Related-Key Attack on Full-Round PICARO View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2016

AUTHORS

Anne Canteaut , Virginie Lallemand , María Naya-Plasencia

ABSTRACT

Side-channel cryptanalysis is a very efficient class of attacks that recover secret information by exploiting the physical leakage of a device executing a cryptographic computation. To address this type of attacks, many countermeasures have been proposed, and some papers addressed the question of constructing an efficient masking scheme for existing ciphers. In their work, G. Piret, T. Roche and C. Carlet took the problem the other way around and specifically designed a cipher that would be easy to mask. Their careful analysis, that started with the design of an adapted Sbox, leads to the construction of a 12-round Feistel cipher named PICARO. In this paper, we present the first full-round cryptanalysis of this cipher and show how to recover the key in the related-key model. Our analysis takes advantage of the low diffusion of the key schedule together with the non-bijectivity of PICARO Sbox. Our best trade-off has a time complexity equivalent to 2107.4\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{107.4}$$\end{document} encryptions, a data complexity of 299\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{99}$$\end{document} plaintexts and requires to store 217\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{17}$$\end{document} (plaintext, ciphertext) pairs. More... »

PAGES

86-101

Book

TITLE

Selected Areas in Cryptography – SAC 2015

ISBN

978-3-319-31300-9
978-3-319-31301-6

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-319-31301-6_5

DOI

http://dx.doi.org/10.1007/978-3-319-31301-6_5

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1035062925


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0802", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Computation Theory and Mathematics", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Inria, project-team SECRET, Rocquencourt, France", 
          "id": "http://www.grid.ac/institutes/grid.5328.c", 
          "name": [
            "Inria, project-team SECRET, Rocquencourt, France"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Canteaut", 
        "givenName": "Anne", 
        "id": "sg:person.012730266023.08", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012730266023.08"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Inria, project-team SECRET, Rocquencourt, France", 
          "id": "http://www.grid.ac/institutes/grid.5328.c", 
          "name": [
            "Inria, project-team SECRET, Rocquencourt, France"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Lallemand", 
        "givenName": "Virginie", 
        "id": "sg:person.011135275143.03", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011135275143.03"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Inria, project-team SECRET, Rocquencourt, France", 
          "id": "http://www.grid.ac/institutes/grid.5328.c", 
          "name": [
            "Inria, project-team SECRET, Rocquencourt, France"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Naya-Plasencia", 
        "givenName": "Mar\u00eda", 
        "id": "sg:person.013206304341.94", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013206304341.94"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2016", 
    "datePublishedReg": "2016-01-01", 
    "description": "Side-channel cryptanalysis is a very efficient class of attacks that recover secret information by exploiting the physical leakage of a device executing a cryptographic computation. To address this type of attacks, many countermeasures have been proposed, and some papers addressed the question of constructing an efficient masking scheme for existing ciphers. In their work, G.\u00a0Piret, T.\u00a0Roche and C.\u00a0Carlet took the problem the other way around and specifically designed a cipher that would be easy to mask. Their careful analysis, that started with the design of an adapted Sbox, leads to the construction of a 12-round Feistel cipher named PICARO. In this paper, we present the first full-round cryptanalysis of this cipher and show how to recover the key in the related-key model. Our analysis takes advantage of the low diffusion of the key schedule together with the non-bijectivity of PICARO Sbox. Our best trade-off has a time complexity equivalent to 2107.4\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$2^{107.4}$$\\end{document} encryptions, a data complexity of 299\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$2^{99}$$\\end{document} plaintexts and requires to store 217\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$2^{17}$$\\end{document} (plaintext, ciphertext) pairs.", 
    "editor": [
      {
        "familyName": "Dunkelman", 
        "givenName": "Orr", 
        "type": "Person"
      }, 
      {
        "familyName": "Keliher", 
        "givenName": "Liam", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-319-31301-6_5", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-319-31300-9", 
        "978-3-319-31301-6"
      ], 
      "name": "Selected Areas in Cryptography \u2013 SAC 2015", 
      "type": "Book"
    }, 
    "keywords": [
      "types of attacks", 
      "side-channel cryptanalysis", 
      "cryptographic computations", 
      "secret information", 
      "related-key model", 
      "time complexity", 
      "data complexity", 
      "key attacks", 
      "physical leakages", 
      "cipher", 
      "key schedule", 
      "cryptanalysis", 
      "attacks", 
      "Sboxes", 
      "complexity", 
      "encryption", 
      "Feistel ciphers", 
      "plaintext", 
      "efficient class", 
      "computation", 
      "scheme", 
      "countermeasures", 
      "picaro", 
      "key", 
      "information", 
      "devices", 
      "advantages", 
      "design", 
      "Piret", 
      "way", 
      "work", 
      "schedule", 
      "model", 
      "careful analysis", 
      "construction", 
      "class", 
      "analysis", 
      "Carlet", 
      "low diffusion", 
      "leakage", 
      "pairs", 
      "types", 
      "questions", 
      "diffusion", 
      "Roche", 
      "paper", 
      "problem"
    ], 
    "name": "Related-Key Attack on Full-Round PICARO", 
    "pagination": "86-101", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1035062925"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-319-31301-6_5"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-319-31301-6_5", 
      "https://app.dimensions.ai/details/publication/pub.1035062925"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-12-01T06:49", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20221201/entities/gbq_results/chapter/chapter_221.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-319-31301-6_5"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-31301-6_5'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-31301-6_5'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-31301-6_5'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-31301-6_5'


