Impossible Differential Cryptanalysis(IDC) [4] uses impossible differential characteristics to retrieve a subkey material for the first or the last several rounds of block ciphers. Thus, the security of a block cipher against IDC can be evaluated by impossible differential characteristics. In this paper, we study impossible differential characteristics of block cipher structures whose round fun...

We propose an ultra-lightweight cryptographic scheme called “Small Lightweight Cryptographic Algorithm (SLA)”. The SLA relies on substitution–permutation network (SPN). It utilizes 64-bit plaintext and supports a key length of 80/128-bits. cipher includes nonlinear layers, XOR operations, round permutation layers. S-box serves to introduce nonlinearity in the entire design. plays vital role inc...

The CBC-MAC or cipher block chaining message authentication code, is a well-known method to generate message authentication codes. Unfortunately, it is not forgery-secure over an arbitrary domain. There are several secure variants of CBC-MAC, among which OMAC is a widely-used candidate. To authenticate an s-block message, OMAC costs (s+1) block cipher encryptions (one of these is a zero block e...

We present a new, misuse-resistant scheme for online authenticated encryption, following the framework set forth by Fleischmann et al. (FSE 2012). Our scheme, COBRA, is roughly as efficient as the GCM mode of operation for nonce-based authenticated encryption, performing one block cipher call plus one finite field multiplication per message block in a parallelizable way. The major difference fr...

The stream cipher Sprout with a short internal state was proposed in FSE 2015. Although the construction guaranteed resistance to generic Time Memory Data Tradeoff attacks, there were some weaknesses in the design and the cipherwas completely broken. In this paperwe propose a family of stream ciphers LILLE in which the size of the internal state is half the size of the secret key. Our main goal...

We propose a key feedback mode of operation for the AES algorithm Rijndael (or any other block cipher), giving efficient synchronous keystream generators. We show that if the block cipher possesses simple properties, normally accepted to exist in any secure block cipher, then also the generator is secure.

MIBS is a 32-round lightweight block cipher with 64-bit block size and two different key sizes, namely 64-bit and 80-bit keys. Bay et al. provided the first impossible differential, differential and linear cryptanalyses of MIBS. Their best attack was a linear attack on the 18-round MIBS-80. In this paper, we significantly improve their attack by discovering more approximations and mounting Herm...

Impossible differential attacks are among the most powerful forms of cryptanalysis against block ciphers. We present in this paper an in-depth complexity analysis of these attacks. We show an unified way to mount such attacks and provide generic formulas for estimating their time and data complexities. LBlock is a well studied lightweight block cipher with respect to impossible differential att...

We tackle a fundamental security problem in underwater acoustic networks (UANs). The S-box in the existing block encryption algorithm is more energy consuming and unsuitable for resources-constrained UANs. In this paper, instead of S-box, we present a lightweight, 8-round iteration block cipher algorithm for UANs communication based on chaotic theory and increase the key space by changing the n...

We conduct a theoretical and practical comparison of two Ring-LWE-based, scale-invariant, leveled homomorphic encryption schemes – Fan and Vercauteren’s adaptation of BGV and the YASHE scheme proposed by Bos, Lauter, Loftus and Naehrig. In particular, we explain how to choose parameters to ensure correctness and security against lattice attacks. Our parameter selection improves the approach of ...