Related-Key Attack on Full-Round PICARO View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2016

AUTHORS

Anne Canteaut , Virginie Lallemand , María Naya-Plasencia

ABSTRACT

Side-channel cryptanalysis is a very efficient class of attacks that recover secret information by exploiting the physical leakage of a device executing a cryptographic computation. To address this type of attacks, many countermeasures have been proposed, and some papers addressed the question of constructing an efficient masking scheme for existing ciphers. In their work, G. Piret, T. Roche and C. Carlet took the problem the other way around and specifically designed a cipher that would be easy to mask. Their careful analysis, that started with the design of an adapted Sbox, leads to the construction of a 12-round Feistel cipher named PICARO. In this paper, we present the first full-round cryptanalysis of this cipher and show how to recover the key in the related-key model. Our analysis takes advantage of the low diffusion of the key schedule together with the non-bijectivity of PICARO Sbox. Our best trade-off has a time complexity equivalent to 2107.4\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{107.4}$$\end{document} encryptions, a data complexity of 299\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{99}$$\end{document} plaintexts and requires to store 217\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{17}$$\end{document} (plaintext, ciphertext) pairs. More... »

PAGES

86-101

Book

TITLE

Selected Areas in Cryptography – SAC 2015

ISBN

978-3-319-31300-9
978-3-319-31301-6

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-319-31301-6_5

DOI

http://dx.doi.org/10.1007/978-3-319-31301-6_5

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1035062925


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0802", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Computation Theory and Mathematics", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Inria, project-team SECRET, Rocquencourt, France", 
          "id": "http://www.grid.ac/institutes/grid.5328.c", 
          "name": [
            "Inria, project-team SECRET, Rocquencourt, France"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Canteaut", 
        "givenName": "Anne", 
        "id": "sg:person.012730266023.08", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012730266023.08"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Inria, project-team SECRET, Rocquencourt, France", 
          "id": "http://www.grid.ac/institutes/grid.5328.c", 
          "name": [
            "Inria, project-team SECRET, Rocquencourt, France"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Lallemand", 
        "givenName": "Virginie", 
        "id": "sg:person.011135275143.03", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011135275143.03"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Inria, project-team SECRET, Rocquencourt, France", 
          "id": "http://www.grid.ac/institutes/grid.5328.c", 
          "name": [
            "Inria, project-team SECRET, Rocquencourt, France"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Naya-Plasencia", 
        "givenName": "Mar\u00eda", 
        "id": "sg:person.013206304341.94", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013206304341.94"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2016", 
    "datePublishedReg": "2016-01-01", 
    "description": "Side-channel cryptanalysis is a very efficient class of attacks that recover secret information by exploiting the physical leakage of a device executing a cryptographic computation. To address this type of attacks, many countermeasures have been proposed, and some papers addressed the question of constructing an efficient masking scheme for existing ciphers. In their work, G.\u00a0Piret, T.\u00a0Roche and C.\u00a0Carlet took the problem the other way around and specifically designed a cipher that would be easy to mask. Their careful analysis, that started with the design of an adapted Sbox, leads to the construction of a 12-round Feistel cipher named PICARO. In this paper, we present the first full-round cryptanalysis of this cipher and show how to recover the key in the related-key model. Our analysis takes advantage of the low diffusion of the key schedule together with the non-bijectivity of PICARO Sbox. Our best trade-off has a time complexity equivalent to 2107.4\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$2^{107.4}$$\\end{document} encryptions, a data complexity of 299\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$2^{99}$$\\end{document} plaintexts and requires to store 217\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$2^{17}$$\\end{document} (plaintext, ciphertext) pairs.", 
    "editor": [
      {
        "familyName": "Dunkelman", 
        "givenName": "Orr", 
        "type": "Person"
      }, 
      {
        "familyName": "Keliher", 
        "givenName": "Liam", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-319-31301-6_5", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-319-31300-9", 
        "978-3-319-31301-6"
      ], 
      "name": "Selected Areas in Cryptography \u2013 SAC 2015", 
      "type": "Book"
    }, 
    "keywords": [
      "types of attacks", 
      "side-channel cryptanalysis", 
      "cryptographic computations", 
      "secret information", 
      "related-key model", 
      "time complexity", 
      "data complexity", 
      "key attacks", 
      "physical leakages", 
      "cipher", 
      "key schedule", 
      "cryptanalysis", 
      "attacks", 
      "Sboxes", 
      "complexity", 
      "encryption", 
      "Feistel ciphers", 
      "plaintext", 
      "efficient class", 
      "computation", 
      "scheme", 
      "countermeasures", 
      "picaro", 
      "key", 
      "information", 
      "devices", 
      "advantages", 
      "design", 
      "Piret", 
      "way", 
      "work", 
      "schedule", 
      "model", 
      "careful analysis", 
      "construction", 
      "class", 
      "analysis", 
      "Carlet", 
      "low diffusion", 
      "leakage", 
      "pairs", 
      "types", 
      "questions", 
      "diffusion", 
      "Roche", 
      "paper", 
      "problem"
    ], 
    "name": "Related-Key Attack on Full-Round PICARO", 
    "pagination": "86-101", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1035062925"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-319-31301-6_5"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-319-31301-6_5", 
      "https://app.dimensions.ai/details/publication/pub.1035062925"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-09-02T16:16", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220902/entities/gbq_results/chapter/chapter_421.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-319-31301-6_5"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-31301-6_5'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-31301-6_5'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-31301-6_5'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-31301-6_5'


