Internal Symmetries and Linear Properties: Full-permutation Distinguishers and Improved Collisions on Gimli View Full Text


Ontology type: schema:ScholarlyArticle      Open Access: True


Article Info

DATE

2021-10-08

AUTHORS

Antonio Flórez-Gutiérrez, Gaëtan Leurent, María Naya-Plasencia, Léo Perrin, André Schrottenloher, Ferdinand Sibleyras

ABSTRACT

Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document} is a family of cryptographic primitives (both a hash function and an AEAD scheme) that has been selected for the second round of the NIST competition for standardizing new lightweight designs. The candidate Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document} is based on the permutation Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document}, which was presented at CHES 2017. In this paper, we study the security of both the permutation and the constructions that are based on it. We exploit the slow diffusion in Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document} and its internal symmetries to build, for the first time, a distinguisher on the full permutation of complexity 264\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{64}$$\end{document}. We also provide a practical distinguisher on 23 out of the full 24 rounds of Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document} that has been implemented. Next, we give (full state) collision and semi-free start collision attacks on Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document}-Hash, reaching, respectively, up to 12 and 18 rounds. On the practical side, we compute a collision on 8-round Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document}-Hash. In the quantum setting, these attacks reach 2 more rounds. Finally, we perform the first study of linear trails in Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document}, and we find a linear distinguisher on the full permutation. More... »

PAGES

45

References to SciGraph publications

  • 2004. On Multiple Linear Approximations in ADVANCES IN CRYPTOLOGY – CRYPTO 2004
  • 2016-04-28. Improved Differential-Linear Cryptanalysis of 7-Round Chaskey with Partitioning in ADVANCES IN CRYPTOLOGY – EUROCRYPT 2016
  • 1991-01. Differential cryptanalysis of DES-like cryptosystems in JOURNAL OF CRYPTOLOGY
  • 2016-11-09. Design Strategies for ARX with Provable Bounds: Sparx and LAX in ADVANCES IN CRYPTOLOGY – ASIACRYPT 2016
  • 2020-08-10. Cryptanalysis Results on Spook in ADVANCES IN CRYPTOLOGY – CRYPTO 2020
  • 1995. Linear approximation of block ciphers in ADVANCES IN CRYPTOLOGY — EUROCRYPT'94
  • 2008. On the Indifferentiability of the Sponge Construction in ADVANCES IN CRYPTOLOGY – EUROCRYPT 2008
  • 2010. Super-Sbox Cryptanalysis: Improved Attacks for AES-Like Permutations in FAST SOFTWARE ENCRYPTION
  • 2010. Sponge-Based Pseudo-Random Number Generators in CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS, CHES 2010
  • 2020-05-01. Implementing Grover Oracles for Quantum Key Search on AES and LowMC in ADVANCES IN CRYPTOLOGY – EUROCRYPT 2020
  • 2020-12-06. New Results on Gimli: Full-Permutation Distinguishers and Improved Collisions in ADVANCES IN CRYPTOLOGY – ASIACRYPT 2020
  • 2013. Limited-Birthday Distinguishers for Hash Functions in ADVANCES IN CRYPTOLOGY - ASIACRYPT 2013
  • 2012. Duplexing the Sponge: Single-Pass Authenticated Encryption and Other Applications in SELECTED AREAS IN CRYPTOGRAPHY
  • 2020-08-10. Automatic Verification of Differential Characteristics: Application to Reduced Gimli in ADVANCES IN CRYPTOLOGY – CRYPTO 2020
  • 1994. Linear Cryptanalysis Method for DES Cipher in ADVANCES IN CRYPTOLOGY — EUROCRYPT ’93
  • 2009. Extending SAT Solvers to Cryptographic Problems in THEORY AND APPLICATIONS OF SATISFIABILITY TESTING - SAT 2009
  • 2020-05-01. Finding Hash Collisions with Quantum Computers by Using Differential Trails with Smaller Probability than Birthday Bound in ADVANCES IN CRYPTOLOGY – EUROCRYPT 2020
  • 2013-11-12. The Rebound Attack and Subspace Distinguishers: Application to Whirlpool in JOURNAL OF CRYPTOLOGY
  • 2014. A Simplified Representation of AES in ADVANCES IN CRYPTOLOGY – ASIACRYPT 2014
  • 1998. Quantum cryptanalysis of hash and claw-free functions in LATIN'98: THEORETICAL INFORMATICS
  • 2017-08-25. Gimli : A Cross-Platform Permutation in CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS – CHES 2017
  • Identifiers

