Paper 2024/1304

Improved Algebraic Attacks on Round-Reduced LowMC with Single-Data Complexity

Xingwei Ren, Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences
Yongqiang Li, Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences
Mingsheng Wang, Institute of Information Engineering, Chinese Academy of Sciences, School of Cyber Security, University of Chinese Academy of Sciences
Abstract

Recently, Picnic3 has introduced several alternative LowMC instances, which prompts the cryptanalysis competition for LowMC. In this paper, we provide new solutions to the competition with full S-box layers under single-data complexity. First, we present a new guess-and-determine attack framework that achieves the best trade-off in complexity, while effectively enhancing two algorithms applicable to 2-round LowMC cryptanalysis. Next, we present a new meet-in-the-middle attack framework for 2-/3-round LowMC, which can gradually reduce the number of variables and narrow down the range of candidate keys in stages. As a result, our 3-stage MITM attacks have both lower time complexity and memory complexity than the best previous 2-round attacks proposed by Banik et al. at ASIACRYPT 2021, with memory reduced drastically by a factor of $ 2^{29.7} \sim 2^{70.4} $.

Note: Update for camera-ready version.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Published elsewhere. Selected Areas in Cryptography (SAC) 2024
Keywords
LowMCPicnicAlgebraic attackMITMLow memory
Contact author(s)
renxingwei @ iie ac cn
liyongqiang @ iie ac cn
wangmingsheng @ iie ac cn
History
2024-11-05: revised
2024-08-21: received
See all versions
Short URL
https://ia.cr/2024/1304
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/1304,
      author = {Xingwei Ren and Yongqiang Li and Mingsheng Wang},
      title = {Improved Algebraic Attacks on Round-Reduced {LowMC} with Single-Data Complexity},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1304},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1304}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.