A generic algorithm for efficient key recovery in differential attacks – and its associated tool

Christina Boura; Nicolas David; Patrick Derbez; Rachelle Heim Boissier; María Naya-Plasencia

Paper 2024/288

A generic algorithm for efficient key recovery in differential attacks – and its associated tool

Christina Boura, Université Paris-Saclay, UVSQ, CNRS, Laboratoire de mathématiques de Versailles, 78000, Versailles, France

Nicolas David, Inria, France

Patrick Derbez, Univ Rennes, Inria, CNRS, IRISA, France

Rachelle Heim Boissier, Université Paris-Saclay, UVSQ, CNRS, Laboratoire de mathématiques de Versailles, 78000, Versailles, France

María Naya-Plasencia, Inria, France

Abstract

Differential cryptanalysis is an old and powerful attack against block ciphers. While different techniques have been introduced throughout the years to improve the complexity of this attack, the key recovery phase remains a tedious and error-prone procedure. In this work, we propose a new algorithm and its associated tool that permits, given a distinguisher, to output an efficient key guessing strategy. Our tool can be applied to SPN ciphers whose linear layer consists of a bit-permutation and whose key schedule is linear or almost linear. It can be used not only to help cryptanalysts find the best differential attack on a given cipher but also to assist designers in their security analysis. We applied our tool to four targets: RECTANGLE, PRESENT-80, SPEEDY-7-192 and GIFT-64. We extend the previous best attack on RECTANGLE-128 by one round and the previous best differential attack against PRESENT-80 by 2 rounds. We improve a previous key recovery step in an attack against SPEEDY and present more efficient key recovery strategies for RECTANGLE-80 and GIFT. Our tool outputs the results in only a second for most targets.

Metadata

Available format(s): PDF
Category: Secret-key cryptography
Publication info: A major revision of an IACR publication in EUROCRYPT 2024
Keywords: Differential Cryptanalysis Key Recovery Automatic Tool SPEEDY GIFT PRESENT RECTANGLE
Contact author(s): christina boura @ uvsq fr
nicolas david @ inria fr
patrick derbez @ irisa fr
rachelle heim @ uvsq fr
maria naya-plasencia @ inria fr
History: 2024-02-27: last of 3 revisions; 2024-02-20: received; See all versions
Short URL: https://ia.cr/2024/288
License: CC BY-SA

BibTeX

@misc{cryptoeprint:2024/288,
      author = {Christina Boura and Nicolas David and Patrick Derbez and Rachelle Heim Boissier and María Naya-Plasencia},
      title = {A generic algorithm for efficient key recovery in differential attacks – and its associated tool},
      howpublished = {Cryptology ePrint Archive, Paper 2024/288},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/288}},
      url = {https://eprint.iacr.org/2024/288}
}