A Higher Order Key Partitioning Attack with Application to LBlock
نویسندگان
چکیده
In this paper, we present a higher order key partitioning meet-in-the-middle attack. Our attack is inspired by biclique cryptanalysis combined with higher order partitioning of the key. More precisely, we employ more than two equally sized disjoint sets of the key and drop the restrictions on the key partitioning process required for building the initial biclique structure. In other words, we start the recomputation phase of the attack from the input plaintext directly, which can be regarded as a Meet-in-the-Middle-attack where the tested keys have a predefined relation. Applying our approach on LBlock allows us to present a known plaintext attack on the full thirty two round cipher with time complexity of 2 and negligible memory requirements. The data complexity of the attack is two plaintext-ciphertext pairs, which is the minimum theoretical data requirements attributed to the unicity distance of the cipher. Surprisingly, our results on the full LBlock are better, in terms of both computational and data complexity, than the results of its biclique
منابع مشابه
Biclique Cryptanalysis of Block Ciphers LBlock and TWINE-80 with Practical Data Complexity
In the biclique attack, a shorter biclique usually results in less data complexity, but at the expense of more computational complexity. The early abort technique can be used in partial matching part of the biclique attack in order to slightly reduce the computations. In this paper, we make use of this technique, but instead of slight improvement in the computational complexity, we keep the amo...
متن کاملA new method for accelerating impossible differential cryptanalysis and its application on LBlock
Impossible differential cryptanalysis, the extension of differential cryptanalysis, is one of the most efficient attacks against block ciphers. This cryptanalysis method has been applied to most of the block ciphers and has shown significant results. Using structures, key schedule considerations, early abort, and pre-computation are some common methods to reduce complexities of this attack. In ...
متن کاملImproved differential fault analysis on lightweight block cipher LBlock for wireless sensor networks
LBlock is a 64-bit lightweight block cipher which can be implemented in both constrained hardware environments, such as wireless sensor network, and software platforms. In this paper, we study the security of LBlock against a differential fault analysis. Based on a random nibble fault model, we propose two versions of the attack on LBlock. In the first attack, we inject random nibble faults to ...
متن کاملZero-correlation linear cryptanalysis of reduced-round LBlock
Zero-correlation linear attack is a new method for cryptanalysis of block ciphers developed by Bogdanov et al. in 2012. In this paper we adapt the matrix method to find zerocorrelation linear approximations. Then we present several zero-correlation linear approximations for 14 rounds of LBlock and describe a cryptanalysis for 22 rounds of the reduced LBlock. After biclique attacks on LBlock rev...
متن کاملDifferential Sieving for 2-Step Matching Meet-in-the-Middle Attack with Application to LBlock
In this paper, we propose a modified approach for the basic meet-in-the-middle attack which we call differential sieving for 2-step matching. This technique improves the scope of the basic meet in the middle attack by providing means to extend the matching point for an extra round through differential matching and hence the overall number of the attacked rounds is extended. Our approach starts ...
متن کامل