Proving Resistance Against Invariant Attacks: How to Choose the Round Constants.

Abstract : Many lightweight block ciphers apply a very simple key schedule in which the round keys only differ by addition of a round-specific constant. Generally, there is not much theory on how to choose appropriate constants. In fact, several of those schemes were recently broken using invariant attacks, i.e., invariant subspace or nonlinear invariant attacks. This work analyzes the resistance of such ciphers against invariant attacks and reveals the precise mathematical properties that render those attacks applicable. As a first practical consequence, we prove that some ciphers including Prince, Skinny-64 and Mantis 7 are not vulnerable to invariant attacks. Also, we show that the invariant factors of the linear layer have a major impact on the resistance against those attacks. Most notably, if the number of invariant factors of the linear layer is small (e.g., if its minimal polynomial has a high degree), we can easily find round constants which guarantee the resistance to all types of invariant attacks, independently of the choice of the S-box layer. We also explain how to construct optimal round constants for a given, but arbitrary, linear layer.
Type de document :
Communication dans un congrès
Jonathan Katz; Hovav Shacham. Crypto 2017 - 37th Annual International Cryptology Conference, Aug 2017, Santa Barbara, United States. Springer, 10402, pp.647 - 678, 2017, LNCS - Lecture Notes in Computer Science. 〈https://www.iacr.org/conferences/crypto2017/index.html〉. 〈10.1007/978-3-319-63715-0_22〉
Liste complète des métadonnées

Littérature citée [21 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01631130
Contributeur : Yann Rotella <>
Soumis le : mercredi 8 novembre 2017 - 17:03:56
Dernière modification le : lundi 13 novembre 2017 - 15:40:01

Fichier

463.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Christof Beierle, Anne Canteaut, Gregor Leander, Yann Rotella. Proving Resistance Against Invariant Attacks: How to Choose the Round Constants.. Jonathan Katz; Hovav Shacham. Crypto 2017 - 37th Annual International Cryptology Conference, Aug 2017, Santa Barbara, United States. Springer, 10402, pp.647 - 678, 2017, LNCS - Lecture Notes in Computer Science. 〈https://www.iacr.org/conferences/crypto2017/index.html〉. 〈10.1007/978-3-319-63715-0_22〉. 〈hal-01631130〉

Partager

Métriques

Consultations de la notice

64

Téléchargements de fichiers

6