Differential cryptanalysis of round-reduced PRINTcipher: Computing roots of permutations

Mohamed Ahmed Abdelraheem, Gregor Leander, Erik Zenner

    Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

    Abstract

    At CHES 2010, the new block cipher PRINTcipher was presented. In addition to using an xor round key as is common practice for round-based block ciphers, PRINTcipher also uses key-dependent permutations. While this seems to make differential cryptanalysis difficult due to the unknown bit permutations, we show in this paper that this is not the case. We present two differential attacks that successfully break about half of the rounds of PRINTcipher, thereby giving the first cryptanalytic result on the cipher. In addition, one of the attacks is of independent interest, since it uses a mechanism to compute roots of permutations. If an attacker knows the many-round permutation πr, the algorithm can be used to compute the underlying single-round permutation π. This technique is thus relevant for all iterative ciphers that deploy key-dependent permutations. In the case of PRINTcipher, it can be used to show that the linear layer adds little to the security against differential attacks
    Original languageEnglish
    Title of host publicationLecture Notes in Computer Science
    Volume6733
    PublisherSpringer
    Publication date2011
    ISBN (Print)9783642217012
    DOIs
    Publication statusPublished - 2011
    Event18th International Workshop on Fast Software Encryption - Lyngby, Denmark
    Duration: 14 Feb 201116 Feb 2011
    http://fse2011.mat.dtu.dk/

    Workshop

    Workshop18th International Workshop on Fast Software Encryption
    CountryDenmark
    CityLyngby
    Period14/02/201116/02/2011
    Internet address

    Keywords

    • Symmetric cryptography
    • Permutations
    • Block cipher
    • Differential cryptanalysis

    Fingerprint Dive into the research topics of 'Differential cryptanalysis of round-reduced PRINTcipher: Computing roots of permutations'. Together they form a unique fingerprint.

    Cite this