Cryptology ePrint Archive: Report 2020/1242

Improved (Related-key) Differential Cryptanalysis on GIFT

Fulei Ji and Wentao Zhang and Chunning Zhou and Tianyou Ding

Abstract: In this paper, we reevaluate the security of GIFT against differential cryptanalysis under both single-key scenario and related-key scenario. Firstly, we apply Matsui's algorithm to search related-key differential trails of GIFT. We add three constraints to limit the search space and search the optimal related-key differential trails on the limited search space. We obtain related-key differential trails of GIFT-64/128 for up to 15/14 rounds, which are the best results on related-key differential trails of GIFT so far. Secondly, we propose an automatic algorithm to increase the probability of the related-key boomerang distinguisher of GIFT by searching the clustering of the related-key differential trails utilized in the boomerang distinguisher. We find a 20-round related-key boomerang distinguisher of GIFT-64 with probability 2^-58.557. The 25-round related-key rectangle attack on GIFT-64 is constructed based on it. This is the longest attack on GIFT-64. We also find a 19-round related-key boomerang distinguisher of GIFT-128 with probability 2^-109.626. We propose a 23-round related-key rectangle attack on GIFT-128 utilizing the 19-round distinguisher, which is the longest related-key attack on GIFT-128. The 24-round related-key rectangle attack on GIFT-64 and 22-round related-key boomerang attack on GIFT-128 are also presented. Thirdly, we search the clustering of the single-key differential trails. We increase the probability of a 20-round single-key differential distinguisher of GIFT-128 from 2^-121.415 to 2^-120.245. The time complexity of the 26-round differential attack on GIFT-128 is improved from 2^124:415 to 2^123:245.

Category / Keywords: secret-key cryptography / Matsui's algorithm, Related-key differential trail, Single-key differential trail, Clustering effect, Boomerang attack, Rectangle attack, GIFT

Original Publication (with minor differences): SAC 2020

Date: received 8 Oct 2020, last revised 30 Oct 2020

Contact author: jifulei at iie ac cn

Available format(s): PDF | BibTeX Citation

Version: 20201030:081149 (All versions of this report)

Short URL: ia.cr/2020/1242


[ Cryptology ePrint archive ]