 

This table displays all metadata directly associated to this object as RDF triples.

125 TRIPLES      22 PREDICATES      72 URIs      65 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-319-31301-6_5 schema:about anzsrc-for:08
2 anzsrc-for:0802
3 schema:author N598367358e05481d8e71261613ec6b9b
4 schema:datePublished 2016
5 schema:datePublishedReg 2016-01-01
6 schema:description Side-channel cryptanalysis is a very efficient class of attacks that recover secret information by exploiting the physical leakage of a device executing a cryptographic computation. To address this type of attacks, many countermeasures have been proposed, and some papers addressed the question of constructing an efficient masking scheme for existing ciphers. In their work, G. Piret, T. Roche and C. Carlet took the problem the other way around and specifically designed a cipher that would be easy to mask. Their careful analysis, that started with the design of an adapted Sbox, leads to the construction of a 12-round Feistel cipher named PICARO. In this paper, we present the first full-round cryptanalysis of this cipher and show how to recover the key in the related-key model. Our analysis takes advantage of the low diffusion of the key schedule together with the non-bijectivity of PICARO Sbox. Our best trade-off has a time complexity equivalent to 2107.4\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{107.4}$$\end{document} encryptions, a data complexity of 299\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{99}$$\end{document} plaintexts and requires to store 217\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{17}$$\end{document} (plaintext, ciphertext) pairs.
7 schema:editor Nf940c3d0f6dd4b01b3b04985925ff5b4
8 schema:genre chapter
9 schema:isAccessibleForFree true
10 schema:isPartOf Nb6e19072637942858b85da9b058f7e30
11 schema:keywords Carlet
12 Feistel ciphers
13 Piret
14 Roche
15 Sboxes
16 advantages
17 analysis
18 attacks
19 careful analysis
20 cipher
21 class
22 complexity
23 computation
24 construction
25 countermeasures
26 cryptanalysis
27 cryptographic computations
28 data complexity
29 design
30 devices
31 diffusion
32 efficient class
33 encryption
34 information
35 key
36 key attacks
37 key schedule
38 leakage
39 low diffusion
40 model
41 pairs
42 paper
43 physical leakages
44 picaro
45 plaintext
46 problem
47 questions
48 related-key model
49 schedule
50 scheme
51 secret information
52 side-channel cryptanalysis
53 time complexity
54 types
55 types of attacks
56 way
57 work
58 schema:name Related-Key Attack on Full-Round PICARO
59 schema:pagination 86-101
60 schema:productId Nc7b35a9e7b8a44c8be0ab8ab6c34c22d
61 Nf9bfbf647e274adf9ab965e74339fc6b
62 schema:publisher Nc621068c1e094873a0d2f0828182efc7
63 schema:sameAs https://app.dimensions.ai/details/publication/pub.1035062925
64 https://doi.org/10.1007/978-3-319-31301-6_5
65 schema:sdDatePublished 2022-12-01T06:49
