Paper 2023/1943

Distinguisher and Related-Key Attack on HALFLOOP-96

Jinpeng Liu, Shandong University
Ling Sun, Shandong University
Abstract

HALFLOOP-96 is a 96-bit tweakable block cipher used in high frequency radio to secure automatic link establishment messages. In this paper, we concentrate on its differential properties in the contexts of conventional, related-tweak, and related-key differential attacks. Using automatic techniques, we determine the minimum number of active S-boxes and the maximum differential probability in each of the three configurations. The resistance of HALFLOOP-96 to differential attacks in the conventional and related-tweak configurations is good, and the longest distinguishers in both configurations consist of five rounds. In contrast, the security of the cipher against differential attacks in the related-key configuration is inadequate. The most effective related-key distinguisher we can find spans eight rounds. The 8-round related-key differential distinguisher is then utilised to initiate a 9-round weak-key attack. With $2^{92.96}$ chosen-plaintexts, 38.77-bit equivalent information about the keys can be recovered. Even though the attack does not pose a significant security threat to HALFLOOP-96, its security margin in the related-key configuration is exceedingly narrow. Therefore, improper use must be avoided in the application.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Published elsewhere. ICISC 2023
Keywords
Differential cryptanalysisRelated-tweakRelated-keyHALFLOOP-96
Contact author(s)
ljp1024147512 @ 163 com
lingsun @ sdu edu cn
History
2023-12-22: approved
2023-12-22: received
See all versions
Short URL
https://ia.cr/2023/1943
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1943,
      author = {Jinpeng Liu and Ling Sun},
      title = {Distinguisher and Related-Key Attack on {HALFLOOP}-96},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1943},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1943}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.