Key-Recovery Attack on the ASASA Cryptosystem with Expanding S-Boxes

被引：21

作者：

Gilbert, Henri ^{[1
]}

Plut, Jerome ^{[1
]}

Treger, Joana ^{[1
]}

机构：

[1] ANSSI, Paris, France

来源：

ADVANCES IN CRYPTOLOGY, PT I | 2015年 / 9215卷

关键词：

CRYPTANALYSIS;

D O I：

10.1007/978-3-662-47989-6_23

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

We present a cryptanalysis of the ASASA public key cipher introduced at Asiacrypt 2014 [3]. This scheme alternates three layers of affine transformations A with two layers of quadratic substitutions S. We show that the partial derivatives of the public key polynomials contain information about the intermediate layer. This enables us to present a very simple distinguisher between an ASASA public key and random polynomials. We then expand upon the ideas of the distinguisher to achieve a full secret key recovery. This method uses only linear algebra and has a complexity dominated by the cost of computing the kernels of 2(26) small matrices with entries in F-16.

引用

页码：475 / 490

页数：16

共 50 条

[31] Deterministic polynomial time equivalence between factoring and key-recovery attack on Takagi's RSA
Kunihiro, Noboru
Kurosawa, Kaoru
IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES, 2008, E91A (09) : 2356 - 2364
[32] Polynomial-Time Key-Recovery Attack on the NIST Specification of PROV
Ferreira, River Moreira
Perret, Ludovic
PROGRESS IN CRYPTOLOGY, AFRICACRYPT 2024, 2024, 14861 : 222 - 235
[33] Construction of high quality key-dependent S-boxes
Ao, Tianyong
Rao, Jinli
Dai, Kui
Zou, Xuecheng
IAENG International Journal of Computer Science, 2017, 44 (03): : 337 - 344
[34] Higher Order Side-Channel Attack Resilient S-boxes
Lerman, Liran
Veshchikov, Nikita
Picek, Stjepan
Markowitch, Olivier
2018 ACM INTERNATIONAL CONFERENCE ON COMPUTING FRONTIERS, 2018, : 336 - 341
[35] Randomness analysis and generation of key-derived s-boxes
Alvarez, Rafael
Zamora, Antonio
LOGIC JOURNAL OF THE IGPL, 2016, 24 (01) : 68 - 79
[36] Polynomial Time Key-Recovery Attack on High Rate Random Alternant Codes
Bardet, Magali
Mora, Rocco
Tillich, Jean-Pierre
IEEE TRANSACTIONS ON INFORMATION THEORY, 2024, 70 (06) : 4492 - 4511
[37] One Approach of Using Key-Dependent S-BOXes in AES
Stoianov, Nikolai
MULTIMEDIA COMMUNICATIONS, SERVICES, AND SECURITY, 2011, 149 : 317 - 323
[38] Full Key-Recovery Cubic-Time Template Attack on Classic McEliece Decapsulation
Drăgoi, Vlad-Florin
Colombier, Brice
Vallet, Nicolas
Cayrel, Pierre-Louis
Grosso, Vincent
IACR Transactions on Cryptographic Hardware and Embedded Systems, 2025, 2025 (01): : 367 - 391
[39] Quantum key-recovery attack on Feistel constructions: Bernstein–Vazirani meet Grover algorithm
Bao-Min Zhou
Zheng Yuan
Quantum Information Processing, 2021, 20
[40] A hybrid medical image cryptosystem based on 4D-hyperchaotic S-boxes and logistic maps
Ahmed, Sara M.
Elkamchouchi, Hassan M. A.
Elfahar, Adel
El-Shafai, Walid
Mohamed, Amira G.
MULTIMEDIA TOOLS AND APPLICATIONS, 2024, 83 (03) : 8837 - 8865

← 1 2 3 4 5 →