### Rotational Cryptanalysis on MAC Algorithm Chaskey

Liliya Kraleva, Tomer Ashur, and Vincent Rijmen

##### Abstract

In this paper we analyse the algorithm Chaskey - a lightweight MAC algorithm for 32-bit micro controllers - with respect to rotational cryptanalysis. We perform a related-key attack over Chaskey and find a distinguisher by using rotational probabilities. Having a message $m$ we can forge and present a valid tag for some message under a related key with probability $2^{-57}$ for 8 rounds and $2^{-86}$ for all 12 rounds of the permutation for keys in a defined weak-key class. This attack can be extended to full key recovery with complexity $2^{120}$ for the full number of rounds. To our knowledge this is the first published attack targeting all 12 rounds of the algorithm. Additionally, we generalize the Markov theory with respect to a relation between two plaintexts and not their difference and apply it for rotational pairs.

Available format(s)
Category
Secret-key cryptography
Publication info
Published elsewhere. 18th International Conference on Applied Cryptography and Network Security (ACNS20)
Keywords
Contact author(s)
lkraleva @ esat kuleuven be
History
Short URL
https://ia.cr/2020/538

CC BY

BibTeX

@misc{cryptoeprint:2020/538,
author = {Liliya Kraleva and Tomer Ashur and Vincent Rijmen},
title = {Rotational Cryptanalysis on MAC Algorithm Chaskey},
howpublished = {Cryptology ePrint Archive, Paper 2020/538},
year = {2020},
note = {\url{https://eprint.iacr.org/2020/538}},
url = {https://eprint.iacr.org/2020/538}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.