Paper 2022/299

Related-Tweakey Impossible Differential Attack on Reduced-Round SKINNY-AEAD M1/M3

Yanhong Fan,Muzhou Li,Chao Niu,Zhenyu Lu,Meiqin Wang


SKINNY-AEAD is one of the second-round candidates of the Lightweight Cryptography Standardization project held by NIST. SKINNY-AEAD M1 is the primary member of six SKINNY-AEAD schemes, while SKINNY-AEAD M3 is another member with a small tag. In the design document, only security analyses of their underlying primitive SKINNY-128-384 are provided. Besides, there are no valid third-party analyses on SKINNY-AEAD M1/M3 according to our knowledge. Therefore, this paper focuses on constructing the first third-party security analyses on them under a nonce-respecting scenario. By taking the encryption mode of SKINNY-AEAD into consideration and exploiting several properties of SKINNY, we can deduce some necessary constraints on the input and tweakey differences of related-tweakey impossible differential distinguishers. Under these constraints, we can find distinguishers suitable for mounting powerful tweakey recovery attacks. With the help of the automatic searching algorithms based on STP, we find some 14-round distinguishers. Based on one of these distinguishers, we mount a 20-round and an 18-round tweakey recovery attack on SKINNY-AEAD M1/M3. To the best of our knowledge, all these attacks are the best ones so far.

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. CT-RSA 2022
M3 · Tweakey recovery · SKINNY-128-384
Contact author(s)
fanyh @ mail sdu edu cn
2022-03-07: received
Short URL
Creative Commons Attribution


      author = {Yanhong Fan,Muzhou Li,Chao Niu,Zhenyu Lu,Meiqin Wang},
      title = {Related-Tweakey Impossible Differential Attack on Reduced-Round SKINNY-AEAD M1/M3},
      howpublished = {Cryptology ePrint Archive, Paper 2022/299},
      year = {2022},
      doi = {10.1007/978-3-030-95312-6\_11},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.