Paper 2019/447

Practical Key-recovery Attacks on Round-Reduced Ketje Jr, Xoodoo-AE and Xoodyak

Haibo Zhou, Zheng Li, Xiaoyang Dong, Keting Jia, and Willi Meier

Abstract

Conditional cube attack was proposed by Huang et al. at EUROCRYPT 2017 to attack Keccak keyed mode. Inspired by dynamic cube attack, they reduce the degree by appending key bit conditions on the initial value (IV). Recently, Li et al. proposed new conditional cube attacks on Keccak keyed mode with extremely small degrees of freedom. In this paper, we find a new property on Li et al.'s method, and modify the new conditional cube attack for lightweight encryption algorithms using a 8-2-2 pattern, and apply it on 5-round Ketje Jr, 6-round Xoodoo-AE and Xoodyak, where Ketje Jr is among the 3rd round CAESAR competition candidates and Xoodyak is a Round 1 submission of the ongoing NIST lightweight cryptography project. Then we give the updated conditional cube attack analysis. All our results are of practical time complexity with negligible memory cost and our test codes are given in this paper. Notably, it is the first third-party cryptanalysis result for Xoodyak.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. Minor revision.
Keywords
Conditional Cube AttackKeccakKetje JrXoodooXoodyak
Contact author(s)
zhouhaibo @ mail sdu edu cn
xiaoyangdong @ tsinghua edu cn
willi meier @ fhnw ch
History
2019-05-09: revised
2019-05-08: received
See all versions
Short URL
https://ia.cr/2019/447
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/447,
      author = {Haibo Zhou and Zheng Li and Xiaoyang Dong and Keting Jia and Willi Meier},
      title = {Practical Key-recovery Attacks on Round-Reduced Ketje Jr, Xoodoo-AE and Xoodyak},
      howpublished = {Cryptology ePrint Archive, Paper 2019/447},
      year = {2019},
      note = {\url{https://eprint.iacr.org/2019/447}},
      url = {https://eprint.iacr.org/2019/447}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.