Paper 2019/932

Related-key Differential Cryptanalysis of Full Round CRAFT

Muhammad ElSheikh and Amr M. Youssef

Abstract

$\mathtt{\text{CRAFT}}$ is a lightweight tweakable block cipher introduced in FSE 2019. One of the main design criteria of $\mathtt{\text{CRAFT}}$ is the efficient protection of its implementations against differential fault analysis. While the authors of $\mathtt{\text{CRAFT}}$ provide several cryptanalysis results in several attack models, they do not claim any security of $\mathtt{\text{CRAFT}}$ against related-key differential attacks. In this paper, we utilize the simple key schedule of $\mathtt{\text{CRAFT}}$ to propose a systematic method for constructing several repeatable 2-round related-key differential characteristics with probability $2^{-2}$. We then employ one of these characteristics to mount a key recovery attack on full-round $\mathtt{\text{CRAFT}}$ using $2^{31}$ queries to the encryption oracle and $$ encryptions, and $$ 64-bit blocks of memory. Additionally, we manage to use 8 related-key differential distinguishers, with 8 related-key differences, in order to mount a key recovery attack on the full-round cipher with $$ queries to the encryption oracle, $$ encryptions and about $$ 64-bit blocks of memory. Furthermore, we present another attack that recovers the whole master key with $$ queries to the encryption oracle and only $$ encryptions with $$ blocks of memory using 16 related-key differential distinguishers.