    URI

    http://scigraph.springernature.com/pub.10.1007/s00145-021-09413-z

    DOI

    http://dx.doi.org/10.1007/s00145-021-09413-z

    DIMENSIONS

    https://app.dimensions.ai/details/publication/pub.1141724604


    Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
    Incoming Citations Browse incoming citations for this publication using opencitations.net

    JSON-LD is the canonical representation for SciGraph data.

    TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

    [
      {
        "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
        "about": [
          {
            "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/01", 
            "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
            "name": "Mathematical Sciences", 
            "type": "DefinedTerm"
          }, 
          {
            "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
            "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
            "name": "Information and Computing Sciences", 
            "type": "DefinedTerm"
          }, 
          {
            "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0101", 
            "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
            "name": "Pure Mathematics", 
            "type": "DefinedTerm"
          }, 
          {
            "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0103", 
            "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
            "name": "Numerical and Computational Mathematics", 
            "type": "DefinedTerm"
          }, 
          {
            "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
            "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
            "name": "Data Format", 
            "type": "DefinedTerm"
          }
        ], 
        "author": [
          {
            "affiliation": {
              "alternateName": "Inria, Paris, France", 
              "id": "http://www.grid.ac/institutes/grid.5328.c", 
              "name": [
                "Inria, Paris, France"
              ], 
              "type": "Organization"
            }, 
            "familyName": "Fl\u00f3rez-Guti\u00e9rrez", 
            "givenName": "Antonio", 
            "id": "sg:person.012566014731.55", 
            "sameAs": [
              "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012566014731.55"
            ], 
            "type": "Person"
          }, 
          {
            "affiliation": {
              "alternateName": "Inria, Paris, France", 
              "id": "http://www.grid.ac/institutes/grid.5328.c", 
              "name": [
                "Inria, Paris, France"
              ], 
              "type": "Organization"
            }, 
            "familyName": "Leurent", 
            "givenName": "Ga\u00ebtan", 
            "id": "sg:person.016371722741.32", 
            "sameAs": [
              "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016371722741.32"
            ], 
            "type": "Person"
          }, 
          {
            "affiliation": {
              "alternateName": "Inria, Paris, France", 
              "id": "http://www.grid.ac/institutes/grid.5328.c", 
              "name": [
                "Inria, Paris, France"
              ], 
              "type": "Organization"
            }, 
            "familyName": "Naya-Plasencia", 
            "givenName": "Mar\u00eda", 
            "id": "sg:person.013206304341.94", 
            "sameAs": [
              "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013206304341.94"
            ], 
            "type": "Person"
          }, 
          {
            "affiliation": {
              "alternateName": "Inria, Paris, France", 
              "id": "http://www.grid.ac/institutes/grid.5328.c", 
              "name": [
                "Inria, Paris, France"
              ], 
              "type": "Organization"
            }, 
            "familyName": "Perrin", 
            "givenName": "L\u00e9o", 
            "id": "sg:person.011075613613.62", 
            "sameAs": [
              "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011075613613.62"
            ], 
            "type": "Person"
          }, 
          {
            "affiliation": {
              "alternateName": "Cryptology Group, CWI, Amsterdam, The Netherlands", 
              "id": "http://www.grid.ac/institutes/grid.6054.7", 
              "name": [
                "Cryptology Group, CWI, Amsterdam, The Netherlands"
              ], 
              "type": "Organization"
            }, 
            "familyName": "Schrottenloher", 
            "givenName": "Andr\u00e9", 
            "id": "sg:person.07436415541.40", 
            "sameAs": [
              "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07436415541.40"
            ], 
            "type": "Person"
          }, 
          {
            "affiliation": {
              "alternateName": "Inria, Paris, France", 
              "id": "http://www.grid.ac/institutes/grid.5328.c", 
