JISE

[1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15]

Journal of Information Science and Engineering, Vol. 33 No. 4, pp. 1041-1053

Impossible Differential Analysis on Round-Reduced PRINCE

YAO-LING DING¹, JING-YUAN ZHAO², LEI-BO LI³ AND HONG-BO YU^1,4,+
¹Department of Computer Science and Technology
Tsinghua University
Beijing, 100084 P.R. China
²State Key Laboratory of Information Security, Institute of Information Engineering
Chinese Academy of Sciences
Beijing, 100084 P.R. China
³Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education
Shandong University
Jinan, 250100 P.R. China
⁴Science and Technology on Communication Security Laboratory
Chengdu, 610041 P.R. China
E-mail: dyl13@mails.tsinghua.edu.cn; zhaojingyuan@iie.ac.cn;
lileibo@mail.sdu.edu.cn; yuhongbo@mail.tsinghua.edu.cn

PRINCE is a lightweight block cipher proposed at ASIACRYPT 2012, which is composed of a 12-round core cipher referred to as PRINCEcore and two key whitening layers. The security of the cipher mainly depends on PRINCEcore. In this paper, we give some observations on M' operation, a part of the linear layer in the round function, to construct a 4-round impossible differential distinguisher. Based on the distinguisher, impossible differential attacks on 6-round and 7-round PRINCEcore are launched. Moreover, we extend them to analysis 6- and 7-round PRINCE by guessing equivalent keys. The complexity of our attacks meets the security claims stated by the designers.

Keywords: PRINCEcore, impossible differential, M' operation, cryptanalysis, light-weight block cipherPRINCEcore, impossible differential, M' operation, cryptanalysis, light-weight block cipher

Retrieve PDF document (JISE_201704_12.pdf)