Paper 2024/549
Integral Attack on the Full FUTURE Block Cipher
Abstract
FUTURE is a recently proposed lightweight block cipher that achieved a remarkable hardware performance due to careful design decisions. FUTURE is an Advanced Encryption Standard (AES)-like Substitution-Permutation Network (SPN) with 10 rounds, whose round function consists of four components, i.e., SubCell, MixColumn, ShiftRow and AddRoundKey. Unlike AES, it is a 64-bit-size block cipher with a 128-bit secret key, and the state can be arranged into 16 cells. Therefore, the operations of FUTURE including its S-box is defined over $\mathbb{F}_2^4$. The previous studies have shown that the integral properties of 4-bit S-boxes are usually weaker than larger-size S-boxes, thus the number of rounds of FUTURE, i.e., 10 rounds only, might be too aggressive to provide enough resistance against integral cryptanalysis. In this paper, we mount the integral cryptanalysis on FUTURE. With state-of-the-art detection techniques, we identify several integral distinguishers of 7 rounds of FUTURE. By extending this 7-round distinguisher by 3 forward rounds, we manage to recover all the 128 bits secret keys from the full FUTURE cipher without the full codebook for the first time. To further achieve better time complexity, we also present a key recovery attack on full FUTURE with full codebook. Both attacks have better time complexity than existing results.
Metadata
- Available format(s)
- Category
- Attacks and cryptanalysis
- Publication info
- Published elsewhere. TSINGHUA SCIENCE AND TECHNOLOGY
- Keywords
- symmetric-keyintegral attackdivision propertyFUTURE
- Contact author(s)
-
xuzeyu @ mail sdu edu cn
cuijiamin @ mail sdu edu cn
kai hu @ sdu edu cn
mqwang @ sdu edu cn - History
- 2024-04-10: approved
- 2024-04-09: received
- See all versions
- Short URL
- https://ia.cr/2024/549
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/549, author = {Zeyu Xu and Jiamin Cui and Kai Hu and Meiqin Wang}, title = {Integral Attack on the Full {FUTURE} Block Cipher}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/549}, year = {2024}, url = {https://eprint.iacr.org/2024/549} }