Publication: Differential Cryptanalysis of�Lightweight Block Ciphers SLIM and�LCB
| dc.contributor.author | Chan Y.Y. | en_US |
| dc.contributor.author | Khor C.-Y. | en_US |
| dc.contributor.author | Teh J.S. | en_US |
| dc.contributor.author | Teng W.J. | en_US |
| dc.contributor.author | Jamil N. | en_US |
| dc.contributor.authorid | 58114489900 | en_US |
| dc.contributor.authorid | 58114490000 | en_US |
| dc.contributor.authorid | 56579944200 | en_US |
| dc.contributor.authorid | 58114444000 | en_US |
| dc.contributor.authorid | 36682671900 | en_US |
| dc.date.accessioned | 2023-05-29T09:38:40Z | |
| dc.date.available | 2023-05-29T09:38:40Z | |
| dc.date.issued | 2022 | |
| dc.description | Cryptography; Heuristic methods; Security of data; Concrete securities; Differential cryptanalysis; LCB; Lightweight block ciphers; Network structures; Secret key; Security analysis; SLIM; Substitution-permutation networks; Ultra lightweights; Lyapunov methods | en_US |
| dc.description.abstract | In this paper, we analyze the security of two recently proposed ultra-lightweight block ciphers, SLIM and LCB. SLIM is designed based on the Feistel paradigm, operating on 32-bit blocks and has an 80-bit key. The designers claim that SLIM is immune to differential cryptanalysis after they were only able to find a trail of up to 7 rounds by using a heuristic method. LCB is another ultra-lightweight block cipher with a 32-bit block and instead uses a 64-bit secret key. It was designed based on a hybrid of Feistel and substitution-permutation network structures. Although no concrete security analyses were performed, the designers claim that 10 rounds of the cipher is secure enough against various attacks including differential cryptanalysis. We verify these claims by proposing differential attacks on both ciphers. For SLIM, we first report optimal (i.e., having the best differential probability) trails for up to 32 rounds found using an SMT solver. We then propose practical key recovery attacks on up to 14 rounds that recover the final round key with time complexity $$2^{32}$$. Next, a close inspection of LCB�s design revealed a lack of nonlinearity, whereby its S-box could be modelled as a permutation. As such, differential trails that hold with probability 1 can be trivially derived for any number of rounds of the cipher. A trivial distinguishing attack can be performed with just one known-ciphertext. We fix this flaw and go on to show that LCB is actually more secure (against differential cryptanalysis) than SLIM given the same number of rounds. To the best of our knowledge, these are the first third-party cryptanalysis attacks against both ciphers. � 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG. | en_US |
| dc.description.nature | Final | en_US |
| dc.identifier.doi | 10.1007/978-3-031-23098-1_4 | |
| dc.identifier.epage | 67 | |
| dc.identifier.scopus | 2-s2.0-85148687324 | |
| dc.identifier.spage | 55 | |
| dc.identifier.uri | https://www.scopus.com/inward/record.uri?eid=2-s2.0-85148687324&doi=10.1007%2f978-3-031-23098-1_4&partnerID=40&md5=d8aa2cbfa121ab1bed9a94ba8c4fce84 | |
| dc.identifier.uri | https://irepository.uniten.edu.my/handle/123456789/27014 | |
| dc.identifier.volume | 1641 CCIS | |
| dc.publisher | Springer Science and Business Media Deutschland GmbH | en_US |
| dc.source | Scopus | |
| dc.sourcetitle | Communications in Computer and Information Science | |
| dc.title | Differential Cryptanalysis of�Lightweight Block Ciphers SLIM and�LCB | en_US |
| dc.type | Conference Paper | en_US |
| dspace.entity.type | Publication |