Paper 2020/986

The MALICIOUS Framework: Embedding Backdoors into Tweakable Block Ciphers

Thomas Peyrin and Haoyang Wang

Abstract

Inserting backdoors in encryption algorithms has long seemed like a very interesting, yet difficult problem. Most attempts have been unsuccessful for symmetric-key primitives so far and it remains an open problem how to build such ciphers. In this work, we propose the MALICIOUS framework, a new method to build tweakable block ciphers that have backdoors hidden which allows to retrieve the secret key. Our backdoor is differential in nature: a specific related-tweak differential path with high probability is hidden during the design phase of the cipher. We explain how any entity knowing the backdoor can practically recover the secret key of a user and we also argue why even knowing the presence of the backdoor and the workings of the cipher will not permit to retrieve the backdoor for an external user. We analyze the security of our construction in the classical black-box model and we show that retrieving the backdoor (the hidden high-probability differential path) is very difficult. We instantiate our framework by proposing the LowMC-M construction, a new family of tweakable block ciphers based on instances of the LowMC cipher, which allow such backdoor embedding. Generating LowMC-M instances is trivial and the LowMC-M family has basically the same efficiency as the LowMC instances it is based on.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A minor revision of an IACR publication in CRYPTO 2020
DOI
10.1007/978-3-030-56877-1_9
Keywords
Tweakable block cipherBackdoorDifferential cryptanalysisLowMC-M
Contact author(s)
wang1153 @ e ntu edu sg
History
2021-08-27: last of 4 revisions
2020-08-18: received
See all versions
Short URL
https://ia.cr/2020/986
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/986,
      author = {Thomas Peyrin and Haoyang Wang},
      title = {The {MALICIOUS} Framework: Embedding Backdoors into Tweakable Block Ciphers},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/986},
      year = {2020},
      doi = {10.1007/978-3-030-56877-1_9},
      url = {https://eprint.iacr.org/2020/986}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.