              "name": [
                "Inria, Paris, France"
              ], 
              "type": "Organization"
            }, 
            "familyName": "Sibleyras", 
            "givenName": "Ferdinand", 
            "id": "sg:person.012176511632.21", 
            "sameAs": [
              "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012176511632.21"
            ], 
            "type": "Person"
          }
        ], 
        "citation": [
          {
            "id": "sg:pub.10.1007/bf00630563", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1048571070", 
              "https://doi.org/10.1007/bf00630563"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-540-28628-8_1", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1003364452", 
              "https://doi.org/10.1007/978-3-540-28628-8_1"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-030-56877-1_13", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1130043520", 
              "https://doi.org/10.1007/978-3-030-56877-1_13"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-642-13858-4_21", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1003313281", 
              "https://doi.org/10.1007/978-3-642-13858-4_21"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-662-49890-3_14", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1028227459", 
              "https://doi.org/10.1007/978-3-662-49890-3_14"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/bfb0054319", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1026386017", 
              "https://doi.org/10.1007/bfb0054319"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-030-64837-4_2", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1133276733", 
              "https://doi.org/10.1007/978-3-030-64837-4_2"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-642-15031-9_3", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1025605642", 
              "https://doi.org/10.1007/978-3-642-15031-9_3"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-662-53887-6_18", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1084911702", 
              "https://doi.org/10.1007/978-3-662-53887-6_18"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/bfb0053460", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1013673472", 
              "https://doi.org/10.1007/bfb0053460"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-030-56877-1_8", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1130050090", 
              "https://doi.org/10.1007/978-3-030-56877-1_8"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-319-66787-4_15", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1091344107", 
              "https://doi.org/10.1007/978-3-319-66787-4_15"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-642-28496-0_19", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1026500802", 
              "https://doi.org/10.1007/978-3-642-28496-0_19"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-662-45611-8_11", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1035808391", 
              "https://doi.org/10.1007/978-3-662-45611-8_11"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-030-45724-2_10", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1127311982", 
              "https://doi.org/10.1007/978-3-030-45724-2_10"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-642-42045-0_26", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1003949401", 
              "https://doi.org/10.1007/978-3-642-42045-0_26"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-540-78967-3_11", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1048096154", 
              "https://doi.org/10.1007/978-3-540-78967-3_11"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/s00145-013-9166-5", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1041682800", 
              "https://doi.org/10.1007/s00145-013-9166-5"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-030-45724-2_9", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1127314806", 
              "https://doi.org/10.1007/978-3-030-45724-2_9"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/3-540-48285-7_33", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1038500879", 
              "https://doi.org/10.1007/3-540-48285-7_33"
            ], 
            "type": "CreativeWork"
          }, 
          {
            "id": "sg:pub.10.1007/978-3-642-02777-2_24", 
            "sameAs": [
              "https://app.dimensions.ai/details/publication/pub.1025638423", 
              "https://doi.org/10.1007/978-3-642-02777-2_24"
            ], 
            "type": "CreativeWork"
          }
        ], 
        "datePublished": "2021-10-08", 
        "datePublishedReg": "2021-10-08", 
