Cryptanalysis Results on Spook

Patrick Derbez; Paul Huynh; Virginie Lallemand; María Naya-Plasencia; Léo Perrin; André Schrottenloher

Paper 2020/309

Cryptanalysis Results on Spook

Patrick Derbez, Paul Huynh, Virginie Lallemand, María Naya-Plasencia, Léo Perrin, and André Schrottenloher

Abstract

Spook is one of the 32 candidates that has made it to the second round of the NIST Lightweight Cryptography Standardization process, and is particularly interesting since it proposes differential side channel resistance. In this paper, we present practical distinguishers of the full 6-step version of the underlying permutations of Spook, namely Shadow-512 and Shadow-384, solving challenges proposed by the designers on the permutation. We also propose practical forgeries with 4-step Shadow for the S1P mode of operation in the nonce misuse scenario, which is allowed by the CIML2 security game considered by the authors. All the results presented in this paper have been implemented.

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: Published by the IACR in CRYPTO 2020
Keywords: dedicated cryptanalysis differential attacks implemented attacks Spook round constants lightweight primitives distinguisher forgery
Contact author(s): patrick derbez @ irisa fr
paul huynh @ loria fr
virginie lallemand @ loria fr
maria naya_plasencia @ inria fr
leo perrin @ inria fr
andre schrottenloher @ inria fr
History: 2020-06-08: revised; 2020-03-12: received; See all versions
Short URL: https://ia.cr/2020/309
License: CC BY

BibTeX

@misc{cryptoeprint:2020/309,
      author = {Patrick Derbez and Paul Huynh and Virginie Lallemand and María Naya-Plasencia and Léo Perrin and André Schrottenloher},
      title = {Cryptanalysis Results on Spook},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/309},
      year = {2020},
      url = {https://eprint.iacr.org/2020/309}
}