Cryptology ePrint Archive: Report 2016/1053

SAT-based Cryptanalysis of Authenticated Ciphers from the CAESAR Competition

Ashutosh Dhar Dwivedi and Miloš Klouček and Pawel Morawiecki and Ivica Nikolić and Josef Pieprzyk and Sebastian Wójtowicz

Abstract: We investigate six authenticated encryption schemes (ACORN, ASCON-128a, Ketje Jr, ICEPOLE-128a, MORUS, and NORX-32) from the CAESAR competition. We aim at state recovery attacks using a SAT solver as a main tool. Our analysis reveals that these schemes, as submitted to CAESAR, provide strong resistance against SAT-based state recoveries. To shed a light on their security margins, we also analyse modified versions of these algorithms, including round-reduced variants and versions with higher security claims. Our attacks on such variants require only a few known plaintext-ciphertext pairs and small memory requirements (to run the SAT solver), whereas time complexity varies from very practical (few seconds on a desktop PC) to `theoretical' attacks.

Category / Keywords: secret-key cryptography / SAT solvers, SAT-based cryptanalysis, logic cryptanalysis, authenticated encryption, CAESAR

Date: received 9 Nov 2016

Contact author: pawel morawiecki at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20161115:144603 (All versions of this report)

Short URL: ia.cr/2016/1053

Discussion forum: Show discussion | Start new discussion