Paper 2015/239

Meet-in-the-Middle Attacks and Structural Analysis of Round-Reduced PRINCE

Patrick Derbez and Léo Perrin

Abstract

NXP Semiconductors and its academic partners challenged the cryptographic community with finding practical attacks on the block cipher they designed, PRINCE. Instead of trying to attack as many rounds as possible using attacks which are usually impractical despite being faster than brute-force, the challenge invites cryptographers to find practical attacks and encourages them to actually implement them. In this paper, we present new attacks on round-reduced PRINCE including the ones which won the challenge in the 4, 6 and 8-round categories --- the highest for which winners were identified. Our first attacks rely on a meet-in-the-middle approach and break up to 10 rounds of the cipher. We also describe heuristic methods we used to find practical SAT-based and differential attacks. Finally, we also present an analysis of the cycle structure of the internal rounds of PRINCE leading both to a low complexity distinguisher for 4-round PRINCE-core and an alternative representation of the cipher valid in particular contexts and which highlights, in this cases, a poor diffusion.

Note: JoC version

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A minor revision of an IACR publication in FSE 2015
Keywords
PRINCEpractical attacksmeet-in-the-middleSAT-solverstatistical analysis
Contact author(s)
patrick derbez @ irisa fr
History
2016-03-31: last of 3 revisions
2015-03-19: received
See all versions
Short URL
https://ia.cr/2015/239
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/239,
      author = {Patrick Derbez and Léo Perrin},
      title = {Meet-in-the-Middle Attacks and Structural Analysis of Round-Reduced {PRINCE}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/239},
      year = {2015},
      url = {https://eprint.iacr.org/2015/239}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.