Paper 2022/299

Related-Tweakey Impossible Differential Attack on Reduced-Round SKINNY-AEAD M1/M3

Yanhong Fan,Muzhou Li,Chao Niu,Zhenyu Lu,Meiqin Wang

Abstract

SKINNY-AEAD is one of the second-round candidates of the Lightweight Cryptography Standardization project held by NIST. SKINNY-AEAD M1 is the primary member of six SKINNY-AEAD schemes, while SKINNY-AEAD M3 is another member with a small tag. In the design document, only security analyses of their underlying primitive SKINNY-128-384 are provided. Besides, there are no valid third-party analyses on SKINNY-AEAD M1/M3 according to our knowledge. Therefore, this paper focuses on constructing the first third-party security analyses on them under a nonce-respecting scenario. By taking the encryption mode of SKINNY-AEAD into consideration and exploiting several properties of SKINNY, we can deduce some necessary constraints on the input and tweakey differences of related-tweakey impossible differential distinguishers. Under these constraints, we can find distinguishers suitable for mounting powerful tweakey recovery attacks. With the help of the automatic searching algorithms based on STP, we find some 14-round distinguishers. Based on one of these distinguishers, we mount a 20-round and an 18-round tweakey recovery attack on SKINNY-AEAD M1/M3. To the best of our knowledge, all these attacks are the best ones so far.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. CT-RSA 2022
DOI
10.1007/978-3-030-95312-6\_11
Keywords
M3 · Tweakey recovery · SKINNY-128-384
Contact author(s)
fanyh @ mail sdu edu cn
History
2022-03-07: received
Short URL
https://ia.cr/2022/299
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2022/299,
      author = {Yanhong Fan,Muzhou Li,Chao Niu,Zhenyu Lu,Meiqin Wang},
      title = {Related-Tweakey Impossible Differential Attack on Reduced-Round {SKINNY}-{AEAD} M1/M3},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/299},
      year = {2022},
      doi = {10.1007/978-3-030-95312-6\_11},
      url = {https://eprint.iacr.org/2022/299}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.