        "description": "Gimli\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$\\mathsf {Gimli}$$\\end{document} is a family of cryptographic primitives (both a hash function and an AEAD scheme) that has been selected for the second round of the NIST competition for standardizing new lightweight designs. The candidate Gimli\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$\\mathsf {Gimli}$$\\end{document} is based on the permutation Gimli\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$\\mathsf {Gimli}$$\\end{document}, which was presented at CHES\u00a02017. In this paper, we study the security of both the permutation and the constructions that are based on it. We exploit the slow diffusion in Gimli\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$\\mathsf {Gimli}$$\\end{document} and its internal symmetries to build, for the first time, a distinguisher on the full permutation of complexity 264\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$2^{64}$$\\end{document}. We also provide a practical distinguisher on 23 out of the full 24 rounds of Gimli\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$\\mathsf {Gimli}$$\\end{document} that has been implemented. Next, we give (full state) collision and semi-free start collision attacks on Gimli\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$\\mathsf {Gimli}$$\\end{document}-Hash, reaching, respectively, up to 12 and 18 rounds. On the practical side, we compute a collision on 8-round Gimli\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$\\mathsf {Gimli}$$\\end{document}-Hash. In the quantum setting, these attacks reach 2 more rounds. Finally, we perform the first study of linear trails in Gimli\\documentclass[12pt]{minimal}\n\t\t\t\t\\usepackage{amsmath}\n\t\t\t\t\\usepackage{wasysym}\n\t\t\t\t\\usepackage{amsfonts}\n\t\t\t\t\\usepackage{amssymb}\n\t\t\t\t\\usepackage{amsbsy}\n\t\t\t\t\\usepackage{mathrsfs}\n\t\t\t\t\\usepackage{upgreek}\n\t\t\t\t\\setlength{\\oddsidemargin}{-69pt}\n\t\t\t\t\\begin{document}$$\\mathsf {Gimli}$$\\end{document}, and we find a linear distinguisher on the full permutation.", 
        "genre": "article", 
        "id": "sg:pub.10.1007/s00145-021-09413-z", 
        "isAccessibleForFree": true, 
        "isFundedItemOf": [
          {
            "id": "sg:grant.6493722", 
            "type": "MonetaryGrant"
          }
        ], 
        "isPartOf": [
          {
            "id": "sg:journal.1136278", 
            "issn": [
              "0933-2790", 
              "1432-1378"
            ], 
            "name": "Journal of Cryptology", 
            "publisher": "Springer Nature", 
            "type": "Periodical"
          }, 
          {
            "issueNumber": "4", 
            "type": "PublicationIssue"
          }, 
          {
            "type": "PublicationVolume", 
            "volumeNumber": "34"
          }
        ], 
        "keywords": [
          "first study", 
          "second round", 
          "rounds", 
          "setting", 
          "first time", 
          "more rounds", 
          "study", 
          "family", 
          "candidates", 
          "time", 
          "attacks", 
          "side", 
          "trails", 
          "CHES", 
          "design", 
          "internal symmetry", 
          "start collision attack", 
          "NIST competition", 
          "permutations", 
          "slow diffusion", 
          "symmetry", 
          "full permutation", 
          "complexity", 
          "quantum setting", 
          "linear trails", 
          "linear properties", 
          "properties", 
          "cryptographic primitives", 
          "competition", 
          "lightweight design", 
          "diffusion", 
          "distinguisher", 
          "collisions", 
          "collision attack", 
          "practical side", 
          "linear distinguishers", 
          "primitives", 
          "new lightweight designs", 
          "paper", 
          "security", 
          "construction", 
          "hash", 
          "improved collision", 
          "Gimli", 
          "practical distinguisher"
        ], 
        "name": "Internal Symmetries and Linear Properties: Full-permutation Distinguishers and Improved Collisions on Gimli", 
        "pagination": "45", 
        "productId": [
          {
            "name": "dimensions_id", 
            "type": "PropertyValue", 
            "value": [
              "pub.1141724604"
            ]
          }, 
          {
            "name": "doi", 
            "type": "PropertyValue", 
            "value": [
              "10.1007/s00145-021-09413-z"
            ]
          }
        ], 
        "sameAs": [
          "https://doi.org/10.1007/s00145-021-09413-z", 
          "https://app.dimensions.ai/details/publication/pub.1141724604"
        ], 
        "sdDataset": "articles", 
        "sdDatePublished": "2022-09-02T16:05", 
        "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
        "sdPublisher": {
          "name": "Springer Nature - SN SciGraph project", 
          "type": "Organization"
        }, 
        "sdSource": "s3://com-springernature-scigraph/baseset/20220902/entities/gbq_results/article/article_882.jsonl", 
        "type": "ScholarlyArticle", 
        "url": "https://doi.org/10.1007/s00145-021-09413-z"
      }
    ]
     

