Paper 2012/544
Differential Analysis of the LED Block Cipher
Florian Mendel, Vincent Rijmen, Deniz Toz, and Kerem Varici
Abstract
In this paper, we present a security analysis of the lightweight block cipher LED proposed by Guo et al. at CHES 2011. Since the design of LED is very similar to the Even-Mansour scheme, we first review existing attacks on this scheme and extend them to related-key and related-key-cipher settings before we apply them to LED. We obtain results for $12$ and $16$ rounds (out of $32$) for LED-$64$ and $16$ and $24$ rounds (out of $48$) for LED-$128$. Furthermore, we present an observation on full LED in the related-key-cipher setting. For all these attacks we need to find good differentials for one step (4 rounds) of LED. Therefore, we extend the study of plateau characteristics for AES-like structures from two rounds to four rounds when the key addition is replaced with a constant addition. We introduce an algorithm that can be used to find good differentials and right pairs for one step of LED. To be more precise, we can find more than $2^{10}$ right pairs for one step of LED with complexity of $2^{16}$ and memory requirement of $5 \times 2^{17}$. Moreover, a similar algorithm can also be used to find iterative characteristics for LED.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. this is the full version of the Asiacrpyt 2012 paper
- Keywords
- Block ciphersEven-Mansour constructionPlateau characteristicscryptanalysis
- Contact author(s)
- kerem varici @ esat kuleuven be
- History
- 2012-11-22: last of 2 revisions
- 2012-09-20: received
- See all versions
- Short URL
- https://ia.cr/2012/544
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2012/544, author = {Florian Mendel and Vincent Rijmen and Deniz Toz and Kerem Varici}, title = {Differential Analysis of the {LED} Block Cipher}, howpublished = {Cryptology {ePrint} Archive, Paper 2012/544}, year = {2012}, url = {https://eprint.iacr.org/2012/544} }