
isbn={978-989-758-167-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Linear(hull) Cryptanalysis of Round-reduced Versions of KATAN
SN - 978-989-758-167-0
AU - Shi D.
AU - Hu L.
AU - Sun S.
AU - Song L.
PY - 2016
SP - 364
EP - 371
DO - 10.5220/0005739103640371