### Matching Attacks on Romulus-M

Makoto Habu, Kazuhiko Minematsu, and Tetsu Iwata

##### Abstract

This paper considers a problem of identifying matching attacks against Romulus-M, one of the ten finalists of NIST Lightweight Cryptography standardization project. Romulus-M is provably secure, i.e., there is a theorem statement showing the upper bound on the success probability of attacking the scheme as a function of adversaries' resources. If there exists an attack that matches the provable security bound, then this implies that the attack is optimal, and that the bound is tight in the sense that it cannot be improved. We show that the security bounds of Romulus-M are tight for a large class of parameters by presenting concrete matching attacks.

Available format(s)
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Lightweight cryptographyProvable securityRomulus-MTightnessMatching attack
Contact author(s)
habu makoto @ f mbox nagoya-u ac jp
tetsu iwata @ nagoya-u jp
k-minematsu @ nec com
History
Short URL
https://ia.cr/2022/369

CC BY

BibTeX

@misc{cryptoeprint:2022/369,
author = {Makoto Habu and Kazuhiko Minematsu and Tetsu Iwata},
title = {Matching Attacks on Romulus-M},
howpublished = {Cryptology ePrint Archive, Paper 2022/369},
year = {2022},
note = {\url{https://eprint.iacr.org/2022/369}},
url = {https://eprint.iacr.org/2022/369}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.