## CryptoDB

### Enes Pasalic

#### Affiliation: Technical University of Denmark

#### Publications

**Year**

**Venue**

**Title**

2020

TOSC

Improved Security Evaluation of SPN Block Ciphers and its Applications in the Single-key Attack on SKINNY
ðŸ“º
Abstract

In this paper, a new method for evaluating the integral property, truncated and impossible differentials for substitution-permutation network (SPN) block ciphers is proposed. The main assumption is an explicit description/expression of the internal state words in terms of the plaintext (ciphertext) words. By counting the number of times these words occur in the internal state expression, we can evaluate the resistance of a given block cipher to integral and impossible/truncated differential attacks more accurately than previous methods. More precisely, we explore the cryptographic consequences of uneven frequency of occurrences of plaintext (ciphertext) words appearing in the algebraic expression of the internal state words. This approach gives a new family of distinguishers employing different concepts such as the integral property, impossible/truncated differentials and the so-called zero-sum property. We then provide algorithms to determine the maximum number of rounds of such new types of distinguishers for SPN block ciphers. The potential and efficiency of this relatively simple method is confirmed through applications. For instance, in the case of SKINNY block cipher, several 10-round integral distinguishers, all of the 11-round impossible differentials, and a 7-round truncated differential could be determined. For the last case, using a single pair of plaintexts differing in three words so that (a = b = c) â‰ (aâ€™ = bâ€™ = câ€™), we are able to distinguish 7-round SKINNY from random permutations. More importantly, exploiting our distinguishers, we give the first practical attack on 11-round SKINNY-128-128 in the single-key setting (a theoretical attack reaches 16 rounds). Finally, using the same ideas, we provide a concise explanation on the existing distinguishers for round-reduced AES.

2018

TOSC

Generalized Nonlinear Invariant Attack and a New Design Criterion for Round Constants
ðŸ“º
Abstract

The nonlinear invariant attack was introduced at ASIACRYPT 2016 by Todo et al.. The attack has received extensive attention of cryptographic community due to its practical application on the full-round block ciphers SCREAM, iSCREAM, and Midori64. However, the attack heavily relies on the choice of round constants and it becomes inefficient in the case these constants nonlinearly affect the so-called nonlinear invariants. In this article, to eliminate the impact from the round constants, a generalized nonlinear invariant attack which uses a pair of constants in the input of nonlinear invariants is proposed. The efficiency of this extended framework is practically confirmed by mounting a distinguishing attack on a variant of full-round iSCREAM cipher under a class of 280 weak keys. The considered variant of iSCREAM is however resistant against nonlinear invariant attack of Todo et al.. Furthermore, we investigate the resistance of block ciphers against generalized nonlinear invariant attacks with respect to the choice of round constants in an extended framework. We introduce a useful concept of closed-loop invariants of the substitution box (S-box) and show that the choice of robust round constants is closely related to the existence of linear structure of the closed-loop invariants of the substitution layer. In particular, we demonstrate that the design criteria for the round constants in Beierle et al.â€™s work at CRYPTO 2017 is not an optimal strategy. The round constants selected using this method may induce certain weaknesses that can be exploited in our generalized nonlinear invariant attack model. This scenario is efficiently demonstrated in the case of a slightly modified variant of the Midori64 block cipher.

2005

EPRINT

On Boolean functions with maximum algebraic immunity
Abstract

In this paper two important issues in theory of algebraic
attacks are addressed. We first provide a theoretical framework for better
understanding of design rationale in construction of Boolean
functions with maximum algebraic immunity. Based on these results,
an iterative design of functions with maximum possible algebraic
immunity is proposed. In contrast to known constructions, our method
generates balanced functions of maximum degree and high
nonlinearity, that is functions satisfying all main cryptographic
criteria. Additionally, functions in this class have a low
implementation cost due to a small number of terms in the ANF.
Secondly, for a given
Boolean function, a novel algorithm
for deciding the existence of annihilators of small degree
is presented. The algorithm utilizes the known
methods in a slightly different manner which results in
a significantly reduced complexity of computation.

2000

EPRINT

New Constructions of Resilent and Correlation Immune Boolean Functions achieving Upper Bounds on Nonlinearity
Abstract

Recently weight divisibility results on resilient and correlation
immune Boolean functions have received a lot of attention. These
results have direct consequences towards the upper bound on nonlinearity
of resilient and correlation immune Boolean functions of certain order.
Now the clear benchmark in the design of resilient Boolean functions
(which optimizes Sigenthaler's inequality) is to provide results
which attain the upper bound on nonlinearity. Here we construct a
7-variable, 2-resilient Boolean function with nonlinearity 56. This
solves the maximum nonlinearity issue for 7-variable functions with
any order of resiliency. Using this 7-variable function, we also
construct a 10-variable, 4-resilient Boolean function with nonlinearity
480. Construction of these two functions were justified as important
open questions in Crypto 2000. Also we provide methods to generate an
infinite sequence of Boolean functions on $n = 7 + 3i$ variables
$(i \geq 0)$ with order of resiliency $m = 2 + 2i$, algebraic degree
$4 + i$ and nonlinearity $2^{n-1} - 2^{m+1}$, which were not known
earlier. We conclude with a few interesting construction results
on unbalanced correlation immune functions of 5 and 6 variables.

2000

EPRINT

A Construction of Resilient Functions with High Nonlinearity
Abstract

The relationship between nonlinearity and
resiliency for a function $F:\mathbb{F}_2^n \mapsto
\mathbb{F}_2^m$ is considered. We give a construction of resilient
functions with high nonlinearity. The construction leads to the
problem of finding a set of linear codes with a fixed minimum
distance, having the property that the intersection
between any two codes is the all zero codeword only. This problem is
considered, and existence results are provided. The constructed
functions obtain a nonlinearity superior to previous construction
methods.

#### Coauthors

- Meichun Cao (1)
- Claude Carlet (1)
- Sugata Gangopadhyay (1)
- Jian Guo (1)
- Thomas Johansson (2)
- Subhamoy Maitra (1)
- Bimal Mandal (1)
- Willi Meier (1)
- Palash Sarkar (1)
- Pantelimon Stanica (1)
- Yongzhuang Wei (1)
- Wenling Wu (1)
- Tao Ye (1)
- Wenying Zhang (1)