Cryptanalysis of SP Networks with Partial Non-Linear Layers

Bar-On, Achiya; Dinur, Itai; Dunkelman, Orr; Lallemand, Virginie; Keller, Nathan; Tsaban, Boaz

doi:10.1007/978-3-662-46800-5_13

Cited by 22 publications

(15 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, several attacks on this type of constructions, e.g. [12,21,23,32] show that it is much more difficult to estimate the security level of these constructions than that of classical SPNs. The basic principle of the HADES construction is then to combine both aspects: the inner rounds in the cipher have a partial Sbox layer to increase the resistance to algebraic attacks at a reduced implementation cost, whereas the outer rounds consist of traditional SPN rounds, with a full Sbox layer.…”

Section: Specifications Of Hadesmimcmentioning

confidence: 99%

Out of Oddity – New Cryptanalytic Techniques Against Symmetric Primitives Optimized for Integrity Proof Systems

Beyne

Canteaut

Dinur

et al. 2020

Advances in Cryptology – CRYPTO 2020

Self Cite

View full text Add to dashboard Cite

The security and performance of many integrity proof systems like SNARKs, STARKs and Bulletproofs highly depend on the underlying hash function. For this reason several new proposals have recently been developed. These primitives obviously require an in-depth security evaluation, especially since their implementation constraints have led to less standard design approaches. This work compares the security levels offered by two recent families of such primitives, namely GMiMC and HadesMiMC. We exhibit low-complexity distinguishers against the GMiMC and HadesMiMC permutations for most parameters proposed in recently launched public challenges for STARK-friendly hash functions. In the more concrete setting of the sponge construction corresponding to the practical use in the ZK-STARK protocol, we present a practical collision attack on a round-reduced version of GMiMC and a preimage attack on some instances of HadesMiMC. To achieve those results, we adapt and generalize several cryptographic techniques to fields of odd characteristic.

show abstract

Section: Specifications Of Hadesmimcmentioning

confidence: 99%

Out of Oddity – New Cryptanalytic Techniques Against Symmetric Primitives Optimized for Integrity Proof Systems

Beyne

Canteaut

Dinur

et al. 2020

Advances in Cryptology – CRYPTO 2020

Self Cite

View full text Add to dashboard Cite

show abstract

“…Zorro [GGNPS13] is the first SPN cipher in the literature that uses a nonfull Sbox layer and is related to LowMC in this respect. However, recent attacks on Zorro that exploit this particular property [WWGY13,RASA14,GNPW13,BODD+14], highlight the need to be very careful with this design strategy. In our analysis of LowMC in Section 5 we are able to take these into account.…”

Section: Main Features and Advantages Of Lowmcmentioning

confidence: 99%

Ciphers for MPC and FHE

Albrecht

Rechberger

Schneider

et al. 2015

Lecture Notes in Computer Science

228

113

View full text Add to dashboard Cite

Designing an efficient cipher was always a delicate balance between linear and non-linear operations. This goes back to the design of DES, and in fact all the way back to the seminal work of Shannon. Here we focus, for the first time, on an extreme corner of the design space and initiate a study of symmetric-key primitives that minimize the multiplicative size and depth of their descriptions. This is motivated by recent progress in practical instantiations of secure multi-party computation (MPC), fully homomorphic encryption (FHE), and zero-knowledge proofs (ZK) where linear computations are, compared to non-linear operations, essentially "free". We focus on the case of a block cipher, and propose the family of block ciphers "LowMC", beating all existing proposals with respect to these metrics by far. We sketch several applications for such ciphers and give implementation comparisons suggesting that when encrypting larger amounts of data the new design strategy translates into improvements in computation and communication complexity by up to a factor of 5 compared to AES-128, which incidentally is one of the most competitive classical designs. Furthermore, we identify cases where "free XORs" can no longer be regarded as such but represent a bottleneck, hence refuting this commonly held belief with a practical example.

show abstract

“…Furthermore, this relation also implies that the two active columns of ∆K 1 can only choose 2 8 values at most. To sum up, there are 2 16 valid values for ∆K 1 , each are denoted by ∆K 1 i , 1 ď i ď 2 16 . For a secret key K 0 , the key structure S k is generated by adding the non-zero difference ∆K 1 i to the second subkey of K 0 , from which a new secret key K i can be uniquely determined, see Figure 3.2a.…”

Section: Construction Of the Key Structurementioning

confidence: 99%

“…For a secret key K 0 , the key structure S k is generated by adding the non-zero difference ∆K 1 i to the second subkey of K 0 , from which a new secret key K i can be uniquely determined, see Figure 3.2a. Finally, the key structure consists of 2 16 keys, from which 2 31 unordered key pairs can be composed.…”

Section: Construction Of the Key Structurementioning

confidence: 99%

“…Therefore, in order to obtain 4 right quartets, 2 3 plaintext structures are required. We for each of the 2 16 keys K in the key structure S K do for each of the 2 72 plaintexts P in the plaintext structure do Encrypt P under key K, denote the ciphertext as C. Compute C 1 " C ' ∆C. Decrypt C 1 with K 1 , K 1 being computed from the corresponding K, and denote the new plaintext by P 1 .…”

Section: A Detailed Description Of the Attackmentioning

confidence: 99%

See 1 more Smart Citation

Cryptanalysis of symmetric-key primitives and its application to backdoor design

Wang¹

View full text Add to dashboard Cite

show abstract

Cryptanalysis of SP Networks with Partial Non-Linear Layers

Cited by 22 publications

References 15 publications

Out of Oddity – New Cryptanalytic Techniques Against Symmetric Primitives Optimized for Integrity Proof Systems

Out of Oddity – New Cryptanalytic Techniques Against Symmetric Primitives Optimized for Integrity Proof Systems

Ciphers for MPC and FHE

Cryptanalysis of symmetric-key primitives and its application to backdoor design

Contact Info

Product

Resources

About