JISE


  [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ]


Journal of Information Science and Engineering, Vol. 33 No. 4, pp. 1041-1053


Impossible Differential Analysis on Round-Reduced PRINCE


YAO-LING DING1, JING-YUAN ZHAO2, LEI-BO LI3 AND HONG-BO YU1,4,+
1Department of Computer Science and Technology
Tsinghua University
Beijing, 100084 P.R. China

2State Key Laboratory of Information Security, Institute of Information Engineering
Chinese Academy of Sciences
Beijing, 100084 P.R. China

3Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education
Shandong University
Jinan, 250100 P.R. China

4Science and Technology on Communication Security Laboratory
Chengdu, 610041 P.R. China
E-mail: dyl13@mails.tsinghua.edu.cn; zhaojingyuan@iie.ac.cn;
lileibo@mail.sdu.edu.cn; yuhongbo@mail.tsinghua.edu.cn


PRINCE is a lightweight block cipher proposed at ASIACRYPT 2012, which is composed of a 12-round core cipher referred to as PRINCEcore and two key whitening layers. The security of the cipher mainly depends on PRINCEcore. In this paper, we give some observations on M' operation, a part of the linear layer in the round function, to construct a 4-round impossible differential distinguisher. Based on the distinguisher, impossible differential attacks on 6-round and 7-round PRINCEcore are launched. Moreover, we extend them to analysis 6- and 7-round PRINCE by guessing equivalent keys. The complexity of our attacks meets the security claims stated by the designers.


Keywords: PRINCEcore, impossible differential, M' operation, cryptanalysis, light-weight block cipherPRINCEcore, impossible differential, M' operation, cryptanalysis, light-weight block cipher

  Retrieve PDF document (JISE_201704_12.pdf)