### On the Security Margin of TinyJAMBU with Refined Differential and Linear Cryptanalysis

Dhiman Saha, Yu Sasaki, Danping Shi, Ferdinand Sibleyras, Siwei Sun, and Yingjie Zhang

##### Abstract

This paper presents the first third-party security analysis of \tinyjambu, which is one of 32 second-round candidates in NIST's lightweight cryptography standardization process. TinyJAMBU adopts an NLFSR based keyed-permutation that computes only a single NAND gate as a non-linear component per round. The designers evaluated the minimum number of active AND gates, however such a counting method neglects the dependency between multiple AND gates. There also exist previous works considering such dependencies with stricter models, however those are known to be too slow. In this paper, we present a new model that provides a good balance of efficiency and accuracy by only taking into account the first-order correlation of AND gates that frequently occurs in TinyJAMBU. With the refined model, we show a 338-round differential with probability $2^{-62.68}$ that leads to a forgery attack breaking 64-bit security. This implies that the security margin of TinyJAMBU with respect to the number of unattacked rounds is approximately 12%. We also show a differential on full 384 rounds with probability $2^{-70.64}$, thus the security margin of full rounds with respect to the data complexity, namely the gap between the claimed security bits and the attack complexity, is less than 8 bits. Our attacks also point out structural weaknesses of the mode that essentially come from the minimal state size to be lightweight.

Available format(s)
Category
Secret-key cryptography
Publication info
Keywords
Contact author(s)
dhiman @ iitbhilai ac in
yu sasaki sk @ hco ntt co jp
shidanping @ iie ac cn
ferdinand sibleyras @ inria fr
siweisun isaac @ gmail com
sunsiwei @ iie ac cn
zhangyingjie @ iie ac cn
History
Short URL
https://ia.cr/2020/1045

CC BY

BibTeX

@misc{cryptoeprint:2020/1045,
author = {Dhiman Saha and Yu Sasaki and Danping Shi and Ferdinand Sibleyras and Siwei Sun and Yingjie Zhang},
title = {On the Security Margin of TinyJAMBU with Refined Differential and Linear Cryptanalysis},
howpublished = {Cryptology ePrint Archive, Paper 2020/1045},
year = {2020},
note = {\url{https://eprint.iacr.org/2020/1045}},
url = {https://eprint.iacr.org/2020/1045}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.