Skip to Main content Skip to Navigation
Conference papers

Proving Resistance against Invariant Attacks: Properties of the Linear Layer

Abstract : Many lightweight block ciphers use a very simple key-schedule where the round-keys only differ by a round-constant. However, several of those schemes were recently broken using invariant attacks, i.e. invariant subspace attacks or nonlinear invariant attacks. This work analyzes the resistance of such ciphers against invariant attacks and reveals the precise mathematical properties that render those attacks applicable. As a first practical consequence, we prove that some ciphers including Prince, Skinny-64 and Mantis7 are not vulnerable to invariant attacks. Also, we show that the invariant factors of the linear layer have a major impact on these attacks. Most notably, if the number of invariant factors of the linear layer is small (e.g., if its minimal polynomial has a high degree), we can easily find round-constants which guarantee the resistance to all types of invariant attacks, independently of the choice of the Sbox-layer.
Document type :
Conference papers
Complete list of metadata

Cited literature [10 references]  Display  Hide  Download
Contributor : Anne Canteaut Connect in order to contact the contributor
Submitted on : Tuesday, November 28, 2017 - 10:27:49 AM
Last modification on : Wednesday, February 17, 2021 - 10:26:08 AM


Files produced by the author(s)


  • HAL Id : hal-01649994, version 1



Christof Beierle, Anne Canteaut, Gregor Leander, Yann Rotella. Proving Resistance against Invariant Attacks: Properties of the Linear Layer . ESC 2017 - Early Symmetric Crypto, Jan 2017, Canach, Luxembourg. ⟨hal-01649994⟩



Record views


Files downloads