 

This table displays all metadata directly associated to this object as RDF triples.

125 TRIPLES      22 PREDICATES      72 URIs      65 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-319-31301-6_5 schema:about anzsrc-for:08
2 anzsrc-for:0802
3 schema:author N3683887a2a234349bd8dbe541d43fe92
4 schema:datePublished 2016
5 schema:datePublishedReg 2016-01-01
6 schema:description Side-channel cryptanalysis is a very efficient class of attacks that recover secret information by exploiting the physical leakage of a device executing a cryptographic computation. To address this type of attacks, many countermeasures have been proposed, and some papers addressed the question of constructing an efficient masking scheme for existing ciphers. In their work, G. Piret, T. Roche and C. Carlet took the problem the other way around and specifically designed a cipher that would be easy to mask. Their careful analysis, that started with the design of an adapted Sbox, leads to the construction of a 12-round Feistel cipher named PICARO. In this paper, we present the first full-round cryptanalysis of this cipher and show how to recover the key in the related-key model. Our analysis takes advantage of the low diffusion of the key schedule together with the non-bijectivity of PICARO Sbox. Our best trade-off has a time complexity equivalent to 2107.4\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{107.4}$$\end{document} encryptions, a data complexity of 299\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{99}$$\end{document} plaintexts and requires to store 217\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{17}$$\end{document} (plaintext, ciphertext) pairs.
7 schema:editor N2177113d174f47cf928044b19806c506
8 schema:genre chapter
9 schema:isAccessibleForFree true
10 schema:isPartOf Na5b65570bda748aa924db582dd84f345
11 schema:keywords Carlet
12 Feistel ciphers
13 Piret
14 Roche
15 Sboxes
16 advantages
17 analysis
18 attacks
19 careful analysis
20 cipher
21 class
22 complexity
23 computation
24 construction
25 countermeasures
26 cryptanalysis
27 cryptographic computations
28 data complexity
29 design
30 devices
31 diffusion
32 efficient class
33 encryption
34 information
35 key
36 key attacks
37 key schedule
38 leakage
39 low diffusion
40 model
41 pairs
42 paper
43 physical leakages
44 picaro
45 plaintext
46 problem
47 questions
48 related-key model
49 schedule
50 scheme
51 secret information
52 side-channel cryptanalysis
53 time complexity
54 types
55 types of attacks
56 way
57 work
58 schema:name Related-Key Attack on Full-Round PICARO
59 schema:pagination 86-101
60 schema:productId N02dea47296f14653b206b78f9da76345
61 N13510292fd624733a7bca8223b3d8e1f
62 schema:publisher N44cb3cb169da47c6af6316991cfaf571
63 schema:sameAs https://app.dimensions.ai/details/publication/pub.1035062925
64 https://doi.org/10.1007/978-3-319-31301-6_5
65 schema:sdDatePublished 2022-09-02T16:16
