Paper 2023/1200

Shining Light on the Shadow: Full-round Practical Distinguisher for Lightweight Block Cipher Shadow

Sunyeop Kim, Korea University
Myoungsu Shin
Seonkyu Kim
Hanbeom Shin
Insung Kim, Korea University
Donggeun Kwon, Korea University
Dongjae Lee, Korea University
Seonggyeom Kim, Samsung Electronics
Deukjo Hong, Jeonbuk National University
Jaechul Sung, University of Seoul
Seokhie Hong, Korea University
Abstract

Shadow is a lightweight block cipher proposed at IEEE IoT journal 2021. Shadow’s main design principle is adopting a variant 4- branch Feistel structure in order to provide a fast diffusion rate. We define such a structure as Shadow structure and prove that it is al- most identical to the Generalized Feistel Network, which invalidates the design principle. Moreover, we give a structural distinguisher that can distinguish Shadow structure from random permutation with only two plaintext/ciphertext pairs. By exploiting the key schedule, the distin- guisher can be extended to key recovery attack with only one plain- text/ciphertext pair. Furthermore, by considering Shadow’s round func- tion, only certain forms of monomials can appear in the ciphertext, re- sulting in an integral distinguisher of four plaintext/ciphertext pairs. Even more, the algebraic degree does not increase more than 12 for Shadow-32 and 20 for Shadow-64 regardless of rounds used. Our results show that Shadow is highly vulnerable to algebraic attacks, and that algebraic attacks should be carefully considered when designing ciphers with AND, rotation, and XOR operations.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
Block cipheralgebraic attackcube attack
Contact author(s)
kin3548 @ gmail com
houma757 @ gmail com
kimsg125 @ korea ac kr
shb115 @ naver com
cmcom35 @ korea ac kr
donggeun kwon @ gmail com
ldj0676 @ korea ac kr
jeffgyeom @ gmail com
deukjo hong @ jbnu ac kr
jcsung @ uos ac kr
shhong @ korea ac kr
History
2023-08-10: approved
2023-08-08: received
See all versions
Short URL
https://ia.cr/2023/1200
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/1200,
      author = {Sunyeop Kim and Myoungsu Shin and Seonkyu Kim and Hanbeom Shin and Insung Kim and Donggeun Kwon and Dongjae Lee and Seonggyeom Kim and Deukjo Hong and Jaechul Sung and Seokhie Hong},
      title = {Shining Light on the Shadow: Full-round Practical Distinguisher for Lightweight Block Cipher Shadow},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1200},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1200}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.