Paper 2024/563
A Note on Related-Tweakey Impossible Differential Attacks
Abstract
In this short note we review the technique proposed at ToSC 2018 by Sadeghi et al. for attacks built upon several related-tweakey impossible differential trails. We show that the initial encryption queries are improper and lead the authors to misevaluating a filtering value in the key recovery phase. We identified 4 papers (from Eurocrypt, DCC, ToSC and ePrint) that follow on the results of Sadeghi et al., and in three of them the issue was propagated. We thus present a careful analysis of these types of attacks and give generic complexity formulas similar to the ones proposed by Boura et al. at Asiacrypt 2014. We apply these to the aforementioned papers and provide patched versions of their attacks. The main consequence is an increase in the memory complexity. We show that in many cases (a notable exception being quantum impossible differentials) it is possible to recover the numeric estimates of the flawed analysis, and in all cases we were able to build a correct attack reaching the same number of rounds.
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Preprint.
- Keywords
- Impossible Differential AttackRelated-TweakeyComplexity Analysis
- Contact author(s)
-
xavier bonnetain @ inria fr
virginie lallemand @ loria fr - History
- 2024-04-12: approved
- 2024-04-11: received
- See all versions
- Short URL
- https://ia.cr/2024/563
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/563,
author = {Xavier Bonnetain and Virginie Lallemand},
title = {A Note on Related-Tweakey Impossible Differential Attacks},
howpublished = {Cryptology ePrint Archive, Paper 2024/563},
year = {2024},
note = {\url{https://eprint.iacr.org/2024/563}},
url = {https://eprint.iacr.org/2024/563}
}
