Paper 2016/1132
Some results on ACORN
Dibyendu Roy and Sourav Mukhopadhyay
Abstract
In this paper we obtain a weakness in the design specification of ACORN, which is a competitor of CAESAR competition. We show that there exists a probabilistic linear relation between message bits and ciphertext bits, which holds with probability greater than $\frac{1}{2}$. This is the first paper which finds a probabilistic linear relation between message and corresponding ciphertext bits of ACRON, and which holds with probability greater than $\frac{1}{2}$. We also propose a new type of CPA attack on ACORN. By our attack method, it is possible to recover full initial state of the encryption phase of the cipher, and the attack has complexity $\approx 2^{40}$. After obtaining the initial state of the encryption phase, one can invert the associated data loading phase and key-IV initialization phase to recover the secret key bits.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Preprint.
- Keywords
- CAESARACORNlinear approximationCPA.
- Contact author(s)
- dibyendu roy1988 @ gmail com
- History
- 2016-12-25: revised
- 2016-12-08: received
- See all versions
- Short URL
- https://ia.cr/2016/1132
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2016/1132, author = {Dibyendu Roy and Sourav Mukhopadhyay}, title = {Some results on {ACORN}}, howpublished = {Cryptology {ePrint} Archive, Paper 2016/1132}, year = {2016}, url = {https://eprint.iacr.org/2016/1132} }