Paper 2022/151

Addendum to Linear Cryptanalyses of Three AEADs with GIFT-128 as Underlying Primitives

Ling Sun, Wei Wang, and Meiqin Wang

Abstract

In ToSC 2021(2), Sun et al. implemented an automatic search with the Boolean satisfiability problem (SAT) method on GIFT-128 and identified a 19-round linear approximation with the expected linear potential being $2^{-117.43}$, which is utilised to launch a 24-round attack on the cipher. In this addendum, we discover a new 19-round linear approximation with a lower expected linear potential. However, in the attack, one more round can be appended after the distinguisher. As a result, we improve the previous optimal linear attack by one round and put forward a 25-round linear attack. Given that the optimal differential attack on GIFT-128, for now, covers 27-round, the resistances of the cipher against differential and linear attacks still have a 2-round gap.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. IACR-ToSC 2022 (Issue 1)
Keywords
Differential cryptanalysisLinear cryptanalysisGIFT-128
Contact author(s)
lingsun @ sdu edu cn
weiwangsdu @ sdu edu cn
mqwang @ sdu edu cn
History
2022-02-12: received
Short URL
https://ia.cr/2022/151
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/151,
      author = {Ling Sun and Wei Wang and Meiqin Wang},
      title = {Addendum to Linear Cryptanalyses of Three AEADs with GIFT-128 as Underlying Primitives},
      howpublished = {Cryptology ePrint Archive, Paper 2022/151},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/151}},
      url = {https://eprint.iacr.org/2022/151}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.