Cryptology ePrint Archive: Report 2019/170

Key-dependent cube attack on reduced Frit permutation in Duplex-AE modes

Lingyue Qin and Xiaoyang Dong and Keting Jia and Rui Zong

Abstract: Frit is a new lightweight 384-bit cryptographic permutation proposed by Simon et al., which is designed for resisting fault injection and performs competitively in both hardware and software. Dobraunig et al. first studied Frit in EM construction, and left an open problem to explore the security of Frit in a sponge or duplex modes. In this paper, by introducing a new key-dependent cube attack method, we partially answer the open question by Dobraunig et al. and give some key-recovery attacks on the rounded-reduced Frit used in duplex authenticated encryption mode (Frit-AE). Our results cover all the versions of Frit-AE and include some practical key-recovery attacks that could recover the key within several minutes.

Category / Keywords: Frit, Duplex authenticated encryption mode, Key-dependent cube attack, Key-recovery, Permutation-based cryptology

Original Publication (with major differences): SCIENCE CHINA Information Sciences

Date: received 16 Feb 2019

Contact author: qly17 at mails tsinghua edu cn

Available format(s): PDF | BibTeX Citation

Version: 20190220:182950 (All versions of this report)

Short URL: ia.cr/2019/170


[ Cryptology ePrint archive ]