    Download the RDF metadata as:  json-ld nt turtle xml License info

    HOW TO GET THIS DATA PROGRAMMATICALLY:

    JSON-LD is a popular format for linked data which is fully compatible with JSON.

    curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/s00145-021-09413-z'

    N-Triples is a line-based linked data format ideal for batch operations.

    curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/s00145-021-09413-z'

    Turtle is a human-readable linked data format.

    curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/s00145-021-09413-z'

    RDF/XML is a standard XML format for linked data.

    curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/s00145-021-09413-z'


     

    This table displays all metadata directly associated to this object as RDF triples.

    238 TRIPLES      21 PREDICATES      93 URIs      61 LITERALS      6 BLANK NODES

    Subject Predicate Object
    1 sg:pub.10.1007/s00145-021-09413-z schema:about anzsrc-for:01
    2 anzsrc-for:0101
    3 anzsrc-for:0103
    4 anzsrc-for:08
    5 anzsrc-for:0804
    6 schema:author N4ea72d0e917a4b9da70978a05b778624
    7 schema:citation sg:pub.10.1007/3-540-48285-7_33
    8 sg:pub.10.1007/978-3-030-45724-2_10
    9 sg:pub.10.1007/978-3-030-45724-2_9
    10 sg:pub.10.1007/978-3-030-56877-1_13
    11 sg:pub.10.1007/978-3-030-56877-1_8
    12 sg:pub.10.1007/978-3-030-64837-4_2
    13 sg:pub.10.1007/978-3-319-66787-4_15
    14 sg:pub.10.1007/978-3-540-28628-8_1
    15 sg:pub.10.1007/978-3-540-78967-3_11
    16 sg:pub.10.1007/978-3-642-02777-2_24
    17 sg:pub.10.1007/978-3-642-13858-4_21
    18 sg:pub.10.1007/978-3-642-15031-9_3
    19 sg:pub.10.1007/978-3-642-28496-0_19
    20 sg:pub.10.1007/978-3-642-42045-0_26
    21 sg:pub.10.1007/978-3-662-45611-8_11
    22 sg:pub.10.1007/978-3-662-49890-3_14
    23 sg:pub.10.1007/978-3-662-53887-6_18
    24 sg:pub.10.1007/bf00630563
    25 sg:pub.10.1007/bfb0053460
    26 sg:pub.10.1007/bfb0054319
    27 sg:pub.10.1007/s00145-013-9166-5
    28 schema:datePublished 2021-10-08
    29 schema:datePublishedReg 2021-10-08
    30 schema:description Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document} is a family of cryptographic primitives (both a hash function and an AEAD scheme) that has been selected for the second round of the NIST competition for standardizing new lightweight designs. The candidate Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document} is based on the permutation Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document}, which was presented at CHES 2017. In this paper, we study the security of both the permutation and the constructions that are based on it. We exploit the slow diffusion in Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document} and its internal symmetries to build, for the first time, a distinguisher on the full permutation of complexity 264\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$2^{64}$$\end{document}. We also provide a practical distinguisher on 23 out of the full 24 rounds of Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document} that has been implemented. Next, we give (full state) collision and semi-free start collision attacks on Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document}-Hash, reaching, respectively, up to 12 and 18 rounds. On the practical side, we compute a collision on 8-round Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document}-Hash. In the quantum setting, these attacks reach 2 more rounds. Finally, we perform the first study of linear trails in Gimli\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathsf {Gimli}$$\end{document}, and we find a linear distinguisher on the full permutation.
