International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: Automated Search Oriented to Key Recovery on Ciphers with Linear Key Schedule: Applications to Boomerangs in SKINNY and ForkSkinny

Authors:
Lingyue Qin , Institute for Advanced Study, BNRist, Tsinghua University, Beijing, China
Xiaoyang Dong , Institute for Advanced Study, BNRist, Tsinghua University, Beijing, China
Xiaoyun Wang , Institute for Advanced Study, BNRist, Tsinghua University, Beijing, China; Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China; School of Cyber Science and Technology, Shandong Univer
Keting Jia , Institute for Network Sciences and Cyberspace, BNRist, Tsinghua University, Beijing, China
Yunwen Liu , College of Liberal arts and Science, National University of Defense Technology, Changsha, China; Hunan Engineering Research Center of Commercial Cryptography Theory and Technology Innovation, Changsha, China
Download:
DOI: 10.46586/tosc.v2021.i2.249-291
URL: https://tosc.iacr.org/index.php/ToSC/article/view/8911
Search ePrint
Search Google
Abstract: Automatic modelling to search distinguishers with high probability covering as many rounds as possible, such as MILP, SAT/SMT, CP models, has become a very popular cryptanalysis topic today. In those models, the optimizing objective is usually the probability or the number of rounds of the distinguishers. If we want to recover the secret key for a round-reduced block cipher, there are usually two phases, i.e., finding an efficient distinguisher and performing key-recovery attack by extending several rounds before and after the distinguisher. The total number of attacked rounds is not only related to the chosen distinguisher, but also to the extended rounds before and after the distinguisher. In this paper, we try to combine the two phases in a uniform automatic model.Concretely, we apply this idea to automate the related-key rectangle attacks on SKINNY and ForkSkinny. We propose some new distinguishers with advantage to perform key-recovery attacks. Our key-recovery attacks on a few versions of round-reduced SKINNY and ForkSkinny cover 1 to 2 more rounds than the best previous attacks.
BibTeX
@article{tosc-2021-31086,
  title={Automated Search Oriented to Key Recovery on Ciphers with Linear Key Schedule: Applications to Boomerangs in SKINNY and ForkSkinny},
  journal={IACR Transactions on Symmetric Cryptology},
  publisher={Ruhr-Universit├Ąt Bochum},
  volume={2021, Issue 2},
  pages={249-291},
  url={https://tosc.iacr.org/index.php/ToSC/article/view/8911},
  doi={10.46586/tosc.v2021.i2.249-291},
  author={Lingyue Qin and Xiaoyang Dong and Xiaoyun Wang and Keting Jia and Yunwen Liu},
  year=2021
}