Paper 2019/447
Practical Key-recovery Attacks on Round-Reduced Ketje Jr, Xoodoo-AE and Xoodyak
Haibo Zhou, Zheng Li, Xiaoyang Dong, Keting Jia, and Willi Meier
Abstract
Conditional cube attack was proposed by Huang et al. at EUROCRYPT 2017 to attack Keccak keyed mode. Inspired by dynamic cube attack, they reduce the degree by appending key bit conditions on the initial value (IV). Recently, Li et al. proposed new conditional cube attacks on Keccak keyed mode with extremely small degrees of freedom. In this paper, we find a new property on Li et al.'s method, and modify the new conditional cube attack for lightweight encryption algorithms using a 8-2-2 pattern, and apply it on 5-round Ketje Jr, 6-round Xoodoo-AE and Xoodyak, where Ketje Jr is among the 3rd round CAESAR competition candidates and Xoodyak is a Round 1 submission of the ongoing NIST lightweight cryptography project. Then we give the updated conditional cube attack analysis. All our results are of practical time complexity with negligible memory cost and our test codes are given in this paper. Notably, it is the first third-party cryptanalysis result for Xoodyak.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- Conditional Cube AttackKeccakKetje JrXoodooXoodyak
- Contact author(s)
-
zhouhaibo @ mail sdu edu cn
xiaoyangdong @ tsinghua edu cn
willi meier @ fhnw ch - History
- 2019-05-09: revised
- 2019-05-08: received
- See all versions
- Short URL
- https://ia.cr/2019/447
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/447,
author = {Haibo Zhou and Zheng Li and Xiaoyang Dong and Keting Jia and Willi Meier},
title = {Practical Key-recovery Attacks on Round-Reduced Ketje Jr, Xoodoo-{AE} and Xoodyak},
howpublished = {Cryptology {ePrint} Archive, Paper 2019/447},
year = {2019},
url = {https://eprint.iacr.org/2019/447}
}
