In the past few years, lightweight cryptography has become a popular research discipline with a number of ciphers and hash functions proposed. The designers’ focus has been predominantly to minimize the hardware area, while other goals such as low latency have been addressed rather recently only. However, the optimization goal of low energy for block cipher design has not been explicitly addres...

KATAN and KTANTAN are two lightweight families of hardware oriented block ciphers proposed by Cannière et al. at CHES 2009. They have different versions of 32-, 48and 64-bit state, all of which work with an 80-bit key. Inspired by the Trivium stream cipher, these families have an innovative structure based on two non-linear feedback shift registers. Such a structure attracts the attention of cr...

Title of dissertation: IMPROVING THE ROUND COMPLEXITY OF IDEAL-CIPHER CONSTRUCTIONS Aishwarya Thiruvengadam, Doctor of Philosophy, 2017 Dissertation directed by: Professor Jonathan Katz Department of Computer Science Block ciphers are an essential ingredient of modern cryptography. They are widely used as building blocks in many cryptographic constructions such as encryption schemes, hash funct...

In IACR ePrint 2014/747, a method for constructing mixedinteger linear programming (MILP) models whose feasible regions are exactly the sets of all possible differential (or linear) characteristics for a wide range of block ciphers is presented. These models can be used to search for or enumerate differential and linear characteristics of a block cipher automatically. However, for the case of S...

Impossible differential cryptanalysis has been proved to be one of the most powerful techniques to attack block ciphers. Based on the impossible differential paths, we can usually add several rounds before or after to launch the key recovery attack. Impossible differential cryptanalysis is powerful not only because the number of rounds it can break is very competitive compared to other attacks,...

We provide two sufficient conditions to guarantee that the round functions of a translation based cipher generate a primitive group. Furthermore, under the same hypotheses, and assuming that a round of the cipher is strongly proper and consists of m-bit S-Boxes, with m = 3,4 or 5, we prove that such a group is the alternating group. As an immediate consequence, we deduce that the round function...

PRINCE is a modern involutive lightweight cipher which was proposed by Rechberger et al. in 2012. PRINCE uses 64-bit core cipher, PRINCEcore, which holds the major encryption logic and is wrapped by two key additions. Thus, the security of the cipher is mainly depending on the security properties of the core. In this paper, we present an independent-biclique attack on the full version and also ...

SIMECK is a family of 3 lightweight block ciphers designed by Yang et al. They follow the framework used by Beaulieu et al. from the United States National Security Agency (NSA) to design SIMON and SPECK. A cipher in this family with K-bit key and N -bit block is called SIMECKN/K. We show that the security of this block cipher against linear cryptanalysis is not as good as its predecessors SIMO...

In this paper, security analysis of block ciphers with key length greater than block length is proposed. When key length is significantly greater than block length and the statistical distribution of cipher system is like a uniform distribution, there are more than one key which map fixed input to fixed output. If a block cipher designed sufficiently random, it is expected that the key space ca...