Some results on ACORN

Dibyendu Roy; Sourav Mukhopadhyay

Paper 2016/1132

Some results on ACORN

Dibyendu Roy and Sourav Mukhopadhyay

Abstract

In this paper we obtain a weakness in the design specification of ACORN, which is a competitor of CAESAR competition. We show that there exists a probabilistic linear relation between message bits and ciphertext bits, which holds with probability greater than $\frac{1}{2}$ . This is the first paper which finds a probabilistic linear relation between message and corresponding ciphertext bits of ACRON, and which holds with probability greater than $\frac{1}{2}$ . We also propose a new type of CPA attack on ACORN. By our attack method, it is possible to recover full initial state of the encryption phase of the cipher, and the attack has complexity $\approx 2^{40}$ . After obtaining the initial state of the encryption phase, one can invert the associated data loading phase and key-IV initialization phase to recover the secret key bits.

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: Preprint.
Keywords: CAESAR ACORN linear approximation CPA.
Contact author(s): dibyendu roy1988 @ gmail com
History: 2016-12-25: revised; 2016-12-08: received; See all versions
Short URL: https://ia.cr/2016/1132
License: CC BY

BibTeX

@misc{cryptoeprint:2016/1132,
      author = {Dibyendu Roy and Sourav Mukhopadhyay},
      title = {Some results on {ACORN}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/1132},
      year = {2016},
      url = {https://eprint.iacr.org/2016/1132}
}