Paper 2016/1132

Some results on ACORN

Dibyendu Roy and Sourav Mukhopadhyay

Abstract

In this paper we obtain a weakness in the design specification of ACORN, which is a competitor of CAESAR competition. We show that there exists a probabilistic linear relation between message bits and ciphertext bits, which holds with probability greater than $\frac{1}{2}$. This is the first paper which finds a probabilistic linear relation between message and corresponding ciphertext bits of ACRON, and which holds with probability greater than $\frac{1}{2}$. We also propose a new type of CPA attack on ACORN. By our attack method, it is possible to recover full initial state of the encryption phase of the cipher, and the attack has complexity $\approx 2^{40}$. After obtaining the initial state of the encryption phase, one can invert the associated data loading phase and key-IV initialization phase to recover the secret key bits.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
CAESARACORNlinear approximationCPA.
Contact author(s)
dibyendu roy1988 @ gmail com
History
2016-12-25: revised
2016-12-08: received
See all versions
Short URL
https://ia.cr/2016/1132
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/1132,
      author = {Dibyendu Roy and Sourav Mukhopadhyay},
      title = {Some results on ACORN},
      howpublished = {Cryptology ePrint Archive, Paper 2016/1132},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/1132}},
      url = {https://eprint.iacr.org/2016/1132}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.