IACR News item: 22 May 2023
Anubhab Baksi
ePrint Report
In the design of GIFT, half round key XOR is used. This leads to the undesired consequence that the security against the differential/linear attacks are overestimated. This comes from the observation that; in the usual DDT/LAT based analysis of the differential/linear attacks, the inherent assumption is the full round key is XORed at each round.
Additional news items may be found on the IACR news page.