Key-Recovery Attack on the ASASA Cryptosystem with Expanding S-Boxes

被引：21

作者：

Gilbert, Henri ^{[1
]}

Plut, Jerome ^{[1
]}

Treger, Joana ^{[1
]}

机构：

[1] ANSSI, Paris, France

来源：

ADVANCES IN CRYPTOLOGY, PT I | 2015年 / 9215卷

关键词：

CRYPTANALYSIS;

D O I：

10.1007/978-3-662-47989-6_23

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

We present a cryptanalysis of the ASASA public key cipher introduced at Asiacrypt 2014 [3]. This scheme alternates three layers of affine transformations A with two layers of quadratic substitutions S. We show that the partial derivatives of the public key polynomials contain information about the intermediate layer. This enables us to present a very simple distinguisher between an ASASA public key and random polynomials. We then expand upon the ideas of the distinguisher to achieve a full secret key recovery. This method uses only linear algebra and has a complexity dominated by the cost of computing the kernels of 2(26) small matrices with entries in F-16.

引用

页码：475 / 490

页数：16

共 50 条

[21] A Practical Key-Recovery Attack on 805-Round Trivium
Ye, Chen-Dong
Tian, Tian
ADVANCES IN CRYPTOLOGY - ASIACRYPT 2021, PT I, 2021, 13090 : 187 - 213
[22] Key-dependent S-boxes and differential cryptanalysis
Murphy, S
Robshaw, MJB
DESIGNS CODES AND CRYPTOGRAPHY, 2002, 27 (03) : 229 - 255
[23] Key-Dependent S-Boxes and Differential Cryptanalysis
S. Murphy
M. J. B. Robshaw
Designs, Codes and Cryptography, 2002, 27 : 229 - 255
[24] Efficient cryptosystem approaches: S-boxes and permutation–substitution-based encryption
Akram Belazi
Majid Khan
Ahmed A. Abd El-Latif
Safya Belghith
Nonlinear Dynamics, 2017, 87 : 337 - 361
[25] Efficient cryptosystem approaches: S-boxes and permutation-substitution-based encryption
Belazi, Akram
Khan, Majid
Abd El-Latif, Ahmed A.
Belghith, Safya
NONLINEAR DYNAMICS, 2017, 87 (01) : 337 - 361
[26] On the Construction of Side-Channel Attack Resilient S-boxes
Lerman, Liran
Veshchikov, Nikita
Picek, Stjepan
Markowitch, Olivier
CONSTRUCTIVE SIDE-CHANNEL ANALYSIS AND SECURE DESIGN, 2017, 10348 : 102 - 119
[27] Improved DPA Attack on Rotating S-Boxes Masking Scheme
Hou, Shourong
Zhou, Yujie
Liu, Hongming
Zhu, Nianhao
2017 IEEE 9TH INTERNATIONAL CONFERENCE ON COMMUNICATION SOFTWARE AND NETWORKS (ICCSN), 2017, : 1111 - 1116
[28] A Key-Recovery Side-Channel Attack on Classic McEliece Implementations
Guo Q.
Johansson A.
Johansson T.
IACR Transactions on Cryptographic Hardware and Embedded Systems, 2022, 2022 (04): : 800 - 827
[29] A Key-Recovery Attack Against Mitaka in the t-Probing Model
Prest, Thomas
PUBLIC-KEY CRYPTOGRAPHY - PKC 2023, PT I, 2023, 13940 : 205 - 220
[30] Deterministic polynomial time equivalence between factoring and key-recovery attack on Takagi's RSA
Kunihiro, Noboru
Kurosawa, Kaoru
PUBLIC KEY CRYPTOGRAPHY - PKC 2007, 2007, 4450 : 412 - +

← 1 2 3 4 5 →