Multidimensional Meet in the Middle Cryptanalysis of KATAN

نویسندگان

  • Shahram Rasoolzadeh
  • Håvard Raddum
چکیده

KATAN and KTANTAN are two lightweight families of hardware oriented block ciphers proposed by Cannière et al. at CHES 2009. They have different versions of 32-, 48and 64-bit state, all of which work with an 80-bit key. Inspired by the Trivium stream cipher, these families have an innovative structure based on two non-linear feedback shift registers. Such a structure attracts the attention of cryptanalysts and consequently a variety of security analyses have been published. Although the KTANTAN family is already regarded as a broken cipher, the full-round KATAN family is still secure. In this paper, by exploiting several properties of the KATAN round function as well as the slow diffusion of key bits, we propose some techniques to extend the number of rounds covered by multidimensional meet in the middle attack on all versions of the KATAN family of block ciphers. Our results show that this method can attack up to 206, 148 and 129 reduced-round versions of KATAN32, KATAN48 and KATAN64, respectively, with only 2 or 3 pairs of known plaintext. This cryptanalysis covers the highest number of rounds to date. Our work is still far from a full-round attack, so it could not be considered as a threat to this family of block ciphers yet. We state that KATAN is still safe to use.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Improved Multi-Dimensional Meet-in-the-Middle Cryptanalysis of KATAN

We study multidimensional meet-in-the-middle attacks on the KATAN block cipher family. Several improvements to the basic attacks are introduced and explained. The most noteworthy of these is the technique of guessing only non-linearly involved key bits, which reduces the search space by a significant factor. The optimizations decreases the complexity of multidimensional meet-in-the-middle attac...

متن کامل

Automated Dynamic Cube Attack on Block Ciphers: Cryptanalysis of SIMON and KATAN

A few work has ever been performed in cryptanalysis of block ciphers using cube attacks. This paper presents a new framework for an efficient key recovery attack on block ciphers based on cube technique. In this method, a cube tester is positioned at the middle of the cipher which is extended in two directions over the maximum possible upper and lower rounds, given that some subkey bits are gue...

متن کامل

Extension of Cube Attack with Probabilistic Equations and its Application on Cryptanalysis of KATAN Cipher

Cube Attack is a successful case of Algebraic Attack. Cube Attack consists of two phases, linear equation extraction and solving the extracted equation system. Due to the high complexity of equation extraction phase in finding linear equations, we can extract nonlinear ones that could be approximated to linear equations with high probability. The probabilistic equations could be considered as l...

متن کامل

Automated Dynamic Cube Attack on Block Ciphers

A little work has ever been performed in cryptanalysis of block ciphers using cube technique. This paper presents a new framework for an efficient key recovery attack on block ciphers using a kind of dynamic cube attack. In this method, a cube tester is positioned at the middle of the cipher which is extended in two directions over the maximum possible upper and lower rounds, provided that some...

متن کامل

Match Box Meet-in-the-Middle Attack Against KATAN

Recent years have seen considerable interest in lightweight cryptography. One particular consequence is a renewed study of meet-inthe-middle attacks, which aim to exploit the relatively simple key schedules often encountered in lightweight ciphers. In this paper we propose a new technique to extend the number of rounds covered by a meet-inthe-middle attack, called a match box. Furthermore, we d...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2016  شماره 

صفحات  -

تاریخ انتشار 2016