Improved meet-in-the-middle attacks on reduced-round Piccolo  

Improved meet-in-the-middle attacks on reduced-round Piccolo

在线阅读下载全文

作  者:Ya LIU Liang CHENG Zhiqiang LIU Wei LI Qingju WANG Dawu GU 

机构地区:[1]Department of Computer Science and Engineering,University of Shanghai for Science and Technology,Shanghai 200093,China [2]State Key Laboratory of Cryptology,P.O.Box 5159,Beijing 100878,China [3]Department of Computer Science and Engineering,Shanghai Jiao Tong University,Shanghai 200240,China [4]Sehool of Computer Science and Technology,Donghua University,Shanghai 201620,China [5]Shanghai Key Laboratory of Integrated Administration Technologies for Information Security,Shanghai 200240,China [6]Department of Applied Mathematics and Computer Science,Technical University of Denmark,Kgs.Lyngby 2800,Denmark

出  处:《Science China(Information Sciences)》2018年第3期91-103,共13页中国科学(信息科学)(英文版)

基  金:supported by National Natural Science Foundation of China(Grant Nos.61402288,61672347,61772129,61472250);National Basic Research Program of China(Grant No.2013CB338004);Shanghai Natural Science Foundation(Grant Nos.15ZR1400300,16ZR1401100);Innovation Program of Shanghai Municipal Education Commission(Grant No.14ZZ066);Opening Project of Shanghai Key Laboratory of Integrated Administration Technologies for Information Security(Grant No.AGK201703)

摘  要:Piccolo is a lightweight block cipher that adopts a generalized Feistel network structure with 4 branches, each of which is 16 bit long. The key length is 80 or 128 bit, denoted by Piccolo-80 and Piccolo- 128, respectively. In this paper, we mounted meet-in-the-middle attacks on 14-round Piccolo-80 without pre- and post-whitening keys and 18-round Piccolo-128 with post-whitening keys by exploiting the properties of the key schedule and Maximum Distance Separable (MDS) matrix. For Piccolo-80, we first constructed a 5-round distinguisher. Then 4 rounds and 5 rounds were appended at the beginning and at the end, respectively. Based on this structure, we mounted an attack on 14-round Piccolo-80 from the 5th round to the 18th round. The data, time, and memory complexities were 252 chosen plaintexts, 267.44 encryptions, and 264"91 blocks, respectively. For Piccolo-128, we built a 7-round distinguisher to attack 18-round Piccolo-128 from the 4th round to the 21st round. The data, time, and memory complexities were 252 chosen plaintexts, 2126"63 encryptions, and 2125"29 blocks, respectively. If not considering results on biclique cryptanalysis, these are currently the best public results on this reduced version of the Piccolo block cipher.Piccolo is a lightweight block cipher that adopts a generalized Feistel network structure with 4 branches, each of which is 16 bit long. The key length is 80 or 128 bit, denoted by Piccolo-80 and Piccolo- 128, respectively. In this paper, we mounted meet-in-the-middle attacks on 14-round Piccolo-80 without pre- and post-whitening keys and 18-round Piccolo-128 with post-whitening keys by exploiting the properties of the key schedule and Maximum Distance Separable (MDS) matrix. For Piccolo-80, we first constructed a 5-round distinguisher. Then 4 rounds and 5 rounds were appended at the beginning and at the end, respectively. Based on this structure, we mounted an attack on 14-round Piccolo-80 from the 5th round to the 18th round. The data, time, and memory complexities were 252 chosen plaintexts, 267.44 encryptions, and 264"91 blocks, respectively. For Piccolo-128, we built a 7-round distinguisher to attack 18-round Piccolo-128 from the 4th round to the 21st round. The data, time, and memory complexities were 252 chosen plaintexts, 2126"63 encryptions, and 2125"29 blocks, respectively. If not considering results on biclique cryptanalysis, these are currently the best public results on this reduced version of the Piccolo block cipher.

关 键 词:block cipher LIGHTWEIGHT Piccolo meet-in-the-middle attack distinguisher 

分 类 号:TN918.4[电子电信—通信与信息系统]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象