Paper 2016/1161

Impossible Differential Attack on Simpira v2

Rui Zong, Xiaoyang Dong, and Xiaoyun Wang

Abstract

Simpira v2 is a family of cryptographic permutations proposed at ASIACRYPT 2016 which can be used to construct high throughput block ciphers using the Even-Mansour construction, permutation-based hashing and wide-block authenticated encryption. In this paper, we give a 9-round impossible differential of Simpira-4, which turns out to be the first 9-round impossible differential. In order to get some efficient key recovery attacks on its block cipher mode (EM construction with Simpira-4), we use some 6/7-round shrunken impossible differentials. Based on eight different 6-round impossible differentials, we propose a series of 7-round key recovery attacks on the block cipher mode, each 6-round impossible differential helps to recover 32-bit of the master key (512-bit) and totally half of the master key bits are recovered. The attacks need $2^{57}$ chosen plaintexts and $2^{57}$ 7-round encryptions. Furthermore, based on ten 7-round impossible differentials, we add one round on the top or at the bottom to mount ten 8-round key recovery attacks on the block cipher mode, which recover the full key space (512-bit) with the data complexity of $2^{170}$ chosen plaintexts and time complexity of $2^{170}$ 8-round encryptions. Those are the first attacks on round-reduced Simpira v2 and do not threaten the EM mode with the full 15-round Simpira-4.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Simpira-4impossible differential attackSuper S-boxthe Even-Mansour constructionsecurity claim
Contact author(s)
dongxiaoyang @ mail sdu edu cn
History
2016-12-28: received
Short URL
https://ia.cr/2016/1161
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/1161,
      author = {Rui Zong and Xiaoyang Dong and Xiaoyun Wang},
      title = {Impossible Differential Attack on Simpira v2},
      howpublished = {Cryptology ePrint Archive, Paper 2016/1161},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/1161}},
      url = {https://eprint.iacr.org/2016/1161}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.