Paper 2024/113

Improved Linear Key Recovery Attacks on PRESENT

Wenhui Wu, School of Cyber Science and Technology, Shandong University, Qingdao, China, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China
Muzhou Li, School of Cyber Science and Technology, Shandong University, Qingdao, China, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China
Meiqin Wang, School of Cyber Science and Technology, Shandong University, Qingdao, China, Quan Cheng Shandong Laboratory, Jinan, China, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China
Abstract

PRESENT is an ultra-lightweight block cipher designed by Bogdanov et al., and has been widely studied since its proposal. It supports 80-bit and 128-bit keys, which are referred as PRESENT-80 and PRESENT-128, respectively. Up to now, linear cryptanalysis is the most effective method on attacking this cipher, especially when accelerated with the pruned Walsh transform. Combing pruned Walsh transform with multiple linear attacks, one can recover the right key for 28-round PRESENT-80 and -128. Later, this method is further improved with affine pruned Walsh transform by adding more zeros in the Walsh spectrum through rejecting some data. This leads to the 29-round attack on PRESENT-128 with full codebook. In this paper, we follow the affine pruned Walsh transform accelerated linear method, and propose 29-round attacks on both PRESENT-80 and PRESENT-128 without using full codebook. Both attacks rely on a statistical model depicting distributions of the experimental correlation when some data are artificially rejected in its computation. Besides, detailed analysis of complexity reduction for each linear hull used in attacking PRESENT is also provided and supported by an automatic tool. Our 29-round attack on PRESENT-80 mainly benefits from this tool. According to our knowledge, both attacks are the best ones on PRESENT so far.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
PRESENTAffine Pruned Walsh TransformLinear Cryptanalysis
Contact author(s)
wenhuiwu @ mail sdu edu cn
muzhouli @ mail sdu edu cn
mqwang @ sdu edu cn
History
2024-01-26: approved
2024-01-26: received
See all versions
Short URL
https://ia.cr/2024/113
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/113,
      author = {Wenhui Wu and Muzhou Li and Meiqin Wang},
      title = {Improved Linear Key Recovery Attacks on PRESENT},
      howpublished = {Cryptology ePrint Archive, Paper 2024/113},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/113}},
      url = {https://eprint.iacr.org/2024/113}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.