Key-Recovery Attacks on LED-Like Block Ciphers

Asymmetric cryptographic schemes, represe nted by RSA, have bee n show n to be in secure un der quantum computing conditions. Correspondingly, there is a need to study whether the symmetric cryptosystem can still guarantee high security with the advent of quantum computers. In this paper, based on the basic principles of classical slide attacks and Simon's algorithm, we take LED-like lightweight block ciphers as research objects to present a security analysis under both classical and quantum attacks, fully considering the influence on the security of the ciphers of adding the round constants. By analyzing the information leakage of round constants, we can introduce the differential of the round constants to propose a classical slide attack on full-round LED-64 with a probability of 1. The analysis result shows that LED-64 is unable to resist this kind of classical slide attack, but that attack method is not applicable to LED-128. As for quantum attacks, by improving on existing quantum attack methods we dem on strate a qua ntum single-key slide attack on LED-64 and a quantum related-key attack on LED- 128, and indicators of the two attack algorithms are analyzed in detail. The attack results show that adding round consta nts does not completely improve the security of the ciphers, and quantum attacks can provide an exp on ential speed-up over the same attacks in the classical model. It further illustrates that the block cipher that is proved to be safe under classical settings is not necessarily secure under quantum conditions.

A New Method for Searching Cubes and Its Application to 815-Round Trivium

The cube attack proposed by Dinur and Shamir is one of the most important key-recovery attacks against Trivium.Recently division property based cube attacks have been extensively studied and significantly improved.In particular,the MILP modeling technique for the three-subset division property without unknown subset proposed by Hao,et al.at EUROCRYPT 2020 and the new technique with nested monomial predictions proposed by Hu,et al.at ASIACRYPT 2021 are best techniques to recover exact superpolies in division property based cube attacks.Consequently,at this state of the art,whether a superpoly can be recovered in division property based cube attacks is mainly decided by the scale of the superpoly,that is,the number of terms.Hence the choice for proper cubes corresponding to low-complexity superpolies is more critical now.Some effective cube construction methods were proposed for experimental cube attacks,but not applicable to division property based cube attacks.In this paper,the authors propose a heuristic cube criterion and a cube sieve algorithm,which can be combined with the three-subset division property to recover a number of superpolies.Applied to815-round Trivium,the authors recovered 417 superpolies from 441 cubes obtained by our algorithm of sizes between 41 and 48.The success rate is 94.56%.There are 165 non-constant superpolies with degree less than 14.In order to demonstrate the significance of the new algorithm,the authors tested the best superpoly recovery technique at EUROCRYPT 2020 using random cubes of similar sizes on 815-round Trivium.The experimental result shows that no cube could be completely recovered within a given period of time because the superpolies for random cubes are too complex.