Biased differential distinguisher – Cryptanalysis of reduced-round SKINNY
(2021) In Information and Computation 281.- Abstract
SKINNY is a lightweight tweakable block cipher which received a great deal of cryptanalytic attention due to its elegant structure and efficiency. Despite the cryptanalytic efforts the security margins are remaining high. This has led to SKINNY being used as a component of multiple submissions in the NIST Lightweight Competition, an effort to standardize a lightweight AEAD scheme. Inspired by the SKINNY competitions, multiple attacks on it were reported in different settings (e.g. single vs. related-tweakey) using different techniques (impossible differentials, zero-correlation, meet-in-the-middle, etc.). In this paper we revisit some of these attacks, identify issues with several of them, and offer a series of improved attacks which... (More)
SKINNY is a lightweight tweakable block cipher which received a great deal of cryptanalytic attention due to its elegant structure and efficiency. Despite the cryptanalytic efforts the security margins are remaining high. This has led to SKINNY being used as a component of multiple submissions in the NIST Lightweight Competition, an effort to standardize a lightweight AEAD scheme. Inspired by the SKINNY competitions, multiple attacks on it were reported in different settings (e.g. single vs. related-tweakey) using different techniques (impossible differentials, zero-correlation, meet-in-the-middle, etc.). In this paper we revisit some of these attacks, identify issues with several of them, and offer a series of improved attacks which were experimentally verified. Our best attack can attack up to 18 rounds of SKINNY-64 using 260 chosen plaintexts data, 2116 time, and 2112 memory.
(Less)
- author
- Dunkelman, Orr ; Huang, Senyang LU ; Lambooij, Eran and Perle, Stav
- organization
- publishing date
- 2021-09-06
- type
- Contribution to journal
- publication status
- published
- subject
- keywords
- Blockcipher, Differential cryptanalysis, Impossible differential, Lightweight cryptography, Tweakable encryption
- in
- Information and Computation
- volume
- 281
- article number
- 104796
- publisher
- Elsevier
- external identifiers
-
- scopus:85116128289
- ISSN
- 0890-5401
- DOI
- 10.1016/j.ic.2021.104796
- language
- English
- LU publication?
- yes
- additional info
- Publisher Copyright: © 2021
- id
- 1416e554-fe86-46b8-aa62-8efa8ebd15a3
- date added to LUP
- 2021-10-19 15:45:48
- date last changed
- 2022-04-27 04:59:40
@article{1416e554-fe86-46b8-aa62-8efa8ebd15a3,
abstract = {{<p>SKINNY is a lightweight tweakable block cipher which received a great deal of cryptanalytic attention due to its elegant structure and efficiency. Despite the cryptanalytic efforts the security margins are remaining high. This has led to SKINNY being used as a component of multiple submissions in the NIST Lightweight Competition, an effort to standardize a lightweight AEAD scheme. Inspired by the SKINNY competitions, multiple attacks on it were reported in different settings (e.g. single vs. related-tweakey) using different techniques (impossible differentials, zero-correlation, meet-in-the-middle, etc.). In this paper we revisit some of these attacks, identify issues with several of them, and offer a series of improved attacks which were experimentally verified. Our best attack can attack up to 18 rounds of SKINNY-64 using 2<sup>60</sup> chosen plaintexts data, 2<sup>116</sup> time, and 2<sup>112</sup> memory.</p>}},
author = {{Dunkelman, Orr and Huang, Senyang and Lambooij, Eran and Perle, Stav}},
issn = {{0890-5401}},
keywords = {{Blockcipher; Differential cryptanalysis; Impossible differential; Lightweight cryptography; Tweakable encryption}},
language = {{eng}},
month = {{09}},
publisher = {{Elsevier}},
series = {{Information and Computation}},
title = {{Biased differential distinguisher – Cryptanalysis of reduced-round SKINNY}},
url = {{http://dx.doi.org/10.1016/j.ic.2021.104796}},
doi = {{10.1016/j.ic.2021.104796}},
volume = {{281}},
year = {{2021}},
}