Algebraic analysis of block ciphers aims at finding the secret key by solving a collection of polynomial equations that describe the internal structure of a cipher for chosen observations of plaintext/ciphertext pairs. Although algebraic attacks are addressed for cryptanalysis of block and stream ciphers, there is a lack of understanding of the impact of algebraic representation of the cipher o...

In this Letter we examine the cryptanalysis of a class of block ciphers referred to as substitution-permutation networks or SPNs. Speciically, we present a novel attack applicable to tree-structured SPNs. Because it uses a known plaintext approach, the attack is preferable to previously outlined chosen plaintext attacks. As well, it is shown that the attack is applicable to networks which are s...

Midori128 is a lightweight block cipher proposed at ASIACRYPT 2015 to achieve low energy consumption per bit. Currently, the best published impossible differential attack on Midori128 covers 10 rounds without the pre-whitening key. By exploiting the special structure of the S-boxes and the binary linear transformation layer in Midori128, we present impossible differential distinguishers that co...

We address the question of whether or not semantically secure public-key encryption primitives imply the existence of chosen ciphertext attack (CCA) secure primitives. We show a black-box separation, following the methodology introduced by Impagliazzo and Rudich [23], for a large non-trivial class of constructions. In particular, we show that if the proposed CCA construction’s decryption algori...

In this paper, we discuss the strong attack model security for public key encryption scheme and digital signature scheme. Recently, Barbosa and Farshim introduced strong chosen ciphertext attack (SCCA) which is stronger than chosen ciphertext attack. The main motivation of this paper is to find an essential mechanism of secure schemes under strong attack model. So, we prove several impossibilit...

White-box cryptography techniques are aimed at protecting software implementations of cryptographic algorithms against key recovery. They are primarily used in DRM-like applications as a cost-effective alternative to token-based protections. This paper discusses the relevance of white-box implementations in such contexts as a series of questions

In this paper we provide new algebraic tools to study the relationship between different Matrix Diffie-Hellman (MDDH) Problems, which are recently introduced as a natural generalization of the so-called Linear Problem. Namely, we provide an algebraic criterion to decide whether there exists a generic black-box reduction, and in many cases, when the answer is positive we also build an explicit r...

Since 2006, many papers were devoted to the analysis of the security of the Hitag-2 algorithm in the context of vehicles access control. While this algorithm was proven to be cryptographically broken, it is still in use in the car industry. Recently, new vulnerabilities regarding Hitag-2 based Remote Keyless Entry systems have been exposed, leading to the design of an attack allowing to unlock ...

Since its induction, the selective-identity (sID) model for identity-based cryptosystems and its relationship with various other notions of security has been extensively studied. As a result, it is a general consensus that the sID model is much weaker than the full-identity (ID) model. In this paper, we study the sID model for the particular case of identity-based signatures (IBS). The main foc...

The celebrated work of Barak et al. (Crypto’01) ruled out the possibility of virtual blackbox (VBB) obfuscation for general circuits. The recent work of Canetti, Kalai, and Paneth (TCC’15) extended this impossibility to the random oracle model as well assuming the existence of trapdoor permutations (TDPs). On the other hand, the works of Barak et al. (Crypto’14) and Brakerski-Rothblum (TCC’14) ...