Paper 2019/741
Comprehensive Security Analysis of CRAFT
Abstract
CRAFT is a lightweight block cipher, designed to provide efficient protection against differential fault attacks. It is a tweakable cipher that includes 32 rounds to produce a ciphertext from a 64-bit plaintext using a 128-bit key and 64-bit public tweak. In this paper, compared to the designers' analysis, we provide a more detailed analysis of CRAFT against differential and zero-correlation cryptanalysis, aiming to provide better distinguishers for the reduced rounds of the cipher. Our distinguishers for reduced-round CRAFT cover a higher number of rounds compared to the designers' analysis. In our analysis, we observed that, for any number of rounds, the differential effect of CRAFT has an extremely higher probability compared to any differential trail. As an example, while the best trail for 11 rounds of the cipher has a probability of at least $2^{-80}$, we present a differential with probability $2^{-49.79}$, containing $2^{29.66}$ optimal trails, all with the same optimum probability of $2^{-80}$. Next, we use a partitioning technique, based on optimal expandable truncated trails to provide a better estimation of the differential effect on CRAFT. Thanks to this technique, we are able to find differential distinguishers for 9, 10, 11, 12, 13, and 14 rounds of the cipher in single tweak model with the probabilities of at least $2^{-40.20}$, $ 2^{-45.12} $, $ 2^{-49.79}$, $ 2^{-54.49}$, $ 2^{-59.13}$, and $ 2^{-63.80}$, respectively. These probabilities should be compared with the best distinguishers provided by the designers in the same model for 9 and 10 rounds of the cipher with the probabilities of at least $ 2^{-54.67}$ and $ 2^{-62.61}$, respectively. In addition, we consider the security of CRAFT against the new concept of related tweak zero-correlation (ZC) linear cryptanalysis and present a new distinguisher which covers 14 rounds of the cipher, while the best previous ZC distinguisher covered 13 rounds. Thanks to the related tweak ZC distinguisher for 14 rounds of the cipher, we also present 14 rounds integral distinguishers in related tweak mode of the cipher. Although the provided analysis does not compromise the cipher, we think it provides a better insight into the designing of CRAFT.
Note: The source code of our tools is publicly available at: https://github.com/hadipourh/craftanalysis
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- A minor revision of an IACR publication in TOSC 2019
- DOI
- 10.13154/tosc.v2019.i4.290-317
- Keywords
- Lightweight block cipherdifferential analysislinear analysisintegral analysisCRFATTweakable block ciphers
- Contact author(s)
- hsn hadipour @ gmail com
- History
- 2024-01-18: revised
- 2019-06-24: received
- See all versions
- Short URL
- https://ia.cr/2019/741
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/741, author = {Hosein Hadipour and Sadegh Sadeghi and Majid M. Niknam and Nasour Bagheri}, title = {Comprehensive Security Analysis of {CRAFT}}, howpublished = {Cryptology {ePrint} Archive, Paper 2019/741}, year = {2019}, doi = {10.13154/tosc.v2019.i4.290-317}, url = {https://eprint.iacr.org/2019/741} }