Paper 2022/369

Matching Attacks on Romulus-M

Makoto Habu, Kazuhiko Minematsu, and Tetsu Iwata

Abstract

This paper considers a problem of identifying matching attacks against Romulus-M, one of the ten finalists of NIST Lightweight Cryptography standardization project. Romulus-M is provably secure, i.e., there is a theorem statement showing the upper bound on the success probability of attacking the scheme as a function of adversaries' resources. If there exists an attack that matches the provable security bound, then this implies that the attack is optimal, and that the bound is tight in the sense that it cannot be improved. We show that the security bounds of Romulus-M are tight for a large class of parameters by presenting concrete matching attacks.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Lightweight cryptographyProvable securityRomulus-MTightnessMatching attack
Contact author(s)
habu makoto @ f mbox nagoya-u ac jp
tetsu iwata @ nagoya-u jp
k-minematsu @ nec com
History
2022-03-22: received
Short URL
https://ia.cr/2022/369
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/369,
      author = {Makoto Habu and Kazuhiko Minematsu and Tetsu Iwata},
      title = {Matching Attacks on Romulus-M},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/369},
      year = {2022},
      url = {https://eprint.iacr.org/2022/369}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.