Paper 2019/741

Comprehensive Security Analysis of CRAFT

Hosein Hadipour, Graz University of Technology
Sadegh Sadeghi
Majid M. Niknam
Nasour Bagheri
Abstract

CRAFT is a lightweight block cipher, designed to provide efficient protection against differential fault attacks. It is a tweakable cipher that includes 32 rounds to produce a ciphertext from a 64-bit plaintext using a 128-bit key and 64-bit public tweak. In this paper, compared to the designers' analysis, we provide a more detailed analysis of CRAFT against differential and zero-correlation cryptanalysis, aiming to provide better distinguishers for the reduced rounds of the cipher. Our distinguishers for reduced-round CRAFT cover a higher number of rounds compared to the designers' analysis. In our analysis, we observed that, for any number of rounds, the differential effect of CRAFT has an extremely higher probability compared to any differential trail. As an example, while the best trail for 11 rounds of the cipher has a probability of at least $2^{-80}$, we present a differential with probability $2^{-49.79}$, containing $2^{29.66}$ optimal trails, all with the same optimum probability of $2^{-80}$. Next, we use a partitioning technique, based on optimal expandable truncated trails to provide a better estimation of the differential effect on CRAFT. Thanks to this technique, we are able to find differential distinguishers for 9, 10, 11, 12, 13, and 14 rounds of the cipher in single tweak model with the probabilities of at least $2^{-40.20}$, $ 2^{-45.12} $, $ 2^{-49.79}$, $ 2^{-54.49}$, $ 2^{-59.13}$, and $ 2^{-63.80}$, respectively. These probabilities should be compared with the best distinguishers provided by the designers in the same model for 9 and 10 rounds of the cipher with the probabilities of at least $ 2^{-54.67}$ and $ 2^{-62.61}$, respectively. In addition, we consider the security of CRAFT against the new concept of related tweak zero-correlation (ZC) linear cryptanalysis and present a new distinguisher which covers 14 rounds of the cipher, while the best previous ZC distinguisher covered 13 rounds. Thanks to the related tweak ZC distinguisher for 14 rounds of the cipher, we also present 14 rounds integral distinguishers in related tweak mode of the cipher. Although the provided analysis does not compromise the cipher, we think it provides a better insight into the designing of CRAFT.

Note: The source code of our tools is publicly available at: https://github.com/hadipourh/craftanalysis

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A minor revision of an IACR publication in TOSC 2019
DOI
10.13154/tosc.v2019.i4.290-317
Keywords
Lightweight block cipherdifferential analysislinear analysisintegral analysisCRFATTweakable block ciphers
Contact author(s)
hsn hadipour @ gmail com
History
2024-01-18: revised
2019-06-24: received
See all versions
Short URL
https://ia.cr/2019/741
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2019/741,
      author = {Hosein Hadipour and Sadegh Sadeghi and Majid M.  Niknam and Nasour Bagheri},
      title = {Comprehensive Security Analysis of CRAFT},
      howpublished = {Cryptology ePrint Archive, Paper 2019/741},
      year = {2019},
      doi = {10.13154/tosc.v2019.i4.290-317},
      note = {\url{https://eprint.iacr.org/2019/741}},
      url = {https://eprint.iacr.org/2019/741}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.