    31 schema:genre article
    32 schema:isAccessibleForFree true
    33 schema:isPartOf Ne747ba4fe6cf465b947127d31881039f
    34 Nf08bb1de5eeb453a8066ae2f6fa01bb4
    35 sg:journal.1136278
    36 schema:keywords CHES
    37 Gimli
    38 NIST competition
    39 attacks
    40 candidates
    41 collision attack
    42 collisions
    43 competition
    44 complexity
    45 construction
    46 cryptographic primitives
    47 design
    48 diffusion
    49 distinguisher
    50 family
    51 first study
    52 first time
    53 full permutation
    54 hash
    55 improved collision
    56 internal symmetry
    57 lightweight design
    58 linear distinguishers
    59 linear properties
    60 linear trails
    61 more rounds
    62 new lightweight designs
    63 paper
    64 permutations
    65 practical distinguisher
    66 practical side
    67 primitives
    68 properties
    69 quantum setting
    70 rounds
    71 second round
    72 security
    73 setting
    74 side
    75 slow diffusion
    76 start collision attack
    77 study
    78 symmetry
    79 time
    80 trails
    81 schema:name Internal Symmetries and Linear Properties: Full-permutation Distinguishers and Improved Collisions on Gimli
    82 schema:pagination 45
    83 schema:productId N93f262a1f9a94fe89b58cb4a1b2ff4de
    84 Nc6acc4aea5f64e86bb2e3ea0ea22a06e
    85 schema:sameAs https://app.dimensions.ai/details/publication/pub.1141724604
    86 https://doi.org/10.1007/s00145-021-09413-z
    87 schema:sdDatePublished 2022-09-02T16:05
    88 schema:sdLicense https://scigraph.springernature.com/explorer/license/
    89 schema:sdPublisher N367212acb270412888da7155de98bf1b
    90 schema:url https://doi.org/10.1007/s00145-021-09413-z
    91 sgo:license sg:explorer/license/
    92 sgo:sdDataset articles
    93 rdf:type schema:ScholarlyArticle
    94 N027463a965ef4daa8e86f3eacda1098d rdf:first sg:person.016371722741.32
    95 rdf:rest Ne4ce0af28f17473e975dd532204e00ef
    96 N367212acb270412888da7155de98bf1b schema:name Springer Nature - SN SciGraph project
    97 rdf:type schema:Organization
    98 N4ea72d0e917a4b9da70978a05b778624 rdf:first sg:person.012566014731.55
    99 rdf:rest N027463a965ef4daa8e86f3eacda1098d
    100 N6a92a1457f0f4aacb6a78434a7214812 rdf:first sg:person.07436415541.40
    101 rdf:rest Ne11af02fed9440ba8eee5b560ae87608
    102 N7c81e6e74adb4d8cba337ea6dae82015 rdf:first sg:person.011075613613.62
    103 rdf:rest N6a92a1457f0f4aacb6a78434a7214812
    104 N93f262a1f9a94fe89b58cb4a1b2ff4de schema:name dimensions_id
    105 schema:value pub.1141724604
    106 rdf:type schema:PropertyValue
    107 Nc6acc4aea5f64e86bb2e3ea0ea22a06e schema:name doi
    108 schema:value 10.1007/s00145-021-09413-z
    109 rdf:type schema:PropertyValue
    110 Ne11af02fed9440ba8eee5b560ae87608 rdf:first sg:person.012176511632.21
    111 rdf:rest rdf:nil
    112 Ne4ce0af28f17473e975dd532204e00ef rdf:first sg:person.013206304341.94
    113 rdf:rest N7c81e6e74adb4d8cba337ea6dae82015
    114 Ne747ba4fe6cf465b947127d31881039f schema:issueNumber 4
    115 rdf:type schema:PublicationIssue
    116 Nf08bb1de5eeb453a8066ae2f6fa01bb4 schema:volumeNumber 34
    117 rdf:type schema:PublicationVolume
    118 anzsrc-for:01 schema:inDefinedTermSet anzsrc-for:
    119 schema:name Mathematical Sciences
    120 rdf:type schema:DefinedTerm
    121 anzsrc-for:0101 schema:inDefinedTermSet anzsrc-for:
