Download PDFOpen PDF in browserDifferential Cryptanalysis of Round-Reduced SPEEDY FamilyEasyChair Preprint 935620 pages•Date: November 23, 2022AbstractSPEEDY is a family of ultra low latency block ciphers proposed at TCHES 2021 by Leander et al..The standard version, SPEEDY-6-192, is the faster known encryption primitive executed in hardware and offers $128$-bit security. Differential attacks is one of the most famous families of cryptanalysis against symmetric encryption algorithm, since it was proposed in 1990 by Biham and Shamir, it has been applied to many symmetric primitives with optimal analysis results. It is usually the first choice to evaluate the security for designers when designing a new primitive. The automatic search for various distinguishers boosts the cryptanalysis of block ciphers. However, the performance of the automatic search is not always satisfactory for the search of long trails or ciphers with large state sizes. Hence, we endeavor to accelerate the automatic search model for differential SPEEDY based on SAT method. In this work, we give a 3.5 round differential characteristic with probability of $2^{-104.83}$ and a 4.5 round differential characteristic with probability of $2^{-150.15}$. Furthermore, by balancing the key recovery and the differential distinguisher, we optimal the distinguisher to speed up the filtering wrong pairs some tricks. Finally we launch a valid $6$-round attack for SPEEDY-7-192 with a complexity of $2^{158.06}$. We also propose a $5$-round attack utilizing a $3.5$-round differential distinguisher with the time complexity of $2^{108.95}$. Keyphrases: Automatic search on cryptanalysis, SAT model, SPEEDY, differential attack
|