TIIS (Çѱ¹ÀÎÅͳÝÁ¤º¸ÇÐȸ)
Current Result Document : 4,118 / 4,121
| ÇѱÛÁ¦¸ñ(Korean Title) |
Impossible Differential Cryptanalysis on ESF Algorithm with Simplified MILP Model |
| ¿µ¹®Á¦¸ñ(English Title) |
Impossible Differential Cryptanalysis on ESF Algorithm with Simplified MILP Model |
| ÀúÀÚ(Author) |
Xiaonian Wu
Jiaxu Yan
Lingchen Li
Runlian Zhang
Pinghai Yuan
Yujue Wang
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 15 NO. 10 PP. 3815 ~ 3833 (2021. 10) |
Çѱ۳»¿ë
(Korean Abstract) |
|
¿µ¹®³»¿ë
(English Abstract) |
MILP-based automatic search is the most common method in analyzing the security of cryptographic algorithms. However, this method brings many issues such as low efficiency due to the large size of the model, and the difficulty in finding the contradiction of the impossible differential distinguisher. To analyze the security of ESF algorithm, this paper introduces a simplified MILP-based search model of the differential distinguisher by reducing constrains of XOR and S-box operations, and variables by combining cyclic shift with its adjacent operations. Also, a new method to find contradictions of the impossible differential distinguisher is proposed by introducing temporary variables, which can avoid wrong and miss selection of contradictions. Based on a 9-round impossible differential distinguisher, 15-round attack of ESF can be achieved by extending forward and backward 3-round in single-key setting. Compared with existing results, the exact lower bound of differential active S-boxes in single-key setting for 10-round ESF are improved. Also, 2108 9-round impossible differential distinguishers in single-key setting and 14 12-round impossible differential distinguishers in related-key setting are obtained. Especially, the round of the discovered impossible differential distinguisher in related-key setting is the highest, and compared with the previous results, this attack achieves the highest round number in single-key setting. |
| Å°¿öµå(Keyword) |
ESF
MILP
related-key attack
differential active S-box
impossible differential distinguisher
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