    122 schema:name Pure Mathematics
    123 rdf:type schema:DefinedTerm
    124 anzsrc-for:0103 schema:inDefinedTermSet anzsrc-for:
    125 schema:name Numerical and Computational Mathematics
    126 rdf:type schema:DefinedTerm
    127 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
    128 schema:name Information and Computing Sciences
    129 rdf:type schema:DefinedTerm
    130 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
    131 schema:name Data Format
    132 rdf:type schema:DefinedTerm
    133 sg:grant.6493722 http://pending.schema.org/fundedItem sg:pub.10.1007/s00145-021-09413-z
    134 rdf:type schema:MonetaryGrant
    135 sg:journal.1136278 schema:issn 0933-2790
    136 1432-1378
    137 schema:name Journal of Cryptology
    138 schema:publisher Springer Nature
    139 rdf:type schema:Periodical
    140 sg:person.011075613613.62 schema:affiliation grid-institutes:grid.5328.c
    141 schema:familyName Perrin
    142 schema:givenName Léo
    143 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011075613613.62
    144 rdf:type schema:Person
    145 sg:person.012176511632.21 schema:affiliation grid-institutes:grid.5328.c
    146 schema:familyName Sibleyras
    147 schema:givenName Ferdinand
    148 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012176511632.21
    149 rdf:type schema:Person
    150 sg:person.012566014731.55 schema:affiliation grid-institutes:grid.5328.c
    151 schema:familyName Flórez-Gutiérrez
    152 schema:givenName Antonio
    153 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012566014731.55
    154 rdf:type schema:Person
    155 sg:person.013206304341.94 schema:affiliation grid-institutes:grid.5328.c
    156 schema:familyName Naya-Plasencia
    157 schema:givenName María
    158 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013206304341.94
    159 rdf:type schema:Person
    160 sg:person.016371722741.32 schema:affiliation grid-institutes:grid.5328.c
    161 schema:familyName Leurent
    162 schema:givenName Gaëtan
    163 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.016371722741.32
    164 rdf:type schema:Person
    165 sg:person.07436415541.40 schema:affiliation grid-institutes:grid.6054.7
    166 schema:familyName Schrottenloher
    167 schema:givenName André
    168 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07436415541.40
    169 rdf:type schema:Person
    170 sg:pub.10.1007/3-540-48285-7_33 schema:sameAs https://app.dimensions.ai/details/publication/pub.1038500879
    171 https://doi.org/10.1007/3-540-48285-7_33
    172 rdf:type schema:CreativeWork
    173 sg:pub.10.1007/978-3-030-45724-2_10 schema:sameAs https://app.dimensions.ai/details/publication/pub.1127311982
    174 https://doi.org/10.1007/978-3-030-45724-2_10
    175 rdf:type schema:CreativeWork
    176 sg:pub.10.1007/978-3-030-45724-2_9 schema:sameAs https://app.dimensions.ai/details/publication/pub.1127314806
    177 https://doi.org/10.1007/978-3-030-45724-2_9
    178 rdf:type schema:CreativeWork
    179 sg:pub.10.1007/978-3-030-56877-1_13 schema:sameAs https://app.dimensions.ai/details/publication/pub.1130043520
    180 https://doi.org/10.1007/978-3-030-56877-1_13
    181 rdf:type schema:CreativeWork
    182 sg:pub.10.1007/978-3-030-56877-1_8 schema:sameAs https://app.dimensions.ai/details/publication/pub.1130050090
    183 https://doi.org/10.1007/978-3-030-56877-1_8
    184 rdf:type schema:CreativeWork
    185 sg:pub.10.1007/978-3-030-64837-4_2 schema:sameAs https://app.dimensions.ai/details/publication/pub.1133276733
    186 https://doi.org/10.1007/978-3-030-64837-4_2
