International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: A Greater GIFT: Strengthening GIFT against Statistical Cryptanalysis

Authors:
Ling Sun , Shandong University
Bart Preneel , Catholic University of Leuven, Belgium
Wei Wang , Shandong University
Meiqin Wang , Shandong University
Download:
Search ePrint
Search Google
Presentation: Slides
Conference: EUROCRYPT 2022
Abstract: GIFT-64 is a 64-bit block cipher with a 128-bit key that is more lightweight than PRESENT. This paper provides a detailed analysis of GIFT-64 against differential and linear attacks. Our work complements automatic search methods for the best differential and linear characteristics with a careful manual analysis. This hybrid approach leads to new insights. In the differential setting, we theoretically explain the existence of differential characteristics with two active S-boxes per round and derive some novel properties of these characteristics. Furthermore, we prove that all optimal differential characteristics of GIFT-64 covering more than seven rounds must activate two S-boxes per round. We can construct all optimal characteristics by hand. In parallel to the work in the differential setting, we conduct a similar analysis in the linear setting. However, unlike the clear view in differential setting, the optimal linear characteristics of GIFT-64 must have at least one round activating only one S-box. Moreover, with the assistance of automatic searching methods, we identify 24 GIFT-64 variants achieving better resistance against differential attack while maintaining a similar security level against a linear attack. Since the new variants strengthen GIFT-64 against statistical cryptanalysis, we claim that the number of rounds could be reduced from 28 to 26 for the variants. This observation enables us to create a cipher with lower energy consumption than GIFT-64. Similarly to the case in GIFT-64, we do not claim any related-key security for the round-reduced variant as this is not relevant for most applications.
Video from EUROCRYPT 2022
BibTeX
@inproceedings{eurocrypt-2022-31833,
  title={A Greater GIFT: Strengthening GIFT against Statistical Cryptanalysis},
  publisher={Springer-Verlag},
  author={Ling Sun and Bart Preneel and Wei Wang and Meiqin Wang},
  year=2022
}