NXP Semiconductors and its academic partners challenged the
cryptographic community with finding practical attacks on the block
cipher they designed, PRINCE. Instead of trying to attack as many
rounds as possible using attacks which are usually impractical
despite being faster than brute-force, the challenge invites
cryptographers to find practical attacks and encourages them to
actually implement them.
In this paper, we present new attacks on round-reduced PRINCE including the ones which won the challenge in the
6 and 8-round categories --- the highest for which winners were
identified. Our first attacks rely on a meet-in-the-middle approach and break up to 10 rounds of the cipher.
We also describe heuristic methods we used to find practical SAT-based and differential attacks.
Finally, we also present an analysis of the cycle structure of the
internal rounds of PRINCE leading both to a low complexity
distinguisher for 4-round PRINCE-core and an alternative
representation of the cipher valid in particular contexts and which
highlights, in this cases, a poor diffusion.