66 schema:sdLicense https://scigraph.springernature.com/explorer/license/
67 schema:sdPublisher N8e07ff3f6267416cb67759eb16de0c75
68 schema:url https://doi.org/10.1007/978-3-319-31301-6_5
69 sgo:license sg:explorer/license/
70 sgo:sdDataset chapters
71 rdf:type schema:Chapter
72 N5818d9664f464b86af5268be2b41d827 rdf:first sg:person.011135275143.03
73 rdf:rest Na2318bb23f104b4ba26849f5429658f0
74 N598367358e05481d8e71261613ec6b9b rdf:first sg:person.012730266023.08
75 rdf:rest N5818d9664f464b86af5268be2b41d827
76 N5c5a0fd73c6e4f91855aa63f3963c6d2 rdf:first N9b02c707f7514207af632dbbf52e120a
77 rdf:rest rdf:nil
78 N8e07ff3f6267416cb67759eb16de0c75 schema:name Springer Nature - SN SciGraph project
79 rdf:type schema:Organization
80 N9b02c707f7514207af632dbbf52e120a schema:familyName Keliher
81 schema:givenName Liam
82 rdf:type schema:Person
83 Na2318bb23f104b4ba26849f5429658f0 rdf:first sg:person.013206304341.94
84 rdf:rest rdf:nil
85 Nb6e19072637942858b85da9b058f7e30 schema:isbn 978-3-319-31300-9
86 978-3-319-31301-6
87 schema:name Selected Areas in Cryptography – SAC 2015
88 rdf:type schema:Book
89 Nc621068c1e094873a0d2f0828182efc7 schema:name Springer Nature
90 rdf:type schema:Organisation
91 Nc7b35a9e7b8a44c8be0ab8ab6c34c22d schema:name doi
92 schema:value 10.1007/978-3-319-31301-6_5
93 rdf:type schema:PropertyValue
94 Nd24c6bccb8c24396928117fbaaf810dc schema:familyName Dunkelman
95 schema:givenName Orr
96 rdf:type schema:Person
97 Nf940c3d0f6dd4b01b3b04985925ff5b4 rdf:first Nd24c6bccb8c24396928117fbaaf810dc
98 rdf:rest N5c5a0fd73c6e4f91855aa63f3963c6d2
99 Nf9bfbf647e274adf9ab965e74339fc6b schema:name dimensions_id
100 schema:value pub.1035062925
101 rdf:type schema:PropertyValue
102 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
103 schema:name Information and Computing Sciences
104 rdf:type schema:DefinedTerm
105 anzsrc-for:0802 schema:inDefinedTermSet anzsrc-for:
106 schema:name Computation Theory and Mathematics
107 rdf:type schema:DefinedTerm
108 sg:person.011135275143.03 schema:affiliation grid-institutes:grid.5328.c
109 schema:familyName Lallemand
110 schema:givenName Virginie
111 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011135275143.03
112 rdf:type schema:Person
113 sg:person.012730266023.08 schema:affiliation grid-institutes:grid.5328.c
114 schema:familyName Canteaut
115 schema:givenName Anne
116 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012730266023.08
117 rdf:type schema:Person
118 sg:person.013206304341.94 schema:affiliation grid-institutes:grid.5328.c
119 schema:familyName Naya-Plasencia
120 schema:givenName María
121 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013206304341.94
122 rdf:type schema:Person
123 grid-institutes:grid.5328.c schema:alternateName Inria, project-team SECRET, Rocquencourt, France
124 schema:name Inria, project-team SECRET, Rocquencourt, France
125 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...