    187 rdf:type schema:CreativeWork
    188 sg:pub.10.1007/978-3-319-66787-4_15 schema:sameAs https://app.dimensions.ai/details/publication/pub.1091344107
    189 https://doi.org/10.1007/978-3-319-66787-4_15
    190 rdf:type schema:CreativeWork
    191 sg:pub.10.1007/978-3-540-28628-8_1 schema:sameAs https://app.dimensions.ai/details/publication/pub.1003364452
    192 https://doi.org/10.1007/978-3-540-28628-8_1
    193 rdf:type schema:CreativeWork
    194 sg:pub.10.1007/978-3-540-78967-3_11 schema:sameAs https://app.dimensions.ai/details/publication/pub.1048096154
    195 https://doi.org/10.1007/978-3-540-78967-3_11
    196 rdf:type schema:CreativeWork
    197 sg:pub.10.1007/978-3-642-02777-2_24 schema:sameAs https://app.dimensions.ai/details/publication/pub.1025638423
    198 https://doi.org/10.1007/978-3-642-02777-2_24
    199 rdf:type schema:CreativeWork
    200 sg:pub.10.1007/978-3-642-13858-4_21 schema:sameAs https://app.dimensions.ai/details/publication/pub.1003313281
    201 https://doi.org/10.1007/978-3-642-13858-4_21
    202 rdf:type schema:CreativeWork
    203 sg:pub.10.1007/978-3-642-15031-9_3 schema:sameAs https://app.dimensions.ai/details/publication/pub.1025605642
    204 https://doi.org/10.1007/978-3-642-15031-9_3
    205 rdf:type schema:CreativeWork
    206 sg:pub.10.1007/978-3-642-28496-0_19 schema:sameAs https://app.dimensions.ai/details/publication/pub.1026500802
    207 https://doi.org/10.1007/978-3-642-28496-0_19
    208 rdf:type schema:CreativeWork
    209 sg:pub.10.1007/978-3-642-42045-0_26 schema:sameAs https://app.dimensions.ai/details/publication/pub.1003949401
    210 https://doi.org/10.1007/978-3-642-42045-0_26
    211 rdf:type schema:CreativeWork
    212 sg:pub.10.1007/978-3-662-45611-8_11 schema:sameAs https://app.dimensions.ai/details/publication/pub.1035808391
    213 https://doi.org/10.1007/978-3-662-45611-8_11
    214 rdf:type schema:CreativeWork
    215 sg:pub.10.1007/978-3-662-49890-3_14 schema:sameAs https://app.dimensions.ai/details/publication/pub.1028227459
    216 https://doi.org/10.1007/978-3-662-49890-3_14
    217 rdf:type schema:CreativeWork
    218 sg:pub.10.1007/978-3-662-53887-6_18 schema:sameAs https://app.dimensions.ai/details/publication/pub.1084911702
    219 https://doi.org/10.1007/978-3-662-53887-6_18
    220 rdf:type schema:CreativeWork
    221 sg:pub.10.1007/bf00630563 schema:sameAs https://app.dimensions.ai/details/publication/pub.1048571070
    222 https://doi.org/10.1007/bf00630563
    223 rdf:type schema:CreativeWork
    224 sg:pub.10.1007/bfb0053460 schema:sameAs https://app.dimensions.ai/details/publication/pub.1013673472
    225 https://doi.org/10.1007/bfb0053460
    226 rdf:type schema:CreativeWork
    227 sg:pub.10.1007/bfb0054319 schema:sameAs https://app.dimensions.ai/details/publication/pub.1026386017
    228 https://doi.org/10.1007/bfb0054319
    229 rdf:type schema:CreativeWork
    230 sg:pub.10.1007/s00145-013-9166-5 schema:sameAs https://app.dimensions.ai/details/publication/pub.1041682800
    231 https://doi.org/10.1007/s00145-013-9166-5
    232 rdf:type schema:CreativeWork
    233 grid-institutes:grid.5328.c schema:alternateName Inria, Paris, France
    234 schema:name Inria, Paris, France
    235 rdf:type schema:Organization
    236 grid-institutes:grid.6054.7 schema:alternateName Cryptology Group, CWI, Amsterdam, The Netherlands
    237 schema:name Cryptology Group, CWI, Amsterdam, The Netherlands
    238 rdf:type schema:Organization
     




    Preview window. Press ESC to close (or click here)


    ...