66 schema:sdLicense https://scigraph.springernature.com/explorer/license/
67 schema:sdPublisher N4400237e8e4e43f9b6bab7b5ff23de00
68 schema:url https://doi.org/10.1007/978-3-319-31301-6_5
69 sgo:license sg:explorer/license/
70 sgo:sdDataset chapters
71 rdf:type schema:Chapter
72 N02dea47296f14653b206b78f9da76345 schema:name doi
73 schema:value 10.1007/978-3-319-31301-6_5
74 rdf:type schema:PropertyValue
75 N13510292fd624733a7bca8223b3d8e1f schema:name dimensions_id
76 schema:value pub.1035062925
77 rdf:type schema:PropertyValue
78 N2177113d174f47cf928044b19806c506 rdf:first N70dd7be6c93544949e10e26786e86d3e
79 rdf:rest N35b906bbed844480a0a4ac9f0fdc2c14
80 N35b906bbed844480a0a4ac9f0fdc2c14 rdf:first Nb038f9deb595402f964bc4d9dada9823
81 rdf:rest rdf:nil
82 N3683887a2a234349bd8dbe541d43fe92 rdf:first sg:person.012730266023.08
83 rdf:rest Ndce0d71b0ee742ed922ff32390ec0521
84 N4400237e8e4e43f9b6bab7b5ff23de00 schema:name Springer Nature - SN SciGraph project
85 rdf:type schema:Organization
86 N44cb3cb169da47c6af6316991cfaf571 schema:name Springer Nature
87 rdf:type schema:Organisation
88 N4a2b0b74b97c4aec8f11e634ec3088cb rdf:first sg:person.013206304341.94
89 rdf:rest rdf:nil
90 N70dd7be6c93544949e10e26786e86d3e schema:familyName Dunkelman
91 schema:givenName Orr
92 rdf:type schema:Person
93 Na5b65570bda748aa924db582dd84f345 schema:isbn 978-3-319-31300-9
94 978-3-319-31301-6
95 schema:name Selected Areas in Cryptography – SAC 2015
96 rdf:type schema:Book
97 Nb038f9deb595402f964bc4d9dada9823 schema:familyName Keliher
98 schema:givenName Liam
99 rdf:type schema:Person
100 Ndce0d71b0ee742ed922ff32390ec0521 rdf:first sg:person.011135275143.03
101 rdf:rest N4a2b0b74b97c4aec8f11e634ec3088cb
102 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
103 schema:name Information and Computing Sciences
104 rdf:type schema:DefinedTerm
105 anzsrc-for:0802 schema:inDefinedTermSet anzsrc-for:
106 schema:name Computation Theory and Mathematics
107 rdf:type schema:DefinedTerm
108 sg:person.011135275143.03 schema:affiliation grid-institutes:grid.5328.c
109 schema:familyName Lallemand
110 schema:givenName Virginie
111 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011135275143.03
112 rdf:type schema:Person
113 sg:person.012730266023.08 schema:affiliation grid-institutes:grid.5328.c
114 schema:familyName Canteaut
115 schema:givenName Anne
116 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012730266023.08
117 rdf:type schema:Person
118 sg:person.013206304341.94 schema:affiliation grid-institutes:grid.5328.c
119 schema:familyName Naya-Plasencia
120 schema:givenName María
121 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013206304341.94
122 rdf:type schema:Person
123 grid-institutes:grid.5328.c schema:alternateName Inria, project-team SECRET, Rocquencourt, France
124 schema:name Inria, project-team SECRET, Rocquencourt, France
125 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...