Security Analysis of SKINNY under Related-Tweakey Settings
In CRYPTO’16, a new family of tweakable lightweight block ciphers - SKINNY was introduced. Denoting the variants of SKINNY as SKINNY-n-t, where n represents the block size and t represents the tweakey length, the design specifies t ∈ {n, 2n, 3n}. In this work, we evaluate the security of SKINNY agai...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Ruhr-Universität Bochum
2017-09-01
|
| Series: | IACR Transactions on Symmetric Cryptology |
| Subjects: | |
| Online Access: | https://tosc.iacr.org/index.php/ToSC/article/view/765 |
| _version_ | 1818720710742245376 |
|---|---|
| author | Guozhen Liu Mohona Ghosh Ling Song |
| author_facet | Guozhen Liu Mohona Ghosh Ling Song |
| author_sort | Guozhen Liu |
| collection | DOAJ |
| description | In CRYPTO’16, a new family of tweakable lightweight block ciphers - SKINNY was introduced. Denoting the variants of SKINNY as SKINNY-n-t, where n represents the block size and t represents the tweakey length, the design specifies t ∈ {n, 2n, 3n}. In this work, we evaluate the security of SKINNY against differential cryptanalysis in the related-tweakey model. First, we investigate truncated related-tweakey differential trails of SKINNY and search for the longest impossible and rectangle distinguishers where there is only one active cell in the input and the output. Based on the distinguishers obtained, 19, 23 and 27 rounds of SKINNY-n-n, SKINNY-n-2n and SKINNY-n-3n can be attacked respectively. Next, actual differential trails for SKINNY under related-tweakey model are explored and optimal differential trails of SKINNY-64 within certain number of rounds are searched with an indirect searching method based on Mixed-Integer Linear Programming. The results show a trend that as the number of rounds increases, the probability of optimal differential trails is much lower than the probability derived from the lower bounds of active Sboxes in SKINNY. |
| first_indexed | 2024-12-17T20:27:10Z |
| format | Article |
| id | doaj.art-3939ae871a724d03b37be1c4af1f3cb8 |
| institution | Directory Open Access Journal |
| issn | 2519-173X |
| language | English |
| last_indexed | 2024-12-17T20:27:10Z |
| publishDate | 2017-09-01 |
| publisher | Ruhr-Universität Bochum |
| record_format | Article |
| series | IACR Transactions on Symmetric Cryptology |
| spelling | doaj.art-3939ae871a724d03b37be1c4af1f3cb82022-12-21T21:33:43ZengRuhr-Universität BochumIACR Transactions on Symmetric Cryptology2519-173X2017-09-01377210.13154/tosc.v2017.i3.37-72765Security Analysis of SKINNY under Related-Tweakey SettingsGuozhen Liu0Mohona Ghosh1Ling Song2Nanyang Technological University (Singapore); Shanghai Jiao Tong UniversityNanyang Technological University (Singapore); Indian Institute of Information Technology, Design and Manufacturing (IIITDM), JabalpurNanyang Technological University (Singapore); State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of SciencesIn CRYPTO’16, a new family of tweakable lightweight block ciphers - SKINNY was introduced. Denoting the variants of SKINNY as SKINNY-n-t, where n represents the block size and t represents the tweakey length, the design specifies t ∈ {n, 2n, 3n}. In this work, we evaluate the security of SKINNY against differential cryptanalysis in the related-tweakey model. First, we investigate truncated related-tweakey differential trails of SKINNY and search for the longest impossible and rectangle distinguishers where there is only one active cell in the input and the output. Based on the distinguishers obtained, 19, 23 and 27 rounds of SKINNY-n-n, SKINNY-n-2n and SKINNY-n-3n can be attacked respectively. Next, actual differential trails for SKINNY under related-tweakey model are explored and optimal differential trails of SKINNY-64 within certain number of rounds are searched with an indirect searching method based on Mixed-Integer Linear Programming. The results show a trend that as the number of rounds increases, the probability of optimal differential trails is much lower than the probability derived from the lower bounds of active Sboxes in SKINNY.https://tosc.iacr.org/index.php/ToSC/article/view/765Lightweight Block CipherSKINNYImpossible Differential AttackRectangle AttackRelated-Tweakey |
| spellingShingle | Guozhen Liu Mohona Ghosh Ling Song Security Analysis of SKINNY under Related-Tweakey Settings IACR Transactions on Symmetric Cryptology Lightweight Block Cipher SKINNY Impossible Differential Attack Rectangle Attack Related-Tweakey |
| title | Security Analysis of SKINNY under Related-Tweakey Settings |
| title_full | Security Analysis of SKINNY under Related-Tweakey Settings |
| title_fullStr | Security Analysis of SKINNY under Related-Tweakey Settings |
| title_full_unstemmed | Security Analysis of SKINNY under Related-Tweakey Settings |
| title_short | Security Analysis of SKINNY under Related-Tweakey Settings |
| title_sort | security analysis of skinny under related tweakey settings |
| topic | Lightweight Block Cipher SKINNY Impossible Differential Attack Rectangle Attack Related-Tweakey |
| url | https://tosc.iacr.org/index.php/ToSC/article/view/765 |
| work_keys_str_mv | AT guozhenliu securityanalysisofskinnyunderrelatedtweakeysettings AT mohonaghosh securityanalysisofskinnyunderrelatedtweakeysettings AT lingsong securityanalysisofskinnyunderrelatedtweakeysettings |