Some Results on Related Key-IV Pairs of Espresso

George Teseleanu

Paper 2023/1691

Some Results on Related Key-IV Pairs of Espresso

George Teseleanu

Abstract

In this paper, we analyze the Espresso cipher from a related key chosen IV perspective. More precisely, we explain how one can obtain Key-IV pairs such that Espresso's keystreams either have certain identical bits or are shifted versions of each other. For the first case, we show how to obtain such pairs after $2^{32}$ iterations, while for the second case, we present an algorithm that produces such pairs in $2^{28}$ iterations. Moreover, we show that by making a minor change in the padding used during the initialization phase, it can lead to a more secure version of the cipher. Specifically, changing the padding increases the complexity of our second attack from $2^{28}$ to $2^{34}$ . Finally, we show how related IVs can accelerate brute force attacks, resulting in a faster key recovery. Although our work does not have any immediate implications for breaking the Espresso cipher, these observations are relevant in the related-key chosen IV scenario.

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: Published elsewhere. Major revision. SECITC 2023
Keywords: Espresso slide attacks cryptanalysis related keys
Contact author(s): george teseleanu @ yahoo com
History: 2023-11-03: approved; 2023-11-01: received; See all versions
Short URL: https://ia.cr/2023/1691
License: CC BY-NC-SA

BibTeX

@misc{cryptoeprint:2023/1691,
      author = {George Teseleanu},
      title = {Some Results on Related Key-{IV} Pairs of Espresso},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1691},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1691}
}