Paper 2017/1136

Clustering Related-Tweak Characteristics: Application to MANTIS-6

Maria Eichlseder
Daniel Kales
Abstract

The TWEAKEY/STK construction is an increasingly popular approach for designing tweakable block ciphers that notably uses a linear tweakey schedule. Several recent attacks have analyzed the implications of this approach for differential cryptanalysis and other attacks that can take advantage of related tweakeys. We generalize the clustering approach of a recent differential attack on the tweakable block cipher MANTIS-5 and describe a tool for efficiently finding and evaluating such clusters. More specifically, we consider the set of all differential characteristics compatible with a given truncated characteristic, tweak difference, and optional constraints for the differential. We refer to this set as a semi-truncated characteristic and estimate its probability by analyzing the distribution of compatible differences at each step. We apply this approach to find a semi-truncated differential characteristic for MANTIS-6 with probability about $2^{-67.73}$ and derive a key-recovery attack with a complexity of about $2^{53.94}$ chosen-plaintext queries and computations. The data-time product is $2^{107.88} \ll 2^{126}$.

Note: updated to published version

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published by the IACR in TOSC 2018
DOI
10.13154/tosc.v2018.i2.111-132
Keywords
Truncated Differential CryptanalysisTWEAKEYMANTIS
Contact author(s)
maria eichlseder @ iaik tugraz at
History
2024-06-07: revised
2017-11-27: received
See all versions
Short URL
https://ia.cr/2017/1136
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/1136,
      author = {Maria Eichlseder and Daniel Kales},
      title = {Clustering Related-Tweak Characteristics: Application to {MANTIS}-6},
      howpublished = {Cryptology {ePrint} Archive, Paper 2017/1136},
      year = {2017},
      doi = {10.13154/tosc.v2018.i2.111-132},
      url = {https://eprint.iacr.org/2017/1136}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.