Paper 2020/1032

Cryptanalysis of the MALICIOUS Framework

Tim Beyne and Chaoyun Li

Abstract

This note describes several attacks on the MALICIOUS framework for creating backdoored tweakable block ciphers. It is shown that, although the embedded malicious tweak pair itself is hard to recover, it is feasible to find additional weak tweak pairs that can be used to mount key-recovery attacks. Full-round attacks on most instances of LowMC-M are given. Our attacks are far from optimized and significant future improvements are to be expected. We focus on low-data attacks, since these are the most relevant for typical use-cases of LowMC. In addition, this implies that our attacks can not be prevented by limiting the amount of data that can be encrypted using the weak tweak pair. Despite our findings, we believe that the MALICIOUS framework can be used to create backdoored variants of LowMC provided that the parameters are modified.

Note: Correction to the differential-linear key-recovery attack.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
BackdoorCryptanalysisLowMC-M
Contact author(s)
tim beyne @ esat kuleuven be
chaoyun li @ esat kuleuven be
History
2020-08-30: last of 2 revisions
2020-08-27: received
See all versions
Short URL
https://ia.cr/2020/1032
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2020/1032,
      author = {Tim Beyne and Chaoyun Li},
      title = {Cryptanalysis of the {MALICIOUS} Framework},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/1032},
      year = {2020},
      url = {https://eprint.iacr.org/2020/1032}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.