International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Nasour Bagheri

Publications

Year
Venue
Title
2018
TOSC
Cryptanalysis of Reduced round SKINNY Block Cipher
SKINNY is a family of lightweight tweakable block ciphers designed to have the smallest hardware footprint. In this paper, we present zero-correlation linear approximations and the related-tweakey impossible differential characteristics for different versions of SKINNY .We utilize Mixed Integer Linear Programming (MILP) to search all zero-correlation linear distinguishers for all variants of SKINNY, where the longest distinguisher found reaches 10 rounds. Using a 9-round characteristic, we present 14 and 18-round zero correlation attacks on SKINNY-64-64 and SKINNY- 64-128, respectively. Also, for SKINNY-n-n and SKINNY-n-2n, we construct 13 and 15-round related-tweakey impossible differential characteristics, respectively. Utilizing these characteristics, we propose 23-round related-tweakey impossible differential cryptanalysis by applying the key recovery attack for SKINNY-n-2n and 19-round attack for SKINNY-n-n. To the best of our knowledge, the presented zero-correlation characteristics in this paper are the first attempt to investigate the security of SKINNY against this attack and the results on the related-tweakey impossible differential attack are the best reported ones.
2016
FSE
2015
EPRINT
2015
EPRINT
2015
EPRINT
2015
EPRINT
2014
EPRINT
2008
EPRINT
Cryptanalysis of CRUSH hash structure
In this paper, we will present a cryptanalysis of CRUSH hash structure. Surprisingly, our attack could find pre-image for any desired length of internal message. Time complexity of this attack is completely negligible. We will show that the time complexity of finding a pre-image of any length is O(1). In this attack, an adversary could freely find a pre-image with the length of his own choice for any given message digits. We can also find second pre-image, collision, multi-collision in the same complexity with our attack. In this paper, we also introduce a stronger variant of the algorithm, and show that an adversary could still be able to produce collisions for this stronger variant of CRUSH hash structure with a time complexity less than a Birthday attack.